December 23, 2019

206 words 1 min read

Subverting the Linux Kernel

Subverting the Linux Kernel

A 'rootkit' typically refers to malicious software that enables an attacker to mask or obscure traces of intrusion and secure further control on a compromised system. While userland rootkits generally …
Talk Title Subverting the Linux Kernel
Speakers Jessica Yu (Software Engineer, Hobbyist)
Conference Open Source Summit Europe
Conf Tag
Location Prague, Czech Republic
Date Oct 21-27, 2017
URL Talk Page
Slides Talk Slides
Video

A ‘rootkit’ typically refers to malicious software that enables an attacker to mask or obscure traces of intrusion and secure further control on a compromised system. While userland rootkits generally modify specific system binaries, kernel rootkits are especially insidious and powerful in that this class of rootkits can enable an attacker to subvert the heart of the system, granting abilities to modify kernel data structures and code. This talk aims to provide a beginner’s introduction to Linux kernel rootkits and an overview of common methods used by attackers to cover their tracks. Since most existing literature on kernel rootkits focus on older 2.6.x kernels, we’ll update these methods for newer kernels as needed. We’ll also briefly cover general defenses against kernel rootkits. The talk will conclude with a demo on a modern 4.x kernel that employs the discussed methods and techniques.

introduction code attack
comments powered by Disqus
Building game bots using OpenAIs Gym and Universe

Building game bots using OpenAIs Gym and Universe

December 20, 2019

Anmol Jagetia explains how to use OpenAI's Gym and Universe to design bots that can become extremely smart using reinforcement learning. You'll create a bot that uses reinforcement learning to beat games and learn how to reuse code to beat a set of games that includes Atari classics (Pac-Man or Pong), a Candy Crush clone, and a racing game.
The Power of Application Intent Analysis for Container Security [I]

The Power of Application Intent Analysis for Container Security [I]

December 13, 2019

As containers gain mainstream momentum and cloud-native applications surge, practices such as DevOps culture, continuous delivery, cloud development and containerization require a reinvention of secur …
Locking it down: A security primer for web developers

Locking it down: A security primer for web developers

December 8, 2019

Your users are almost certainly vulnerable in one way or another. Mike North explores a series of common web app security pitfalls, first demonstrating how to exploit the vulnerability and then recommending a pragmatic and effective defense against the attack. Buckle up, because Mike's about to take some things you love and depend on and smash them to bits.
A question of trust: When good containers go bad

A question of trust: When good containers go bad

November 29, 2019

Container deployments are based on trustwe trust our applications, developers, and infrastructure to be secure and confidently deploy microservices. But what happens when trust is broken? Tim Mackey explores the nature of data center threats and shares measures you can take to proactively identify risks.
Rust for non-Rust developers

Rust for non-Rust developers

November 21, 2019

Hanneli Tavante offers a quick introduction to the Rust language. Drawing on code comparisons between Java/Python and C, Hanneli explores some of Rust's main features, such as its type system, compiler structure, and development environment.
Using NGINX as an effective and highly available content cache

Using NGINX as an effective and highly available content cache

November 19, 2019

We all know that performance is a critical factor in the success of applications and websites. In many cases, you can make vast improvements to the end-user experience of your application by focusing on some very basic application delivery techniques. Kevin Jones shares techniques utilizing cache features included in NGINX that can help users see better performance.