A4 Article in conference proceedings
Creating modern blue pills and red pills (2019)


Algawi, Asaf; Kiperberg, Michael; Leon, Roee; Resh, Amit; Zaidenberg, Nezer (2019). Creating modern blue pills and red pills. In Cruz, Tiago; Simoes, Paulo (Eds.) ECCWS 2019 : Proceedings of the 18th European Conference on Cyber Warfare and Security, Proceedings of the European conference on information warfare and security. Academic Conferences International, 6-14.


JYU authors or editors


Publication details

All authors or editors: Algawi, Asaf; Kiperberg, Michael; Leon, Roee; Resh, Amit; Zaidenberg, Nezer

Parent publication: ECCWS 2019 : Proceedings of the 18th European Conference on Cyber Warfare and Security

Parent publication editors: Cruz, Tiago; Simoes, Paulo

Conference:

  • European Conference on Cyber Warfare and Security

Place and date of conference: Coimbra, Portugal, 4.-5.6.2019

ISBN: 978-1-912764-28-0

Journal or series: Proceedings of the European conference on information warfare and security

ISSN: 2048-8602

eISSN: 2048-8610

Publication year: 2019

Pages range: 6-14

Number of pages in the book: 884

Publisher: Academic Conferences International

Publication country: United Kingdom

Publication language: English

Open Access: Publication channel is not openly available

Publication is parallel published (JYX): https://jyx.jyu.fi/handle/123456789/67098


Abstract

The blue pill is a malicious stealthy hypervisor-based rootkit. The red pill is a software package that is designed to detect such blue pills. Since the blue pill was originally proposed there has been an ongoing arms race between developers that try to develop stealthy hypervisors and developers that try to detect such stealthy hypervisors. Furthermore, hardware advances have made several stealth attempts impossible while other advances enable even more stealthy operation. In this paper we describe the current status of detecting stealth hypervisors and methods to counter them.


Keywords: virtualisation; forensic criminal investigation; data security; cyber security; cyber crime; cyber attacks; data break-in

Free keywords: virtualization, forensics, information security


Contributing organizations


Ministry reporting: Yes

Reporting Year: 2019

JUFO rating: 1


Last updated on 2020-18-08 at 13:36