A4 Article in conference proceedings
Creating modern blue pills and red pills (2019)
Algawi, A., Kiperberg, M., Leon, R., Resh, A., & Zaidenberg, N. (2019). Creating modern blue pills and red pills. In T. Cruz, & P. Simoes (Eds.), ECCWS 2019 : Proceedings of the 18th European Conference on Cyber Warfare and Security (pp. 6-14). Academic Conferences International. Proceedings of the European conference on information warfare and security.
JYU authors or editors
Publication details
All authors or editors: Algawi, Asaf; Kiperberg, Michael; Leon, Roee; Resh, Amit; Zaidenberg, Nezer
Parent publication: ECCWS 2019 : Proceedings of the 18th European Conference on Cyber Warfare and Security
Parent publication editors: Cruz, Tiago; Simoes, Paulo
Conference:
- European Conference on Cyber Warfare and Security
Place and date of conference: Coimbra, Portugal, 4.-5.6.2019
ISBN: 978-1-912764-28-0
Journal or series: Proceedings of the European conference on information warfare and security
ISSN: 2048-8602
eISSN: 2048-8610
Publication year: 2019
Pages range: 6-14
Number of pages in the book: 884
Publisher: Academic Conferences International
Publication country: United Kingdom
Publication language: English
Publication open access: Not open
Publication channel open access:
Publication is parallel published (JYX): https://jyx.jyu.fi/handle/123456789/67098
Abstract
The blue pill is a malicious stealthy hypervisor-based rootkit. The red pill is a software package that is designed to detect such blue pills. Since the blue pill was originally proposed there has been an ongoing arms race between developers that try to develop stealthy hypervisors and developers that try to detect such stealthy hypervisors. Furthermore, hardware advances have made several stealth attempts impossible while other advances enable even more stealthy operation. In this paper we describe the current status of detecting stealth hypervisors and methods to counter them.
Keywords: virtualisation; forensic criminal investigation; data security; cyber security; cyber crime; cyber attacks; data break-in
Free keywords: virtualization, forensics, information security
Contributing organizations
Ministry reporting: Yes
VIRTA submission year: 2019
JUFO rating: 1
