Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

ALPChecker: Detecting Spoofing and Blinding Attacks on ALPC - HITB 2023

Hack In The Box Security Conference via YouTube

Overview

Explore a cutting-edge security research presentation on detecting spoofing and blinding attacks targeting Windows' Asynchronous Local Procedure Call (ALPC) mechanism. Dive into the vulnerabilities of ALPC, a crucial inter-process communication facility extensively used in Windows. Learn about three new kernel-level attacks on ALPC connections that can spoof and blind security tools without triggering alerts. Discover ALPChecker, a novel security tool designed to detect these kernel mode attacks on ALPC interactions. Gain insights into the detection techniques used by ALPChecker and its potential to enhance Windows system security. Understand the implications of these attacks on Windows management and security tools, and how ALPChecker can help prevent bypassing and disabling of protection mechanisms.

Syllabus

#HITB2023HKT #COMMSEC D1 - ALPChecker: Detecting Spoofing/Blinding Attacks - A. Kropova & I. Korkin

Taught by

Hack In The Box Security Conference

Reviews

Start your review of ALPChecker: Detecting Spoofing and Blinding Attacks on ALPC - HITB 2023

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.