Explore the intricacies of hypervisor-based kernel protection in this informative Black Hat conference talk. Delve into the limitations of kernel-level protection mechanisms and understand why higher privilege levels are necessary to combat security threats like rootkits and kernel exploits. Learn about the concept of creating Ring -1 using virtualization technologies such as ARM TrustZone, Intel VT-x, and AMD AMD-v. Discover how existing virtualization technologies support the separation of worlds into host and guest environments. Presented by Seunghun Han and Junghwan Kang, this 38-minute talk provides valuable insights into the myths and truths surrounding hypervisor-based kernel protectors and introduces the Shadow-Box solution.
Overview
Syllabus
Myth and Truth About Hypervisor-Based Kernel Protector: The Reason Why You Need Shadow-Box
Taught by
Black Hat