by

Memory Forensics and Malicious Code Detection in Cloud

Nous accueillerons Mercredi 8 novembre 2017 un groupe de professeurs de SCSC (Shandong National Supercomputer Center). Une presentation de leurs travaux est prévue à 14h en salle du conseil du LIP.

Title:Memory forensics and malicious code detection in cloud

Abstract:As an important branch of computer forensics, memory forensics is an effective way to discover the key system information and the characteristics of user behavior. This report outlines the advantages of malicious code detection using memory forensics technology, and describes detailed solutions to identify malicious behavior in cloud environment. Furthermore, to illustrate the virtual machine escape detection intuitively, we take the latest example, Venom (CVE-2015-3456), which is a vulnerability that takes place within the virtual floppy drive code of a virtual machine. Our tests indicate that our technology can effectively solve the problem of virtual machine escape detection.

Reporter:Researcher Wang Lianhai
Dr. Lianhai Wang is currently a research professor with Shandong Computer Science Center (National Supercomputer Center in Jinan), China. He is also director of Shandong Computer Forensic Institute. He serves as the lead engineer of the Key Laboratory of Computer Network of Shandong Province, the secretary general of Shandong Blockchain Technology Application Innovation Center, and the secretary general of the cybersecurity expert committee in Shandong Computer Federation. He received the Ph.D. degree in computer science from Shandong University. His current research interests include computer forensics, blockchain technology, information security, and network performance evaluation. Dr. Wang is named the Distinguished Young and Middle-aged Experts of Shandong Province and was elected as the Outstanding Academic Researcher of Shandong Province. He has authored more than 50 papers on information security and has been awarded more than 10 patents. He has been funded with more than 30 projects by NSF and NDRC of China, as well as the NSF of Shandong province. He has also received numerous awards including Science and Technology Progress Awards of Shandong Province, the Science and Technology Progress Award of Chinese Military, and Science and Technology Progress Awards of Ministry of National Security.