1 u. 16 min.
Eugene Tsyrklevich: Ozone HIPS: Unbreakable Windows Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
-
- Technologie
Windows is the number one target on the Internet today. It takes less than 5 minutes for an unpatched Windows machine, connected to the Internet, to get owned. Yet the most prevalent security practices still consist of running anti-viruses and constant patching.
This presentation introduces a new tool, called Ozone, that is designed to protect against most of the commonly exploited attack vectors. To protect against the most common of these, buffer overflows, Ozone uses an address space randomization technique. In addition, Ozone runs all processes in a sandbox that severely limits what a compromised process is allowed to do. Finally, Ozone protects itself and the underlying operating system against further attacks.
Eugene Tsyrklevich has an extensive security background ranging from designing and implementing Host Intrusion Prevention Systems to training people in research, corporate, and military environments. Eugene has presented his research at a number of security conferences including Usenix Security, BlackHat Europe and BlackHat USA. Eugene holds both a Bachelor and a Masters degree in Computer Science from the University of California, San Diego
Windows is the number one target on the Internet today. It takes less than 5 minutes for an unpatched Windows machine, connected to the Internet, to get owned. Yet the most prevalent security practices still consist of running anti-viruses and constant patching.
This presentation introduces a new tool, called Ozone, that is designed to protect against most of the commonly exploited attack vectors. To protect against the most common of these, buffer overflows, Ozone uses an address space randomization technique. In addition, Ozone runs all processes in a sandbox that severely limits what a compromised process is allowed to do. Finally, Ozone protects itself and the underlying operating system against further attacks.
Eugene Tsyrklevich has an extensive security background ranging from designing and implementing Host Intrusion Prevention Systems to training people in research, corporate, and military environments. Eugene has presented his research at a number of security conferences including Usenix Security, BlackHat Europe and BlackHat USA. Eugene holds both a Bachelor and a Masters degree in Computer Science from the University of California, San Diego
1 u. 16 min.