Description

Hypervisors are becoming more important the area of cloud computing and security. There is an increasing an interest in using hypervisors in the area of security engineering and analysis. How can hypervisors help protect against tampering of the guest OS or other software? How can it be used in malware analysis? What about cheats and anti-cheats in the games industry?

This course provides students the capability to develop their own hypervisor using Intel VT-x.  It is designed in a way such that everything is built from scratch. This emphasis allows students to better understand the building blocks and nuances behind a hypervisor, as well as expanding knowledge acquired in the course by themselves.  Topics include: kernel programming, VT-x initialization, VMCS management, exit/interrupt management, synchronization and communication, debugging, nested page tables and more.  Students will develop a hypervisor that implements a variety of exit handlers and nested page tables.

Instructors

Satoshi Tanda and Bruce Dang

Date

October 28-November 1, 2019

Location

Fulton, Maryland (USA). The facility is about 5 minutes from the main Johns Hopkins Applied Physics Laboratory campus.

Prerequisites

Working C and x64 programming knowledge. This is a heavily development-oriented course so most of your time will be programming in C. Familiarity with x64 assembly and Windows kernel driver development will also be greatly helpful.

If you do not have working knowledge of C, this class can be quite challenging.