Cristian Done
Security Researcher Keysight Technologies Romania
BIOGRAPHY
Cristian Done is a Security Researcher within Keysight’s Application and Threat Intelligence Research Center. Cristian is an eager to learn type of person who like to constantly improve. With a BE in Computer Engineering and a MS in Advanced Cybersecurity, he is in particular interested in cybersecurity, low level programming and algorithms. He spends most of the time investigating recent vulnerabilities and integrating them in Keysight’s security products.
Monitoring malware behavior through kernel syscall tracing
Threat actors implement new methods of evasion constantly. One solution to monitor malicious activity generated by an application is the use of sandboxes. Up until recently, much of a malware’s behavior could be observed via userland hooking of the target process. However, there are more and more techniques that allow one to bypass such hooking mechanisms and hide its true objectives and behavior. Tools such as SysWhispers can be used to perform system call directly and thus avoid the ordinary users-space behavior tracking.
In order to gain more insight for such use cases we suggest using an alternative method of observing malware behavior by using a kernel driver for Windows based systems. Through this presentation we will an in-depth view of how an individual can create a Windows kernel driver for performing system call tracing on recent versions of windows, running on recent CPUs.
This presentation is co-presented with Mihai Vasilescu, Security Research Engineer at Keysight Technologies Romania.
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Cristian Miron
Security Engineer UiPath
Razvan Chitu
DevOps Engineer Keysight Technologies Romania
Eduard Agavriloae
Senior Consultant KPMG
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Business is a key division of Orange Romania, specializing in providing cutting-edge communication, technology, and digital transformation solutions tailored to businesses of all sizes. With a strong emphasis on innovation, Orange Business offers a wide array of services, including high-speed connectivity, cloud computing, cybersecurity, Internet of Things (IoT), and managed services. Their mission is to support organizations in their digital transformation journey by enhancing operational efficiency, improving customer experience, and maintaining a competitive edge in a rapidly changing digital environment.
Orange Business combines deep technological expertise with a customer-centric approach, ensuring that each solution is customized to meet the specific needs of their clients. Their commitment to innovation and excellence makes them a trusted partner for businesses seeking to thrive in the digital age.