Supporting Programme 2018
operational services - Digital Forensics and Beyond: From Kernel- to Hardware-Rootkits
A rather unexplored part of incident response is digital forensics. We would like to introduce this topic and visualize how forensics can help to overcome security incidents using the example of (kernel-)rootkits. During the presentation we will analyze attack techniques of kernel-rootkits and how to detect them using digital forensics. We will complement this with a brief detour towards hardware rootkits, especially the ACPI rootkit. To conclude, general (non-technical) recommendations will be given.
--- Date: 11.10.2018 Time: 1:45 PM - 2:00 PM Location: Forum T9 - Technology