expert .net developer needy for simple exe asap within 2-3 days

Closed Posted 4 years ago Paid on delivery

$2-8 USD / hour

Closed

I need a software that runs on WIndows that detects highly suspect activity happening at the hypervisor level. It is a Hypervisor Introspection Detection tool.

Software Requirements:

Develop a UI that runs on a Host or Guest that makes use of the Tuzel libraries, A very simple one that maybe shows a status in the toolbar, red/green/yellow.

Green signifying that there is no suspicious activity happening at the hypervisor/hardware level.

Red signifying that there is some suspicious activity happening at the hypervisor/hardware/introspection layer. And it is highly concerning.

Yellow signifying that there is some suspicious activity happening at the Hypervisor/hardware/Introspection layer. And it is mildly concerning.

The application should log activity to syslog, and be able to forward the information to a syslog server.

Experience:

You need to be an expert at writing software at OS kernel level, in whatever language is best suited for the Operating System and the Tuzel libraries. This might be the C language, I don't know, you need to help me here.

Based on the work done by Tomasz Tuzel

Toolkit: [login to view URL]

Evil Hypervisor: [login to view URL]

Preso - [login to view URL]

Write a tool that detects if LibVMI is being used, report it into a log file, and also through a GUI application, browser based.

Use the ecr_toolkit to develop a tool to detect and report into a log file and also through a GUI application, browser based, that

can detect Hypervisor Introspection Attacks:

Types of Attacks:

Flush+Reload

Prime+Probe

Evict+Time

Flush+Flush

Prime+Abort

LibVMI - on Github

Create a baseline

World Switch

Hypervisor Introspection

Memory Intercessions - excessive page violations, VM-exit large overhead, large timing increase

Passive Memory Monitoring - Flush+Reload, Timing Decrease

Instruction Intercession - Wall Timing

Non-Temporal Instructions -

Suspicious timings

Timing Manipulation

Thread Racing

Detection using Increased Virtualization Exceptions #VE

VMFUNC

Prime+Abort -

Prime+Probe -

Side-Channel vulnerabilities

Non-Isolated Caching

Intel SGX is enabled/disabled

Crypto Introspection

LibVMI Introspection

Needs to work in PV, HVM and PVH mode.

Icon is attached

.NET C# Programming C++ Programming Software Architecture Windows Desktop

Project ID: #19865014

About the project

1 proposal Remote project Active 4 years ago

Looking to make some money?

Benefits of bidding on Freelancer

Set your budget and timeframe
Get paid for your work
Outline your proposal
It's free to sign up and bid on jobs

1 freelancer is bidding on average $6 for this job

ashutoshkumar106's Profile Picture
ashutoshkumar106

Hello, I am highly interested in your project and would like to apply to it. I am a Software developer with 7+ years of experience in .Net having Working Knowledge of “asp.net mvc” ,”angular js”,”Web API”,”SignalR” More

$6 USD / hour
(1 Review)
2.0
Post a project like this