P and T Odd Electromagnetic Moments of Deuteron in Chiral Limit

P odd anapole moment of the deuteron is found in the chiral limit, $m_{\pi} \to 0$. The contact current generated by the P odd pion exchange does not contribute to the deuteron anapole. Being combined with usual radiative corrections to the weak electron -- deuteron interaction, our calculation results in a sufficiently accurate theoretical prediction for the corresponding effective constant $C_{2d}$. The experimental measurement of this constant would give valuable information on the P odd $\pi$NN constant and on the $s$-quark content of nucleons. We calculate also in the same limit $m_{\pi} \to 0$ the deuteron P odd and T odd multipoles: electric dipole moment and magnetic quadrupole moment.Comment: 11 pages, latex, 2 figures, few misprints corrected, presentation simplified, no contact current contributio

Two Challenges of Stealthy Hypervisors Detection: Time Cheating and Data Fluctuations

Hardware virtualization technologies play a significant role in cyber security. On the one hand these technologies enhance security levels, by designing a trusted operating system. On the other hand these technologies can be taken up into modern malware which is rather hard to detect. None of the existing methods is able to efficiently detect a hypervisor in the face of countermeasures such as time cheating, temporary self uninstalling, memory hiding etc. New hypervisor detection methods which will be described in this paper can detect a hypervisor under these countermeasures and even count several nested ones. These novel approaches rely on the new statistical analysis of time discrepancies by examination of a set of instructions, which are unconditionally intercepted by a hypervisor. Reliability was achieved through the comprehensive analysis of the collected data despite its fluctuation. These offered methods were comprehensively assessed in both Intel and AMD CPUs.Comment: 25 pages, 7 figures, 8 tables. Paper presented at the Proceedings of the 10th Annual Conference on Digital Forensics, Security and Law (CDFSL), 33-57, Daytona Beach, Florida, USA (2015, May 18-21

Memoryranger Prevents Highjacking File_object Structures in Windows Kernel

Windows OS kernel memory is one of the main targets of cyber-attacks. By launching such attacks, hackers are succeeding in process privilege escalation and tampering users’ data by accessing kernel-mode memory. This paper considers a new example of such an attack, which results in access to the files opened in an exclusive mode. Windows built-in security features prevent such a legal access, but attackers can circumvent them by patching dynamically allocated objects. The research shows that the newest Windows 10 x64 is vulnerable to this attack. The paper provides an example of using MemoryRanger, a hypervisor- based solution to prevent such attack by running kernel-mode drivers in isolated kernel memory enclaves

Memoryranger Prevents Hijacking FILE_OBJECT Structures in Windows Kernel

Windows OS kernel memory is one of the main targets of cyber-attacks. By launching such attacks, hackers are succeeding in process privilege escalation and tampering with users\u27 data by accessing kernel-mode memory. This paper considers a new example of such an attack, which results in access to the files opened in an exclusive mode. Windows built-in security features prevent such legal access, but attackers can circumvent them by patching dynamically allocated objects. The research shows that the Windows 10, version 1809 x64 is vulnerable to this attack. The paper provides an example of using MemoryRanger, a hypervisor-based solution to prevent such attack by running kernel-mode drivers in isolated kernel memory enclaves