TUM Logo

Tamas Lengyel

Tamas Lengyel


now at Novetta, Senior Security Researcher

Research Interests

My research area revolves around intrusion detection, virtualization, memory forensics, malware analysis and reverse engineering. In particular, I'm working on developing a lightweight OS agnostic intrusion detection system using virtual machine introspecton (VMI) techniques. The goal is to develop a system that is stealthy, has limited performance impact and doesn't require in-guest agents. My prior research has focused on fusing memory forensics tools with virtualization technologies to develop highly scalable honeynet systems.


2018 Hiding in the Shadows: Empowering ARM for Stealthy Virtual Machine Introspection
2016 Adaptive Semantics-Aware Malware Classification
2015 CloudIDEA: A Malware Defense Architecture for Cloud Data Centers
Virtual Machine Introspection with Xen on ARM
Internet-Scale File Analysis
2014 Virtual Machine Introspection with Xen on ARM
Code Validation for Modern OS Kernels
Pitfalls of virtual machine introspection on modern hardware
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Multi-tiered Security Architecture for ARM via the Virtualization and Security Extensions