Recorded Talks

Work History 

Lead Security Researcher, Expert B
LLC Ventra (3 years), Huawei Technologies  (0,7 year)           November 2019 – August 2023

• Research Protection Mechanisms of Linux and their robustness against rootkits
  Achievement: published a patent:
  • Google Patents - CN114519186A - https://patents.google.com/patent/CN114519186A/en
  • WIPO Patent Scope - WO2022105610 - https://patentscope.wipo.int/search/en/detail.jsf?docId=WO2022105610 

• Research Algorithms to protect Windows Huawei Applications from common user-level intrusions
  Achievement: team award.

• Research Data Storage Protection Technologies. Achievement: Strategic Planning.

• Presented at various Huawei events.

Lead Security Research Engineer
Special System Engineering Centre (ssec.ru) March 2019 – October 2019

• Development of the advanced firewall system for Windows-based hosts using C/C++, STL, and Npcap library;

• Presenting the current research results at academic conferences and in scientific journals.

Senior Researcher
FGUP CNIIHM (www.cniihm.ru) February 2009 – March 2019

• Development of kernel-mode drivers and user-mode apps using C/C++, WDK, VS, WinDbg;

• Cybersecurity and digital forensics research in various expert teams;

• Various docs and publications for customers.

Visiting Professor (volunteering)
Moscow Engineering Physics Institute (MEPhI), Moscow, Russia September 2012 – now

• Scientific advisor for the undergraduate and postgraduate students;

• External expert for the examination board in the Department of Cryptology and Discrete Mathematics No.42;

• The details about me are here https://kaf42.mephi.ru  

• Talks and Papers in English:

  • • (2023)  ALPChecker – Detecting Spoofing and Blinding Attacks 
      by Anastasiia Kropova and Igor Korkin
      HITBSecConf2023 (talk), arXiv (paper)

    • RASP for LSASS: Preventing Mimikatz-Related Attacks
      by Anna Revazova and Igor Korkin
      arXiv (paper)

    • (2022) Microsoft Defender Will Be Defended: MemoryRanger Prevents Blinding Windows AV
      by Denis Pogonin and Igor Korkin
      ADFSL (talk and paper), ROOTCON16 (talk)

    • (2022) Human-Controlled Fuzzing With AFL
      by Maxim Grishin and Igor Korkin
      ADFSL (talk and paper), ROOTCON16 (talk)

    • (2021) Your Linux Passwords Are in Danger: MimiDove Meets the Challenge
      by Svetlana Golub and Igor Korkin
      https://texascyber.com/briefings_schedule/your-linux-passwords-are-in-danger-mimidove-meets-the-challenge/

• Talks and Papers in Russian:

  • (2024) Apply Hybrid Approach to Directed Fuzzing of the Linux Kernel with Syzkaller
    by Maxim Grishin and Igor Korkin
    The Second All-Russian Scientific and Technical Conference "Cybernetics and Information Security" (CIS-2024)"
    Publisher: National Research Nuclear University Mephi, Moscow, Russia.
    https://www.elibrary.ru/item.asp?id=75062616&selid=75062727 paper.pdf

  • (2023) Analysis of Windows 11 OS protection mechanisms against code injection attacks
    by Konstantin Schastlivtsev and Igor Korkin
    Cybernetics and Information Security "CIS-2023" collection of scientific papers from the all-russian scientific and technical conference. Publisher: National Research Nuclear University Mephi, Moscow, Russia.
    https://elibrary.ru/item.asp?pff=1&id=54719692 paper.pdf

  • (2022) Ransomware detection based on machine learning models and Event Tracing for Windows
    by Artem Kalinkin, Svetlana Golub, Igor Korkin, Danil Pyatovskiy
    https://www.semanticscholar.org/paper/Ransomware-detection-based-on-machine-learning-and-Kalinkin-Golub/ae5e53215f24a0e4eb38d834ac38a084cb86ce85  

    • (2022) An Analysis of Local Security Authority Subsystem Services for Windows and Linux
      by Svetlana Golub and Igor Korkin
      Security of Information Technologies, 2074-7128 (Print); ISSN: 2074-7136 (On-Line), pp 57-69, Issue. 29(1),
      https://elibrary.ru/item.asp?id=48069755  https://dx.doi.org/10.26583/bit.2022.1.06 

  • (2021) Expanding the Scope of Clang Static Analyzer For Detecting New Vulnerabilities
    by Maxim Rudik and Igor Korkin
    Estestvennye i tekhnicheskie nauki. ISSN 1684-2626, pp. 225-230, Issue 7 (158)
    https://dx.doi.org/10.25633/ETN.2021.07.13 

    • (2020) Analysis of Ways to Get a Copy of The Ram of a Computer Running Mac OS
      (2020)  Analysis of Memory Dump Approaches for the MAC OS
      Korkin I. Y., Lyashenko V. A., Lipnitsky A. A., Pak M. A., Bykovsky P. S.
      Actual Scientific Research in the Modern World (Aktualʹnye naučnye issledovaniâ v sovremennom mire). ISSN: 2524-0986, pp. 77-85, Issue 6-2 (62), 2020.
      https://elibrary.ru/item.asp?id=43092509 and paper.pdf

    • (2019) Advanced Rootkit Detection Using Memory Forensics
      by Vladislav Poddubnyy and Igor Korkin
      https://cyberleninka.ru/article/n/sredstvo-obnaruzheniya-skrytogo-ispolnimogo-koda-v-pamyati-oc-windows
      https://dx.doi.org/10.21681/2311-3456-2019-5-75-82 and paper.pdf

    • (2019) Revealing Cryptocurrency Mining Malware via Event Tracing for Windows (ETW)  
      by Oleg Kazakov and Igor Korkin
      https://cyberleninka.ru/article/n/obnaruzhenie-kriptomaynerov-v-os-windows-instrumentami-tehnologii-etw
      https://dx.doi.org/10.21681/2311-3456-2019-5-83-88 and paper.pdf

• Awards

  • finalist for Skolkovo Cybersecurity Challenge 2016 (Cyberday Conference 2016), 'Cyber-security of wireless implantable medical devices for supporting life', Moscow, Russia (December 8, 2016) (http://sk.ru/news/b/pressreleases/archive/2016/12/02/skolkovo-cybersecurity-challenge-2016-otobrano-15-proektovfinalistov.aspx);

  • 3rd place at Microsoft Summer School on the Internet of Things in Kazan, Russia (July 17 - 23, 2016);
    (https://www.microsoft.com/en-us/research/blog/microsoft-research-brings-summer-school-russias-emergent-tech-hub/);

  • 1 of 2 top papers at Conference on Digital Forensics, Security and Law in Daytona Beach, Florida, USA (May 18-21, 2015) (http://igorkorkin.blogspot.ru/2015/05/two-challenges-of-stealthy-hypervisors.html);

  • 1st place in the championship ‘Hackers vs. Forensics’ on Forum “Positive Hack Days” in Moscow, Russia (May 30-31, 2012) (https://twitter.com/devteev/status/206117807212077057);

  • finalist of the Conference RusCrypto 2011, ‘Detection of nested virtual machine monitors’ Moscow Region, Russia (March 30 - April 2, 2011) (https://www.ruscrypto.ru/accociation/news/2011-03-21.html).

• Patents

  • Data Protection Method, Apparatus, Storage Medium, and Computer Device (2022)
    • Google Patents - CN114519186A - https://patents.google.com/patent/CN114519186A/en 
    • WIPO Patent Scope - WO2022105610 - https://patentscope.wipo.int/search/en/detail.jsf?docId=WO2022105610

• Research activity

  • presented at the three BlackHat conferences:
    • USA 2022 - https://www.blackhat.com/us-22/briefings/schedule/#blasting-event-driven-cornucopia-wmi-based-user-space-attacks-blind-siems-and-edrs-27211  
    • Europe 2021 - https://www.blackhat.com/eu-21/briefings/schedule/speakers.html#igor-korkin-34812 
    • Europe 2018 - https://www.blackhat.com/eu-18/briefings/schedule/speakers.html#igor-korkin-34812 

  • presented two talks at the Texas Cyber Summit 2021 - 
    https://texascyber.com/speaker/igor-korkin/  

  • presented at the 2021 SADFE Workshop in conjunction with the 42nd IEEE Symposium on Security and Privacy - http://sadfe.org/Sadfe21/program21.html 

  • presented at the HITBLockdown002 Singapore 2020 -
    https://conference.hitb.org/hitb-lockdown002/sessions/kernel-hijacking-is-not-an-option-memoryranger-comes-to-rescue-again/  

  • participated in REcon 2016 conference -
    https://recon.cx/2016/speakers/satoshi_tanda.html 

  • made presentations at seven ADFSL Conferences on Digital Forensics, Security and Law in the USA in 2014-2022
    https://commons.erau.edu/do/search/?q=igor%20korkin 

• Publishing Systems Records

  • arXiv - https://arxiv.org/a/korkin_i_1.html 

  • ORCID - https://orcid.org/0000-0001-7640-2792 

  • DsLib.net  - www.dslib.net/author/igor.korkin.html 

  • DBLP - http://dblp.uni-trier.de/pers/hd/k/Korkin:Igor  

  • IEEE - https://ieeexplore.ieee.org/author/37088908930 

  • Academia.edu - https://mephi.academia.edu/IgorKorkin 

  • OpenReview - https://openreview.net/profile?id=~Igor_Korkin1

  • ResearchGate - https://www.researchgate.net/profile/Igor-Korkin-2

  • Semantic Scholar - https://www.semanticscholar.org/author/3114387   

  • Web of Science - https://www.webofscience.com/wos/author/record/294131 

  • SCOPUS - https://www.scopus.com/authid/detail.uri?authorId=57219459633 

  • ResearcherID - https://www.webofscience.com/wos/author/record/N-2544-2013 

  • Google Scholar Citations - https://scholar.google.com/citations?user=0RJh3vYAAAAJ 

  • Microsoft Academic - https://academic.microsoft.com/profile/g2820jge-5i08-4730-82i6-he4j874i02h9/IgorKorkin 

  • Russian Science Citation Index РИНЦ SPIN (Science Index) 1220-1064; AuthorID: https://www.elibrary.ru/author_profile.asp?id=680616

• Training/Courses

  • completed a training "Advanced Fuzzing and Crash Analysis" by Richard Johnson from HITBSecTrain 2020. 
    (https://www.credential.net/93e2f22e-78ba-4e2e-9cdd-dc3a298d3c85?key=7b203a657dbe63350659506c42bf35239991cafce3726f016fcd87665ee0f8a1);

  • completed a course ‘Malicious Software and its Underground Economy: Two Sides to Every Story’ by Dr Lorenzo Cavallaro. Certificate with distinction. (July-August 2013) (https://www.coursera.org/verify/ZN9G8KA5NC)

• Ph.D. Thesis

  • Igor Korkin
    Statistical Detection of Hardware Virtualization Based Rootkits (in Russian)
    "Методика обнаружения нелегитимного программного обеспечения, использующего технологию аппаратной виртуализации"
    (Method for the Detection of Illegitimate Software that Uses Hardware Virtualization Technology)

  • Defended on February 9, 2012; approved on August 30, 2012, 151 p

  • Links: 
    • IAEA Ref #45100139: https://inis.iaea.org/search/45100139
    • ЦИТИС: Интернет-номер И120213185334, Инвентарный номер 04201255358
    • РГБ: https://search.rsl.ru/ru/record/01005007262  &  https://search.rsl.ru/ru/record/01005409054 
    The English version presented at the 10th ADFSL Conference - igorkorkin.blogspot.com/2015/05/two-challenges-of-stealthy-hypervisors.html

• Papers & Conferences

• Anastasiia Kropova and Igor Korkin
  ALPChecker – Detecting Spoofing and Blinding Attacks
  → Proceedings of the Hack In The Box Security Conference (HITBSecConf2023), CommSec Track, Phuket, Thailand, August 21-25, 2023
  https://conference.hitb.org/hitbsecconf2023hkt/session/commsec-alpchecker-detecting-spoofing-and-blinding-attacks/
  https://www.youtube.com/watch?v=DV0dls206zc
  → The paper has been published on arXiv (2023) - https://arxiv.org/abs/2401.01376 

• Anna Revazova and Igor Korkin
  RASP for LSASS: Preventing Mimikatz-Related Attacks
  → The paper has been published on arXiv (2023) - https://arxiv.org/abs/2401.00316

• Artem Kalinkin, Svetlana Golub, Igor Korkin, Danil Pyatovskiy
  Ransomware detection based on machine learning models and Event Tracing for Windows
  https://www.semanticscholar.org/paper/Ransomware-detection-based-on-machine-learning-and-Kalinkin-Golub/ae5e53215f24a0e4eb38d834ac38a084cb86ce85  

• Igor Korkin, Claudiu Teodorescu, Andrey Golchikov 
  Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs
  In Proceedings of the BlackHat USA Conference, Las Vegas, USA, August 10, 2022.
  → All the details are here - https://www.blackhat.com/us-22/briefings/schedule/#blasting-event-driven-cornucopia-wmi-based-user-space-attacks-blind-siems-and-edrs-27211 
  
  Blasting Event Driven Cornucopia: WMI Edition - 
  Proceedings of the LABScon,  Scottsdale, Arizona, USA, September 23, 2022
  
  Blinding Endpoint Security Solutions: WMI attack vectors - 
  Proceedings of the EKOPARTY, Buenos Aires, Argentina, November 3-5, 2022

• Denis Pogonin and Igor Korkin
  Microsoft Defender Will Be Defended: MemoryRanger Prevents Blinding Windows AV
  → Proceedings of the 15th Annual ADFSL 2022 Conference on Digital Forensics, Security and Law, Florida, USA, Online, July 25, 2022, https://commons.erau.edu/adfsl/2022/presentations/7/
  → Proceedings of the ROOTCON 16, Philippines, Virtual, September 27, 2022, slides,  video

• Maxim Grishin and Igor Korkin
  Human-Controlled Fuzzing With AFL
  → Proceedings of the 15th Annual ADFSL 2022 Conference on Digital Forensics, Security and Law, Florida, USA, Online, July 25, 2022, https://commons.erau.edu/adfsl/2022/presentations/3/
  → Proceedings of the ROOTCON 16, Philippines, Virtual, September 27, 2022, slides, video

• Igor Korkin, Claudiu Teodorescu, Andrey Golchikov 
  Veni, No Vidi, No Vici: Attacks on ETW Blind EDR Sensors
  In Proceedings of the BlackHat Europe Conference, London, UK, November 10, 2021.
  All the details are here - https://www.blackhat.com/eu-21/briefings/schedule/#veni-no-vidi-no-vici-attacks-on-etw-blind-edr-sensors-24842   

• Igor Korkin, Svetlana Golub

• Slides "Your Linux Passwords Are in Danger: MimiDove Meets the Challenge"
  Texas Cyber Summit IV, Oct 29–30, 2021, USA, TX, San Antonio,
  All the details are here - https://igorkorkin.blogspot.com/2021/11/your-linux-passwords-are-in-danger.html  

• Conference Proceedings (a short paper) "Your Linux Passwords Are in Danger: MimiDove Meets the Challenge"
  The paper has been published in the IOSR Journal of Computer Engineering (IOSR-JCE)
  e-ISSN: 2278-0661, p-ISSN: 2278-8727, Volume 23, Issue 6,  Ser. I (Nov.  –Dec.  2021), pp. 27-28.
  https://www.iosrjournals.org/iosr-jce/papers/Vol23-issue6/Ser-1/C2306012728.pdf  and
  https://doi.org/10.9790/0661-2306012728  

• Full Paper "An Analysis of Local Security Authority Subsystem Services for Windows and Linux"
  The paper has been published in the Security of Information Technologies, 29 № 1, ( Feb-March, 2022),
  2074-7128 (Print); ISSN: 2074-7136 (On-Line), pp 57-69
  https://bit.mephi.ru/index.php/bit/issue/view/95 
  https://elibrary.ru/item.asp?id=48069755   

• Igor Korkin

• Paper "Protected Process Light is not Protected: MemoryRanger Fills The Gap Again"
  Systematic Approaches to Digital Forensic Engineering (SADFE) International Workshop in conjunction with the 42nd IEEE Symposium on Security and Privacy.
  in Proceedings of 2021 IEEE Symposium on Security and Privacy Workshops, San Francisco, CA, USA, May 24-27, 2021, pp.298-308, the paper  can be retrieved from https://conferences.computer.org/sp/pdfs/spw/2021/893400a298.pdf and  
  https://doi.org/10.1109/SPW53761.2021.00050 

• Conference "Protected Process Light will be Protected – MemoryRanger Fills the Gap Again"
  Texas Cyber Summit IV, Oct 29–30, 2021, USA, TX, San Antonio,
  https://texascyber.com/briefings_schedule/memoryranger/ 

All the details are here - https://igorkorkin.blogspot.com/2021/10/protected-process-light-will-be.html  

• Igor Korkin
  (Windows) Kernel Hijacking is Not an Option: MemoryRanger Comes to the Rescue Again
  In Proceedings of the Hack In The Box Security Conference (HITBLockdown002), July 25, 2020, Singapore
  The paper has been published in the Journal of Digital Forensics, Security and Law (JDFSL), Vol 16, No.1, Article 4, June 2021.
  All the details are here - https://igorkorkin.blogspot.com/2021/05/kernel-hijacking-is-not-option.html  

• Igor Korkin
  MemoryRanger Prevents Hijacking FILE_OBJECT Structures in Windows Kernel
  Journal of Digital Forensics, Security and Law, Vol 14, No 3, pp 1-10., 2019, ISSN: 1558-7223. Retrieved from
  https://commons.erau.edu/jdfsl/vol14/iss3/3/ 
  https://dx.doi.org/10.15394/jdfsl.2019.1625 

• Igor Korkin
  MemoryRanger Prevents Hijacking FILE_OBJECT Structures in Windows Kernel
  Proceedings of the 14th Annual ADFSL 2019 Conference on Digital Forensics, Security and Law, Daytona Beach, Florida, USA, May 15-16, 2019, ISSN 1931-7379. commons.erau.edu/adfsl/2019/paper-presentation/7/
  All the details are here - https://igorkorkin.blogspot.com/2019/04/memoryranger-prevents-hijacking.html   

• Igor Korkin
  Divide et Impera: MemoryRanger Runs Drivers in Isolated Kernel Spaces
  In Proceedings of the BlackHat Europe Conference, London, UK, December 5-6, 2018.
  All the details are here - igorkorkin.blogspot.com/2018/12/divide-et-impera-memoryranger-runs.html
  https://www.blackhat.com/eu-18/briefings/schedule/index.html#divide-et-impera-memoryranger-runs-drivers-in-isolated-kernel-spaces-12668  

• Igor Korkin
  Hypervisor-Based Active Data Protection for Integrity and Confidentiality of Dynamically Allocated Memory in Windows Kernel
  Proceedings of the 13th Annual ADFSL 2018 Conference on Digital Forensics, Security and Law, San Antonio, Texas, USA, May 17-18, 2018, ISSN 1931-7379.
  All the details are here - https://igorkorkin.blogspot.com/2018/03/hypervisor-based-active-data-protection.html 

• Igor Korkin, Satoshi Tanda
  Detect Kernel-Mode Rootkits via Real-Time Logging & Controlling Memory Access
  Proceedings of the 12th Annual ADFSL 2017 Conference on Digital Forensics, Security and Law, Daytona Beach, Florida, USA, 15-16 May 2017, ISSN 1931-7379.
  All the details are here - https://igorkorkin.blogspot.com/2017/03/memorymonrwx-detect-kernel-mode.html 

• Satoshi Tanda, Igor Korkin
  Monitoring & controlling kernel-mode events by HyperPlatform
  REcon conference, Montreal, Canada, 17-19 June 2016.
  All the details are here - https://igorkorkin.blogspot.com/2016/06/monitoring-controlling-kernel-mode.html

• Igor Korkin, Ivan Nesterov
  Acceleration of Statistical Detection of Zero-day Malware in the Memory Dump Using CUDA-enabled GPU Hardware
  Proceedings of the 11th Annual ADFSL 2016 Conference on Digital Forensics, Security and Law, Daytona Beach, Florida, USA, 24-26 May 2016, ISSN 1931-7379, pp 47-82
  All the details are here - https://igorkorkin.blogspot.com/2016/05/acceleration-of-statistical-detection.html

• Igor Korkin
  Two Challenges of Stealthy Hypervisors Detection: Time Cheating and Data Fluctuations
  Journal of Digital Forensics, Security and Law, Vol 10, No 2, pp 7-38., September 2015, ISSN: 1558-7223. Retrieved from commons.erau.edu/jdfsl/vol10/iss2/2
  dx.doi.org/10.15394/jdfsl.2015.1200

• Igor Korkin
  Two Challenges of Stealthy Hypervisors Detection: Time Cheating and Data Fluctuations
  Proceedings of the 10th Annual ADFSL 2015 Conference on Digital Forensics, Security and Law, Daytona Beach, Florida, USA, 19-21 May 2015, ISSN 1931-7379, pp 33-57
  All the details are here - https://igorkorkin.blogspot.com/2015/05/two-challenges-of-stealthy-hypervisors.html

• Igor Korkin, Ivan Nesterov
  Applying Memory Forensics to Rootkit Detection
  Proceedings of the 9th Annual ADFSL 2014 Conference on Digital Forensics, Security and Law, Richmond, Virginia, USA, 28-29 May 2014, ISSN 1931-7379, pp 115-141
  All the details are here - https://igorkorkin.blogspot.com/2014/07/applying-memory-forensics-to-rootkit.html

Other Publications in English:

• Igor Korkin
  Anti-Rootkits in the Era of Cyber Wars
  Hakin9 Extra Magazine, English Edition, Vol.2. No.7 Issue 07/2012 (11) ISSN 1733-7186. August 2012, pp 26-29

• Igor Korkin
  Strong Approach to Hardware-VM Rootkits Detection
  Hakin9 Extra Magazine, English Edition, Issue 06/2011 (6) ISSN 1733-7186. November 2011, pp 30-33

 Other Publications in Russian: 

• Korkin I. Y., Lyashenko V. A., Lipnitsky A. A., Pak M. A., Bykovsky P. S.
  Analysis of Memory Dump Approaches for the MAC OS
  Actual Scientific Research in the Modern World (Aktualʹnye naučnye issledovaniâ v sovremennom mire). ISSN: 2524-0986, Issues 6-2 (62), 2020. https://elibrary.ru/item.asp?id=43092509

• I. Y. Korkin, V.A. Poddubnyy
  Advanced Rootkit Detection Using Memory Forensics
  CyberSecurity, Issue 05/2019 (33), 75-82, August 18, 2019,  https://cyberrus.com/wp-content/uploads/2019/08/75-82-533-19_11.-Poddubnyy.pdf

• I. Y. Korkin, O.A. Kazakov
  Revealing Cryptocurrency Mining Malware via  Event Tracing for Windows (ETW)
  CyberSecurity, Issue 05/2019 (33), 83-88, August 18, 2019,  https://cyberrus.com/wp-content/uploads/2019/08/83-88-533-19_12.-Kazakov.pdf

• I. Y. Korkin, O. A. Kazakov
  Detection of Hidden Cryptocurrency Mining Malware in Windows OS
  7th International Scientific and Practical Conference 'Information Security Management in Modern Society', National Research University Higher School of Economics, Moscow, Russia, May 29-30, 2019, https://vipforum.ru/upload/events/vshe/Программа%20УИБ2019_Ф.pdf

• I. Y. Korkin, V. A. Poddubnyy
  Detection of Hidden Executable Code in Windows Memory
  7th International Scientific and Practical Conference 'Information Security Management in Modern Society', National Research University Higher School of Economics, Moscow, Russia, May 29-30, 2019, https://vipforum.ru/upload/events/vshe/Программа%20УИБ2019_Ф.pdf

• I. Y. Korkin
  Cyber-Security of Autonomous Wireless Medical Devices For Supporting Life
  Skolkovo Cybersecurity Challenge 2016 (Cyberday Conference 2016), Moscow, Russia

• I. Y. Korkin
  Rootkits: Security Issues and Trends
  Hacker Magazine, Issue 05/2013 (172), ISSN 1609-1019, 74-79.

• I. Y. Korkin
  Hypervisor Level Detection Method in Computer Systems
  21 Russian Scientific Conference "Methods and technical tools of information security", 2012, 110-113.

• A. E. Zhukov, I. Y. Korkin, B. M. Sukhinin
  Processor Instructions Execution Models in Computer Systems Supporting Hardware Virtualization When an Intruder Takes Detection Countermeasures
  Security of Information Technologies №1, 2012, ISSN 2074-7128, 85-89.

• I. Y. Korkin
  The Proof of Statistical Criteria for Hardware Virtualization-Based Rootkits Detection in Computer Systems
  Security of Information Technologies №1, 2012, ISSN 2074-7128, 90-92.

• I. Y. Korkin
  Detection of Nested Virtual Machine Monitors (Hypervisors)
  High Availability Systems №2, 2011, ISSN 2072-9472, 76-77.

• I. Y. Korkin
  Statistical Detection of Nested Virtual Machine Monitors
  20 Russian Scientific Conference "Methods and technical tools of information security", 2011, 146-147.

• I. Y. Korkin
  New Statistical Metrics and Methods of Virtual Machines Monitors Detection in Computer Systems
  Natural and Engineering Sciences №4, 2011, ISSN 1684-2626, 498-502.

• I. Y. Korkin
  Detection Hardware Virtual Machine Based Rootkits Method with Caching Approach
  Security of Information Technologies №1, 2011, ISSN 2074-7128, 101-103.

• I. Y. Korkin
  Statistical Identification of Computer Systems’ Modes
  15 Conference "Telecommunications and New Information Technologies in Education", 2011, 163.

• I. Y. Korkin
  A New Approach to Identify Hardware Virtualization in Computer Systems
  14 International Telecommunication Conference of Students and Young Scientists' "Youth and Science", 2010, 241-242.

• I. Y. Korkin
  Virtual Machine Monitors Detection Method
  19 Russian Scientific Conference "Methods and technical tools of information security", 2010, 113-114. 

• I. Y. Korkin
  Hardware Virtualization Method Detection in Computer Systems
  17 Russian Scientific Conference "Information security issues in universities system", 2010, 114-115.

• I. Y. Korkin
  Stealthy Processes Detection Method in Windows
  16 Russian Scientific Conference "Information security issues in universities system", 2009, 111-112.

• I. Y. Korkin
  Stealthy Malware Technologies and New Ways of Detecting Them
  Security of Information Technologies №1, 2009, ISSN 2074-7128, 43-46.

• I. Y. Korkin, P. I. Prokopsev, P. P. Pavlishin, E. A. Semenkova
  Measuring the sharp surface of cutting tools (Cutter profilometer)
  Journal of “Tractors and agricultural machinery”, №5, 2005, ISSN 0235-8573, 35-36.