Issue No.03 - May/June (2007 vol.5)
Tom Liston , Intelguardians
Matthew Carpenter , Intelguardians
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.63
With security researchers relying on virtual machine environments (VMEs) in their analysis work, attackers and their malicious code have a significant stake in detecting the presence of a virtual machine. Virtualization, by its very nature, creates systems that have different characteristics from real machines. From a theoretical perspective, any difference between the virtual and the real could lead to a fingerprinting opportunity for attackers. This article focuses on detection techniques and mitigation options for the most widely deployed VME product today, VMware.
virtual, virtualization, honey pots, malware
Tom Liston, Matthew Carpenter, "Hiding Virtualization from Attackers and Malware", IEEE Security & Privacy, vol.5, no. 3, pp. 62-65, May/June 2007, doi:10.1109/MSP.2007.63