Issue No.03 - May/June (2007 vol.5)
Matthew Carpenter , Intelguardians
Tom Liston , Intelguardians
Ed Skoudis , Intelguardians
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.63
With security researchers relying on virtual machine environments (VMEs) in their analysis work, attackers and their malicious code have a significant stake in detecting the presence of a virtual machine. Virtualization, by its very nature, creates systems that have different characteristics from real machines. From a theoretical perspective, any difference between the virtual and the real could lead to a fingerprinting opportunity for attackers. This article focuses on detection techniques and mitigation options for the most widely deployed VME product today, VMware.
virtual, virtualization, honey pots, malware
Matthew Carpenter, Tom Liston, Ed Skoudis, "Hiding Virtualization from Attackers and Malware", IEEE Security & Privacy, vol.5, no. 3, pp. 62-65, May/June 2007, doi:10.1109/MSP.2007.63