Issue No. 03 - May/June (2007 vol. 5)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.63
Matthew Carpenter , Intelguardians
Tom Liston , Intelguardians
Ed Skoudis , Intelguardians
With security researchers relying on virtual machine environments (VMEs) in their analysis work, attackers and their malicious code have a significant stake in detecting the presence of a virtual machine. Virtualization, by its very nature, creates systems that have different characteristics from real machines. From a theoretical perspective, any difference between the virtual and the real could lead to a fingerprinting opportunity for attackers. This article focuses on detection techniques and mitigation options for the most widely deployed VME product today, VMware.
virtual, virtualization, honey pots, malware
E. Skoudis, T. Liston and M. Carpenter, "Hiding Virtualization from Attackers and Malware," in IEEE Security & Privacy, vol. 5, no. , pp. 62-65, 2007.