Friday, January 26, 2007

Attacks on Virtual Machine Emulators

Abstract

As virtual machine emulators have become commonplace in the analysis of malicious code, malicious code has started to fight back. This paper describes known attacks against the most widely used virtual machine emulators (VMware and VirtualPC). This paper also demonstrates newly discovered attacks on other virtual machine emulators (Bochs, Hydra, QEMU, and Xen), and describes how to defend against them.

Paper by Peter Ferrie, Senior Principal Researcher, Symantec Advanced Threat Research

Full PDF

No comments:

Post a Comment