Cardinal Pill Testing of System Virtual Machines

@inproceedings{Shi2014CardinalPT,
  title={Cardinal Pill Testing of System Virtual Machines},
  author={Hao Shi and Abdulla Alwabel and Jelena Mirkovic},
  booktitle={USENIX Security Symposium},
  year={2014}
}
Malware analysis relies heavily on the use of virtual machines for functionality and safety. There are subtle differences in operation between virtual machines and physical machines. Contemporary malware checks for these differences to detect that it is being run in a virtual machine, and modifies its behavior to thwart being analyzed by the defenders. Existing approaches to uncover these differences use randomized testing, or malware analysis, and cannot guarantee completeness. In this paper… CONTINUE READING
Highly Cited
This paper has 17 citations. REVIEW CITATIONS
13 Extracted Citations
23 Extracted References
Similar Papers

Citing Papers

Publications influenced by this paper.
Showing 1-10 of 13 extracted citations

Referenced Papers

Publications referenced by this paper.
Showing 1-10 of 23 references

Bochs: A Portable PC Emulator for Unix/X

  • K. P. LAWTON
  • Linux Journal,
  • 1996
Highly Influential
14 Excerpts

Scientific but Not Academical Overview of Malware Anti-Debugging, Anti-Disassembly and Anti-VM Technologies

  • R. R. BRANCO, G. N. BARBOSA, P. D. NETO
  • In Black Hat
  • 2012
2 Excerpts

Similar Papers

Loading similar papers…