Leveraging derivative virtual machine introspection methods for security applications

@inproceedings{Pfoh2013LeveragingDV,
  title={Leveraging derivative virtual machine introspection methods for security applications},
  author={Jonas Pfoh},
  year={2013}
}
Virtual machine introspection (VMI) describes the method of monitoring, analyzing, and manipulating the state of a virtual machine from the hypervisor level. This lends itself to many security applications, though they all share a single fundamental challenge: One must address the fact that the hypervisor has no semantic knowledge about what the system state means (e. g., where key data structures are). Traditionally, this semantic knowledge is simply delivered to the hypervisor in the form of… CONTINUE READING