Description: Virtualization tools plays cat and mouse. Malware are studied into virtual environments, thus modifying their behavior to mimic inoensive programs and avoid detection. They discover more accurately their execution environment. Detection tools are stealthier, and tries to be as close as possible to real hardware behavior. A technological breakthrough happened when malware became the hypervisors, and lever-aged seamless virtualization.
This paper analyzes the actual state of this race. Detection techniques and counter measures are detailled.
Virtualization leverages security tools isolation and stealth. Malwares are able to virtualize the whole operating system on-they, and control all interactions with hardware without any hook. On the other side, it is a powerfull tool to analyze processes behaviors seamlessly.
The virtualization detection race is far from ended. Malware research shows that some tries to detect while other tries to be as seamless as possible.
For More Information Please Visit : - https://www.hackinparis.com/talk
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.