Security Investigate

A Hypervisor IPS Based on Hardware Assisted Virtualization Technology

Download now Free registration required

Executive Summary

Recently malware has become stealthier and thus harder to detect than ever before. Current malware uses many stealth techniques, such as dynamic code injection, rootkit technology and much more. Moreover, it has seen full kernel mode malware like Trojan.Srizbi. Many detection tools were released that specialize in kernel mode malware and especially in the detection of rootkits. However, these tools are a cat and mouse game, because they and the malware are executed on the same privilege level. This paper describes the stealth mechanisms used by recent malware and how to protect against such malware using a Hypervisor IPS.

  • Format: PDF
  • Size: 49.6 KB