Abstract
We reviewed common methods for detecting a VMware guest OS, with a focus on Linux OSes. We ported relevant Windows code, and measured the performance impact of trying to evade detection. We discuss the applicability of those evasion techniques to testbeds such as the Purdue CERIAS ReAssure testbed. This work was funded under the NSF Research Experience for Undergraduates program.