The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Application of VMware Anti-Detection Methods on the ReAssure Testbed

Author

Daryel Wisely and Pascal Meunier

Tech report number

CERIAS TR 2009-26

Entry type

techreport

Abstract

We reviewed common methods for detecting a VMware guest OS, with a focus on Linux OSes. We ported relevant Windows code, and measured the performance impact of trying to evade detection. We discuss the applicability of those evasion techniques to testbeds such as the Purdue CERIAS ReAssure testbed. This work was funded under the NSF Research Experience for Undergraduates program.

Date

2009 – 9 – 20

Institution

Purdue University

Key alpha

Meunier

Affiliation

Purdue University CERIAS

Publication Date

2009-09-20

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.