AMD SimNow Simulator 4.4.4 Manual de usuario descargar pdf (Pagina 31)

CHAPTER 6

CONCLUSION

In this thesis, we design, implement, and evaluate the architecture of MAVMM,

a lightweight VMM designed specially for malware analysis. MAVMM does

not implement unnecessary virtualization features commonly found in gen-

eral purpose hypervisors. Hardware virtualization support oﬀers MAVMM

simplicity, security and transparency. We proved that our system can ex-

tract useful information, and that it is not susceptible to known virtualiza-

tion detection techniques. Thus, it can achieve higher accuracy than current

state-of-the-art malware analysis platforms.

Another important goal that we started with was to provide the research

community with a simple and easy-to-enhance hardware-supported virtu-

alization framework. This framework could be useful for prototyping new

functionality below OS level. Such services include OS debugging, security

auditing, logging, and replaying, etc. By being simple (around 4000 lines

of code) and well documented (even larger amount of comments), MAVMM

makes it easy for other researchers to add new functions to it, or modify it to

serve their purposes. Our implementation of MAVMM and updates on our

project can be found at mavmm.sourceforge.net

1 2 ... 26 27 28 29 30 31 32 33 34 35 36 37

Sin comentarios

AMD SimNow Simulator 4.4.4 Manual de usuario Pagina 31