A3 Book section, Chapters in research books
Practical Evasion of Red Pill in Modern Computers (2022)
Resh, A., Zaidenberg, N., & Kiperberg, M. (2022). Practical Evasion of Red Pill in Modern Computers. In M. Lehto, & P. Neittaanmäki (Eds.), Cyber Security : Critical Infrastructure Protection (pp. 461-473). Springer. Computational Methods in Applied Sciences, 56. https://doi.org/10.1007/978-3-030-91293-2_20
JYU authors or editors
Publication details
All authors or editors: Resh, Amit; Zaidenberg, Nezer; Kiperberg, Michael
Parent publication: Cyber Security : Critical Infrastructure Protection
Parent publication editors: Lehto, Martti; Neittaanmäki, Pekka
ISBN: 978-3-030-91292-5
eISBN: 978-3-030-91293-2
Journal or series: Computational Methods in Applied Sciences
ISSN: 1871-3033
eISSN: 2543-0203
Publication year: 2022
Number in series: 56
Pages range: 461-473
Number of pages in the book: 484
Publisher: Springer
Place of Publication: Cham
Publication country: Switzerland
Publication language: English
DOI: https://doi.org/10.1007/978-3-030-91293-2_20
Publication open access: Not open
Publication channel open access:
Abstract
The blue pill is a malicious stealthy hypervisor-based rootkit. The red pill is a software package designed to detect blue pills or hypervisors in general. Ever since the blue pill was originally proposed, there has been an ongoing arms race between developers trying to develop stealthy hypervisors and developers trying to detect such stealthy hypervisors. Hypervisors can also be used for monitoring and forensic purposes, while malicious software may include a red pill component to discover such a hypervisor in order to evade it. This chapter discusses a practical approach to counter such malicious software by evading the red pill components.
Keywords: data security; virtualisation; malware
Free keywords: virtualization; forensics; information security; red pill
Contributing organizations
Ministry reporting: Yes
Reporting Year: 2022
JUFO rating: 1
Parent publication with JYU authors:
