@inproceedings{a53b4492e91e400ba9c9c245bc6a063a,
title = "Creating modern blue pills and red pills",
abstract = "The blue pill is a malicious stealthy hypervisor-based rootkit. The red pill is a software package that is designed to detect such blue pills. Since the blue pill was originally proposed there has been an ongoing arms race between developers that try to develop stealthy hypervisors and developers that try to detect such stealthy hypervisors. Furthermore, hardware advances have made several stealth attempts impossible while other advances enable even more stealthy operation. In this paper we describe the current status of detecting stealth hypervisors and methods to counter them.",
keywords = "Forensics, Information security, Virtualization",
author = "Asaf Algawi and Michael Kiperberg and Roee Leon and Amit Resh and Nezer Zaidenberg",
note = "Publisher Copyright: {\textcopyright} 2019, Curran Associates Inc. All rights reserved.; 18th European Conference on Cyber Warfare and Security, ECCWS 2019 ; Conference date: 04-07-2019 Through 05-07-2019",
year = "2019",
language = "אנגלית",
series = "European Conference on Information Warfare and Security, ECCWS",
publisher = "Curran Associates Inc.",
pages = "6--14",
editor = "Tiago Cruz and Paulo Simoes",
booktitle = "Proceedings of the 18th European Conference on Cyber Warfare and Security, ECCWS 2019",
}