August 6, 2008
One of the most promising areas of innovation from a blackhat whitehat standpoint in research is the area of hardware based virtualization. So basically after the 5 year trend of software based virtualization VMware, VirtualPC ectera, AMD and Intel and others implemented hardware support for virtual machines. One physical box hosts multiple OS versions or Guest OS’s with emulated calls to the abstracted hardware layer yet all machines can share access to the underlying hardware functionality. The term hypervisor came into being that basically shrunk, and optimized the software used to manage virtual machines, and added a bunch of enterprise management and security features.
Security researchers have primarily four goals, creation of virtualization rootkits, escaping the Virtual machine to affect other virtual machines or the host OS/hypervisor, makeing the hypervisor undetectable to malware and malware being able to detect that its running in a virtualized environment.