Hi list,
I'm a phd student, majoring in System Security. I'm looking for a research idea about Qemu/KVM security. What do think are the most important security problems for Qemu/KVM needed to be addressed or studied?
And how about this idea. I found out that lots of malware will detect the presence of hypervisors and refuse to refuse to execute their real code in a VM. The malwares do this to prevent security engineers from analyzing their code under a VM. Lots of detection methods have been proposed for many years. But hypervisors seem to not care about this issue.
So what do you think about making Qemu/KVM more undetectable to malwares? Is this idea viable?
Also any other thoughts about Qemu/KVM security you are interested in are welcome:)
Cheers,
Yang