"Virtual Machine Introspection in a Hybrid Honeypot Architecture" with Volatility
In this paper, recently published at the 5th Workshop on Cyber Security Experimentation and Test, the researchers describe how they used Volatility in conjunction with LibVMI to create a hybrid honeypot architecture based on virtual machine introspection. They leverage Volatility’s powerful plugins to analyze the run time state of the systems and detect any changes that may arise. It’s great to see that researchers from top universities continue to publish research that builds upon The Volatility Framework (TVF). Shoutz to BDP and the rest of the research team!
