Traditionally, security systems (e.g. antivirus, antispyware, etc.) attempt to identify, eliminate, prevent, etc. infection by malware. For example, the security systems may identify malware executing on an operating system utilizing signature scanning, heuristics, behavior patterns. etc. However, such security systems have customarily exhibited various limitations, such as, for example, in situations where hardware virtualization is utilized.
For example, malware utilizing hardware virtualization has generally been incapable of being identified using current security systems. Such malware may move a currently executing operating system into a virtual machine, such that the malware may not be detectable by a security system. Thus, moving the operating system into the virtual machine may result in the security system executing inside the virtual machine, such that the security system is therefore unable to identify the presence of the malware.
There is thus a need for addressing these and/or other issues associated with the prior art.