1@article{mjs:Utin:Hypervisor,
 2  author = {Mikhail Utin},
 3  title = {Malicious Hypervisor Threat},
 4  subtitle = {Phase Two: How to Catch the Hypervisor},
 5  year = {2017},
 6  pages = {754-771},
 7  journaltitle = {Magdeburger Journal zur Sicherheitsforschung},
 8  issn = {2192-4260},
 9  url = {https://d-nb.info/1137360585/34},
10  codeberg = {https://codeberg.org/0xKaishakunin/Publikationen/src/branch/main/MagdeburgerJournalSicherheitsforschung/MJS_051_Utin_Hypervisor.pdf},
11  language = {DE},
12  issue = {1},
13  volume = {13},
14  urldate = {2017-05-28},
15  keywords = {mjsarticle,ds17,hypervisor,virtualisation,},
16  abstract = {In this article we\'re addressing the matters discussed at DeepSec 2014 (Utin M. 2014) and 2016 (Utin M. 2016) including the current status of the Malicious Hypervisor (MH) project \ and the available information concerning it. The first part of our research - Phase 1 – was our analysis of a few publicly available documents concerning the MH threat, caused by the exploitation of virtualization and the out-of-band management vulnerabilities. The second part - Phase 2 – is about identifying Malicious Hypervisor activity, the discussion of discovery methods and, finally, the testing results of our HyperCatcher MH identification software. The matter of the MH threat is still evolving and we\'re planning on to address that in the future in Phase 3. Unfortunately, there is no end to the story of virtualization, vulnerabilities and threats. It has started by the implementation of mainframe OS virtualization in a PC environment. The technology was thus transferred from closed and secure mainframe architecture to an open and diverse Internet world without any thought of possible security implications.},
17}

1. citenp:[mjs:Utin:Hypervisor]
2. cite:[mjs:Utin:Hypervisor]
3. bibitem[mjs:Utin:Hypervisor]

1. \textcite{mjs:Utin:Hypervisor}
2. \parencite{mjs:Utin:Hypervisor}
3. \cite{mjs:Utin:Hypervisor}