Fig. 5From: Hypervisor-assisted dynamic malware analysisPhysical address space as perceived by the guest and I/O peripherals (right). Physical page A contains code/data of the hypervisor and therefore read-only rights. Physical page B contains code/data of the guest’s OS and therefore has full rights (RWX). Physical page C contains code/data of the monitoring component and therefore has read-only rightsBack to article page