Move paper build instruction to /paper/README.md

hippwn · hippwn · commit 1737917bf055 · 2020-03-04T21:15:47.000+01:00
diff --git a/README.md b/README.md
@@ -15,12 +15,6 @@ $ go get github.com/ShellCode33/VM-Detection/vmdetect
 
 Then see [main.go](https://github.com/ShellCode33/VM-Detection/blob/master/main.go) to use it in your own project.
 
-To build the paper, be sure to have Docker installed and run the following command inside the paper directory:
-
-```bash
-$ docker run --rm -it -v "$(pwd):/pandoc" dalibo/pandocker --pdf-engine=xelatex --template=eisvogel --listings --highlight-style espresso *.md -o paper.pdf
-```
-
 ## GNU/Linux techniques
 
 - Look for CPU vendor by trying out different assembly instructions ([cpuid](https://github.com/klauspost/cpuid/))
diff --git a/paper/31_common.md b/paper/31_common.md
@@ -37,5 +37,6 @@ any.
 Finally, low resources may be an indication that the operating system is
 running inside a sandbox or virtual machine. It surely cannot be used as the
 only clue but it can lead you to investigate: most sandboxes are ran on the
-laptop of the analyst, who often will give the fewest resources they can. That
-is why we look for resources below 3 vCPUs or 3 GB of RAM.
+laptop of the analyst, who often will give the fewest resources they can. This
+is why we consider machines with low resources (below 3GB of RAM and 3 CPUs) to
+be virtual machines.
diff --git a/paper/40_sources.md b/paper/40_sources.md
@@ -13,4 +13,8 @@
 - https://daks2k3a4ib2z.cloudfront.net/5757fcb8825e8dbc6c852e3c/59ad6c357ba794000108098c_Minerva_Introduction_to_Evasive_Techniques.pdf
 - https://en.wikipedia.org/wiki/Desktop_Management_Interface
 - https://github.com/torvalds/linux/blob/31cc088a4f5d83481c6f5041bd6eb06115b974af/arch/x86/kernel/cpu/hypervisor.c
-- https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.lhdd/lhdd_t_sysinfo.html
+- https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.lhdd/lhdd_t_sysinfo.html
+- https://fr.wikipedia.org/wiki/Contr%C3%B4le_d%27acc%C3%A8s_au_support
+- https://lwn.net/Articles/301888/
+- https://evasions.checkpoint.com
+
diff --git a/paper/README.md b/paper/README.md
@@ -0,0 +1,8 @@
+# Paper
+
+To build the paper, be sure to have Docker installed and run the following
+command inside the paper directory:
+
+```bash
+$ docker run --rm -it -v "$(pwd):/pandoc" dalibo/pandocker --pdf-engine=xelatex --template=eisvogel --listings --highlight-style espresso *.md -o paper.pdf
+```
