Paper on fooling malware that they're not in a sandbox

Very interesting paper

From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation


My first take is that if malware is becoming virtual sandbox aware, can we fake visualization on our physical hosts so the malware goes away?