{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,2]],"date-time":"2025-05-02T04:13:01Z","timestamp":1746159181020,"version":"3.40.4"},"publisher-location":"New York, NY","reference-count":82,"publisher":"Springer New York","isbn-type":[{"type":"print","value":"9781461492771"},{"type":"electronic","value":"9781461492788"}],"license":[{"start":{"date-parts":[[2013,12,7]],"date-time":"2013-12-07T00:00:00Z","timestamp":1386374400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2013,12,7]],"date-time":"2013-12-07T00:00:00Z","timestamp":1386374400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-1-4614-9278-8_14","type":"book-chapter","created":{"date-parts":[[2014,1,23]],"date-time":"2014-01-23T08:28:40Z","timestamp":1390465720000},"page":"303-324","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Software Cruising: A New Technology for Building Concurrent Software Monitor"],"prefix":"10.1007","author":[{"given":"Dinghao","family":"Wu","sequence":"first","affiliation":[]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Qiang","family":"Zeng","sequence":"additional","affiliation":[]},{"given":"Donghai","family":"Tian","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,12,7]]},"reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS \u201905), pp.\u00a0340\u2013353 (2005)","DOI":"10.1145\/1102120.1102165"},{"key":"14_CR2","unstructured":"Akritidis, P., Costa, M., Castro, M., Hand, S.: Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors. In: USENIX Security \u201909, pp.\u00a051\u201366 (2009)"},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"Austin, T.M., Breach, S.E., Sohi, G.S.: Efficient detection of all pointer and array access errors. In: Proceedings of the ACM SIGPLAN conference on Programming language design and implementation, PLDI \u201904, pp.\u00a0290\u2013301 (2004)","DOI":"10.1145\/773473.178446"},{"key":"14_CR4","unstructured":"Avijit, K., Gupta, P.: Tied, libsafeplus, tools for runtime buffer overflow protection. In: USENIX Security \u201904, pp.\u00a04\u20134 (2004)"},{"key":"14_CR5","doi-asserted-by":"crossref","unstructured":"Baliga, A., Ganapathy, V., Iftode, L.: Automatic inference and enforcement of kernel data structure invariants. In: ACSAC \u201908: Proceedings of the 2008 Annual Computer Security Applications Conference, pp.\u00a077\u201386. IEEE Computer Society, Washington, DC, USA (2008). DOI\u00a0http:\/\/dx.doi.org\/10.1109\/ACSAC.2008.29","DOI":"10.1109\/ACSAC.2008.29"},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"Barrantes, E.G., Ackley, D.H., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the ACM conference on Computer and communications security, CCS \u201903, pp.\u00a0281\u2013289 (2003)","DOI":"10.1145\/948109.948147"},{"key":"14_CR7","unstructured":"Berger, E.D.: HeapShield: Library-based heap overflow protection for free. Tech. Report UMCS TR-2006-28, Univ.\u00a0of Mass.\u00a0Amherst (2006)"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Berger, E.D., Zorn, B.G.: DieHard: probabilistic memory safety for unsafe languages. In: Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation, PLDI \u201906, pp.\u00a0158\u2013168. ACM, New York, NY, USA (2006). DOI\u00a0http:\/\/doi.acm.org\/10.1145\/1133981.1134000. URL http:\/\/doi.acm.org\/10.1145\/1133981.1134000","DOI":"10.1145\/1133255.1134000"},{"key":"14_CR9","unstructured":"Bhatkar, E., Duvarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: USENIX Security \u201903, pp.\u00a0105\u2013120 (2003)"},{"key":"14_CR10","unstructured":"Castro, M., Costa, M., Harris, T.: Securing software by enforcing data-flow integrity. In: Proceedings of the 7th symposium on Operating systems design and implementation, OSDI \u201906, pp.\u00a0147\u2013160. USENIX Association, Berkeley, CA, USA (2006). URL http:\/\/dl.acm.org\/citation.cfm?id=1298455.1298470"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Chatterjee, S., Lahiri, S., Qadeer, S., Rakamaric, Z.: A reachability predicate for analyzing low-level software. In: O.\u00a0Grumberg, M.\u00a0Huth (eds.) Proceedings of the 13th international conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS\u201907), Lecture Notes in Computer Science, vol.\u00a04424, pp.\u00a019\u201333. Springer Berlin Heidelberg (2007). DOI\u00a010.1007\/978-3-540-71209-1_4. URL http:\/\/dx.doi.org\/10.1007\/978-3-540-71209-1_4","DOI":"10.1007\/978-3-540-71209-1_4"},{"key":"14_CR12","unstructured":"Chiueh, T.C., Hsu, F.H.: RAD: A compile-time solution to buffer overflow attacks. In: Proceedings of the The 21st International Conference on Distributed Computing Systems (ICDCS \u201901), pp.\u00a0409\u2013417 (2001)"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Condit, J., Hackett, B., Lahiri, S.K., Qadeer, S.: Unifying type checking and property checking for low-level code. In: Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, POPL \u201909, pp.\u00a0302\u2013314. ACM, New York, NY, USA (2009). DOI\u00a0http:\/\/doi.acm.org\/10.1145\/1480881.1480921. URL http:\/\/doi.acm.org\/10.1145\/1480881.1480921","DOI":"10.1145\/1480881.1480921"},{"key":"14_CR14","unstructured":"Cowan, C., Beattie, S.: PointGuard: protecting pointers from buffer overflow vulnerabilities. In: USENIX Security \u201903, pp.\u00a091\u2013104 (2003)"},{"key":"14_CR15","unstructured":"Cowan, C., Pu, C.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: USENIX Security \u201998, pp.\u00a063\u201378 (1998)"},{"key":"14_CR16","unstructured":"Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-variant systems: a secretless framework for security through diversity. In: USENIX Security \u201906, pp.\u00a0105\u2013120 (2006)"},{"issue":"5","key":"14_CR17","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1145\/360051.360056","volume":"19","author":"D. Denning","year":"1976","unstructured":"Denning, D.: A lattice model of secure information flow. Communications of the ACM 19(5), 236\u2013243 (1976)","journal-title":"Communications of the ACM"},{"key":"14_CR18","doi-asserted-by":"crossref","unstructured":"Dor, N., Rodeh, M., Sagiv, M.: CSSV: towards a realistic tool for statically detecting all buffer overflows in C. In: Proceedings of the ACM SIGPLAN conference on Programming language design and implementation, PLDI \u201903, pp.\u00a0155\u2013167 (2003)","DOI":"10.1145\/780822.781149"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"Efstathopoulos, P., Krohn, M., VanDeBogart, S., Frey, C., Ziegler, D., Kohler, E., Mazieres, D., Kaashoek, F., Morris, R.: Labels and event processes in the Asbestos operating system. In: Proceedings of the Nineteenth ACM SIGOPS symposium on Operating systems principles, SOSP \u201905 (2005)","DOI":"10.1145\/1095810.1095813"},{"key":"14_CR20","unstructured":"Electric Fence: Malloc debugger. http:\/\/directory.fsf.org\/project\/ElectricFence\/"},{"key":"14_CR21","unstructured":"Frantzen, M., Shuey, M.: StackGhost: Hardware facilitated stack protection. In: USENIX Security \u201901, pp.\u00a055\u201366 (2001)"},{"key":"14_CR22","unstructured":"Hastings, R., Joyce, B.: Purify: Fast detection of memory leaks and access errors. In: the Winter 1992 Usenix Conference, pp.\u00a0125\u2013136 (1992)"},{"issue":"3","key":"14_CR23","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S.A. Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of Computer Security 6(3), 151\u2013180 (1998). URL http:\/\/dl.acm.org\/citation.cfm?id=1298081.1298084","journal-title":"Journal of Computer Security"},{"key":"14_CR24","unstructured":"IBM: ProPolice detector. http:\/\/www.trl.ibm.com\/projects\/security\/ssp\/"},{"key":"14_CR25","unstructured":"IBM System\/370 Extended Architecture, Principles of Operations: IBM Publication No.\u00a0SA22-7085 (1983)"},{"key":"14_CR26","unstructured":"Jim, T., Morrisett, J.G., Grossman, D., Hicks, M.W., Cheney, J., Wang, Y.: Cyclone: A safe dialect of C. In: USENIX Annual Technical Conference (ATC \u201902), pp.\u00a0275\u2013288 (2002)"},{"key":"14_CR27","unstructured":"Keromytis, A.D.: The case for self-healing software. In: Aspects of Network and Information Security: Proceedings NATO Advanced Studies Institute (ASI) on Network Security and Intrusion Detection (2005)"},{"key":"14_CR28","unstructured":"King, S.T., Chen, P.M.: Backtracking intrusions. In: Proceedings of the nineteenth ACM symposium on Operating systems principles, SOSP \u201903, pp.\u00a0223\u2013236. ACM, New York, NY, USA (2003). DOI\u00a010.1145\/945445.945467. URL http:\/\/doi.acm.org\/10.1145\/945445.945467"},{"key":"14_CR29","unstructured":"Kiriansky, V., Bruening, D., Amarasinghe, S.P.: Secure execution via program shepherding. In: USENIX Security \u201902, pp.\u00a0191\u2013206 (2002)"},{"key":"14_CR30","volume-title":"Information flow control for standard OS abstractions","author":"M. Krohn","year":"2007","unstructured":"Krohn, M., Yip, A., Brodsky, M., Cliffer, N., Kaashoek, M.F., Kohler, E., Morris, R.: Information flow control for standard OS abstractions. In: Proceedings of the twenty-first ACM SIGOPS symposium on Operating systems principles, SOSP (2007)"},{"key":"14_CR31","doi-asserted-by":"crossref","unstructured":"Lahiri, S.K., Qadeer, S.: Verifying properties of well-founded linked lists. In: Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, POPL \u201906, pp.\u00a0115\u2013126. ACM, New York, NY, USA (2006). DOI\u00a0http:\/\/doi.acm.org\/10.1145\/1111037.1111048. URL http:\/\/doi.acm.org\/10.1145\/1111037.1111048","DOI":"10.1145\/1111037.1111048"},{"issue":"2","key":"14_CR32","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1109\/TSE.1977.229904","volume":"3","author":"L. Lamport","year":"1977","unstructured":"Lamport, L.: Proving the correctness of multiprocess programs. IEEE Trans. Softw. Eng. 3(2), 125\u2013143 (1977)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"6","key":"14_CR33","doi-asserted-by":"publisher","first-page":"491","DOI":"10.1109\/TPDS.2004.8","volume":"15","author":"M.M. Michael","year":"2004","unstructured":"Michael, M.M.: Hazard pointers: Safe memory reclamation for lock-free objects. IEEE Trans. Parallel Distrib. Syst. 15(6), 491\u2013504 (2004)","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"14_CR34","doi-asserted-by":"crossref","unstructured":"Myers, A., Liskov, B.: Protecting privacy using the decentralized label model. ACM Transactions on Computer Systems (2000)","DOI":"10.1145\/363516.363526"},{"key":"14_CR35","unstructured":"Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: Proceedings of the sixteenth ACM symposium on Operating systems principles, SOSP \u201997, pp.\u00a0129\u2013142. ACM, New York, NY, USA (1997). DOI\u00a010.1145\/268998.266669. URL http:\/\/doi.acm.org\/10.1145\/268998.266669"},{"issue":"3","key":"14_CR36","doi-asserted-by":"publisher","first-page":"477","DOI":"10.1145\/1065887.1065892","volume":"27","author":"G.C. Necula","year":"2005","unstructured":"Necula, G.C., Condit, J., Harren, M., McPeak, S., Weimer, W.: CCured: type-safe retrofitting of legacy software. ACM Trans. Program. Lang. Syst. 27(3), 477\u2013526 (2005)","journal-title":"ACM Trans. Program. Lang. Syst."},{"key":"14_CR37","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signaturegeneration of exploits on commodity software. In: Proceedings of the Network and Distributed System Security Symposium (NDSS \u201905) (2005)"},{"key":"14_CR38","unstructured":"NIST. SAMATE Reference Dataset: http:\/\/samate.nist.gov\/SRD"},{"key":"14_CR39","doi-asserted-by":"crossref","unstructured":"Novark, G., Berger, E.D.: DieHarder: securing the heap. In: Proceedings of the 17th ACM conference on Computer and communications security, CCS \u201910, pp.\u00a0573\u2013584. ACM, New York, NY, USA (2010). DOI\u00a0http:\/\/doi.acm.org\/10.1145\/1866307.1866371. URL http:\/\/doi.acm.org\/10.1145\/1866307.1866371","DOI":"10.1145\/1866307.1866371"},{"key":"14_CR40","unstructured":"Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: Proceedings of the 14th conference on USENIX Security Symposium - Volume 14, pp.\u00a0113\u2013128. USENIX Association, Berkeley, CA, USA (2005). URL http:\/\/dl.acm.org\/citation.cfm?id=1251398.1251406"},{"key":"14_CR41","doi-asserted-by":"crossref","unstructured":"Perkins, J.H., Kim, S., Larsen, S., Amarasinghe, S., Bachrach, J., Carbin, M., Pacheco, C., Sherwood, F., Sidiroglou, S., Sullivan, G., Wong, W.F., Zibin, Y., Ernst, M.D., Rinard, M.: Automatically patching errors in deployed software. In: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP \u201909, pp.\u00a087\u2013102. ACM, New York, NY, USA (2009). DOI\u00a0http:\/\/doi.acm.org\/10.1145\/1629575.1629585. URL http:\/\/doi.acm.org\/10.1145\/1629575.1629585","DOI":"10.1145\/1629575.1629585"},{"key":"14_CR42","doi-asserted-by":"crossref","unstructured":"Petroni Jr., N.L., Hicks, M.: Automated detection of persistent kernel control-flow attacks. In: Proceedings of the 14th ACM conference on Computer and communications security, CCS \u201907, pp.\u00a0103\u2013115 (2007)","DOI":"10.1145\/1315245.1315260"},{"key":"14_CR43","doi-asserted-by":"crossref","unstructured":"Portokalidis, G., Keromytis, A.D.: REASSURE: A self-contained mechanism for healing software using rescue points. In: Advances in Information and Computer Security\u20146th International Workshop, IWSEC 2011, Tokyo, Japan, November 8\u201310, 2011. Proceedings, Lecture Notes in Computer Science, vol.\u00a07038, pp.\u00a016\u201332. Springer (2011)","DOI":"10.1007\/978-3-642-25141-2_2"},{"key":"14_CR44","unstructured":"Prasad, M., Chiueh, T.C.: A binary rewriting defense against stack based buffer overflow attacks. In: Usenix Annual Technical Conference (Usenix ATC \u201903), pp.\u00a0211\u2013224 (2003)"},{"key":"14_CR45","unstructured":"Riley, R., Jiang, X., Xu, D.: Guest-transparent prevention of kernel rootkits with VMM-based memory shadowing. In: Proceedings of the 11th international conference on Recent advances in intrusion detection, RAID \u201908 (2008)"},{"key":"14_CR46","unstructured":"Robertson, W., Kruegel, C., Mutz, D., Valeur, F.: Run-time detection of heap-based overflows. In: Proceedings of the 17th Usenix Conference on System Administration (LISA \u201903), pp.\u00a051\u201360. Usenix Association, Berkeley, CA, USA (2003)"},{"key":"14_CR47","unstructured":"Roethlisberge, D.: Omnikey Cardman 4040 Linux driver buffer overflow (2007). http:\/\/www.securiteam.com\/unixfocus\/5CP0D0AKUA.html"},{"key":"14_CR48","unstructured":"Ruwase, O., Lam, M.S.: A practical dynamic buffer overflow detector. In: Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS \u201904), pp.\u00a0159\u2013169 (2004)"},{"key":"14_CR49","doi-asserted-by":"crossref","unstructured":"Salamat, B., Jackson, T., Gal, A., Franz, M.: Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space. In: Proceedings of the 4th ACM European conference on Computer systems (EuroSys \u201909), pp.\u00a033\u201346 (2009)","DOI":"10.1145\/1519065.1519071"},{"issue":"2","key":"14_CR50","first-page":"47","volume":"19","author":"F. Schneider","year":"2012","unstructured":"Schneider, F.: Blueprint for a science of cybersecurity. The Next Wave 19(2), 47\u201357 (2012)","journal-title":"The Next Wave"},{"key":"14_CR51","unstructured":"SecurityFocus: Wu-ftpd file globbing heap corruption (2001). http:\/\/www.securityfocus.com\/bid\/3581"},{"key":"14_CR52","unstructured":"SecurityFocus: Sudo password prompt heap overflow (2002). http:\/\/www.securityfocus.com\/bid\/4593"},{"key":"14_CR53","unstructured":"SecurityFocus: CVS directory request double free heap corruption (2003). http:\/\/www.securityfocus.com\/bid\/6650"},{"key":"14_CR54","unstructured":"SecurityFocus: Mozilla Firefox and Seamonkey regular expression parsing heap buffer overflow (2009). http:\/\/www.securityfocus.com\/bid\/35891"},{"key":"14_CR55","unstructured":"SecurityFocus: libHX \u2018HX_split()\u2019 remote heap-based buffer overflow (2010). http:\/\/www.securityfocus.com\/bid\/42592"},{"key":"14_CR56","unstructured":"SecurityFocus: Lynx browser \u2018convert_to_idna()\u2019 function remote heap based buffer overflow (2010). http:\/\/www.securityfocus.com\/bid\/42316"},{"key":"14_CR57","doi-asserted-by":"crossref","unstructured":"Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: Proceedings of the twenty-first ACM SIGOPS symposium on Operating systems principles, SOSP \u201907, pp.\u00a0335\u2013350 (2007)","DOI":"10.1145\/1323293.1294294"},{"key":"14_CR58","doi-asserted-by":"crossref","unstructured":"Sharif, M.I., Lee, W., Cui, W., Lanzi, A.: Secure in-VM monitoring using hardware virtualization. In: Proceedings of the 16th ACM conference on Computer and communications security, CCS \u201909, pp.\u00a0477\u2013487 (2009)","DOI":"10.1145\/1653662.1653720"},{"key":"14_CR59","doi-asserted-by":"crossref","unstructured":"Shehory, O.: SHADOWS: Self-healing complex software systems. In: Automated Software Engineering, pp.\u00a071\u201376 (2008). DOI\u00a010.1109\/ASEW.2008.4686296","DOI":"10.1109\/ASEW.2008.4686296"},{"key":"14_CR60","doi-asserted-by":"crossref","unstructured":"Sidiroglou, S., Laadan, O., Perez, C., Viennot, N., Nieh, J., Keromytis, A.D.: ASSURE: automatic software self-healing using rescue points. In: M.L. Soffa, M.J. Irwin (eds.) ASPLOS, pp.\u00a037\u201348. ACM (2009)","DOI":"10.1145\/1508284.1508250"},{"key":"14_CR61","unstructured":"Solar Designer: Non-executable user stack (1997). http:\/\/www.openwall.com\/linux\/"},{"key":"14_CR62","unstructured":"sqrkkyu, twzi: Attacking the core: Kernel exploiting notes (2007). http:\/\/phrack.org\/issues.html"},{"key":"14_CR63","unstructured":"Srivastava, A., Erete, I., Giffin, J.: Kernel data integrity protection via memory access control. Tech. Rep. GT-CS-09-04, Georgia Institute of Technology (2009)"},{"key":"14_CR64","unstructured":"StackShield: (2000). http:\/\/www.angelfire.com\/sk\/stackshield\/"},{"key":"14_CR65","unstructured":"The PaX project: http:\/\/pax.grsecurity.net\/"},{"key":"14_CR66","unstructured":"Tian, D., Zeng, Q., Wu, D., Liu, P., Hu, C.: Kruiser: Semi-synchronized non-blocking concurrent kernel heap buffer overflow monitoring. In: Proceedings of the 19th Network and Distributed System Security Symposium, NDSS \u201912 (2012)"},{"key":"14_CR67","doi-asserted-by":"crossref","unstructured":"Tiwari, M., Wassel, H.M., Mazloom, B., Mysore, S., Chong, F.T., Sherwood, T.: Complete information flow tracking from the gates up. In: Proceedings of the 14th international conference on Architectural support for programming languages and operating systems, ASPLOS XIV, pp.\u00a0 109\u2013120. ACM, New York, NY, USA (2009). DOI\u00a010.1145\/1508244.1508258. URL http:\/\/doi.acm.org\/10.1145\/1508244.1508258","DOI":"10.1145\/1508244.1508258"},{"key":"14_CR68","doi-asserted-by":"crossref","unstructured":"Tsai, T.K., Singh, N.: Libsafe: Transparent system-wide protection against buffer overflow attacks. In: Proceedings of the 2002 International Conference on Dependable Systems and Networks (DSN \u201902), pp.\u00a0541\u2013541 (2002)","DOI":"10.1109\/DSN.2002.1028963"},{"key":"14_CR69","unstructured":"US-CERT\/NIST: CVE-2008-1673. http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2008-1673"},{"key":"14_CR70","unstructured":"US-CERT\/NIST: CVE-2009-2407. http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2009-2407"},{"key":"14_CR71","unstructured":"US-CERT\/NIST: National vulnerability database, CVE-2002-0392. http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2002-0392"},{"key":"14_CR72","unstructured":"US-CERT\/NIST: National vulnerability database, CVE-2003-0252. http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2003-0252"},{"key":"14_CR73","unstructured":"Valgrind: http:\/\/valgrind.org\/"},{"key":"14_CR74","unstructured":"Wagner, D., Foster, J.S., Brewer, E.A., Aiken, A.: A first step towards automated detection of buffer overrun vulnerabilities. In: Proceedings of the 7th Network and Distributed System Security Symposium, NDSS \u201900, pp.\u00a03\u201317 (2000)"},{"key":"14_CR75","doi-asserted-by":"crossref","unstructured":"Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L.: Efficient software-based fault isolation. In: Proceedings of the fourteenth ACM symposium on Operating systems principles, SOSP \u201993, pp.\u00a0203\u2013216. ACM, New York, NY, USA (1993). DOI\u00a010.1145\/168619.168635. URL http:\/\/doi.acm.org\/10.1145\/168619.168635","DOI":"10.1145\/168619.168635"},{"key":"14_CR76","doi-asserted-by":"crossref","unstructured":"Wang, Z., Jiang, X., Cui, W., Ning, P.: Countering kernel rootkits with lightweight hook protection. In: CCS \u201909: Proceedings of the 16th ACM Conference on Computer and Communications Security (2009)","DOI":"10.1145\/1653662.1653728"},{"key":"14_CR77","doi-asserted-by":"crossref","unstructured":"Wei, J., Payne, B.D., Giffin, J., Pu, C.: Soft-timer driven transient kernel control flow attacks and defense. In: ACSAC \u201908: Proceedings of the 2008 Annual Computer Security Applications Conference, pp.\u00a097\u2013107. IEEE Computer Society, Washington, DC, USA (2008). DOI\u00a0http:\/\/dx.doi.org\/10.1109\/ACSAC.2008.40","DOI":"10.1109\/ACSAC.2008.40"},{"key":"14_CR78","unstructured":"Xiong, X., Tian, D., Liu, P.: Practical protection of kernel integrity for commodity OS from untrusted extensions. In: Proceedings of the Network and Distributed System Security Symposium, NDSS \u201911. The Internet Society (2011)"},{"key":"14_CR79","volume-title":"Architecture support for defending against buffer overflow attacks","author":"J. Xu","year":"2002","unstructured":"Xu, J., Kalbarczyk, Z., Patel, S., Iyer, R.: Architecture support for defending against buffer overflow attacks. In: Workshop Evaluating & Architecting Sys.\u00a0Depend. (2002)"},{"key":"14_CR80","doi-asserted-by":"crossref","unstructured":"Zeldovich, N., Boyd-Wickizer, S., Kohler, E., Mazieres, D.: Making information flow explicit in HiStar. Communications of the ACM (2011)","DOI":"10.1145\/2018396.2018419"},{"key":"14_CR81","unstructured":"Zeldovich, N., Kannan, H., Dalton, M., Kozyrakis, C.: Hardware enforcement of application security policies using tagged memory. In: Proceedings of the 8th USENIX conference on Operating systems design and implementation, OSDI\u201908, pp.\u00a0225\u2013240. USENIX Association, Berkeley, CA, USA (2008). URL http:\/\/dl.acm.org\/citation.cfm?id=1855741.1855757"},{"key":"14_CR82","doi-asserted-by":"crossref","unstructured":"Zeng, Q., Wu, D., Liu, P.: Cruiser: Concurrent heap buffer overflow monitoring using lock-free data structures. In: Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation, PLDI \u201911, pp.\u00a0367\u2013377. ACM, New York, NY, USA (2011). DOI\u00a0http:\/\/doi.acm.org\/10.1145\/1993498.1993541. URL http:\/\/doi.acm.org\/10.1145\/1993498.1993541","DOI":"10.1145\/1993316.1993541"}],"container-title":["Secure Cloud Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-1-4614-9278-8_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T16:51:06Z","timestamp":1746118266000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-1-4614-9278-8_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,12,7]]},"ISBN":["9781461492771","9781461492788"],"references-count":82,"URL":"https:\/\/doi.org\/10.1007\/978-1-4614-9278-8_14","relation":{},"subject":[],"published":{"date-parts":[[2013,12,7]]},"assertion":[{"value":"7 December 2013","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}