{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T18:38:29Z","timestamp":1779907109215,"version":"3.53.1"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319034904","type":"print"},{"value":"9783319034911","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-319-03491-1_4","type":"book-chapter","created":{"date-parts":[[2013,11,24]],"date-time":"2013-11-24T19:47:31Z","timestamp":1385322451000},"page":"53-69","source":"Crossref","is-referenced-by-count":2,"title":["Active File Integrity Monitoring Using Paravirtualized Filesystems"],"prefix":"10.1007","author":[{"given":"Michael","family":"Velten","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Sascha","family":"Wessel","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Frederic","family":"Stumpf","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Claudia","family":"Eckert","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Kim, G.H., Spafford, E.H.: The design and implementation of Tripwire: A file system integrity checker. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 18\u201329. ACM (1994)","DOI":"10.1145\/191177.191183"},{"key":"4_CR2","first-page":"43","volume":"1","author":"S. Smalley","year":"2001","unstructured":"Smalley, S., Vance, C., Salamon, W.: Implementing SELinux as a Linux security module. NAI Labs Report\u00a01, 43 (2001)","journal-title":"NAI Labs Report"},{"key":"4_CR3","unstructured":"Garfinkel, T., Rosenblum, M.: A Virtual Machine Introspection Based Architecture for Intrusion Detection. In: Proc. Network and Distributed Systems Security Symposium, pp. 191\u2013206 (2003)"},{"issue":"5","key":"4_CR4","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2008.134","volume":"6","author":"K. Nance","year":"2008","unstructured":"Nance, K., Bishop, M., Hay, B.: Virtual machine introspection: Observation or interference? IEEE Security & Privacy\u00a06(5), 32\u201337 (2008)","journal-title":"IEEE Security & Privacy"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Jones, S.T., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: Antfarm: Tracking processes in a virtual machine environment. In: Proceedings of the USENIX Annual Technical Conference, pp. 1\u201314 (2006)","DOI":"10.1145\/1168917.1168861"},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Payne, B.D., de Carbone, M.D.P., Lee, W.: Secure and flexible monitoring of virtual machines. In: Twenty-Third Annual Computer Security Applications Conference, ACSAC 2007, pp. 385\u2013397 (2007)","DOI":"10.1109\/ACSAC.2007.10"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Payne, B.D., Carbone, M., Sharif, M., Lares, W.L.: An architecture for secure active monitoring using virtualization. In: IEEE Symposium on Security and Privacy, SP 2008, pp. 233\u2013247. IEEE (2008)","DOI":"10.1109\/SP.2008.24"},{"key":"4_CR8","unstructured":"Quynh, N.A., Suzaki, K.: Xenprobes, a lightweight user-space probing framework for xen virtual machine. In: USENIX Annual Technical Conference Proceedings (2007)"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Zhao, F., Jiang, Y., Xiang, G., Jin, H., Jiang, W.: VRFPS: A Novel Virtual Machine-Based Real-time File Protection System. In: Proceedings of the 2009 Seventh ACIS International Conference on Software Engineering Research, Management and Applications, SERA 2009, Washington, DC, USA, pp. 217\u2013224 (2009)","DOI":"10.1109\/SERA.2009.23"},{"key":"4_CR10","first-page":"45","volume-title":"Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005","author":"E. Hensbergen Van","year":"2005","unstructured":"Van Hensbergen, E., Minnich, R.: Grave Robbers from outer space using 9P2000 under Linux. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005, p. 45. USENIX Association, Berkeley (2005)"},{"key":"4_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"324","DOI":"10.1007\/978-3-642-37682-5_23","volume-title":"Information Security and Cryptology \u2013 ICISC 2012","author":"M. Velten","year":"2013","unstructured":"Velten, M., Stumpf, F.: Secure and Privacy-Aware Multiplexing of Hardware-Protected TPM Integrity Measurements among Virtual Machines. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol.\u00a07839, pp. 324\u2013336. Springer, Heidelberg (2013)"},{"issue":"5","key":"4_CR12","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1145\/1400097.1400108","volume":"42","author":"R. Russell","year":"2008","unstructured":"Russell, R.: Virtio: towards a de-facto standard for virtual I\/O devices. ACM SIGOPS Operating Systems Review\u00a042(5), 95\u2013103 (2008)","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"4_CR13","unstructured":"Trusted Platform Module, Main Specification, Level 2, Version 1.2, Revision 116 (2011), http:\/\/www.trustedcomputinggroup.org\/resources\/tpm_main_specification"},{"key":"4_CR14","unstructured":"Plan 9 \u2013 9P2000.L Protocol, https:\/\/code.google.com\/p\/diod\/w\/list"},{"key":"4_CR15","unstructured":"Tool Interface Standard (TIS) \u2013 Executable and Linking Format (ELF) Specification (May 1995), http:\/\/refspecs.linuxbase.org\/elf\/elf.pdf"},{"key":"4_CR16","volume-title":"Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004","author":"R. Sailer","year":"2004","unstructured":"Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004, vol.\u00a013. USENIX Association, Berkeley (2004)"},{"key":"4_CR17","unstructured":"Native Linux KVM Tool, https:\/\/github.com\/penberg\/linux-kvm"},{"key":"4_CR18","unstructured":"Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: kvm: the Linux virtual machine monitor. In: OLS 2007: Proceedings of the Linux Symposium, vol.\u00a01, pp. 225\u2013230 (June 2007)"},{"key":"4_CR19","volume-title":"Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005","author":"F. Bellard","year":"2005","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005. USENIX Association, Berkeley (2005)"},{"key":"4_CR20","unstructured":"Wessel, S., Stumpf, F.: Page-based Runtime Integrity Protection of User and Kernel Code. In: 5th European Workshop on System Security (2012)"},{"key":"4_CR21","first-page":"243","volume-title":"Proceedings of the 17th Conference on Security Symposium, SS 2008","author":"L. Litty","year":"2008","unstructured":"Litty, L., Lagar-Cavilla, H.A., Lie, D.: Hypervisor support for identifying covertly executing binaries. In: Proceedings of the 17th Conference on Security Symposium, SS 2008, pp. 243\u2013258. USENIX Association, Berkeley (2008)"},{"key":"4_CR22","unstructured":"Patil, S., Kashyap, A., Sivathanu, G., Zadok, E.: I3FS: An in-kernel integrity checker and intrusion detection file system. In: Proceedings of the 18th Annual Large Installation System Administration Conference, LISA 2004 (2004)"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Azab, A.M., Ning, P., Sezer, E.C., Zhang, X.: HIMA: A Hypervisor-Based Integrity Measurement Agent. In: ACSAC, pp. 461\u2013470. IEEE Computer Society (2009)","DOI":"10.1109\/ACSAC.2009.50"}],"container-title":["Lecture Notes in Computer Science","Trusted Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-03491-1_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,3]],"date-time":"2019-08-03T21:15:04Z","timestamp":1564866904000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-03491-1_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783319034904","9783319034911"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-03491-1_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}