{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T15:44:49Z","timestamp":1743003889548,"version":"3.40.3"},"publisher-location":"Cham","reference-count":19,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319271606"},{"type":"electronic","value":"9783319271613"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-27161-3_42","type":"book-chapter","created":{"date-parts":[[2015,11,17]],"date-time":"2015-11-17T23:38:40Z","timestamp":1447803520000},"page":"465-475","source":"Crossref","is-referenced-by-count":1,"title":["A Model of Dynamic Malware Analysis Based on VMI"],"prefix":"10.1007","author":[{"given":"Chengye","family":"Li","sequence":"first","affiliation":[]},{"given":"Yangyue","family":"Xiang","sequence":"additional","affiliation":[]},{"given":"Jiangyong","family":"Shi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,12,29]]},"reference":[{"key":"42_CR1","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"G Willems","year":"2007","unstructured":"Willems, G., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Secur. Priv. 5, 32\u201339 (2007)","journal-title":"IEEE Secur. Priv."},{"key":"42_CR2","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/s11416-006-0012-2","volume":"2","author":"U Bayer","year":"2006","unstructured":"Bayer, U., Moser, A., Kruegel, C., Kirda, E.: Dynamic analysis of malicious code. J. Comput. Virol. 2, 67\u201377 (2006)","journal-title":"J. Comput. Virol."},{"key":"42_CR3","unstructured":"Cuckoobox. \n                      http:\/\/www.cuckoosandbox.org\/"},{"key":"42_CR4","unstructured":"Xen. \n                      http:\/\/www.xenproject.org\/"},{"key":"42_CR5","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, X., Xu, D.: Stealthy malware detection through vmm-based out-of-the box semantic view reconstruction. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 128\u2013138 (2007)","DOI":"10.1145\/1315245.1315262"},{"key":"42_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-540-87403-4_3","volume-title":"Recent Advances in Intrusion Detection","author":"A Srivastava","year":"2008","unstructured":"Srivastava, A., Giffin, J.T.: Tamper-resistant, application-aware blocking of malicious network connections. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 39\u201358. Springer, Heidelberg (2008)"},{"key":"42_CR7","doi-asserted-by":"crossref","unstructured":"Nance, K., Bishop, M., Hay, B.: Investigating the implications of virtual machine introspection for digital forensics. In: International Conference on Availability, Reliability and Security, ARES 2009, pp. 1024\u20131029 (2009)","DOI":"10.1109\/ARES.2009.173"},{"key":"42_CR8","unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the Network and Distributed Systems Security Symposium, pp. 191\u2013206 (2003)"},{"key":"42_CR9","doi-asserted-by":"crossref","unstructured":"Payne, B.D., Carbone, M., Sharif, M., et al.: Lares: An architecture for secure active monitoring using virtualization. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy, pp. 233\u2013247. IEEE Computer Society (2008)","DOI":"10.1109\/SP.2008.24"},{"key":"42_CR10","doi-asserted-by":"crossref","unstructured":"Xiong, H., Liu, Z., Xu, W., et al.: Libvmi: a library for bridging the semantic gap between guest OS and VMM. In: International Conference on Computer and Information Technology, pp. 549\u2013556. IEEE (2012)","DOI":"10.1109\/CIT.2012.119"},{"key":"42_CR11","doi-asserted-by":"crossref","unstructured":"Lengyel, T.K., Maresca, S., Payne, B.D., et al.: Scalability, fidelity and stealth in the drakvuf dynamic malware analysis system. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 386\u2013395. ACM (2014)","DOI":"10.1145\/2664243.2664252"},{"key":"42_CR12","unstructured":"Guestfish. \n                      http:\/\/libguestfs.org\/guestfish.1.html"},{"key":"42_CR13","doi-asserted-by":"crossref","unstructured":"Payne, B.D.: Simplifying virtual machine introspection using libvmi. Sandia report (2012)","DOI":"10.2172\/1055635"},{"key":"42_CR14","unstructured":"Intel Corporation Intel 64 and IA-32 architectures software developer\u2019s manual, volume 3B (2008)"},{"key":"42_CR15","unstructured":"Nakajima, J.: Intel virtualization technology roadmap and VT-d support in Xen (2006)"},{"key":"42_CR16","doi-asserted-by":"crossref","unstructured":"Okolica, J.S., Peterson, G.L.: Extracting forensic artifacts from windows o\/s memory. Technical report, DTIC document (2011)","DOI":"10.21236\/ADA548397"},{"key":"42_CR17","doi-asserted-by":"crossref","unstructured":"Deng, Z., Zhang, X., Xu, D.: Spider: stealthy binary program instrumentation and debugging via hardware virtualization. In: Proceedings of the 29th Annual Computer Security Applications Conference, ACSAC 2013, New York, NY, USA. ACM (2013)","DOI":"10.1145\/2523649.2523675"},{"issue":"4","key":"42_CR18","doi-asserted-by":"publisher","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"key":"42_CR19","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1007\/978-3-642-37832-4_21","volume-title":"Knowledge Engineering and Management","author":"Y Qiao","year":"2014","unstructured":"Qiao, Y., Yang, Y., He, J., Tang, C., Liu, Z.: CBM: free, automatic malware analysis framework using API call sequences. In: Sun, F., Li, T., Li, H. (eds.) Knowledge Engineering and Management. AISC, vol. 214, pp. 225\u2013236. Springer, Heidelberg (2014)"}],"container-title":["Lecture Notes in Computer Science","Algorithms and Architectures for Parallel Processing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-27161-3_42","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,31]],"date-time":"2019-05-31T11:43:43Z","timestamp":1559303023000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-27161-3_42"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319271606","9783319271613"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-27161-3_42","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]}}}