{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T04:54:45Z","timestamp":1755838485376,"version":"3.40.3"},"publisher-location":"Cham","reference-count":46,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319288642"},{"type":"electronic","value":"9783319288659"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-28865-9_8","type":"book-chapter","created":{"date-parts":[[2016,1,23]],"date-time":"2016-01-23T03:40:02Z","timestamp":1453520402000},"page":"135-154","source":"Crossref","is-referenced-by-count":9,"title":["Kernel Data Attack Is a Realistic Security Threat"],"prefix":"10.1007","author":[{"given":"Jidong","family":"Xiao","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hai","family":"Huang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haining","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"8_CR1","unstructured":"2 million facebook, gmail and twitter passwords stolen in massive hack (2013). \n                    http:\/\/money.cnn.com\/2013\/12\/04\/technology\/security\/passwords-stolen\/"},{"key":"8_CR2","unstructured":"Bailey, K., Ceze, L., Gribble, S. D., Levy, H. M.: Operating system implications of fast, cheap, non-volatile memory. In: Proceedings of the 13th USENIX Conference on Hot topics in Operating Systems (HotOS), pp. 2\u20137. USENIX Association (2011)"},{"key":"8_CR3","doi-asserted-by":"crossref","unstructured":"Baliga, A., Ganapathy, V., Iftode, L.: Automatic inference and enforcement of kernel data structure invariants. In: Annual Computer Security Applications Conference (ACSAC), pp. 77\u201386. IEEE (2008)","DOI":"10.1109\/ACSAC.2008.29"},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Baliga, A., Kamat, P., Iftode, L.: Lurking in the shadows: identifying systemic threats to kernel data. In: IEEE Symposium on Security and Privacy (SP), pp. 246\u2013251. IEEE (2007)","DOI":"10.1109\/SP.2007.25"},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Berger, Y., Wool, A., Yeredor, A.: Dictionary attacks using keyboard acoustic emanations. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pp. 245\u2013254. ACM (2006)","DOI":"10.1145\/1180405.1180436"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Bianchi, A., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Blacksheep: detecting compromised hosts in homogeneous crowds. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 341\u2013352. ACM (2012)","DOI":"10.1145\/2382196.2382234"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Caulfield, A.M., De, A., Coburn, J., Mollow, T.I., Gupta, R.K., Swanson, S.: Moneta: a high-performance storage array architecture for next-generation, non-volatile memories. In: Proceedings of the 43rd Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO), pp. 385\u2013395. IEEE Computer Society (2010)","DOI":"10.1109\/MICRO.2010.33"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), pp. 559\u2013572. ACM (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"8_CR9","unstructured":"Chen, S., Xu, J., Sezer, E.C., Gauriar, P., Iyer, R.K.: Non-control-data attacks are realistic threats. In: Proceedings of the 14th Conference on USENIX Security Symposium, p. 12 (2005)"},{"key":"8_CR10","unstructured":"Cox, M.: Red hat\u2019s top 11 most serious flaw types for 2009 (2010). \n                    https:\/\/lwn.net\/Articles\/374752\/"},{"key":"8_CR11","unstructured":"Cuadro cpu benchmark. \n                    http:\/\/sourceforge.net\/projects\/cuadrocpubenchm"},{"key":"8_CR12","unstructured":"Elhage, N.: Much ado about null: Exploiting a kernel null dereference. \n                    https:\/\/blogs.oracle.com\/ksplice\/entry\/much_ado_about_null_exploiting1"},{"key":"8_CR13","unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the 10th Annual Symposium on Network and Distributed Systems Security (NDSS), pp. 191\u2013206 (2003)"},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Gu, Z., Sumner, W.N., Deng, Z., Zhang, X., Drip, D.: A framework for purifying trojaned kernel drivers. In: Proceedings of the 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE (2013)","DOI":"10.1109\/DSN.2013.6575342"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Hofmann, O., Dunn, A., Kim, S., Roy, I., Witchel, E.: Ensuring operating system kernel integrity with osck. In: Proceedings of the Sixteenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 279\u2013290. ACM (2011)","DOI":"10.1145\/1950365.1950398"},{"key":"8_CR16","unstructured":"Kang, M.G., McCamant, S., Poosankam, P., Song, D.: Dta++: dynamic taint analysis with targeted control-flow propagation. In: Proceedings of the 18th Annual Symposium on Network and Distributed Systems Security (NDSS) (2011)"},{"key":"8_CR17","doi-asserted-by":"crossref","unstructured":"Kim, G.H., Spafford, E.H.: The design, implementation of tripwire: a file system integrity checker. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security (CCS), pp. 18\u201329. ACM (1994)","DOI":"10.1145\/191177.191183"},{"key":"8_CR18","unstructured":"Ladakis, E., Koromilas, L., Vasiliadis, G., Polychronakis, M., Ioannidis, S.: You can type, but you can\u2019t hide: a stealthy gpu-based keylogger. In: Proceedings of the 6th European Workshop on System Security (EuroSec) (2013)"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Li, J., Wang, Z., Jiang, X., Grace, M., Bahram, S.: Defeating return-oriented rootkits with return-less kernels. In: Proceedings of the 5th European Conference on Computer Systems (EuroSys), pp. 195\u2013208. ACM (2010)","DOI":"10.1145\/1755913.1755934"},{"key":"8_CR20","unstructured":"Linux kernel \u2019sock\n                    \n                      \n                    \n                    $$\\_$$\n                  sendpage()\u2019 null pointer dereference vulnerability. \n                    http:\/\/www.securityfocus.com\/bid\/36038"},{"key":"8_CR21","doi-asserted-by":"crossref","unstructured":"Liu, R., Shen, D., Yang, C., Yu, S., Wang, C.M.: Nvm duet: unified working memory and persistent store architecture. In: Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 455\u2013470. ACM (2014)","DOI":"10.1145\/2541940.2541957"},{"key":"8_CR22","doi-asserted-by":"crossref","unstructured":"Liu, Z., Lee, J., Zeng, J., Wen, Y., Lin, Z., Shi, W.: Cpu transparent protection of os kernel and hypervisor integrity with programmable dram. In: Proceedings of the 40th Annual International Symposium on Computer Architecture (ISCA), pp. 392\u2013403. ACM\/IEEE (2013)","DOI":"10.1145\/2485922.2485956"},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Moon, H., Lee, H., Lee, J., Kim, K., Paek, Y., Kang, B.B.: Vigilare: toward snoop-based kernel integrity monitor. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 28\u201337. ACM (2012)","DOI":"10.1145\/2382196.2382202"},{"key":"8_CR24","unstructured":"Newsome, J., Song, D.X.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: Proceedings of the 13th Annual Symposium on Network and Distributed System Security Symposium (NDSS) (2005)"},{"key":"8_CR25","unstructured":"Ormandy, T.: Another kernel null pointer vulnerability. \n                    http:\/\/lwn.net\/Articles\/347006\/"},{"key":"8_CR26","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Smashing the gadgets: hindering return-oriented programming using in-place code randomization. In: IEEE Symposium on Security and Privacy (SP), pp. 601\u2013615. IEEE (2012)","DOI":"10.1109\/SP.2012.41"},{"key":"8_CR27","unstructured":"Petroni, Jr., N.L., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot-a coprocessor-based kernel runtime integrity monitor. In: Proceedings of the 13th Conference on USENIX Security Symposium, pp. 179\u2013194 (2004)"},{"key":"8_CR28","unstructured":"Petroni, Jr., N.L., Fraser, T., Walters, A., Arbaugh, W.A.: An architecture for specification-based detection of semantic integrity violations in kernel dynamic data. In: Proceedings of the 15th Conference on USENIX Security Symposium, pp. 15\u201322 (2006)"},{"key":"8_CR29","doi-asserted-by":"crossref","unstructured":"Petroni, Jr., N.L., Hicks, M.: Automated detection of persistent kernel control-flow attacks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pp. 103\u2013115. ACM (2007)","DOI":"10.1145\/1315245.1315260"},{"key":"8_CR30","unstructured":"Raywood, D.: Sinowal trojan steals data from around 500,000 cards and accounts. SC Magazine (2008)"},{"key":"8_CR31","unstructured":"rd. Writing linux kernel keylogger. \n                    https:\/\/www.thc.org\/papers\/writing-linux-kernel-keylogger.txt"},{"key":"8_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-87403-4_1","volume-title":"Recent Advances in Intrusion Detection","author":"R Riley","year":"2008","unstructured":"Riley, R., Jiang, X., Xu, D.: Guest-transparent prevention of kernel rootkits with vmm-based memory shadowing. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 1\u201320. Springer, Heidelberg (2008)"},{"key":"8_CR33","unstructured":"Rosenberg, D.: Interesting kernel exploit posted. \n                    https:\/\/lwn.net\/Articles\/419141\/"},{"key":"8_CR34","unstructured":"Rosenberg, D.: Linux kernel<= 2.6.37 - local privilege escalation. \n                    http:\/\/www.exploit-db.com\/exploits\/15704\/"},{"key":"8_CR35","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: Q: exploit hardening made easy. In: Proceedings of the 20th Conference on USENIX Security Symposium (2011)"},{"key":"8_CR36","doi-asserted-by":"crossref","unstructured":"Slowinska, A., Bos, H.: Pointless tainting?: evaluating the practicality of pointer tainting. In: Proceedings of the 4th ACM European Conference on Computer systems (EuroSys), pp. 61\u201374. ACM (2009)","DOI":"10.1145\/1519065.1519073"},{"key":"8_CR37","unstructured":"Spengler, B.: On exploiting null ptr derefs, disabling selinux, and silently fixedlinux vulns. \n                    http:\/\/seclists.org\/dailydave\/2007\/q1\/224"},{"key":"8_CR38","unstructured":"Venkataraman, S., Tolia, N., Ranganathan, P., Campbell, R.H., et al.: Consistent and durable data structures for non-volatile byte-addressable memory. In: Proceedings of the 9th USENIX Conference on File and Storage Technologies (FAST), pp. 61\u201375 (2011)"},{"key":"8_CR39","doi-asserted-by":"crossref","unstructured":"Vogl, S., Pfoh, J., Kittel, T., Eckert, C.: Persistent data-only malware: function hooks without code. In: Symposium on Network and Distributed System Security (NDSS) (2014)","DOI":"10.14722\/ndss.2014.23019"},{"key":"8_CR40","unstructured":"Vuagnoux, M., Pasini, S.: Compromising electromagnetic emanations of wired and wireless keyboards. In: Proceedings of the 18th Conference on USENIX Security Symposium, pp. 1\u201316 (2009)"},{"key":"8_CR41","unstructured":"Wang, H.J., Platt, J.C., Chen, Y., Zhang, R., Wang, Y.-M.: Automatic misconfiguration troubleshooting with peerpressure. In: Proceedings of the 6th USENIX Conference on Operating Systems Design and Implementation (OSDI), vol. 4, pp. 245\u2013257 (2004)"},{"key":"8_CR42","doi-asserted-by":"crossref","unstructured":"Wang, Z., Jiang, X., Cui, W., Ning, P.: Countering kernel rootkits with lightweight hook protection. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), pp. 545\u2013554. ACM (2009)","DOI":"10.1145\/1653662.1653728"},{"key":"8_CR43","doi-asserted-by":"crossref","unstructured":"J. Xiao, Xu, Z., Huang, H., Wang, H.: Security implications of memory deduplication in a virtualized environment. In: Proceedings of the 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1\u201312. IEEE (2013)","DOI":"10.1109\/DSN.2013.6575349"},{"key":"8_CR44","unstructured":"Yin, H., Liang, Z., Song, D.: HookFinder: identifying and understanding malware hooking behaviors. In: Proceedings of the 15th Annual Symposium on Network and Distributed Systems Security (NDSS) (2008)"},{"key":"8_CR45","doi-asserted-by":"crossref","unstructured":"Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pp. 116\u2013127. ACM (2007)","DOI":"10.1145\/1315245.1315261"},{"key":"8_CR46","doi-asserted-by":"crossref","unstructured":"Zhuang, L., Zhou, F., Tygar, J.D.: Keyboard acoustic emanations revisited. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), pp. 373\u2013382. ACM (2005)","DOI":"10.1145\/1102120.1102169"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-28865-9_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T07:18:35Z","timestamp":1559373515000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-28865-9_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319288642","9783319288659"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-28865-9_8","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2015]]}}}