{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T12:44:57Z","timestamp":1743079497958,"version":"3.40.3"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319494449"},{"type":"electronic","value":"9783319494456"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-49445-6_16","type":"book-chapter","created":{"date-parts":[[2016,11,17]],"date-time":"2016-11-17T07:50:31Z","timestamp":1479369031000},"page":"281-300","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["VMI Based Automated Real-Time Malware Detector for Virtualized Cloud Environment"],"prefix":"10.1007","author":[{"given":"M. A.","family":"Ajay Kumara","sequence":"first","affiliation":[]},{"given":"C. D.","family":"Jaidhar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,11,18]]},"reference":[{"issue":"2","key":"16_CR1","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1145\/2431211.2431216","volume":"45","author":"M Pearce","year":"2013","unstructured":"Pearce, M., Zeadally, S., Hunt, R.: Virtualization: Issues, security threats, and solutions. ACM Comput. Surv. (CSUR) 45(2), 17 (2013)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"16_CR2","volume-title":"Malware Detection","author":"P Barford","year":"2007","unstructured":"Barford, P., Yegneswaran, V.: An inside look at botnets. Malware Detection. Springer, New York (2007)"},{"key":"16_CR3","unstructured":"Lanzi, A., Sharif, M.I., Lee, W.: K-Tracer: a system for extracting kernel malware behavior. In: NDSS (2009)"},{"key":"16_CR4","doi-asserted-by":"crossref","unstructured":"Prakash, A., et al.: Manipulating semantic values in kernel data structures: attack assessments and implications. In: 2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE (2013)","DOI":"10.1109\/DSN.2013.6575344"},{"key":"16_CR5","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, X., Dongyan, X.: Stealthy malware detection through vmm-based out-of-the-box semantic view reconstruction. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM (2007)","DOI":"10.1145\/1315245.1315262"},{"key":"16_CR6","unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: NDSS. vol. 3 (2003)"},{"key":"16_CR7","doi-asserted-by":"crossref","unstructured":"Payne, B.D., Martim, D.D.A., Lee, W.: Secure and flexible monitoring of virtual machines. In: Twenty-Third Annual Computer Security Applications Conference, ACSAC 2007. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.4413005"},{"key":"16_CR8","doi-asserted-by":"crossref","unstructured":"Srinivasan, D., et al.: Process out-grafting: an efficient out-of-VM approach for fine-grained process execution monitoring. In: Proceedings of the 18th ACM Conference on Computer and Communications Security. ACM (2011)","DOI":"10.1145\/2046707.2046751"},{"key":"16_CR9","doi-asserted-by":"crossref","unstructured":"Dolan-Gavitt, B., et al.: Virtuoso: narrowing the semantic gap in virtual machine introspection. In: 2011 IEEE Symposium on Security and Privacy. IEEE (2011)","DOI":"10.1109\/SP.2011.11"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Jain, B., et al.: SoK: introspections on trust and the semantic gap. In: 2014 IEEE Symposium on Security and Privacy. IEEE (2014)","DOI":"10.1109\/SP.2014.45"},{"issue":"2","key":"16_CR11","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1145\/2516951.2505124","volume":"16","author":"Y Fu","year":"2013","unstructured":"Fu, Y., Lin, Z.: Bridging the semantic gap in virtual machine introspection via online kernel data redirection. ACM Trans. Inf. Syst. Secur. (TISSEC) 16(2), 7 (2013)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"16_CR12","doi-asserted-by":"crossref","unstructured":"Saberi, A., Yangchun, F., Lin, Z.: HYBRID-BRIDGE: Efficiently bridging the semantic gap in virtual machine introspection via decoupled execution and training memoization. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS-2014) (2014)","DOI":"10.14722\/ndss.2014.23226"},{"issue":"1","key":"16_CR13","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/2775111","volume":"48","author":"E Bauman","year":"2015","unstructured":"Bauman, E., Ayoade, G., Lin, Z.: A Survey on Hypervisor-Based Monitoring: approaches, applications, and evolutions. ACM Comput. Surv. (CSUR) 48(1), 10 (2015)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"16_CR14","unstructured":"Goudey, H.: Threat Report: Rootkits. \n                      https:\/\/www.microsoft.com\/en-in\/download\/details.aspx?id=34797"},{"key":"16_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"304","DOI":"10.1007\/978-3-642-04342-0_16","volume-title":"Recent Advances in Intrusion Detection","author":"C Xuan","year":"2009","unstructured":"Xuan, C., Copeland, J., Beyah, R.: Toward revealing kernel malware behavior in virtual execution environments. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 304\u2013325. Springer, Heidelberg (2009). doi:\n                      10.1007\/978-3-642-04342-0_16"},{"key":"16_CR16","doi-asserted-by":"crossref","unstructured":"Jones, S.T., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: VMM-based hidden process detection and identification using Lycosid. In: Proceedings of the fourth ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments. ACM (2008)","DOI":"10.1145\/1346256.1346269"},{"key":"16_CR17","unstructured":"Richer, T.J., Neale, G., Osborne, G.: On the effectiveness of virtualisation assisted view comparison for rootkit detection. In: Proceedings of the 13th Australasian Information Security Conference (AISC 2015), vol. 27, p. 30 (2015)"},{"key":"16_CR18","doi-asserted-by":"crossref","unstructured":"Wu, R., et al.: System call redirection: A practical approach to meeting real-world virtual machine introspection needs. In: 2014 44th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. IEEE (2014)","DOI":"10.1109\/DSN.2014.59"},{"key":"16_CR19","doi-asserted-by":"publisher","first-page":"S85","DOI":"10.1016\/j.diin.2014.05.016","volume":"11","author":"F Westphal","year":"2014","unstructured":"Westphal, F., et al.: VMI-PL: a monitoring language for virtual platforms using virtual machine introspection. Digital Invest. 11, S85\u2013S94 (2014)","journal-title":"Digital Invest."},{"key":"16_CR20","unstructured":"Fu, Y., Zeng, J., Lin, Z.: HYPERSHELL: a practical hypervisor layer guest OS shell for automated in-VM management. In: 2014 USENIX Annual Technical Conference (USENIX ATC 2014) (2014)"},{"key":"16_CR21","unstructured":"Jones, S.T., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: Antfarm: tracking processes in a virtual machine environment. In: USENIX Annual Technical Conference, General Track (2006)"},{"key":"16_CR22","unstructured":"Litty, L., Andres Lagar-Cavilla, H., Lie, D.: Hypervisor support for identifying covertly executing binaries. In: USENIX Security Symposium (2008)"},{"key":"16_CR23","unstructured":"Wang, Y.-M., et al.: Detecting stealth software with strider ghostbuster. 2005 International Conference on Dependable Systems and Networks (DSN 2005). IEEE (2005)"},{"key":"16_CR24","doi-asserted-by":"crossref","unstructured":"Lamps, J., Palmer, I., Sprabery, R.: WinWizard: expanding Xen with a LibVMI intrusion detection tool. In: 2014 IEEE 7th International Conference on Cloud Computing. IEEE (2014)","DOI":"10.1109\/CLOUD.2014.117"},{"key":"16_CR25","unstructured":"Vmware, 2011. Vmware, inc. vprobes programming reference. \n                      http:\/\/www.vmware.com\/pdf\/ws8_f4_vprobes_reference.pdf"},{"key":"16_CR26","unstructured":"Aneja, A.: Xen hypervisor case study-designing embedded virtualized Intel architecture platforms. Intel, March 2011. \n                      https:\/\/www.intel.in\/content\/dam\/www\/public\/us\/en\/documents\/white-papers\/ia-embedded-virtualized-hypervisor-paper.pdf"}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Applied Cryptography Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-49445-6_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T01:27:12Z","timestamp":1558315632000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-49445-6_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319494449","9783319494456"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-49445-6_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"18 November 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SPACE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security, Privacy, and Applied Cryptography Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hyderabad","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 December 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"space2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}