{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T06:10:42Z","timestamp":1725516642930},"publisher-location":"Berlin, Heidelberg","reference-count":37,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540705413"},{"type":"electronic","value":"9783540705420"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-70542-0_9","type":"book-chapter","created":{"date-parts":[[2008,8,12]],"date-time":"2008-08-12T12:07:43Z","timestamp":1218542863000},"page":"164-185","source":"Crossref","is-referenced-by-count":10,"title":["Expanding\u00a0Malware\u00a0Defense\u00a0by Securing\u00a0Software\u00a0Installations"],"prefix":"10.1007","author":[{"given":"Weiqing","family":"Sun","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R.","family":"Sekar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhenkai","family":"Liang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"V. N.","family":"Venkatakrishnan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"9_CR1","unstructured":"Linux rootkits, \n \n http:\/\/www.eviltime.com\/download.php?page=hacking&subpage=rootkits"},{"key":"9_CR2","unstructured":"Linux v-server, \n \n http:\/\/linux-vserver.org"},{"key":"9_CR3","unstructured":"Xnest, \n \n http:\/\/www.xfree86.org\/4.2.0\/Xnest.1.html"},{"key":"9_CR4","unstructured":"Acharya, A., Raje, M.: Mapbox: Using parameterized behavior classes to confine applications. In: USENIX Security Symposium (2000)"},{"key":"9_CR5","unstructured":"Alcatraz, \n \n http:\/\/www.seclab.cs.sunysb.edu"},{"key":"9_CR6","unstructured":"Alexandrov, A., Kmiec, P., Schauser, K.: Consh: A confined execution environment for internet computations (1998)"},{"key":"9_CR7","unstructured":"Altiris. Software virtualization solution (2005), \n \n http:\/\/www.altiris.com"},{"key":"9_CR8","unstructured":"Badger, L., Sterne, D.F., Sherman, D.L., Walker, K.M., Haghighat, S.A.: A domain and type enforcement unix prototype. In: USENIX Computing Systems, pp. 127\u2013140 (1995)"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: ACM Symposium on Operating systems principles, pp. 164\u2013177 (2003)","DOI":"10.1145\/945445.945462"},{"key":"9_CR10","unstructured":"Boebert, W.E., Kain, R.Y.: A practical alternative to hierarchical integrity policies. In: Proceedings of the 8th National Computer Security Conference, pp. 18\u201327 (1985)"},{"key":"9_CR11","unstructured":"Chien, E.: Techniques of adware and spyware. Symantec (April 2005)"},{"key":"9_CR12","unstructured":"Dan, A., Mohindra, A., Ramaswami, R., Sitaram, D.: Chakravyuha: A sandbox operating system for the controlled execution of alien code. Technical report, IBM T.J. Watson research center (1997)"},{"key":"9_CR13","unstructured":"Dike, J.: A User-Mode port of the linux kernel. In: Proceedings of the 4th Annual Showcase and Conference (LINUX 2000), Berkeley, CA, October 10\u201314, 2000, pp. 63\u201372 (2000)"},{"key":"9_CR14","unstructured":"Dolstra, E., de Jonge, M., Visser, E.: Nix: A safe and policy-free system for software deployment. In: LISA, pp. 79\u201392 (2004)"},{"key":"9_CR15","unstructured":"Eduardo, F.: Checkinstall (2004), \n \n http:\/\/asic-linux.com.mx\/~izto\/checkinstall\/"},{"key":"9_CR16","unstructured":"The fedora.us buildsystem, \n \n http:\/\/enrico-scholz.de\/fedora.us-build\/html\/"},{"key":"9_CR17","unstructured":"Goldberg, I., Wagner, D., Thomas, R., Brewer, E.A.: A secure environment for untrusted helper applications: confining the wily hacker. In: USENIX Security Symposium (1996)"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11859802_9","volume-title":"Advances in Computer Systems Architecture","author":"F. Hsu","year":"2006","unstructured":"Hsu, F., Ristenpart, T., Chen, H.: Back to the future: A framework for automatic malware removal and system repair. In: Jesshope, C., Egan, C. (eds.) ACSAC 2006. LNCS, vol.\u00a04186. Springer, Heidelberg (2006)"},{"key":"9_CR19","unstructured":"Kamp, P.H., Watson, R.N.M.: Jails: Confining the omnipotent root. In: Proceedings of the 2nd International SANE Conference (2000)"},{"key":"9_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/3-540-36532-X_8","volume-title":"Software Security \u2013 Theories and Systems","author":"K. Kato","year":"2003","unstructured":"Kato, K., Oyama, Y.: Softwarepot: An encapsulated transferable file system for secure software circulation. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds.) ISSS 2002. LNCS, vol.\u00a02609, pp. 112\u2013132. Springer, Heidelberg (2003)"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Li, N., Mao, Z., Chen, H.: Usable mandatory integrity protection for operating systems. In: IEEE Symposium on Security and Privacy (2007)","DOI":"10.1109\/SP.2007.37"},{"key":"9_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"182","DOI":"10.1007\/3-540-36606-7","volume-title":"Advances in Computer Systems Architecture","author":"Z. Liang","year":"2003","unstructured":"Liang, Z., Venkatakrishnan, V.N., Sekar, R.: Isolated program execution: An application transparent approach for executing untrusted programs. In: Omondi, A.R., Sedukhin, S. (eds.) ACSAC 2003. LNCS, vol.\u00a02823, pp. 182\u2013191. Springer, Heidelberg (2003)"},{"key":"9_CR23","unstructured":"Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the Linux o perating system. In: Proc. FREENIX track of the 2001 Usenix Annual Technical Conference (2001)"},{"key":"9_CR24","unstructured":"PHCN. Fedora-redhat fake security alert \/ trojan source code analysis (2004), \n \n http:\/\/www.phcn.ws\/main\/include.php?path=content\/articles.php&contentid=120&PHCN="},{"key":"9_CR25","unstructured":"Prevelakis, V., Spinellis, D.: Sandboxing applications. In: Proceedings of Usenix Annual Technical Conference: FREENIX Track (2001)"},{"key":"9_CR26","unstructured":"Price, D., Tucker, A.: Solaris zones: Operating system support for consolidating commercial workloads. In: LISA, pp. 241\u2013254. USENIX (2004)"},{"key":"9_CR27","unstructured":"Provos, N.: Improving host security with system call policies. In: Proceedings of the 11th USENIX Security Symposium, pp. 257\u2013272 (2003)"},{"key":"9_CR28","unstructured":"Safford, D., Zohar, M.: A trusted linux client (tlc) (2005)"},{"issue":"1","key":"9_CR29","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"F.B. Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security\u00a03(1), 30\u201350 (2000)","journal-title":"ACM Transactions on Information and System Security"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Scott, K., Davidson, J.: Safe virtual execution using software dynamic translation. In: Proceedings of Annual Computer Security Applications Conference (2002)","DOI":"10.1109\/CSAC.2002.1176292"},{"key":"9_CR31","doi-asserted-by":"crossref","unstructured":"Sekar, R., Venkatakrishnan, V.N., Basu, S., Bhatkar, S., DuVarney, D.C.: Model carrying code: a practical approach for safe execution of untrusted applications. In: Proceedings of 19th ACM symposium of Operating Systems Principles (SOSP), Bolton Landing, New York (October 2003)","DOI":"10.1145\/945445.945448"},{"key":"9_CR32","unstructured":"Sun, W., Liang, Z., Venkatakrishnan, V.N., Sekar, R.: One-way isolation: An effective approach for realizing safe execution environments. In: NDSS (2005)"},{"key":"9_CR33","doi-asserted-by":"crossref","unstructured":"Sun, W., Sekar, R., Poothia, G., Karandikar, T.: Practical proactive integrity preservation: A basis for malware defense. In: IEEE Symposium on Security and Privacy (May 2008)","DOI":"10.1109\/SP.2008.35"},{"key":"9_CR34","unstructured":"Venkatakrishnan, V.N., Sekar, R., Kamat, T., Tsipa, S., Liang, Z.: An approach for secure software installation. In: Proceedings of the 16th Systems Administration Conference (LISA 2002), Philadelphia, PA, November \u00a03-8, 2002, pp. 219\u2013226 (2002)"},{"key":"9_CR35","unstructured":"Walters, B.: VMware virtual platform. j-LINUX-J\u00a063 (July 1999)"},{"key":"9_CR36","unstructured":"Young, W.D., Telega, P.A., Boebert, W.E., Kain, R.Y.: A verified labeler for the Secure Ada Target. In: Proc. National Computer Security Conference, pp. 55\u201361 (1986)"},{"key":"9_CR37","doi-asserted-by":"crossref","unstructured":"Yu, Y., Guo, F., Nanda, S., Lam, L.c., Chiueh, T.c.: A feather-weight virtual machine for windows applications. In: Proceedings of the 2nd ACM\/USENIX Conference on Virtual Execution Environments (VEE 2006) (June 2006)","DOI":"10.1145\/1134760.1134766"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-70542-0_9.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T00:21:54Z","timestamp":1620001314000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-70542-0_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540705413","9783540705420"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-70542-0_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}