{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T20:57:42Z","timestamp":1773521862710,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540874027","type":"print"},{"value":"9783540874034","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-87403-4_3","type":"book-chapter","created":{"date-parts":[[2008,9,17]],"date-time":"2008-09-17T11:42:05Z","timestamp":1221651725000},"page":"39-58","source":"Crossref","is-referenced-by-count":53,"title":["Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections"],"prefix":"10.1007","author":[{"given":"Abhinav","family":"Srivastava","sequence":"first","affiliation":[]},{"given":"Jonathon","family":"Giffin","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"3_CR1","doi-asserted-by":"crossref","unstructured":"Baliga, A., Kamat, P., Iftode, L.: Lurking in the shadows: Identifying systemic threats to kernel data. In: IEEE Symposium on Security and Privacy, Oakland, CA (May 2007)","DOI":"10.1109\/SP.2007.25"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: 19 th ACM Symposium on Operating Systems Principles (SOSP), Bolton Landing, NY (October 2003)","DOI":"10.1145\/945445.945462"},{"key":"3_CR3","unstructured":"Bellovin, S.: Distributed firewalls. login (November 1999)"},{"key":"3_CR4","doi-asserted-by":"crossref","unstructured":"Borders, K., Zhao, X., Prakash, A.: Siren: Catching evasive malware. In: IEEE Symposium on Security and Privacy, Oakland, CA (May 2005)","DOI":"10.1109\/SP.2006.37"},{"key":"3_CR5","unstructured":"CERT. TCP SYN Flooding and IP Spoofing Attacks. CERT Advisory CS-1996-21 (Last accessed April 4 , 2008), http:\/\/www.cert.org\/advisories\/CA-1996-21.html"},{"key":"3_CR6","unstructured":"Check Point. ZoneAlarm (Last accessed April 4, 2008), http:\/\/www.zonealarm.com\/store\/content\/home.jsp"},{"key":"3_CR7","unstructured":"Community Developers. Ebtables (Last accessed November 1, 2007), http:\/\/ebtables.sourceforge.net\/"},{"key":"3_CR8","unstructured":"Community Developers. Tripwire (Last accessed November 1, 2007), http:\/\/sourceforge.net\/projects\/tripwire\/"},{"key":"3_CR9","volume-title":"ACM Symposium on Operating Systems Principles (SOSP)","author":"T. Garfinkel","year":"2003","unstructured":"Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: ACM Symposium on Operating Systems Principles (SOSP), October 2003, Bolton Landing, NY (2003)"},{"key":"3_CR10","unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Network and Distributed System Security Symposium (NDSS), San Diego, CA, Feburary (2003)"},{"key":"3_CR11","unstructured":"Garfinkel, T., Rosenblum, M., Boneh, D.: Flexible OS support and applications for trusted computing. In: 9th Hot Topics in Operating Systems (HOTOS), Lihue, HI (May 2003)"},{"key":"3_CR12","unstructured":"Oskoboiny, G.: Whitelist-based spam filtering (Last accessed April 4, 2008), http:\/\/impressive.net\/people\/gerald\/2000\/12\/spam-filtering.html"},{"key":"3_CR13","unstructured":"Grok. Coromputer Dunno (Last accessed April 4, 2008), http:\/\/lists.grok.org.uk\/pipermail\/full-disclosure\/attachments\/20070911\/87396911\/attachment-0001.txt"},{"key":"3_CR14","unstructured":"Honeynet Project. Q8 (Last accessed April 4, 2008), http:\/\/www.honeynet.org\/papers\/bots\/"},{"key":"3_CR15","doi-asserted-by":"crossref","unstructured":"Ioannidis, S., Keromytis, A., Bellovin, S., Smith, J.: Implementing a distributed firewall. In: ACM Conference on Computer and Communications Security (CCS), Athens, Greece (November 2000)","DOI":"10.1145\/352600.353052"},{"key":"3_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1007\/978-3-540-74320-0_11","volume-title":"Recent Advances in Intrusion Detection","author":"X. Jiang","year":"2007","unstructured":"Jiang, X., Wang, X.: Out-of-the-box monitoring of VM-based high-interaction honeypots. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 198\u2013218. Springer, Heidelberg (2007)"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, X., Xu, D.: Stealthy malware detection through VMM-based \u2018out-of-the-box\u2019 semantic view. In: 14 th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA (November 2007)","DOI":"10.1145\/1315245.1315262"},{"key":"3_CR18","unstructured":"LKCD Project. LKCD - Linux Kernel Crash Dump (Last accessed April 4, 2008), http:\/\/lkcd.sourceforge.net\/"},{"key":"3_CR19","doi-asserted-by":"crossref","unstructured":"Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux kernel integrity measurement using contextual inspection. In: 2 nd ACM Workshop on Scalable Trusted Computing (STC), Alexandria, VA (November 2007)","DOI":"10.1145\/1314354.1314362"},{"key":"3_CR20","unstructured":"McAfee. BackDoor-Rev.b. (Last accessed April 4, 2008), http:\/\/vil.nai.com\/vil\/Content\/v_136510.htm"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Mogul, J., Rashid, R., Accetta, M.: The packet filter: An efficient mechanism for user-level network code. In: ACM Symposium on Operating Systems Principles (SOSP), Austin, TX (November 1987)","DOI":"10.1145\/41457.37505"},{"key":"3_CR22","unstructured":"Packet Storm (Last accessed April 4, 2008), http:\/\/packetstormsecurity.org\/UNIX\/penetration\/rootkits\/bdoor.c,blackhole.c,cheetah.c,server.c,ovas0n.c"},{"key":"3_CR23","unstructured":"Packet Storm (Last accessed April 4, 2008), http:\/\/packetstormsecurity.org\/0209-exploits\/apache-ssl-bug.c,apache-linux.txt"},{"key":"3_CR24","unstructured":"Packet Storm. Kaiten (Last accessed April 4, 2008), http:\/\/packetstormsecurity.org\/irc\/kaiten.c"},{"key":"3_CR25","doi-asserted-by":"crossref","unstructured":"Payne, B.D., Carbone, M., Lee, W.: Secure and flexible monitoring of virtual machines. In: 23 rd Annual Computer Security Applications Conference (ACSAC), Miami, FL (December 2007)","DOI":"10.1109\/ACSAC.2007.10"},{"key":"3_CR26","unstructured":"Petroni Jr., N.L., Fraser, T., Walters, A., Arbaugh, W.A.: An architecture for specification-based detection of semantic integrity violations in kernel dynamic data. In: 15 th USENIX Security Symposium, Vancouver, BC, Canada (August 2006)"},{"key":"3_CR27","doi-asserted-by":"crossref","unstructured":"Petroni Jr., N.L., Hicks, M.: Automated detection of persistent kernel control-flow attacks. In: 14 th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA (November 2007)","DOI":"10.1145\/1315245.1315260"},{"key":"3_CR28","unstructured":"Ta-Min, R., Litty, L., Lie, D.: Splitting interfaces: Making trust between applications and operating systems configurable. In: Symposium on Operating System Design and Implementation (OSDI), Seattle, WA (October 2006)"},{"key":"3_CR29","unstructured":"Venema, W.: TCP wrapper: Network monitoring, access control and booby traps. In: USENIX UNIX Security Symposium, Baltimore, MD (September 1992)"},{"key":"3_CR30","unstructured":"Whitaker, A., Cox, R.S., Shaw, M., Gribble, S.D.: Constructing services with interposable virtual hardware. In: 1st Symposium on Networked Systems Design and Implementation (NSDI), San Francisco, CA (March 2004)"},{"key":"3_CR31","unstructured":"XenAccess Project. XenAccess Library (Last accessed April 4, 2008), http:\/\/xenaccess.sourceforge.net\/"},{"key":"3_CR32","doi-asserted-by":"crossref","unstructured":"Xu, M., Jiang, X., Sandhu, R., Zhang, X.: Towards a VMM-based usage control framework for OS kernel integrity protection. In: 12th ACM Symposium on Access Control Models and Technologies (SACMAT), Sophia Antipolis, France (June 2007)","DOI":"10.1145\/1266840.1266852"},{"key":"3_CR33","doi-asserted-by":"crossref","unstructured":"Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: Capturing system-wide information flow for malware detection and analysis. In: ACM Conference on Computer and Communications Security (CCS), Arlington, VA (October 2007)","DOI":"10.1145\/1315245.1315261"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-87403-4_3.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:37:29Z","timestamp":1606185449000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-87403-4_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540874027","9783540874034"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-87403-4_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[]}}