{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T12:46:11Z","timestamp":1725540371921},"publisher-location":"Berlin, Heidelberg","reference-count":9,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642051968"},{"type":"electronic","value":"9783642051975"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-05197-5_16","type":"book-chapter","created":{"date-parts":[[2009,11,2]],"date-time":"2009-11-02T09:20:49Z","timestamp":1257153649000},"page":"224-236","source":"Crossref","is-referenced-by-count":2,"title":["RKRD: Runtime Kernel Rootkit Detection"],"prefix":"10.1007","author":[{"given":"Satyajit","family":"Grover","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hormuzd","family":"Khosravi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Divya","family":"Kolar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Samuel","family":"Moffat","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael E.","family":"Kounavis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"16_CR1","series-title":"Lecture Notes in Computer Science","first-page":"17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"X. Wang","year":"2005","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 17\u201336. Springer, Heidelberg (2005)"},{"key":"16_CR2","unstructured":"Microsoft Corporation. Microsoft portable executable and common object file format specification (2006), \n                    \n                      http:\/\/www.microsoft.com\/whdc\/system\/platform\/firm-ware\/PECOFF.mspx"},{"key":"16_CR3","unstructured":"Microsoft Corporation. Kernel enhancements for windows vista and windows server 2008 (2007), \n                    \n                      http:\/\/www.microsoft.com\/whdc\/system\/vista\/kernel-en.mspx"},{"key":"16_CR4","unstructured":"Microsoft Corporation. Enumdevicedrivers function (windows) (2008), \n                    \n                      http:\/\/msdn2.microsoft.com\/en-us\/library\/ms682617VS.85.aspx"},{"key":"16_CR5","unstructured":"Hardjono, T., Smith, N.: TCG infrastructure working group architecture part ii \u2013 integrity management. Specification, Trusted Computing Group (2006), \n                    \n                      https:\/\/www.trustedcomputinggroup.org\/specs\/IWG\/IWGArchitecturePartIIv1.0.pdf"},{"key":"16_CR6","unstructured":"Petroni Jr., N.L., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot - a coprocessor-based kernel runtime integrity monitor. In: USENIX Security Symposium, pp. 179\u2013194. USENIX (2004)"},{"key":"16_CR7","unstructured":"Rutkowska, J.: System virginity verifier, defining the roadmap for malware detection on windows system, Kuala Lumpur, Malaysia (September 2005)"},{"key":"16_CR8","unstructured":"Rutkowska, J.: Beyond the CPU: Defeating hardware based RAM acquisition tools. In: BlackHat DC 2007 (February 2007)"},{"key":"16_CR9","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1145\/1294261.1294294","volume-title":"SOSP","author":"A. Seshadri","year":"2007","unstructured":"Seshadri, A., Luk, M., Qu, N., Perrig, A.: Secvisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSs. In: Bressoud, T.C., Frans Kaashoek, M. (eds.) SOSP, pp. 335\u2013350. ACM, New York (2007)"}],"container-title":["Communications in Computer and Information Science","e-Business and Telecommunications"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-05197-5_16.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T11:23:03Z","timestamp":1619781783000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-05197-5_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642051968","9783642051975"],"references-count":9,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-05197-5_16","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2009]]}}}