{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:27:28Z","timestamp":1742912848759,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642221903"},{"type":"electronic","value":"9783642221910"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-22191-0_16","type":"book-chapter","created":{"date-parts":[[2011,6,27]],"date-time":"2011-06-27T20:22:53Z","timestamp":1309206173000},"page":"177-189","source":"Crossref","is-referenced-by-count":4,"title":["File Integrity Monitor Scheduling Based on File Security Level Classification"],"prefix":"10.1007","author":[{"given":"Zul Hilmi","family":"Abdullah","sequence":"first","affiliation":[]},{"given":"Nur Izura","family":"Udzir","sequence":"additional","affiliation":[]},{"given":"Ramlan","family":"Mahmod","sequence":"additional","affiliation":[]},{"given":"Khairulmizam","family":"Samsudin","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"unstructured":"Ossec - open source host-based intrusion detection system, http:\/\/www.ossec.net\/","key":"16_CR1"},{"issue":"1","key":"16_CR2","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1109\/TNSM.2004.4623689","volume":"1","author":"E.S. Al-Shaer","year":"2004","unstructured":"Al-Shaer, E.S., Hamed, H.H.: Modeling and management of firewall policies. IEEE Transactions on Network and Service Management\u00a01(1), 2 (2004)","journal-title":"IEEE Transactions on Network and Service Management"},{"key":"16_CR3","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1145\/1455770.1455779","volume-title":"CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security","author":"A. Dinaburg","year":"2008","unstructured":"Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 51\u201362. ACM, New York (2008)"},{"unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proc. Network and Distributed Systems Security Symposium, pp. 191\u2013206 (2003)","key":"16_CR4"},{"unstructured":"Glenn, W.: Windows 2003\/2000\/xp security architecture overview in expert reference series of white papers. Expert reference series of white papers, Global Knowledge Network, Inc. (2005)","key":"16_CR5"},{"doi-asserted-by":"crossref","unstructured":"Hay, A., Cid, D., Bary, R., Northcutt, S.: System integrity check and rootkit detection. In: OSSEC Host-Based Intrusion Detection Guide, Syngress, Burlington, pp. 149\u2013174 (2008)","key":"16_CR6","DOI":"10.1016\/B978-1-59749-240-9.00005-3"},{"issue":"2","key":"16_CR7","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1016\/j.camwa.2010.01.007","volume":"60","author":"H. Jin","year":"2010","unstructured":"Jin, H., Xiang, G., Zou, D., Zhao, F., Li, M., Yu, C.: A guest-transparent file integrity monitoring method in virtualization environment. Comput. Math. Appl.\u00a060(2), 256\u2013266 (2010)","journal-title":"Comput. Math. Appl."},{"key":"16_CR8","first-page":"18","volume-title":"CCS 1994: Proceedings of the 2nd ACM Conference on Computer and communications security","author":"G.H. Kim","year":"1994","unstructured":"Kim, G.H., Spafford, E.H.: The design and implementation of tripwire: a file system integrity checker. In: CCS 1994: Proceedings of the 2nd ACM Conference on Computer and communications security, pp. 18\u201329. ACM, New York (1994)"},{"doi-asserted-by":"crossref","unstructured":"Kim, J., Kim, I., Eom, Y.I.: Nopfit: File system integrity tool for virtual machine using multi-byte nop injection. In: Computational Science and its Applications, International Conference, vol.\u00a00, pp. 335\u2013338 (2010)","key":"16_CR9","DOI":"10.1109\/ICCSA.2010.79"},{"key":"16_CR10","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1145\/1064979.1065006","volume-title":"VEE 2005: Proceedings of the 1st ACM\/USENIX International Conference on Virtual Execution Environments","author":"K. Kourai","year":"2005","unstructured":"Kourai, K., Chiba, S.: Hyperspector: virtual distributed monitoring environments for secure intrusion detection. In: VEE 2005: Proceedings of the 1st ACM\/USENIX International Conference on Virtual Execution Environments, pp. 197\u2013207. ACM, New York (2005)"},{"unstructured":"Microsoft. File classification infrastructure, technical white paper. Technical white paper (2009), http:\/\/www.microsoft.com\/windowsserver2008\/en\/us\/fci.aspx","key":"16_CR11"},{"key":"16_CR12","first-page":"67","volume-title":"Proceedings of the 18th USENIX Conference on System Administration","author":"S. Patil","year":"2004","unstructured":"Patil, S., Kashyap, A., Sivathanu, G., Zadok, E.: I3fs: An in-kernel integrity checker and intrusion detection file system. In: Proceedings of the 18th USENIX Conference on System Administration, pp. 67\u201378. USENIX Association, Berkeley (2004)"},{"key":"16_CR13","first-page":"1","volume-title":"VMSec 2009: Proceedings of the 1st ACM Workshop on Virtual Machine Security","author":"J. Pfoh","year":"2009","unstructured":"Pfoh, J., Schneider, C., Eckert, C.: A formal model for virtual machine introspection. In: VMSec 2009: Proceedings of the 1st ACM Workshop on Virtual Machine Security, pp. 1\u201310. ACM, New York (2009)"},{"key":"16_CR14","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1109\/ICNS.2006.13","volume-title":"Proceedings of the International conference on Networking and Services","author":"N.A. Quynh","year":"2006","unstructured":"Quynh, N.A., Takefuji, Y.: A real-time integrity monitor for xen virtual machine. In: Proceedings of the International conference on Networking and Services, p. 90. IEEE Computer Society, Washington, DC, USA (2006)"},{"key":"16_CR15","first-page":"194","volume-title":"ASIACCS 2007: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security","author":"N.A. Quynh","year":"2007","unstructured":"Quynh, N.A., Takefuji, Y.: A novel approach for a file-system integrity monitor tool of xen virtual machine. In: ASIACCS 2007: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 194\u2013202. ACM, New York (2007)"},{"unstructured":"Rami, L., Marc, H., van den Berg Richard.: The aide manual, http:\/\/www.cs.tut.fi\/~rammer\/aide\/manual.html","key":"16_CR16"},{"key":"16_CR17","volume-title":"Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000 (Pro-Developer)","author":"M.E. Russinovich","year":"2004","unstructured":"Russinovich, M.E., Solomon, D.A.: Microsoft Windows Internals. In: Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000 (Pro-Developer), 4th edn. Microsoft Press, Redmond (2004)","edition":"4"},{"doi-asserted-by":"crossref","unstructured":"Szymczyk, M.: Detecting botnets in computer networks using multi-agent technology. In: Fourth International Conference on Dependability of Computer Systems, DepCos-RELCOMEX 2009, June 30- July 2, pp. 192\u2013201 (2009)","key":"16_CR18","DOI":"10.1109\/DepCoS-RELCOMEX.2009.46"},{"unstructured":"Wichmann, R.: The samhain file integrity \/ host-based intrusion detection system (2006), http:\/\/www.la-samhna.de\/samhain\/","key":"16_CR19"},{"unstructured":"Wotring, B., Potter, B., Ranum, M., Wichmann, R.: Host Integrity Monitoring Using Osiris and Samhain. Syngress Publishing (2005)","key":"16_CR20"},{"key":"16_CR21","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1145\/1866307.1866333","volume-title":"CCS 2010: Proceedings of the 17th ACM Conference on Computer and Communications Security","author":"G. Wurster","year":"2010","unstructured":"Wurster, G., van Oorschot, P.C.: A control point for reducing root abuse of file-system privileges. In: CCS 2010: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 224\u2013236. ACM, New York (2010)"},{"doi-asserted-by":"crossref","unstructured":"Zhao, F., Jiang, Y., Xiang, G., Jin, H., Jiang, W.: Vrfps: A novel virtual machine-based real-time file protection system. In: ACIS International Conference on Software Engineering Research, Management and Applications, pp. 217\u2013224 (2009)","key":"16_CR22","DOI":"10.1109\/SERA.2009.23"},{"key":"16_CR23","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1109\/SISW.2005.17","volume-title":"Proceedings of the Third IEEE International Security in Storage Workshop","author":"X. Zhao","year":"2005","unstructured":"Zhao, X., Borders, K., Prakash, A.: Towards protecting sensitive files in a compromised system. In: Proceedings of the Third IEEE International Security in Storage Workshop, pp. 21\u201328. IEEE Computer Society, Los Alamitos (2005)"}],"container-title":["Communications in Computer and Information Science","Software Engineering and Computer Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-22191-0_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,12]],"date-time":"2019-06-12T08:17:10Z","timestamp":1560327430000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-22191-0_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642221903","9783642221910"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-22191-0_16","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2011]]}}}