{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:05:50Z","timestamp":1740096350747,"version":"3.37.3"},"publisher-location":"Berlin, Heidelberg","reference-count":16,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642386305"},{"type":"electronic","value":"9783642386312"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-38631-2_13","type":"book-chapter","created":{"date-parts":[[2013,5,27]],"date-time":"2013-05-27T00:37:49Z","timestamp":1369615069000},"page":"164-177","source":"Crossref","is-referenced-by-count":12,"title":["Towards Hybrid Honeynets via Virtual Machine Introspection and Cloning"],"prefix":"10.1007","author":[{"given":"Tamas K.","family":"Lengyel","sequence":"first","affiliation":[]},{"given":"Justin","family":"Neumann","sequence":"additional","affiliation":[]},{"given":"Steve","family":"Maresca","sequence":"additional","affiliation":[]},{"given":"Aggelos","family":"Kiayias","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"doi-asserted-by":"crossref","unstructured":"Bahram, S., Jiang, X., Wang, Z., Grace, M., Li, J., Srinivasan, D., Rhee, J., Xu, D.: Dksm: Subverting virtual machine introspection for fun and profit. In: Proceedings of the 2010 29th IEEE Symposium on Reliable Distributed Systems, SRDS 2010, pp. 82\u201391. IEEE Computer Society, Washington, DC (2010), \n                      \n                        http:\/\/dx.doi.org\/10.1109\/SRDS.2010.39","key":"13_CR1","DOI":"10.1109\/SRDS.2010.39"},{"key":"13_CR2","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1145\/2381913.2381916","volume-title":"Proceedings of the 2012 ACM Workshop on Cloud Computing Security Workshop, CCSW 2012","author":"S. Biedermann","year":"2012","unstructured":"Biedermann, S., Mink, M., Katzenbeisser, S.: Fast dynamic extracted honeypots in cloud computing. In: Proceedings of the 2012 ACM Workshop on Cloud Computing Security Workshop, CCSW 2012, pp. 13\u201318. ACM, New York (2012), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/2381913.2381916"},{"key":"13_CR3","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1109\/HOTOS.2001.990073","volume-title":"Proceedings of the Eighth Workshop on Hot Topics in Operating Systems, HOTOS 2001","author":"P.M. Chen","year":"2001","unstructured":"Chen, P.M., Noble, B.D.: When virtual is better than real. In: Proceedings of the Eighth Workshop on Hot Topics in Operating Systems, HOTOS 2001, pp. 133\u2013138. IEEE Computer Society, Washington, DC (2001), \n                      \n                        http:\/\/dl.acm.org\/citation.cfm?id=874075.876409"},{"unstructured":"Dinaburg, A., Royal, P., Sharif, M.I., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM Conference on Computer and Communications Security, pp. 51\u201362. ACM (2008), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/1455770.1455779","key":"13_CR4"},{"unstructured":"Dolan-Gavitt, B., Leek, T., Zhivich, M., Giffin, J.T., Lee, W.: Virtuoso: Narrowing the semantic gap in virtual machine introspection. In: IEEE Symposium on Security and Privacy, pp. 297\u2013312. IEEE Computer Society (2011), \n                      \n                        http:\/\/doi.ieeecomputersociety.org\/10.1109\/SP.2011.11","key":"13_CR5"},{"key":"13_CR6","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1145\/1653662.1653730","volume-title":"Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009","author":"B. Dolan-Gavitt","year":"2009","unstructured":"Dolan-Gavitt, B., Srivastava, A., Traynor, P., Giffin, J.: Robust signatures for kernel data structures. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 566\u2013577. ACM, New York (2009), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/1653662.1653730"},{"unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: NDSS. The Internet Society (2003), \n                      \n                        http:\/\/www.isoc.org\/isoc\/conferences\/ndss\/03\/proceedings\/papers\/13.pdf","key":"13_CR7"},{"key":"13_CR8","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S.A. Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Somayaji, A., Forrest, S.: Intrusion detection using sequences of system calls. Journal of Computer Security\u00a06, 151\u2013180 (1998), \n                      \n                        http:\/\/dl.acm.org\/citation.cfm?id=1298084","journal-title":"Journal of Computer Security"},{"unstructured":"Jiang, X., Wang, X., Xu, D.: Stealthy malware detection and monitoring through VMM-based \u201dout-of-the-box\u201d semantic view reconstruction. ACM Trans. Inf. Syst. Secur.\u00a013(2) (2010), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/1698750.1698752","key":"13_CR9"},{"unstructured":"Lagar-Cavilla, H.A.: Xen-devel: Cloning a vm and copy-on-write deduplicating memory using cow page sharing in xen 4+ (February 2, 2012), \n                      \n                        http:\/\/lists.xen.org\/archives\/html\/xen-devel\/2012-02\/msg00259.html","key":"13_CR10"},{"key":"13_CR11","first-page":"1","volume-title":"Proceedings of the 4th ACM European Conference on Computer Systems, EuroSys 2009","author":"H.A. Lagar-Cavilla","year":"2009","unstructured":"Lagar-Cavilla, H.A., Whitney, J.A., Scannell, A.M., Patchin, P., Rumble, S.M., de Lara, E., Brudno, M., Satyanarayanan, M.: Snowflock: rapid virtual machine cloning for cloud computing. In: Proceedings of the 4th ACM European Conference on Computer Systems, EuroSys 2009, pp. 1\u201312. ACM, New York (2009), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/1519065.1519067"},{"key":"13_CR12","first-page":"5","volume-title":"Proceedings of the 5th USENIX Conference on Cyber Security Experimentation and Test, CSET 2012","author":"T.K. Lengyel","year":"2012","unstructured":"Lengyel, T.K., Neumann, J., Maresca, S., Payne, B.D., Kiayias, A.: Virtual machine introspection in a hybrid honeypot architecture. In: Proceedings of the 5th USENIX Conference on Cyber Security Experimentation and Test, CSET 2012, p. 5. USENIX Association, Berkeley (2012), \n                      \n                        http:\/\/dl.acm.org\/citation.cfm?id=2372336.2372343"},{"unstructured":"Payne, B.D., Lee, W.: Secure and flexible monitoring of virtual machines. In: ACSAC, pp. 385\u2013397. IEEE Computer Society (2007), \n                      \n                        http:\/\/ieeexplore.ieee.org\/xpls\/abs_all.jsp?arnumber=4413005","key":"13_CR13"},{"unstructured":"P\u00e9k, G., Bencs\u00e1th, B., Butty\u00e1n, L.: nether: in-guest detection of out-of-the-guest malware analyzers. In: Proceedings of the Fourth European Workshop on System Security, EUROSEC 2011, pp. 3:1\u20133:6. ACM, New York (2011), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/1972551.1972554","key":"13_CR14"},{"key":"13_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-540-87403-4_3","volume-title":"Recent Advances in Intrusion Detection","author":"A. Srivastava","year":"2008","unstructured":"Srivastava, A., Giffin, J.T.: Tamper-resistant, application-aware blocking of malicious network connections. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 39\u201358. Springer, Heidelberg (2008), \n                      \n                        http:\/\/dx.doi.org\/10.1007\/978-3-540-87403-4_3"},{"key":"13_CR16","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1145\/1095810.1095825","volume-title":"Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP 2005","author":"M. Vrable","year":"2005","unstructured":"Vrable, M., Ma, J., Chen, J., Moore, D., Vandekieft, E., Snoeren, A.C., Voelker, G.M., Savage, S.: Scalability, fidelity, and containment in the potemkin virtual honeyfarm. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP 2005, pp. 148\u2013162. ACM, New York (2005), \n                      \n                        http:\/\/doi.acm.org\/10.1145\/1095810.1095825"}],"container-title":["Lecture Notes in Computer Science","Network and System Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-38631-2_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,13]],"date-time":"2019-05-13T03:35:41Z","timestamp":1557718541000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-38631-2_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642386305","9783642386312"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-38631-2_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}