{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T08:05:57Z","timestamp":1759133157689,"version":"3.37.3"},"reference-count":36,"publisher":"Springer Science and Business Media LLC","issue":"23","license":[{"start":{"date-parts":[[2017,7,31]],"date-time":"2017-07-31T00:00:00Z","timestamp":1501459200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"name":"Enterprise-University-Research Institute Cooperation Project of Guangdong Province, China","award":["2016B090921001"],"award-info":[{"award-number":["2016B090921001"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61601146"],"award-info":[{"award-number":["61601146"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1007\/s00500-017-2745-x","type":"journal-article","created":{"date-parts":[[2017,7,31]],"date-time":"2017-07-31T06:01:31Z","timestamp":1501480891000},"page":"7977-7987","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Checking virtual machine kernel control-flow integrity using a page-level dynamic tracing approach"],"prefix":"10.1007","volume":"22","author":[{"given":"Dongyang","family":"Zhan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lin","family":"Ye","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Binxing","family":"Fang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hongli","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaojiang","family":"Du","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,7,31]]},"reference":[{"key":"2745_CR1","doi-asserted-by":"publisher","unstructured":"Brindha T, Shaji RS (2016) A secure transaction of cloud data using conditional source trust attributes encryption mechanism. Soft Computing, pp 1\u201310. doi: 10.1007\/s00500-016-2405-6","DOI":"10.1007\/s00500-016-2405-6"},{"key":"2745_CR2","doi-asserted-by":"crossref","unstructured":"Brown A, Chase JS (2011) Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications. In: Proceedings of the 3rd ACM workshop on Cloud computing security workshop, pp 15\u201320","DOI":"10.1145\/2046660.2046665"},{"key":"2745_CR3","doi-asserted-by":"crossref","unstructured":"Butt S, Lagar-Cavilla HA, Srivastava A, Ganapathy V (2012) Self-service cloud computing. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp 253\u2013264","DOI":"10.1145\/2382196.2382226"},{"key":"2745_CR4","first-page":"22","volume-title":"International workshop on recent advances in intrusion detection","author":"M Carbone","year":"2012","unstructured":"Carbone M, Conover M, Montague B, Lee W (2012) Secure and robust monitoring of virtual machines through guest-assisted introspection. International workshop on recent advances in intrusion detection. Springer, Berlin, pp 22\u201341"},{"key":"2745_CR5","doi-asserted-by":"crossref","unstructured":"Danger JL, Guilley S, Porteboeuf T, Praden F, Timbert M (2014) Hcode: hardware-enhanced real-time cfi. In: Proceedings of the 4th ACM program protection and reverse engineering workshop, p 6","DOI":"10.1145\/2689702.2689708"},{"key":"2745_CR6","unstructured":"Distorm. http:\/\/github.com\/gdabah\/distorm Accessed 03 May 2017"},{"issue":"1","key":"2745_CR7","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1016\/j.adhoc.2006.05.012","volume":"5","author":"X Du","year":"2007","unstructured":"Du X, Xiao Y, Guizani M, Chen HH (2007) An effective key management scheme for heterogeneous sensor networks. Ad Hoc Netw 5(1):24\u201334","journal-title":"Ad Hoc Netw"},{"issue":"3","key":"2745_CR8","doi-asserted-by":"crossref","first-page":"1223","DOI":"10.1109\/TWC.2009.060598","volume":"8","author":"X Du","year":"2009","unstructured":"Du X, Guizani M, Xiao Y, Chen HH (2009) A routingDriven elliptic curve cryptography based key management scheme for heterogeneous sensor networks. IEEE Trans Wireless Commun 8(3):1223\u20131229","journal-title":"IEEE Trans Wireless Commun"},{"key":"2745_CR9","unstructured":"Du X, Rozenblit M, Shayman M (2011) Implementation and performance analysis of SNMP on a TLS\/TCP base. In: Proceedings of the seventh IFIP\/IEEE international symposium on integrated network management, pp 453\u2013466"},{"key":"2745_CR10","first-page":"191","volume":"3","author":"T Garfinkel","year":"2003","unstructured":"Garfinkel T, Rosenblum M et al (2003) A virtual machine introspection based architecture for intrusion detection. NDSS 3:191\u2013206","journal-title":"NDSS"},{"key":"2745_CR11","unstructured":"Guide P (2010) Intel 64 and ia-32 architectures software developers manual"},{"key":"2745_CR12","doi-asserted-by":"crossref","unstructured":"Hizver J, Chiueh Tc (2013) Cloud-based application whitelisting. In: 2013 IEEE 6th international conference on cloud computing, pp 636\u2013643","DOI":"10.1109\/CLOUD.2013.48"},{"key":"2745_CR13","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1145\/1961295.1950398","volume":"39","author":"OS Hofmann","year":"2011","unstructured":"Hofmann OS, Dunn AM, Kim S, Roy I, Witchel E (2011) Ensuring operating system kernel integrity with osck. ACM SIGARCH Comput Archit News 39:279\u2013290","journal-title":"ACM SIGARCH Comput Archit News"},{"issue":"2","key":"2745_CR14","doi-asserted-by":"crossref","first-page":"267","DOI":"10.1007\/s00500-013-1056-0","volume":"18","author":"HD Huang","year":"2014","unstructured":"Huang HD, Lee CS, Wang MH, Kao HY (2014) It2fs-based ontology with soft-computing mechanism for malware behavior analysis. Soft Comput 18(2):267\u2013284","journal-title":"Soft Comput"},{"key":"2745_CR15","unstructured":"Intel virtualization technology. http:\/\/www.intel.com\/content\/www\/us\/en\/virtuali-zation\/virtualization-technology\/intel-virtualization-technology.html Accessed 03 May 2017"},{"issue":"4","key":"2745_CR16","doi-asserted-by":"crossref","first-page":"1404","DOI":"10.1109\/TIFS.2011.2159712","volume":"6","author":"J Li","year":"2011","unstructured":"Li J, Wang Z, Bletsch T, Srinivasan D, Grace M, Jiang X (2011) Comprehensive and efficient protection of kernel control data. IEEE Trans Inf Forens Secur 6(4):1404\u20131417","journal-title":"IEEE Trans Inf Forens Secur"},{"key":"2745_CR17","doi-asserted-by":"crossref","unstructured":"Liang S, Du X (2014) Permission-Combination-based scheme for android mobile malware detection. In: Proceedings of IEEE international conference on communications (ICC), pp 2301\u20132306","DOI":"10.1109\/ICC.2014.6883666"},{"key":"2745_CR18","doi-asserted-by":"crossref","unstructured":"Liao Z, Luo Y (2015) A stack-based lightweight approach to detect kernel-level rookits. In: 2015 IEEE international conference on progress in informatics and computing (PIC), pp 602\u2013607","DOI":"10.1109\/PIC.2015.7489919"},{"key":"2745_CR19","doi-asserted-by":"crossref","unstructured":"Malone C, Zahran M, Karri R (2011) Are hardware performance counters a cost effective way for integrity checking of programs. In: Proceedings of the 6th ACM workshop on Scalable trusted computing, pp 71\u201376","DOI":"10.1145\/2046582.2046596"},{"key":"2745_CR20","doi-asserted-by":"publisher","unstructured":"Mart\u00edn A, Men\u00e9ndez HD, Camacho D (2016) Mocdroid: multi-objective evolutionary classifier for android malware detection. Soft Comput. pp 1\u201311. doi: 10.1007\/s00500-016-2283-y","DOI":"10.1007\/s00500-016-2283-y"},{"key":"2745_CR21","doi-asserted-by":"crossref","unstructured":"Petroni\u00a0Jr NL, Hicks M (2007) Automated detection of persistent kernel control-flow attacks. In: Proceedings of the 14th ACM conference on computer and communications security, pp 103\u2013115","DOI":"10.1145\/1315245.1315260"},{"key":"2745_CR22","doi-asserted-by":"crossref","unstructured":"Prakash A, Yin H, Liang Z (2013) Enforcing system-wide control flow integrity for exploit detection and diagnosis. In: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp 311\u2013322","DOI":"10.1145\/2484313.2484352"},{"key":"2745_CR23","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/978-3-642-15512-3_10","volume-title":"International workshop on recent advances in intrusion detection","author":"J Rhee","year":"2010","unstructured":"Rhee J, Riley R, Xu D, Jiang X (2010) Kernel malware analysis with un-tampered and temporal views of dynamic kernel memory. International workshop on recent advances in intrusion detection. Springer, Berlin, pp 178\u2013197"},{"issue":"9","key":"2745_CR24","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1109\/CC.2014.6969709","volume":"11","author":"W Shi","year":"2014","unstructured":"Shi W, Zhou H, Yuan J, Liang B (2014) Dcfi-checker: checking kernel dynamic control flow integrity with performance monitoring counter. China Commun 11(9):31\u201346","journal-title":"China Commun"},{"key":"2745_CR25","first-page":"1","volume-title":"International workshop on recent advances in intrusion detection","author":"A Srivastava","year":"2012","unstructured":"Srivastava A, Raj H, Giffin J, England P (2012) Trusted vm snapshots in untrusted cloud infrastructures. International workshop on recent advances in intrusion detection. Springer, Berlin, pp 1\u201321"},{"key":"2745_CR26","unstructured":"Sysenter. http:\/\/wiki.osdev.org\/SYSENTER Accessed 03 May 2017"},{"key":"2745_CR27","unstructured":"The xen project. http:\/\/www.xenproject.org\/ Accessed 03 May 2017"},{"key":"2745_CR28","unstructured":"Vogl S, Eckert C (2012) Using hardware performance events for instruction-level monitoring on the x86 architecture. In: Proceedings of the 2012 European workshop on system security EuroSec, 12"},{"key":"2745_CR29","doi-asserted-by":"crossref","unstructured":"Wang X, Karri R (2013) Numchecker: detecting kernel control-flow modifying rootkits by using hardware performance counters. In: 50th ACM\/EDAC\/IEEE conference on design automation (DAC), pp 1\u20137","DOI":"10.1145\/2463209.2488831"},{"key":"2745_CR30","doi-asserted-by":"crossref","unstructured":"Wei J, Payne BD, Giffin J, Pu C (2008) Soft-timer driven transient kernel control flow attacks and defense. In: Annual IEEE conference on computer security applications, pp 97\u2013107","DOI":"10.1109\/ACSAC.2008.40"},{"key":"2745_CR31","doi-asserted-by":"crossref","unstructured":"Willems C, Hund R, Fobian A, Felsch D, Holz T, Vasudevan A (2012) Down to the bare metal: using processor features for binary analysis. In: Proceedings of the 28th ACM annual computer security applications conference, pp 189\u2013198","DOI":"10.1145\/2420950.2420980"},{"key":"2745_CR32","unstructured":"wook Baek H, Srivastava A, Van\u00a0der Merwe J (2014) Cloudvmi: Virtual machine introspection as a cloud service. In: IEEE International Conference on Cloud Engineering (IC2E), pp 153\u2013158"},{"issue":"2","key":"2745_CR33","doi-asserted-by":"crossref","first-page":"622","DOI":"10.1109\/TWC.2009.071278","volume":"8","author":"Y Xiao","year":"2009","unstructured":"Xiao Y, Chen HH, Du X, Guizani M (2009) Streambased cipher feedback mode in wireless error channel. IEEE Trans Wireless Commun 8(2):622\u2013626","journal-title":"IEEE Trans Wireless Commun"},{"issue":"11","key":"2745_CR34","doi-asserted-by":"crossref","first-page":"2314","DOI":"10.1016\/j.comcom.2007.04.009","volume":"30","author":"Y Xiao","year":"2007","unstructured":"Xiao Y, Rayi V, Sun B, Du X, Hu F, Galloway M (2007) A survey of key management schemes in wireless sensor networks. Comput Commun 30(11):2314\u20132341","journal-title":"Comput Commun"},{"issue":"12","key":"2745_CR35","doi-asserted-by":"crossref","first-page":"5039","DOI":"10.1007\/s00500-015-1792-4","volume":"20","author":"N Zawawi","year":"2016","unstructured":"Zawawi N, Hamdy M, Ghary R, Tolba M (2016) Realization of a data traceability and recovery service for a trusted authority service co-ordination within a cloud environment. Soft Comput 20(12):5039\u20135050","journal-title":"Soft Comput"},{"key":"2745_CR36","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1145\/2817817.2731201","volume":"50","author":"J Zeng","year":"2015","unstructured":"Zeng J, Fu Y, Lin Z (2015) Pemu: a pin highly compatible out-of-vm dynamic binary instrumentation framework. ACM SIGPLAN Not 50:147\u2013160","journal-title":"ACM SIGPLAN Not"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00500-017-2745-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-017-2745-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-017-2745-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,1]],"date-time":"2019-10-01T16:49:18Z","timestamp":1569948558000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00500-017-2745-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,7,31]]},"references-count":36,"journal-issue":{"issue":"23","published-print":{"date-parts":[[2018,12]]}},"alternative-id":["2745"],"URL":"https:\/\/doi.org\/10.1007\/s00500-017-2745-x","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"type":"print","value":"1432-7643"},{"type":"electronic","value":"1433-7479"}],"subject":[],"published":{"date-parts":[[2017,7,31]]}}}