{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T07:39:26Z","timestamp":1740123566183,"version":"3.37.3"},"reference-count":32,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T00:00:00Z","timestamp":1733702400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T00:00:00Z","timestamp":1733702400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"DOI":"10.13039\/501100005046","name":"Natural Science Foundation of Heilongjiang Province of China","doi-asserted-by":"crossref","award":["LH2023F017"],"award-info":[{"award-number":["LH2023F017"]}],"id":[{"id":"10.13039\/501100005046","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62302122, 62172123"],"award-info":[{"award-number":["62302122, 62172123"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"CCF-Huawei Populus Grove Fund","award":["CCF-HuaweiSY202411"],"award-info":[{"award-number":["CCF-HuaweiSY202411"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Supercomput"],"published-print":{"date-parts":[[2025,1]]},"DOI":"10.1007\/s11227-024-06779-2","type":"journal-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T10:33:38Z","timestamp":1733740418000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A high-performance real-time container file monitoring approach based on virtual machine introspection"],"prefix":"10.1007","volume":"81","author":[{"given":"Kai","family":"Tan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dongyang","family":"Zhan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lin","family":"Ye","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hongli","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Binxing","family":"Fang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhihong","family":"Tian","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"6779_CR1","doi-asserted-by":"publisher","first-page":"52976","DOI":"10.1109\/ACCESS.2019.2911732","volume":"7","author":"S Sultan","year":"2019","unstructured":"Sultan S, Ahmad I, Dimitriou T (2019) Container security: issues, challenges, and the road ahead. IEEE Access 7:52976\u201352996","journal-title":"IEEE Access"},{"doi-asserted-by":"crossref","unstructured":"Adukkathayar CA, Krishnan GS, Sasikumar G (2015) Advanced integrity checking and recovery using write-protected storage for enhancing operating system security. In: 2015 10th International Conference on Computer Science and Education (ICCSE), pp 219\u2013224. IEEE","key":"6779_CR2","DOI":"10.1109\/ICCSE.2015.7250246"},{"unstructured":"Zlatkovski D, Mileva A, Bogatinova K, Ampov I (2018) A new real-time file integrity monitoring system for windows-based environments","key":"6779_CR3"},{"unstructured":"J, Z.S (2015) Research on multi-level granularity controllable security audit method in cloud environment. PhD thesis, Harbin Institute of Technology","key":"6779_CR4"},{"issue":"5","key":"6779_CR5","doi-asserted-by":"publisher","first-page":"2731","DOI":"10.1109\/TNSE.2022.3155187","volume":"10","author":"S Li","year":"2022","unstructured":"Li S, Jiang L, Zhang Q, Wang Z, Tian Z, Guizani M (2022) A malicious mining code detection method based on multi-features fusion. IEEE Trans Netw Sci Eng 10(5):2731\u20132739","journal-title":"IEEE Trans Netw Sci Eng"},{"doi-asserted-by":"crossref","unstructured":"Lin X, Lei L, Wang Y, Jing J, Sun K, Zhou Q (2018) A measurement study on linux container security: attacks and countermeasures. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp 418\u2013429","key":"6779_CR6","DOI":"10.1145\/3274694.3274720"},{"doi-asserted-by":"crossref","unstructured":"Gao X, Gu Z, Kayaalp M, Pendarakis D, Wang H (2017) Containerleaks: merging security threats of information leakages in container clouds. In: 2017 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp 237\u2013248 . IEEE","key":"6779_CR7","DOI":"10.1109\/DSN.2017.49"},{"issue":"1","key":"6779_CR8","doi-asserted-by":"publisher","first-page":"174","DOI":"10.1109\/TDSC.2018.2879605","volume":"18","author":"X Gao","year":"2018","unstructured":"Gao X, Steenkamer B, Gu Z, Kayaalp M, Pendarakis D, Wang H (2018) A study on the security implications of information leakages in container clouds. IEEE Trans Depend Secure Comput 18(1):174\u2013191","journal-title":"IEEE Trans Depend Secure Comput"},{"doi-asserted-by":"crossref","unstructured":"Randazzo A, Tinnirello I (2019) Kata containers: An emerging architecture for enabling mec services in fast and secure way. In: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), pp 209\u2013214 . IEEE","key":"6779_CR9","DOI":"10.1109\/IOTSMS48152.2019.8939164"},{"issue":"3","key":"6779_CR10","first-page":"957","volume":"8","author":"P Mishra","year":"2018","unstructured":"Mishra P, Varadharajan V, Pilli ES, Tupakula U (2018) Vmguard: a vmi-based security architecture for intrusion detection in cloud environment. IEEE Trans Cloud Comput 8(3):957\u2013971","journal-title":"IEEE Trans Cloud Comput"},{"doi-asserted-by":"crossref","unstructured":"Dangl T, Taubmann B, Reiser HP (2021) Agent-based file extraction using virtual machine introspection. In: Secure IT Systems: 25th Nordic Conference, NordSec 2020, Virtual Event, November 23\u201324, 2020, Proceedings 25, Springer, pp 174\u2013191","key":"6779_CR11","DOI":"10.1007\/978-3-030-70852-8_11"},{"unstructured":"\"VMware vShield Endpoint, Enhanced Endpoint Security and Performance for Virtual Datacenters\". https:\/\/www.virtualizationworks.com\/datasheets\/VMware-vShield5-Endpoint-Datasheet.pdf","key":"6779_CR12"},{"issue":"1","key":"6779_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1504\/IJSSC.2019.100007","volume":"9","author":"M Sato","year":"2019","unstructured":"Sato M, Taniguchi H, Yamauchi T (2019) Design and implementation of hiding method for file manipulation of essential services by system call proxy using virtual machine monitor. Int J Space-Based Situat Comput 9(1):1\u201310","journal-title":"Int J Space-Based Situat Comput"},{"key":"6779_CR14","doi-asserted-by":"publisher","first-page":"737","DOI":"10.1016\/j.cose.2018.02.014","volume":"77","author":"Z Gu","year":"2018","unstructured":"Gu Z, Saltaformaggio B, Zhang X, Xu D (2018) Gemini: Guest-transparent honey files via hypervisor-level access redirection. Comput Secur 77:737\u2013744","journal-title":"Comput Secur"},{"key":"6779_CR15","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1016\/j.future.2018.05.055","volume":"88","author":"D Zhan","year":"2018","unstructured":"Zhan D, Ye L, Zhang H, Fang B, Li H, Liu Y, Du X, Guizani M (2018) A high-performance virtual machine filesystem monitor in cloud-assisted cognitive iot. Futur Gener Comput Syst 88:209\u2013219","journal-title":"Futur Gener Comput Syst"},{"doi-asserted-by":"crossref","unstructured":"Jiang F, Cai Q, Guan L, Lin J (2018) Enforcing access controls for the cryptographic cloud service invocation based on virtual machine introspection. In: Information Security: 21st International Conference, ISC 2018, Guildford, UK, September 9\u201312, 2018, Proceedings 21, Springer, pp 213\u2013230","key":"6779_CR16","DOI":"10.1007\/978-3-319-99136-8_12"},{"doi-asserted-by":"crossref","unstructured":"Zhan D, Ye L, Fang B, Du X, Su S (2016) Cfwatcher: a novel target-based real-time approach to monitor critical files using vmi. In: 2016 IEEE International Conference on Communications (ICC), pp 1\u20136 .IEEE","key":"6779_CR17","DOI":"10.1109\/ICC.2016.7511200"},{"issue":"10","key":"6779_CR18","doi-asserted-by":"publisher","first-page":"2307","DOI":"10.1587\/transinf.2016INP0009","volume":"100","author":"D Zhan","year":"2017","unstructured":"Zhan D, Ye L, Fang B, Du X, Xu Z (2017) Protecting critical files using target-based virtual machine introspection approach. IEICE Trans Inf Syst 100(10):2307\u20132318","journal-title":"IEICE Trans Inf Syst"},{"unstructured":"Henriksson O, Falk M (2017) Static vulnerability analysis of docker images","key":"6779_CR19"},{"doi-asserted-by":"crossref","unstructured":"Shu R, Gu X, Enck W (2017) A study of security vulnerabilities on docker hub. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp 269\u2013280","key":"6779_CR20","DOI":"10.1145\/3029806.3029832"},{"key":"6779_CR21","doi-asserted-by":"publisher","DOI":"10.1016\/j.simpat.2021.102391","volume":"113","author":"S Li","year":"2021","unstructured":"Li S, Li Y, Han W, Du X, Guizani M, Tian Z (2021) Malicious mining code detection based on ensemble learning in cloud computing environment. Simul Model Pract Theory 113:102391","journal-title":"Simul Model Pract Theory"},{"unstructured":"Ghavamnia S, Palit T, Benameur A, Polychronakis M (2020) Confine: automated system call policy generation for container attack surface reduction. In: 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020), pp 443\u2013458","key":"6779_CR22"},{"unstructured":"DeMarinis N, Williams-King K, Jin D, Fonseca R, Kemerlis VP (2020) Sysfilter: Automated system call filtering for commodity software. In: 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020), pp 459\u2013474","key":"6779_CR23"},{"doi-asserted-by":"crossref","unstructured":"Loukidis-Andreou F, Giannakopoulos I, Doka K, Koziris N (2018) Docker-sec: a fully automated container security enhancement mechanism. In: 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), pp 1561\u20131564 IEEE","key":"6779_CR24","DOI":"10.1109\/ICDCS.2018.00169"},{"issue":"5","key":"6779_CR25","doi-asserted-by":"publisher","first-page":"3327","DOI":"10.1109\/TII.2020.3047416","volume":"18","author":"Y Wang","year":"2020","unstructured":"Wang Y, Wang Q, Chen X, Chen D, Fang X, Yin M, Zhang N (2020) Containerguard: a real-time attack detection system in container-based big data platform. IEEE Trans Ind Inf 18(5):3327\u20133336","journal-title":"IEEE Trans Ind Inf"},{"issue":"5","key":"6779_CR26","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1145\/1165389.945462","volume":"37","author":"P Barham","year":"2003","unstructured":"Barham P, Dragovic B, Fraser K, Hand S, Harris T, Ho A, Neugebauer R, Pratt I, Warfield A (2003) Xen and the art of virtualization. ACM SIGOPS Oper Syst Rev 37(5):164\u2013177","journal-title":"ACM SIGOPS Oper Syst Rev"},{"unstructured":"\u201c Brown N Overlay filesystem\u201d. https:\/\/www.kernel.org\/doc\/Documentation\/filesystems\/overlayfs.txt","key":"6779_CR27"},{"doi-asserted-by":"crossref","unstructured":"Zhan D, Li H, Ye L, Zhang H, Fang B, Du X (2019) A low-overhead kernel object monitoring approach for virtual machine introspection. In: ICC 2019-2019 IEEE International Conference on Communications (ICC), pp 1\u20136. IEEE","key":"6779_CR28","DOI":"10.1109\/ICC.2019.8761433"},{"unstructured":"Chen PM, Noble BD (2001) When virtual is better than real [operating system relocation to virtual machines]. In: Proceedings Eighth Workshop on Hot Topics in Operating Systems, pp 133\u2013138 IEEE","key":"6779_CR29"},{"unstructured":"\u201cVOLATILITY FOUNDATION\u201d. https:\/\/www.volatilityfoundation.org\/","key":"6779_CR30"},{"unstructured":"\u201cIOzone Filesystem Benchmark\u201d. http:\/\/www.iozone.org\/","key":"6779_CR31"},{"unstructured":"\u201cMemory Bandwidth Benchmark\u201d. https:\/\/github.com\/raas\/mbw","key":"6779_CR32"}],"container-title":["The Journal of Supercomputing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11227-024-06779-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11227-024-06779-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11227-024-06779-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T11:03:58Z","timestamp":1733742238000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11227-024-06779-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,9]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,1]]}},"alternative-id":["6779"],"URL":"https:\/\/doi.org\/10.1007\/s11227-024-06779-2","relation":{},"ISSN":["0920-8542","1573-0484"],"issn-type":[{"type":"print","value":"0920-8542"},{"type":"electronic","value":"1573-0484"}],"subject":[],"published":{"date-parts":[[2024,12,9]]},"assertion":[{"value":"26 November 2024","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 December 2024","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no Conflict of interest to report regarding the present study.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"The study was approved by the Harbin Institute of Technology.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}},{"value":"Informed consent was obtained from all participants included in the study.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent to participate"}}],"article-number":"260"}}