{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,18]],"date-time":"2026-02-18T22:29:07Z","timestamp":1771453747389,"version":"3.50.1"},"reference-count":41,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"4","license":[{"start":{"date-parts":[[2014,10,1]],"date-time":"2014-10-01T00:00:00Z","timestamp":1412121600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/OAPA.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Cloud Comput."],"published-print":{"date-parts":[[2014,10,1]]},"DOI":"10.1109\/tcc.2014.2338305","type":"journal-article","created":{"date-parts":[[2014,7,11]],"date-time":"2014-07-11T14:44:47Z","timestamp":1405089887000},"page":"380-394","source":"Crossref","is-referenced-by-count":11,"title":["Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting"],"prefix":"10.1109","volume":"2","author":[{"given":"Yufei","family":"Gu","sequence":"first","affiliation":[{"name":"Department of Computer Science, The University of Texas at Dallas, 800 W. Campbell RD, Richardson, TX"}]},{"given":"Yangchun","family":"Fu","sequence":"additional","affiliation":[{"name":"Department of Computer Science, The University of Texas at Dallas, 800 W. Campbell RD, Richardson, TX"}]},{"given":"Aravind","family":"Prakash","sequence":"additional","affiliation":[{"name":"Department of Computer Science Syracuse University, 400 Ostrom Avenue, Syracuse, NY"}]},{"given":"Zhiqiang","family":"Lin","sequence":"additional","affiliation":[{"name":"Department of Computer Science, The University of Texas at Dallas, 800 W. Campbell RD, Richardson, TX"}]},{"given":"Heng","family":"Yin","sequence":"additional","affiliation":[{"name":"Department of Computer Science Syracuse University, 400 Ostrom Avenue, Syracuse, NY"}]}],"member":"263","reference":[{"key":"ref39","first-page":"260","article-title":"Transparent runtime randomization for security","author":"xu","year":"0","journal-title":"Proc 22nd Int Symp Reliable Distrib Syst"},{"key":"ref38","author":"walters","year":"0"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2002.1173063"},{"key":"ref31","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2014.23226","article-title":"Hybrid-bridge: Efficiently bridging the semantic-gap in virtual machine introspection via decoupled execution and training memoization","author":"saberi","year":"2014"},{"key":"ref30","article-title":"Operating system fingerprinting for virtual machines","author":"quynh","year":"0","journal-title":"Proc DEFCON 18"},{"key":"ref37","author":"team","year":"0"},{"key":"ref36","article-title":"Synscan: Towards complete tcp\/ip fingerprinting","author":"taleck","year":"2004"},{"key":"ref35","article-title":"Hotpatching and the rise of third-party patches","author":"sotirov","year":"0","journal-title":"Proc Black Hat Technical Security Conf"},{"key":"ref34","article-title":"Know your enemy: Passive fingerprinting. Identifying remote hosts without them knowing","author":"smith","year":"2002"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/1655008.1655022"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2009.5270338"},{"key":"ref11","first-page":"245","article-title":"Probing tcp implementations","author":"comer","year":"0","journal-title":"Proc Summer 1994 Usenix Conf"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2010.05.002"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.40"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2516951.2505124"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2451512.2451534"},{"key":"ref16","year":"2007"},{"key":"ref17","article-title":"A virtual machine introspection based architecture for intrusion detection","author":"garfinkel","year":"0","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref18","first-page":"1","article-title":"Toward undetected operating system fingerprinting","author":"greenwald","year":"0","journal-title":"Proc USENIX Workshop Offensive Technol"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/2391229.2391234"},{"key":"ref28","first-page":"167","article-title":"Automated packet trace analysis of TCP implementations","author":"paxson","year":"0","journal-title":"Proc ACM Sigcomm"},{"key":"ref4","article-title":"The present and future of xprobe2: The next generation of active operating system fingerprinting. sys-security group","author":"arkin","year":"2003"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.17"},{"key":"ref3","year":"0"},{"key":"ref6","article-title":"Address obfuscation: an efficient approach to combat a broad range of memory error exploits","author":"bhatkar","year":"0","journal-title":"Proc 12th USENIX Security Symp"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.10"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866313"},{"key":"ref8","first-page":"133","article-title":"When virtual is better than real","author":"chen","year":"0","journal-title":"Proc Workshop Hot Topics in Operating Systems"},{"key":"ref7","first-page":"17","article-title":"Efficient techniques for comprehensive protection from memory error exploits","author":"bhatkar","year":"2005","journal-title":"Proc 14th Conf USENIX Security Symp"},{"key":"ref2","year":"0"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"ref1","year":"0"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2012.05.014"},{"key":"ref22","first-page":"128","article-title":"Stealthy malware detection through vmm-based out-of-the-box semantic view reconstruction","author":"jiang","year":"0","journal-title":"Proc 14th ACM Conf Comput Commun Security"},{"key":"ref21","year":"0"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1137\/0206024"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043576"},{"key":"ref23","author":"jones","year":"0"},{"key":"ref26","article-title":"Siggraph: Brute force scanning of kernel data structure instances using graph-based signatures","author":"lin","year":"0","journal-title":"Proc 8th Annu Symp Network and Distributed System Security"},{"key":"ref25","first-page":"255","article-title":"Static disassembly of obfuscated binaries","author":"kruegel","year":"0","journal-title":"Proc 13th Conf Usenix Security Symp"}],"container-title":["IEEE Transactions on Cloud Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6245519\/7024233\/06853383.pdf?arnumber=6853383","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,18]],"date-time":"2026-02-18T21:21:17Z","timestamp":1771449677000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/6853383\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,10,1]]},"references-count":41,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1109\/tcc.2014.2338305","relation":{},"ISSN":["2168-7161","2372-0018"],"issn-type":[{"value":"2168-7161","type":"electronic"},{"value":"2372-0018","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,10,1]]}}}