{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T14:44:16Z","timestamp":1773931456994,"version":"3.50.1"},"reference-count":38,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2017,3,1]],"date-time":"2017-03-01T00:00:00Z","timestamp":1488326400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"DOI":"10.13039\/501100003725","name":"National Research Foundation of Korea (NRF)","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100003725","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003621","name":"MSIP","doi-asserted-by":"publisher","award":["2014R1A2A1A10051792"],"award-info":[{"award-number":["2014R1A2A1A10051792"]}],"id":[{"id":"10.13039\/501100003621","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Inter-University Semiconductor Research Center (ISRC)"},{"DOI":"10.13039\/501100003621","name":"MSIP (Ministry of Science, ICT & Future Planning)","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100003621","id-type":"DOI","asserted-by":"publisher"}]},{"name":"BrainScoutingProgram","award":["H7106-14-1011"],"award-info":[{"award-number":["H7106-14-1011"]}]},{"name":"Institute for Information & Communication Promotion (IITP)"},{"DOI":"10.13039\/501100005073","name":"Agency for Defense Development (ADD)","doi-asserted-by":"publisher","award":["UD140002ED"],"award-info":[{"award-number":["UD140002ED"]}],"id":[{"id":"10.13039\/501100005073","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2017,3,1]]},"DOI":"10.1109\/tdsc.2015.2443803","type":"journal-article","created":{"date-parts":[[2015,6,11]],"date-time":"2015-06-11T06:06:34Z","timestamp":1434002794000},"page":"145-157","source":"Crossref","is-referenced-by-count":11,"title":["Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping"],"prefix":"10.1109","volume":"14","author":[{"given":"Hyungon","family":"Moon","sequence":"first","affiliation":[]},{"given":"Hojoon","family":"Lee","sequence":"additional","affiliation":[]},{"given":"Ingoo","family":"Heo","sequence":"additional","affiliation":[]},{"given":"Kihwan","family":"Kim","sequence":"additional","affiliation":[]},{"given":"Yunheung","family":"Paek","sequence":"additional","affiliation":[]},{"given":"Brent Byunghoon","family":"Kang","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/RTSS.2008.43"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2000.904088"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"ref31","author":"russell","year":"0"},{"key":"ref30","author":"kaneda","year":"0"},{"key":"ref37","author":"clarke","year":"2004"},{"key":"ref36","article-title":"Chipset based approach to detect virtualization malware a.k.a. deepwatch","author":"bulygin","year":"0","journal-title":"BlackHat USA"},{"key":"ref35","article-title":"An architecture for\n specification-based detection of semantic integrity violations in kernel dynamic data","author":"petroni","year":"0","journal-title":"Proc 15th Conf USENIX Security Symp"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.29"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_9"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2013.53"},{"key":"ref12","article-title":"Using\n cpu system management mode to circumvent operating system security functions","author":"duflot","year":"0","journal-title":"Proc 7th CanSecWest Conf"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1997.601317"},{"key":"ref14","first-page":"16:1","article-title":"OSLO: Improving the security of trusted computing","author":"kauer","year":"0","journal-title":"Proc 16th USENIX Security Symp USENIX Security Symp"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/1734583.1734596"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382202"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.40"},{"key":"ref18","year":"1999","journal-title":"AMBA Specification"},{"key":"ref19","year":"2012","journal-title":"GRLIB IP Core User’s Manual"},{"key":"ref28","first-page":"194","article-title":"A novel approach for a File-system integrity monitor tool of Xen virtual machine","author":"quynh","year":"0","journal-title":"Proc 2nd ACM Symp Inf Comput Commun Security"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2009.116"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23019"},{"key":"ref3","first-page":"191","article-title":"A virtual machine introspection based architecture for intrusion detection","author":"garfinkel","year":"0","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref6","year":"0"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945464"},{"key":"ref5","year":"0"},{"key":"ref8","year":"0"},{"key":"ref7","year":"0"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/1133373.1133423"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866313"},{"key":"ref1","first-page":"13","article-title":"Copilot—A Coprocessor-based\n kernel runtime integrity monitor","author":"petroni","year":"0","journal-title":"Proc 13th Conf Usenix Security Symp"},{"key":"ref20","year":"1992","journal-title":"The SPARC Architecture Manual"},{"key":"ref22","article-title":"Zynq-7000 all programmable soc technical reference manual","year":"2013"},{"key":"ref21","year":"2008","journal-title":"SnapGear Linux for LEON"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315260"},{"key":"ref23","first-page":"19","article-title":"Memory bandwidth and machine balance in current high performance\n computers","author":"mccalpin","year":"1995","journal-title":"IEEE Comput Soc Tech Committee Comput Archit Newslett"},{"key":"ref26","first-page":"383","article-title":"Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms","author":"hund","year":"0","journal-title":"Proc Usenix Security Symp"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660303"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8858\/4358699\/07120934.pdf?arnumber=7120934","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T11:45:43Z","timestamp":1641987943000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7120934\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,3,1]]},"references-count":38,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2015.2443803","relation":{},"ISSN":["1545-5971"],"issn-type":[{"value":"1545-5971","type":"print"}],"subject":[],"published":{"date-parts":[[2017,3,1]]}}}