{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,19]],"date-time":"2025-12-19T09:26:49Z","timestamp":1766136409868},"reference-count":56,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"7","license":[{"start":{"date-parts":[[2013,7,1]],"date-time":"2013-07-01T00:00:00Z","timestamp":1372636800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2013,7]]},"DOI":"10.1109\/tifs.2013.2266095","type":"journal-article","created":{"date-parts":[[2013,6,4]],"date-time":"2013-06-04T18:02:03Z","timestamp":1370368923000},"page":"1230-1242","source":"Crossref","is-referenced-by-count":13,"title":["Monitoring Integrity Using Limited Local Memory"],"prefix":"10.1109","volume":"8","author":[{"given":"Y.","family":"Kinebuchi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"S.","family":"Butt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"V.","family":"Ganapathy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"L.","family":"Iftode","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"T.","family":"Nakajima","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","first-page":"179","article-title":"Copilot: A coprocessor-based kernel runtime integrity monitor","author":"petroni","year":"2004","journal-title":"Proc Usenix Security Symp"},{"key":"ref38","first-page":"18","article-title":"Design of a 90 nm 4-CPU 4320 mips SoC with individually managed frequency and 2.4 GB\/s multi-master on-chip interconnect","author":"nishii","year":"2007","journal-title":"Proc IEEE Asian Solid-State Circuits Conf"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/RTCSA.2011.36"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.38"},{"key":"ref30","first-page":"233","article-title":"Core-local memory assisted protection (fast abstract)","author":"kinebuchi","year":"2010","journal-title":"Proc Pacific Rim Int l Symp Dependable Computing"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/1346256.1346278"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.17"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/1352592.1352625"},{"key":"ref34","first-page":"243","article-title":"Hypervisor support for identifying covertly executing binaries","author":"litty","year":"2008","journal-title":"Proc 17th USENIX Security Symp"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/1815961.1816010"},{"key":"ref27","article-title":"Hacking 3d (and breaking out of vmware)","author":"kortchinsky","year":"2009","journal-title":"BlackHat USA"},{"key":"ref29","first-page":"401","article-title":"Eliminating the hypervisor attack surface for a more secure cloud","author":"keller","year":"2011","journal-title":"Proc ACM Conf Comput and Commun Security"},{"key":"ref2","year":"0","journal-title":"Packet storm"},{"key":"ref1","year":"0","journal-title":"Myricom Pioneering High Performance Computing"},{"key":"ref20","article-title":"A virtual machine introspection based architecture for intrusion detection","author":"garfinkel","year":"2003","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref22","year":"2010","journal-title":"The SCC Platform Overview ? Intel Research"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950398"},{"key":"ref24","article-title":"Single chip cloud computer: An experimental many-core processor from Intel labs","year":"2010","journal-title":"Proc Intel Labs Single-Chip Cloud Comput Symp"},{"key":"ref23","year":"2010","journal-title":"The SCC Programmer's Guide Revision 0 61 ? Intel Research"},{"key":"ref26","article-title":"Stealthy malware detection through VMM-based ?out-of-the-box? semantic view reconstruction","volume":"13","author":"jiang","year":"2007","journal-title":"Proc 14th ACM Conf Comput and Commun Security"},{"key":"ref25","author":"jayakumar","year":"2000","journal-title":"Bootstrap Processor Selection Architecture in SMP System"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/1755913.1755935"},{"key":"ref51","year":"0","journal-title":"Byte-Unixbench A Unix Benchmark Suite"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/1133373.1133423"},{"key":"ref55","year":"0","journal-title":"Xenaccess ? A Virtual Machine Introspection Library for Xen"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.30"},{"key":"ref53","year":"0","journal-title":"VMsafe Partner Program"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/781027.781062"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/HOTOS.2001.990073"},{"key":"ref40","first-page":"289","article-title":"An architecture for specification-based detection of semantic integrity violations in kernel dynamic data","author":"petroni","year":"2006","journal-title":"Proc Usenix Security Symp"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043575"},{"key":"ref12","year":"2006","journal-title":"LaGrande technology preliminary architecture specification"},{"key":"ref13","author":"cox","year":"0","journal-title":"Xv6 A Simple Unix-like Teaching Operating System"},{"key":"ref14","first-page":"255","article-title":"Digging for data structures","author":"cozzie","year":"2008","journal-title":"Proc ACM\/USENIX Symp on Operating Systems Design and Implementation (OSDI)"},{"key":"ref15","year":"0","journal-title":"Xen Guest Root can Escape to Domain 0 Through Pygrub"},{"key":"ref16","year":"0","journal-title":"Multiple Integer Overflows in Libext2fs in E2fsprogs"},{"key":"ref17","year":"0","journal-title":"Directory Traversal Vulnerability in the Shared Folders Feature for Vmware"},{"key":"ref18","year":"0","journal-title":"Buffer Overflow in the Backend of XenSource Xen Para Virtualized Frame Buffer"},{"key":"ref19","year":"2005","journal-title":"AMD64 Virtualization Secure Virtual Machine Architecture Reference Manual"},{"key":"ref4","doi-asserted-by":"crossref","DOI":"10.21236\/AD0772806","volume":"ii","author":"anderson","year":"1972","journal-title":"Computer Security Technology Planning Study"},{"key":"ref3","year":"2007","journal-title":"Xbox 360 Hypervisor Privilege Escalation Vulnerability"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.25"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2010.38"},{"key":"ref8","article-title":"Static use of locking caches in multitask preemptive real-time systems","author":"campoy","year":"2001","journal-title":"Proc IEEE\/IEE Real-Time Embedded Syst Workshop (Satellite of the IEEE Real-Time Syst Symp"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/CODES.2002.1003604"},{"key":"ref49","article-title":"Efficient monitoring of untrusted kernel-mode execution","author":"srivastava","year":"2011","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653729"},{"key":"ref46","author":"sailer","year":"2005","journal-title":"sHype Secure Hypervisor Approach to Trusted Virtualized Systems"},{"key":"ref45","article-title":"Beyond the CPU: Defeating hardware based RAM acquisition, Part I: AMD case","author":"rutkowska","year":"2007","journal-title":"Proc Blackhat Conf"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/1508293.1508311"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/REAL.2002.1181567"},{"key":"ref41","first-page":"103","article-title":"Automated detection of persistent kernel control-flow attacks","author":"petroni","year":"2007","journal-title":"Proc ACM Conf Comput and Commun Security"},{"key":"ref44","article-title":"Subverting the Xen hypervisor","author":"wojtczuk","year":"2008","journal-title":"Proc BlackHat USA"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/DATE.2007.364510"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/6519375\/06523151.pdf?arnumber=6523151","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,29]],"date-time":"2021-11-29T20:45:11Z","timestamp":1638218711000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6523151\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,7]]},"references-count":56,"journal-issue":{"issue":"7"},"URL":"https:\/\/doi.org\/10.1109\/tifs.2013.2266095","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,7]]}}}