{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:46:07Z","timestamp":1772163967382,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2005,10,20]],"date-time":"2005-10-20T00:00:00Z","timestamp":1129766400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2005,10,20]]},"DOI":"10.1145\/1095810.1095826","type":"proceedings-article","created":{"date-parts":[[2005,11,7]],"date-time":"2005-11-07T12:34:39Z","timestamp":1131366879000},"page":"163-176","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":92,"title":["The taser intrusion recovery system"],"prefix":"10.1145","author":[{"given":"Ashvin","family":"Goel","sequence":"first","affiliation":[{"name":"University of Toronto"}]},{"given":"Kenneth","family":"Po","sequence":"additional","affiliation":[{"name":"University of Toronto"}]},{"given":"Kamran","family":"Farhadi","sequence":"additional","affiliation":[{"name":"University of Toronto"}]},{"given":"Zheng","family":"Li","sequence":"additional","affiliation":[{"name":"University of Toronto"}]},{"given":"Eyal","family":"de Lara","sequence":"additional","affiliation":[{"name":"University of Toronto"}]}],"member":"320","published-online":{"date-parts":[[2005,10,20]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Edward C. Bailey. Maximum RPM. Sams August 1997.]]   Edward C. Bailey. Maximum RPM. Sams August 1997.]]"},{"key":"e_1_3_2_1_2_1","first-page":"259","volume-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation","author":"Barham Paul T.","year":"2004","unstructured":"Paul T. Barham , Austin Donnelly , Rebecca Isaacs , and Richard Mortier . Using magpie for request extraction and workload modelling . In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation , pages 259 -- 272 , 2004 .]] Paul T. Barham, Austin Donnelly, Rebecca Isaacs, and Richard Mortier. Using magpie for request extraction and workload modelling. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation, pages 259--272, 2004.]]"},{"key":"e_1_3_2_1_3_1","first-page":"1","volume-title":"Proceedings of the USENIX Technical Conference","author":"Aaron","year":"2003","unstructured":"Aaron B. Brown and David A. Patterson. Undo for operators: Building an undoable e-mail store . In Proceedings of the USENIX Technical Conference , pages 1 -- 14 , 2003 .]] Aaron B. Brown and David A. Patterson. Undo for operators: Building an undoable e-mail store. In Proceedings of the USENIX Technical Conference, pages 1--14, 2003.]]"},{"key":"e_1_3_2_1_4_1","first-page":"321","volume-title":"Proceedings of the USENIX Security Symposium","author":"Chow Jim","year":"2004","unstructured":"Jim Chow , Ben Pfaff , Tal Garfinkel , Kevin Christopher , and Mendel Rosenblum . Understanding data lifetime via whole system simulation . In Proceedings of the USENIX Security Symposium , pages 321 -- 336 , August 2004 .]] Jim Chow, Ben Pfaff, Tal Garfinkel, Kevin Christopher, and Mendel Rosenblum. Understanding data lifetime via whole system simulation. In Proceedings of the USENIX Security Symposium, pages 321--336, August 2004.]]"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/1060289.1060309"},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Garfinkel Tal","year":"2003","unstructured":"Tal Garfinkel . Traps and pitfalls: Practical problems in system call interposition based security tools . In Proceedings of the Network and Distributed System Security Symposium , February 2003 .]] Tal Garfinkel. Traps and pitfalls: Practical problems in system call interposition based security tools. In Proceedings of the Network and Distributed System Security Symposium, February 2003.]]"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Garfinkel Tal","year":"2003","unstructured":"Tal Garfinkel and Mendel Rosenblum . A virtual machine introspection based architecture for intrusion detection . In Proceedings of the Network and Distributed System Security Symposium , February 2003 .]] Tal Garfinkel and Mendel Rosenblum. A virtual machine introspection based architecture for intrusion detection. In Proceedings of the Network and Distributed System Security Symposium, February 2003.]]"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCSW.2005.62"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Goldberg Ian","year":"1996","unstructured":"Ian Goldberg , David Wagner , Randi Thomas , and Eric A. Brewer . A secure environment for untrusted helper applications . In Proceedings of the USENIX Security Symposium , 1996 .]] Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. A secure environment for untrusted helper applications. In Proceedings of the USENIX Security Symposium, 1996.]]"},{"key":"e_1_3_2_1_10_1","unstructured":"Bobbie Harder. Microsoft windows system restore. http:\/\/msdn.microsoft.com\/library\/en-us\/dnwxp\/ html\/windowsxpsystemrestore.asp April 2001.]]  Bobbie Harder. Microsoft windows system restore. http:\/\/msdn.microsoft.com\/library\/en-us\/dnwxp\/ html\/windowsxpsystemrestore.asp April 2001.]]"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/191177.191183"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945467"},{"key":"e_1_3_2_1_13_1","first-page":"95","volume-title":"Proceedings of the USENIX Technical Conference","author":"Kumar Puneet","year":"1995","unstructured":"Puneet Kumar and Mahadev Satyanarayanan . Flexible and safe resolution of file conflicts . In Proceedings of the USENIX Technical Conference , pages 95 -- 106 . USENIX, January 1995 .]] Puneet Kumar and Mahadev Satyanarayanan. Flexible and safe resolution of file conflicts. In Proceedings of the USENIX Technical Conference, pages 95--106. USENIX, January 1995.]]"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1008731200105"},{"key":"e_1_3_2_1_15_1","unstructured":"Toby Miller. Analysis of the knark rootkit. http:\/\/www.ossec.net\/rootkits\/studies\/knark.txt 2001. SecurityFocus.]]  Toby Miller. Analysis of the knark rootkit. http:\/\/www.ossec.net\/rootkits\/studies\/knark.txt 2001. SecurityFocus.]]"},{"key":"e_1_3_2_1_16_1","volume-title":"The Register","author":"Petreley Nicholas","year":"2004","unstructured":"Nicholas Petreley . Security report : Windows vs Linux . The Register , October 2004 . http:\/\/www.theregister.co.uk\/security\/security_report_windows_vs_linux.]] Nicholas Petreley. Security report: Windows vs Linux. The Register, October 2004. http:\/\/www.theregister.co.uk\/security\/security_report_windows_vs_linux.]]"},{"key":"e_1_3_2_1_18_1","first-page":"257","volume-title":"Proceedings of the USENIX Security Symposium","author":"Provos N.","year":"2003","unstructured":"N. Provos . Improving host security with system call policies . In Proceedings of the USENIX Security Symposium , pages 257 -- 272 , August 2003 .]] N. Provos. Improving host security with system call policies. In Proceedings of the USENIX Security Symposium, pages 257--272, August 2003.]]"},{"key":"e_1_3_2_1_19_1","first-page":"183","volume-title":"USENIX Technical Conference","author":"Reiher Peter","year":"1994","unstructured":"Peter Reiher , John S. Heidemann , David Ratner , Gregory Skinner , and Gerald J. Popek . Resolving file conflicts in the Ficus file system . In USENIX Technical Conference , pages 183 -- 195 . USENIX, June 1994 .]] Peter Reiher, John S. Heidemann, David Ratner, Gregory Skinner, and Gerald J. Popek. Resolving file conflicts in the Ficus file system. In USENIX Technical Conference, pages 183--195. USENIX, June 1994.]]"},{"key":"e_1_3_2_1_20_1","first-page":"229","volume-title":"Proceedings of the USENIX Large Installation Systems Administration Conference","author":"Roesch Martin","year":"1999","unstructured":"Martin Roesch . Snort - Lightweight intrusion detection for networks . In Proceedings of the USENIX Large Installation Systems Administration Conference , pages 229 -- 238 , November 1999 .]] Martin Roesch. Snort - Lightweight intrusion detection for networks. In Proceedings of the USENIX Large Installation Systems Administration Conference, pages 229--238, November 1999.]]"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/319151.319159"},{"key":"e_1_3_2_1_23_1","volume-title":"Linux on-the-fly kernel patching without LKM. Phrack issue","year":"2001","unstructured":"sd and devik. Linux on-the-fly kernel patching without LKM. Phrack issue 58, December 2001 .]] sd and devik. Linux on-the-fly kernel patching without LKM. Phrack issue 58, December 2001.]]"},{"key":"e_1_3_2_1_24_1","unstructured":"Secunia. Secunia vulnerability report. http:\/\/www.secunia.com.]]  Secunia. Secunia vulnerability report. http:\/\/www.secunia.com.]]"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/1090694.1090700"},{"key":"e_1_3_2_1_26_1","first-page":"165","volume-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation","author":"Strunk John D.","year":"2000","unstructured":"John D. Strunk , Garth R. Goodson , Michael L. Scheinholtz , Craig A. N. Soules , and Gregory R. Ganger . Self-securing storage: Protecting data in compromised systems . In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation , pages 165 -- 180 , 2000 .]] John D. Strunk, Garth R. Goodson, Michael L. Scheinholtz, Craig A. N. Soules, and Gregory R. Ganger. Self-securing storage: Protecting data in compromised systems. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation, pages 165--180, 2000.]]"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1037947.1024404"},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Sun Weiqing","year":"2005","unstructured":"Weiqing Sun , Zhenkai Liang , R. Sekar , and V.N. Venkatakrishnan . One-way Isolation: An Effective Approach for Realizing Safe Execution Environments . In Proceedings of the Network and Distributed System Security Symposium , February 2005 .]] Weiqing Sun, Zhenkai Liang, R. Sekar, and V.N. Venkatakrishnan. One-way Isolation: An Effective Approach for Realizing Safe Execution Environments. In Proceedings of the Network and Distributed System Security Symposium, February 2005.]]"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/224056.224070"},{"key":"e_1_3_2_1_31_1","first-page":"17","volume-title":"Proceedings of the USENIX Security Symposium","author":"Wright Chris","year":"2002","unstructured":"Chris Wright , Crispin Cowan , Stephen Smalley , James Morris , and Greg Kroah-Hartman . Linux Security Modules: General security support for the Linux kernel . In Proceedings of the USENIX Security Symposium , pages 17 -- 31 , 2002 .]] Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman. Linux Security Modules: General security support for the Linux kernel. In Proceedings of the USENIX Security Symposium, pages 17--31, 2002.]]"},{"key":"e_1_3_2_1_32_1","unstructured":"Huagang Xie and et. al. Linux intrusion detection system (LIDS) project. http:\/\/www.lids.org\/.]]  Huagang Xie and et. al. Linux intrusion detection system (LIDS) project. http:\/\/www.lids.org\/.]]"},{"key":"e_1_3_2_1_33_1","first-page":"217","volume-title":"Proceedings of the IEEE Dependable Systems and Networks","author":"Zhu Ningning","year":"2003","unstructured":"Ningning Zhu and Tzi-Cker Chiueh . Design, implementation , and evaluation of repairable file service . In Proceedings of the IEEE Dependable Systems and Networks , pages 217 -- 226 , June 2003 .]] Ningning Zhu and Tzi-Cker Chiueh. Design, implementation, and evaluation of repairable file service. In Proceedings of the IEEE Dependable Systems and Networks, pages 217--226, June 2003.]]"}],"event":{"name":"SOSP05: ACM SIGOPS 20th Symposium on Operating Systems Principles 2005","location":"Brighton United Kingdom","acronym":"SOSP05","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the twentieth ACM symposium on Operating systems principles"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1095810.1095826","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1095810.1095826","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:08:27Z","timestamp":1750248507000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1095810.1095826"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,10,20]]},"references-count":31,"alternative-id":["10.1145\/1095810.1095826","10.1145\/1095810"],"URL":"https:\/\/doi.org\/10.1145\/1095810.1095826","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/1095809.1095826","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2005,10,20]]},"assertion":[{"value":"2005-10-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}