{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,24]],"date-time":"2025-10-24T16:37:24Z","timestamp":1761323844009,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,10,16]],"date-time":"2012-10-16T00:00:00Z","timestamp":1350345600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,10,16]]},"DOI":"10.1145\/2382196.2382202","type":"proceedings-article","created":{"date-parts":[[2012,10,15]],"date-time":"2012-10-15T17:13:12Z","timestamp":1350321192000},"page":"28-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":59,"title":["Vigilare"],"prefix":"10.1145","author":[{"given":"Hyungon","family":"Moon","sequence":"first","affiliation":[{"name":"Seoul National University, Seoul, South Korea"}]},{"given":"Hojoon","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science and Technology, Daejeon, South Korea"}]},{"given":"Jihoon","family":"Lee","sequence":"additional","affiliation":[{"name":"Seoul National University, Seoul, South Korea"}]},{"given":"Kihwan","family":"Kim","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science and Technology, Daejeon, South Korea"}]},{"given":"Yunheung","family":"Paek","sequence":"additional","affiliation":[{"name":"Seoul National University, Seoul, South Korea"}]},{"given":"Brent Byunghoon","family":"Kang","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA, USA"}]}],"member":"320","published-online":{"date-parts":[[2012,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Vmware : Vulnerability statistics. http:\/\/www.cvedetails.com\/vendor\/252\/Vmware.html.  Vmware : Vulnerability statistics. http:\/\/www.cvedetails.com\/vendor\/252\/Vmware.html."},{"key":"e_1_3_2_1_2_1","unstructured":"Vulnerability report: Vmware esx server 3.x. http:\/\/secunia.com\/advisories\/product\/10757.  Vulnerability report: Vmware esx server 3.x. http:\/\/secunia.com\/advisories\/product\/10757."},{"key":"e_1_3_2_1_3_1","unstructured":"Vulnerability report: Xen 3.x. http:\/\/secunia.com\/advisories\/product\/15863.  Vulnerability report: Xen 3.x. http:\/\/secunia.com\/advisories\/product\/15863."},{"key":"e_1_3_2_1_4_1","unstructured":"Xen : Security vulnerabilities. http:\/\/www.cvedetails.com\/vulnerability-list\/vendor_id-6276\/XEN.html.  Xen : Security vulnerabilities. http:\/\/www.cvedetails.com\/vulnerability-list\/vendor_id-6276\/XEN.html."},{"volume-title":"January","year":"2012","key":"e_1_3_2_1_5_1","unstructured":"Aeroflex Gaisle. GRLIB IP Core User's Manual , January 2012 . Aeroflex Gaisle. GRLIB IP Core User's Manual, January 2012."},{"key":"e_1_3_2_1_6_1","unstructured":"ARM Limited. AMBA#8482; Specification May 1999.  ARM Limited. AMBA#8482; Specification May 1999."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866313"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.29"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1734583.1734596"},{"key":"e_1_3_2_1_10_1","volume-title":"BlackHat USA","author":"Bulygin Y.","year":"2008","unstructured":"Y. Bulygin and D. Samyde . Chipset based approach to detect virtualization malware a.k.a. deepwatch . In BlackHat USA , 2008 . Y. Bulygin and D. Samyde. Chipset based approach to detect virtualization malware a.k.a. deepwatch. In BlackHat USA, 2008."},{"key":"e_1_3_2_1_11_1","unstructured":"D. Clarke G. E. Suh B. Gassend M. van Dijk and S. Devadas. Checking the integrity of a memory in a snooping-based symmetric multiprocessor (smp) system. Technical report MIT LCS memo-470 http:\/\/csg.csail.mit.edu\/pubs\/memos\/Memo-470\/smpMemoryMemo.pdf 2004.  D. Clarke G. E. Suh B. Gassend M. van Dijk and S. Devadas. Checking the integrity of a memory in a snooping-based symmetric multiprocessor (smp) system. Technical report MIT LCS memo-470 http:\/\/csg.csail.mit.edu\/pubs\/memos\/Memo-470\/smpMemoryMemo.pdf 2004."},{"key":"e_1_3_2_1_12_1","volume-title":"In Proceedings of the 7th CanSecWest conference","author":"Duflot L.","year":"2006","unstructured":"L. Duflot , D. Etiemble , and O. Grumelard . Using cpu system management mode to circumvent operating system security functions . In In Proceedings of the 7th CanSecWest conference , 2006 . L. Duflot, D. Etiemble, and O. Grumelard. Using cpu system management mode to circumvent operating system security functions. In In Proceedings of the 7th CanSecWest conference, 2006."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945464"},{"key":"e_1_3_2_1_14_1","volume-title":"Proc. Network and Distributed Systems Security Symposium","author":"Garfinkel T.","year":"2003","unstructured":"T. Garfinkel and M. Rosenblum . A virtual machine introspection based architecture for intrusion detection . In Proc. Network and Distributed Systems Security Symposium , February 2003 . T. Garfinkel and M. Rosenblum. A virtual machine introspection based architecture for intrusion detection. In Proc. Network and Distributed Systems Security Symposium, February 2003."},{"key":"e_1_3_2_1_15_1","volume-title":"Gaisler Research","author":"Hellstr\u00f6m D.","year":"2008","unstructured":"D. Hellstr\u00f6m . SnapGear Linux for LEON . Gaisler Research , November 2008 . D. Hellstr\u00f6m. SnapGear Linux for LEON. Gaisler Research, November 2008."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2000.904088"},{"key":"e_1_3_2_1_17_1","unstructured":"K. Kaneda. Tiny virtual machine monitor. http:\/\/www.yl.is.s.u-tokyo.ac.jp\/ kaneda\/tvmm\/.  K. Kaneda. Tiny virtual machine monitor. http:\/\/www.yl.is.s.u-tokyo.ac.jp\/ kaneda\/tvmm\/."},{"key":"e_1_3_2_1_18_1","first-page":"19","volume-title":"IEEE Computer Society Technical Committee on Computer Architecture (TCCA) Newsletter","author":"McCalpin J. D.","year":"1995","unstructured":"J. D. McCalpin . Memory bandwidth and machine balance in current high performance computers . IEEE Computer Society Technical Committee on Computer Architecture (TCCA) Newsletter , pages 19 -- 25 , Dec. 1995 . J. D. McCalpin. Memory bandwidth and machine balance in current high performance computers. IEEE Computer Society Technical Committee on Computer Architecture (TCCA) Newsletter, pages 19--25, Dec. 1995."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTSS.2008.43"},{"key":"e_1_3_2_1_20_1","first-page":"13","volume-title":"Proceedings of the 13th conference on USENIX Security Symposium -","volume":"13","author":"Petroni N. L.","year":"2004","unstructured":"N. L. Petroni , Jr., T. Fraser , J. Molina , and W. A. Arbaugh . Copilot - a coprocessor-based kernel runtime integrity monitor . In Proceedings of the 13th conference on USENIX Security Symposium - Volume 13 , SSYM'04, pages 13 -- 13 , Berkeley, CA, USA , 2004 . USENIX Association. N. L. Petroni, Jr., T. Fraser, J. Molina, and W. A. Arbaugh. Copilot - a coprocessor-based kernel runtime integrity monitor. In Proceedings of the 13th conference on USENIX Security Symposium - Volume 13, SSYM'04, pages 13--13, Berkeley, CA, USA, 2004. USENIX Association."},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the 15th conference on USENIX Security Symposium -","volume":"15","author":"Petroni N. L.","year":"2006","unstructured":"N. L. Petroni , Jr., T. Fraser , A. Walters , and W. A. Arbaugh . An architecture for specification-based detection of semantic integrity violations in kernel dynamic data . In Proceedings of the 15th conference on USENIX Security Symposium - Volume 15 , USENIX-SS'06, Berkeley, CA, USA , 2006 . USENIX Association. N. L. Petroni, Jr., T. Fraser, A. Walters, and W. A. Arbaugh. An architecture for specification-based detection of semantic integrity violations in kernel dynamic data. In Proceedings of the 15th conference on USENIX Security Symposium - Volume 15, USENIX-SS'06, Berkeley, CA, USA, 2006. USENIX Association."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315260"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1229285.1229313"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2009.116"},{"key":"e_1_3_2_1_25_1","unstructured":"R. Russell. Lguest: The simple x86 hypervisor. http:\/\/lguest.ozlabs.org\/.  R. Russell. Lguest: The simple x86 hypervisor. http:\/\/lguest.ozlabs.org\/."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"e_1_3_2_1_27_1","volume-title":"The SPARC Architecture Manual","author":"SPARC International Inc.","year":"1992","unstructured":"SPARC International Inc. The SPARC Architecture Manual , 1992 . SPARC International Inc. The SPARC Architecture Manual, 1992."},{"key":"e_1_3_2_1_28_1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"158","DOI":"10.1007\/978-3-642-15512-3_9","volume-title":"Recent Advances in Intrusion Detection","author":"Wang J.","year":"2010","unstructured":"J. Wang , A. Stavrou , and A. Ghosh . Hypercheck: A hardware-assisted integrity monitor . In S. Jha, R. Sommer, and C. Kreibich, editors, Recent Advances in Intrusion Detection , volume 6307 of Lecture Notes in Computer Science , pages 158 -- 177 . Springer Berlin \/ Heidelberg , 2010 . 10.1007\/978-3-642-15512-3-9. J. Wang, A. Stavrou, and A. Ghosh. Hypercheck: A hardware-assisted integrity monitor. In S. Jha, R. Sommer, and C. Kreibich, editors, Recent Advances in Intrusion Detection, volume 6307 of Lecture Notes in Computer Science, pages 158--177. Springer Berlin \/ Heidelberg, 2010. 10.1007\/978-3-642-15512-3-9."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.40"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133373.1133423"}],"event":{"name":"CCS'12: the ACM Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Raleigh North Carolina USA","acronym":"CCS'12"},"container-title":["Proceedings of the 2012 ACM conference on Computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2382196.2382202","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2382196.2382202","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:34:42Z","timestamp":1750239282000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2382196.2382202"}},"subtitle":["toward snoop-based kernel integrity monitor"],"short-title":[],"issued":{"date-parts":[[2012,10,16]]},"references-count":30,"alternative-id":["10.1145\/2382196.2382202","10.1145\/2382196"],"URL":"https:\/\/doi.org\/10.1145\/2382196.2382202","relation":{},"subject":[],"published":{"date-parts":[[2012,10,16]]},"assertion":[{"value":"2012-10-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}