{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:14:30Z","timestamp":1763507670852,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,11,3]],"date-time":"2014-11-03T00:00:00Z","timestamp":1414972800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100004358","name":"Samsung","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100004358","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003052","name":"Ministry of Trade, Industry and Energy","doi-asserted-by":"publisher","award":["HB609-12-3002"],"award-info":[{"award-number":["HB609-12-3002"]}],"id":[{"id":"10.13039\/501100003052","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,11,3]]},"DOI":"10.1145\/2660267.2660303","type":"proceedings-article","created":{"date-parts":[[2014,11,11]],"date-time":"2014-11-11T13:40:05Z","timestamp":1415713205000},"page":"167-178","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":26,"title":["ATRA"],"prefix":"10.1145","author":[{"given":"Daehee","family":"Jang","sequence":"first","affiliation":[{"name":"Korea Advanced Institute of Science & Technology, Daejeon, South Korea"}]},{"given":"Hojoon","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science & Technology, Daejeon, South Korea"}]},{"given":"Minsu","family":"Kim","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science & Technology, Daejeon, South Korea"}]},{"given":"Daehyeok","family":"Kim","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science & Technology, Daejeon, South Korea"}]},{"given":"Daegyeong","family":"Kim","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science & Technology, Daejeon, South Korea"}]},{"given":"Brent Byunghoon","family":"Kang","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science & Technology, Daejeon, South Korea"}]}],"member":"320","published-online":{"date-parts":[[2014,11,3]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_3_2_1_1_1","DOI":"10.1145\/1653662.1653728"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_2_1","DOI":"10.1109\/SP.2008.24"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_3_1","DOI":"10.1145\/1950365.1950398"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_4_1","DOI":"10.1145\/1294261.1294294"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_5_1","DOI":"10.1145\/1315245.1315260"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_6_1","DOI":"10.1145\/1315245.1315262"},{"key":"e_1_3_2_1_7_1","first-page":"13","volume-title":"SSYM'04","author":"Petroni N. L.","unstructured":"N. L. Petroni , Jr., T. Fraser , J. Molina , and W. A. Arbaugh , \" Copilot - A coprocessor-based kernel runtime integrity monitor,\" in Proceedings of the 13th conference on USENIX Security Symposium - Volume 13, ser . SSYM'04 . Berkeley, CA, USA: USENIX Association , pp. 13 -- 13 . N. L. Petroni, Jr., T. Fraser, J. Molina, and W. A. Arbaugh, \"Copilot - A coprocessor-based kernel runtime integrity monitor,\" in Proceedings of the 13th conference on USENIX Security Symposium - Volume 13, ser. SSYM'04. Berkeley, CA, USA: USENIX Association, pp. 13--13."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_8_1","DOI":"10.1145\/2382196.2382202"},{"key":"e_1_3_2_1_9_1","first-page":"511","volume-title":"SEC'13","author":"Lee H.","year":"2013","unstructured":"H. Lee , H. Moon , D. Jang , K. Kim , J. Lee , Y. Paek , and B. B. Kang , \" Ki-mon: a hardware-assisted event-triggered monitoring platform for mutable kernel object,\" in Proceedings of the 22nd USENIX conference on Security, ser . SEC'13 , 2013 , pp. 511 -- 526 . H. Lee, H. Moon, D. Jang, K. Kim, J. Lee, Y. Paek, and B. B. Kang, \"Ki-mon: a hardware-assisted event-triggered monitoring platform for mutable kernel object,\" in Proceedings of the 22nd USENIX conference on Security, ser. SEC'13, 2013, pp. 511--526."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_10_1","DOI":"10.1145\/2485922.2485956"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_11_1","DOI":"10.1109\/TIFS.2013.2266095"},{"unstructured":"A. T. Rafal Wojtczuk Joanna Rutkowska. Xen 0wning trilogy.  A. T. Rafal Wojtczuk Joanna Rutkowska. Xen 0wning trilogy.","key":"e_1_3_2_1_12_1"},{"unstructured":"Xen: Security vulnerabilities. {Online}. Available: http:\/\/www. cvedetails.com\/vulnerability-list\/vendorn id-6276\/XEN.html  Xen: Security vulnerabilities. {Online}. Available: http:\/\/www. cvedetails.com\/vulnerability-list\/vendorn id-6276\/XEN.html","key":"e_1_3_2_1_13_1"},{"unstructured":"Vmware: Vulnerability statistics. {Online}. Available: http:\/\/www.cvedetails.com\/vendor\/252\/Vmware.html  Vmware: Vulnerability statistics. {Online}. Available: http:\/\/www.cvedetails.com\/vendor\/252\/Vmware.html","key":"e_1_3_2_1_14_1"},{"unstructured":"Vulnerability report: Xen 3.x. {Online}. Available: http:\/\/secunia.com\/advisories\/product\/15863  Vulnerability report: Xen 3.x. {Online}. Available: http:\/\/secunia.com\/advisories\/product\/15863","key":"e_1_3_2_1_15_1"},{"unstructured":"Vulnerability report: Vmware esx server 3.x.  Vulnerability report: Vmware esx server 3.x.","key":"e_1_3_2_1_16_1"},{"key":"e_1_3_2_1_17_1","series-title":"Lecture Notes in Computer Science","first-page":"158","volume-title":"Hypercheck: A hardware-assisted integrity monitor,\" in Recent Advances in Intrusion Detection","author":"Wang J.","unstructured":"J. Wang , A. Stavrou , and A. Ghosh , \" Hypercheck: A hardware-assisted integrity monitor,\" in Recent Advances in Intrusion Detection , ser. Lecture Notes in Computer Science , S. Jha, R. Sommer, and C. Kreibich, Eds. Springer Berlin , Heidelberg , pp. 158 -- 177 , 10.1007\/978--3--642--15512--3--9. J. Wang, A. Stavrou, and A. Ghosh, \"Hypercheck: A hardware-assisted integrity monitor,\" in Recent Advances in Intrusion Detection, ser. Lecture Notes in Computer Science, S. Jha, R. Sommer, and C. Kreibich, Eds. Springer Berlin, Heidelberg, pp. 158--177, 10.1007\/978--3--642--15512--3--9."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_18_1","DOI":"10.1109\/DSNW.2011.5958816"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1145\/1653662.1653720"},{"unstructured":"J. D. McCalpin \"Memory bandwidth and machine balance in current high performance computers \" IEEE Computer Society Technical Committee on Computer Architecture (TCCA) Newsletter pp. 19--25 Dec. 1995.  J. D. McCalpin \"Memory bandwidth and machine balance in current high performance computers \" IEEE Computer Society Technical Committee on Computer Architecture (TCCA) Newsletter pp. 19--25 Dec. 1995.","key":"e_1_3_2_1_20_1"},{"unstructured":"Byte-unixbench: A unix benchmark suite. {Online}. Available: http:\/\/code.google.com\/p\/byte-unixbench\/  Byte-unixbench: A unix benchmark suite. {Online}. Available: http:\/\/code.google.com\/p\/byte-unixbench\/","key":"e_1_3_2_1_21_1"},{"unstructured":"Intel 64 and IA-32 Architectures Software Developer's Manual INTEL Aug 2012.  Intel 64 and IA-32 Architectures Software Developer's Manual INTEL Aug 2012.","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","volume-title":"Understanding the Linux Kernel","author":"Bovet D. P.","year":"2002","unstructured":"D. P. Bovet and M. Cesati , Understanding the Linux Kernel , 2 nd ed. O'Reilly and Associates , Dec. 2002 . D. P. Bovet and M. Cesati, Understanding the Linux Kernel, 2nd ed. O'Reilly and Associates, Dec. 2002.","edition":"2"},{"unstructured":"Idt hooking. {Online}. Available: http:\/\/resources.infosecinstitute.com\/hooking-idt\/  Idt hooking. {Online}. Available: http:\/\/resources.infosecinstitute.com\/hooking-idt\/","key":"e_1_3_2_1_24_1"},{"unstructured":"The lxr project. {Online}. Available: http:\/\/lxr.sourceforge.net\/en\/index.shtml  The lxr project. {Online}. Available: http:\/\/lxr.sourceforge.net\/en\/index.shtml","key":"e_1_3_2_1_25_1"},{"unstructured":"Stealth. the adore rootkit version 0.42. {Online}. Available: http:\/\/teso.scene.at\/releases.php  Stealth. the adore rootkit version 0.42. {Online}. Available: http:\/\/teso.scene.at\/releases.php","key":"e_1_3_2_1_26_1"},{"unstructured":"System calls and rootkits. {Online}. Available: http:\/\/lwn.net\/Articles\/297500\/  System calls and rootkits. {Online}. Available: http:\/\/lwn.net\/Articles\/297500\/","key":"e_1_3_2_1_27_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_28_1","DOI":"10.1109\/SP.2011.11"},{"key":"e_1_3_2_1_29_1","first-page":"178","volume-title":"RAID'10","author":"Rhee J.","year":"2010","unstructured":"J. Rhee , R. Riley , D. Xu , and X. Jiang , \" Kernel malware analysis with un-tampered and temporal views of dynamic kernel memory,\" in Proceedings of the 13th international conference on Recent advances in intrusion detection, ser . RAID'10 , 2010 , pp. 178 -- 197 . J. Rhee, R. Riley, D. Xu, and X. Jiang, \"Kernel malware analysis with un-tampered and temporal views of dynamic kernel memory,\" in Proceedings of the 13th international conference on Recent advances in intrusion detection, ser. RAID'10, 2010, pp. 178--197."},{"key":"e_1_3_2_1_30_1","first-page":"385","volume-title":"ACSAC 2007","author":"Payne B.","year":"2007","unstructured":"B. Payne , M. de Carbone , and W. Lee , \" Secure and flexible monitoring of virtual machines,\" in Computer Security Applications Conference, 2007 . ACSAC 2007 . Twenty-Third Annual , 2007 , pp. 385 -- 397 . B. Payne, M. de Carbone, and W. Lee, \"Secure and flexible monitoring of virtual machines,\" in Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, 2007, pp. 385--397."},{"key":"e_1_3_2_1_31_1","volume-title":"NDSS '09","author":"Lanzi A.","year":"2009","unstructured":"A. Lanzi , M. I. Sharif , and W. Lee , \" K-tracer: A system for extracting kernel malware behavior.\" in 16th Symposium on Network and Distributed System Security, ser . NDSS '09 , 2009 . A. Lanzi, M. I. Sharif, and W. Lee, \"K-tracer: A system for extracting kernel malware behavior.\" in 16th Symposium on Network and Distributed System Security, ser. NDSS '09, 2009."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_32_1","DOI":"10.1109\/SP.2012.40"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_33_1","DOI":"10.1145\/2420950.2421012"},{"key":"e_1_3_2_1_34_1","first-page":"162","volume-title":"Transparent protection of commodity os kernels using hardware virtualization,\" in Security and Privacy in Communication Networks","author":"Grace M.","year":"2010","unstructured":"M. Grace , Z. Wang , D. Srinivasan , J. Li , X. Jiang , Z. Liang , and S. Liakh , \" Transparent protection of commodity os kernels using hardware virtualization,\" in Security and Privacy in Communication Networks . Springer , 2010 , pp. 162 -- 180 . M. Grace, Z. Wang, D. Srinivasan, J. Li, X. Jiang, Z. Liang, and S. Liakh, \"Transparent protection of commodity os kernels using hardware virtualization,\" in Security and Privacy in Communication Networks. Springer, 2010, pp. 162--180."}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"CCS'14","name":"CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security","location":"Scottsdale Arizona USA"},"container-title":["Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2660267.2660303","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2660267.2660303","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:56:10Z","timestamp":1750229770000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2660267.2660303"}},"subtitle":["Address Translation Redirection Attack against Hardware-based External Monitors"],"short-title":[],"issued":{"date-parts":[[2014,11,3]]},"references-count":34,"alternative-id":["10.1145\/2660267.2660303","10.1145\/2660267"],"URL":"https:\/\/doi.org\/10.1145\/2660267.2660303","relation":{},"subject":[],"published":{"date-parts":[[2014,11,3]]},"assertion":[{"value":"2014-11-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}