{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:34:46Z","timestamp":1763458486416,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":9,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,24]],"date-time":"2017-10-24T00:00:00Z","timestamp":1508803200000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1161541, 1318572, 1526102, and 1526707"],"award-info":[{"award-number":["1161541, 1318572, 1526102, and 1526707"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2989053","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T08:46:35Z","timestamp":1477385195000},"page":"1781-1783","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["POSTER"],"prefix":"10.1145","author":[{"given":"Chen","family":"Chen","sequence":"first","affiliation":[{"name":"Stony Brook Department of Computer Science, Stony Brook, NY, USA"}]},{"given":"Darius","family":"Suciu","sequence":"additional","affiliation":[{"name":"Stony Brook Department of Computer Science, Stony Brook, NY, USA"}]},{"given":"Radu","family":"Sion","sequence":"additional","affiliation":[{"name":"Stony Brook Department of Computer Science, Stony Brook, NY, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653729"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/2362793.2362835"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653730"},{"key":"e_1_3_2_1_4_1","first-page":"191","volume-title":"NDSS","volume":"3","author":"Garfinkel T.","year":"2003","unstructured":"T. Garfinkel, M. Rosenblum, et al. A virtual machine introspection based architecture for intrusion detection. In NDSS, volume 3, pages 191--206, 2003."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1961296.1950398"},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS'12)","author":"Lin Z.","year":"2012","unstructured":"Z. Lin, J. Rhee, C. Wu, X. Zhang, and D. Xu. Dimsum: Discovering semantic data of interest from un-mappable with confidence. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS'12), San Diego, CA, February 2012."},{"key":"e_1_3_2_1_7_1","volume-title":"NDSS","author":"Lin Z.","year":"2011","unstructured":"Z. Lin, J. Rhee, X. Zhang, D. Xu, and X. Jiang. Siggraph: Brute force scanning of kernel data structure instances using graph-based signatures. In NDSS, 2011."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496711.1496728"},{"key":"e_1_3_2_1_9_1","unstructured":"Wikipedia. Edit distance. Online at https:\/\/en.wikipedia.org\/wiki\/Editdistance."}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Vienna Austria","acronym":"CCS'16"},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2989053","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2989053","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2989053","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:26:48Z","timestamp":1763458008000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2989053"}},"subtitle":["KXRay: Introspecting the Kernel for Rootkit Timing Footprints"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":9,"alternative-id":["10.1145\/2976749.2989053","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2989053","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}