{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T07:47:46Z","timestamp":1759132066292,"version":"3.41.0"},"reference-count":29,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"10","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Inf. &amp; Syst."],"published-print":{"date-parts":[[2017]]},"DOI":"10.1587\/transinf.2016inp0009","type":"journal-article","created":{"date-parts":[[2017,9,30]],"date-time":"2017-09-30T22:24:28Z","timestamp":1506810268000},"page":"2307-2318","source":"Crossref","is-referenced-by-count":4,"title":["Protecting Critical Files Using Target-Based Virtual Machine Introspection Approach"],"prefix":"10.1587","volume":"E100.D","author":[{"given":"Dongyang","family":"ZHAN","sequence":"first","affiliation":[{"name":"School of Computer Science Engineering, Harbin Institute of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lin","family":"YE","sequence":"additional","affiliation":[{"name":"School of Computer Science Engineering, Harbin Institute of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Binxing","family":"FANG","sequence":"additional","affiliation":[{"name":"School of Computer Science Engineering, Harbin Institute of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaojiang","family":"DU","sequence":"additional","affiliation":[{"name":"Department of Computer and Information Sciences, Temple University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhikai","family":"XU","sequence":"additional","affiliation":[{"name":"School of Computer Science Engineering, Harbin Institute of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"532","reference":[{"key":"1","doi-asserted-by":"crossref","unstructured":"[1] C.A. Adukkathayar, G.S. Krishnan, and G. Sasikumar, \u201cAdvanced integrity checking and recovery using write-protected storage for enhancing operating system security,\u201d Computer Science &amp; Education (ICCSE), 2015 10th International Conference on, pp.219-224, IEEE, 2015.","DOI":"10.1109\/ICCSE.2015.7250246"},{"key":"2","doi-asserted-by":"publisher","unstructured":"[2] J. Kaczmarek and M.R. Wrobel, \u201cOperating system security by integrity checking and recovery using write-protected storage,\u201d IET Information Security, vol.8, no.2, pp.122-131, 2014. 10.1049\/iet-ifs.2012.0346","DOI":"10.1049\/iet-ifs.2012.0346"},{"key":"3","doi-asserted-by":"crossref","unstructured":"[3] N.A. Quynh and Y. Takefuji, \u201cA real-time integrity monitor for xen virtual machine,\u201d Networking and Services, 2006. ICNS&apos;06. International conference on, p.90, IEEE, 2006. 10.1109\/icns.2006.13","DOI":"10.1109\/ICNS.2006.13"},{"key":"4","doi-asserted-by":"crossref","unstructured":"[4] Z.H. Abdullah, N.I. Udzir, R. Mahmod, and K. Samsudin, \u201cFile integrity monitor scheduling based on file security level classification,\u201d International Conference on Software Engineering and Computer Systems, vol.180, pp.177-189, Springer, 2011. 10.1007\/978-3-642-22191-0_16","DOI":"10.1007\/978-3-642-22191-0_16"},{"key":"5","unstructured":"[5] S. Gupta, A. Sardana, and P. Kumar, \u201cA light weight centralized file monitoring approach for securing files in cloud environment,\u201d 2012 International Conference for Internet Technology And Secured Transactions, pp.382-387, IEEE, 2012."},{"key":"6","doi-asserted-by":"crossref","unstructured":"[6] R.K. Ko, P. Jagadpramana, and B.S. Lee, \u201cFlogger: A file-centric logger for monitoring file access and transfers within cloud computing environments,\u201d 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp.765-771, IEEE, 2011. 10.1109\/trustcom.2011.100","DOI":"10.1109\/TrustCom.2011.100"},{"key":"7","doi-asserted-by":"publisher","unstructured":"[7] H. Jin, G. Xiang, D. Zou, F. Zhao, M. Li, and C. Yu, \u201cA guest-transparent file integrity monitoring method in virtualization environment,\u201d Comput. Math. Appl., vol.60, no.2, pp.256-266, 2010. 10.1016\/j.camwa.2010.01.007","DOI":"10.1016\/j.camwa.2010.01.007"},{"key":"8","doi-asserted-by":"crossref","unstructured":"[8] N.A. Quynh and Y. Takefuji, \u201cA novel approach for a file-system integrity monitor tool of xen virtual machine,\u201d Proceedings of the 2nd ACM symposium on Information, computer and communications security, pp.194-202, ACM, 2007. 10.1145\/1229285.1229313","DOI":"10.1145\/1229285.1229313"},{"key":"9","unstructured":"[9] N. Li, B. Li, J. Li, T. Wo, and J. Huai, \u201cvmon: an efficient out-of-vmprocess monitor for virtual machines,\u201d High Performance Computing and Communications &amp; 2013 IEEE International Conference on Embedded and Ubiquitous Computing (HPCC_EUC), 2013 IEEE 10th International Conference on, pp.1366-1373, IEEE, 2013."},{"key":"10","doi-asserted-by":"crossref","unstructured":"[10] F. Liu, H. Zhang, and H. Zhou, \u201cA xen-based secure virtual diskaccess-control method,\u201d 2010 International Conference on Multimedia Information Networking and Security. Nanjing, Jiangsu China: IEEE Computer Society, pp.375-378, 2010. 10.1109\/mines.2010.84","DOI":"10.1109\/MINES.2010.84"},{"key":"11","doi-asserted-by":"crossref","unstructured":"[11] J. Wang, M. Yu, B. Li, Z. Qi, and H. Guan, \u201cHypervisor-based protection of sensitive files in a compromised system,\u201d Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp.1765-1770, ACM, 2012. 10.1145\/2245276.2232063","DOI":"10.1145\/2245276.2232063"},{"key":"12","doi-asserted-by":"crossref","unstructured":"[12] D. Zhan, L. Ye, B. Fang, X. Du, and S. Su, \u201cCfwatcher: A novel target-based real-time approach to monitor critical files using vmi,\u201d Communications (ICC), 2016 IEEE International Conference on, pp.1-6, IEEE, 2016. 10.1109\/icc.2016.7511200","DOI":"10.1109\/ICC.2016.7511200"},{"key":"13","unstructured":"[13] T. Garfinkel and M. Rosenblum, \u201cA virtual machine introspection based architecture for intrusion detection,\u201d NDSS, pp.191-206, 2003."},{"key":"14","doi-asserted-by":"crossref","unstructured":"[14] J. Hizver and T.-c. Chiueh, \u201cReal-time deep virtual machine introspection and its applications,\u201d Proceedings of the 10th ACM SIGPLAN\/SIGOPS international conference on Virtual execution environments, pp.3-14, ACM, 2014. 10.1145\/2576195.2576196","DOI":"10.1145\/2576195.2576196"},{"key":"15","doi-asserted-by":"crossref","unstructured":"[15] B. Dolan-Gavitt, T. Leek, J. Hodosh, and W. Lee, \u201cTappan zee (north) bridge: mining memory accesses for introspection,\u201d Proceedings of the 2013 ACM SIGSAC conference on Computer &amp; communications security, pp.839-850, ACM, 2013.","DOI":"10.1145\/2508859.2516697"},{"key":"16","doi-asserted-by":"crossref","unstructured":"[16] H. wook Baek, A. Srivastava, and J. Van der Merwe, \u201cCloudvmi: Virtual machine introspection as a cloud service,\u201d Cloud Engineering (IC2E), 2014 IEEE International Conference on, pp.153-158, IEEE, 2014. 10.1109\/ic2e.2014.82","DOI":"10.1109\/IC2E.2014.82"},{"key":"17","unstructured":"[17] \u201cVfs,\u201d http:\/\/wiki.osdev.org\/VFS"},{"key":"18","unstructured":"[18] Intel Inc., \u201cIntel\u00ae 64 and ia-32 architectures software developer&apos;s manual,\u201d Volume 3A: System Programming Guide, Part, vol.1, p.64, 2013."},{"key":"19","unstructured":"[19] \u201cThe xen project,\u201d http:\/\/www.xenproject.org\/"},{"key":"20","unstructured":"[20] \u201cThe volatility foundation,\u201d http:\/\/www.volatilityfoundation.org\/"},{"key":"21","unstructured":"[21] \u201cSysenter.\u201d http:\/\/wiki.osdev.org\/SYSENTER"},{"key":"22","doi-asserted-by":"crossref","unstructured":"[22] Z. Deng, X. Zhang, and D. Xu, \u201cSpider: Stealthy binary program instrumentation and debugging via hardware virtualization,\u201d Proceedings of the 29th Annual Computer Security Applications Conference, pp.289-298, ACM, 2013. 10.1145\/2523649.2523675","DOI":"10.1145\/2523649.2523675"},{"key":"23","unstructured":"[23] \u201cPcmark7,\u201d https:\/\/www.futuremark.com\/benchmarks\/pcmark7"},{"key":"24","unstructured":"[24] \u201cBandwidth,\u201d http:\/\/zsmith.co\/bandwidth.html"},{"key":"25","doi-asserted-by":"crossref","unstructured":"[25] Y. Cheng, X. Fu, X. Du, B. Luo, and M. Guizani, \u201cA lightweight live memory forensic approach based on hardware virtualization,\u201d Elsevier Information Sciences, vol.379, pp.23-41, 2017.","DOI":"10.1016\/j.ins.2016.07.019"},{"key":"26","doi-asserted-by":"publisher","unstructured":"[26] X. Fu, X. Du, and B. Luo, \u201cData correlation-based analysis method for automatic memory forensics,\u201d Security and Communication Networks, vol.8, no.18, pp.4213-4226, Dec. 2015. DOI: 10.1002\/sec.1337","DOI":"10.1002\/sec.1337"},{"key":"27","doi-asserted-by":"crossref","unstructured":"[27] X. Du, M. Rozenblit, and M. Shayman, \u201cImplementation and performance analysis of SNMP on a TLS\/TCP base,\u201d Proc. 7th IFIP\/IEEE International Symposium on Integrated Network Management (IM 2001), pp.453-466, Seattle, WA, May 2001.","DOI":"10.1109\/INM.2001.918059"},{"key":"28","doi-asserted-by":"crossref","unstructured":"[28] Y. Xiao, H. H. Chen, X. Du, and M. Guizani, \u201cStream-based cipher feedback mode in wireless error channel,\u201d IEEE Transactions on Wireless Communications, vol.8, no.2, pp.662-666, Feb. 2009.","DOI":"10.1109\/TWC.2009.071278"},{"key":"29","unstructured":"[29] X. Yao, X. Han, X. Du, and X. Zhou, \u201cA lightweight multicast authentication mechanism for small scale IoT applications,\u201d IEEE Sensors Journal, vol.13, no.10, pp.3693-3701, Oct. 2013."}],"container-title":["IEICE Transactions on Information and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E100.D\/10\/E100.D_2016INP0009\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,25]],"date-time":"2025-06-25T23:37:11Z","timestamp":1750894631000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E100.D\/10\/E100.D_2016INP0009\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"references-count":29,"journal-issue":{"issue":"10","published-print":{"date-parts":[[2017]]}},"URL":"https:\/\/doi.org\/10.1587\/transinf.2016inp0009","relation":{},"ISSN":["0916-8532","1745-1361"],"issn-type":[{"type":"print","value":"0916-8532"},{"type":"electronic","value":"1745-1361"}],"subject":[],"published":{"date-parts":[[2017]]}}}