Detecting kernel-level rootkits using data structure invariants. Dependable and Secure Computing, IEEE Transactions on, vol.8, pp.670-684, 2011. ,
DOI : 10.1109/tdsc.2010.38
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.295.1576
When good instructions go bad, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.27-38, 2008. ,
DOI : 10.1145/1455770.1455776
Stealthy deployment and execution of in-guest kernel agents, Proceedings of the Black Hat USA Security Conference, 2009. ,
Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems, SOSP'07: Proceedings of the 21st ACM Symposium on Operating Systems Principles, pp.351-366, 2007. ,
DOI : 10.1145/1323293.1294295
A hypervisor-based system for protecting software runtime memory and persistent storage, SpringSim '08: Proceedings of the 2008 Spring simulation multiconference, pp.828-835, 2008. ,
Hello rootKitty: A Lightweight Invariance-Enforcing Framework, ISC, pp.213-228, 2011. ,
DOI : 10.1007/978-3-642-14215-4_1
URL : http://arxiv.org/abs/1405.5651
Instruction-level countermeasures against stack-based buffer overflow attacks, Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems, VDTS '09, pp.7-12, 2009. ,
DOI : 10.1145/1518684.1518686
URL : https://lirias.kuleuven.be/bitstream/123456789/229982/1/qemu_retaddr_countm.pdf
Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms, SSYM'09: Proceedings of the 18th conference on USENIX security symposium, pp.383-398, 2009. ,
A Pre-Kernel Agent Platform for security assurance, 2011 IEEE Symposium on Intelligent Agent (IA), pp.1-7, 2011. ,
DOI : 10.1109/IA.2011.5953619
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.208.4407
LMbench: Portable tools for performance analysis, Proceedings of the 1996 annual conference on USENIX Annual Technical Conference, pp.23-39, 1996. ,
Exposing the lack of privacy in file hosting services, Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats (LEET), 2011. ,
Copilot -a coprocessor-based kernel runtime integrity monitor, Proceedings of the 13th USENIX Security Symposium, pp.13-13, 2004. ,
Architecture Specification ,
Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing, RAID '08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pp.48-67, 2008. ,
DOI : 10.1007/978-3-540-87403-4_1
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes, Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, pp.335-350, 2007. ,
The geometry of innocent flesh on the bone, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, pp.552-561, 2007. ,
DOI : 10.1145/1315245.1315313
BitVisor, Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, VEE '09, pp.121-130, 2009. ,
DOI : 10.1145/1508293.1508311
Countering kernel rootkits with lightweight hook protection, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.545-554, 2009. ,
DOI : 10.1145/1653662.1653728
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.147.9928
HookScout: Proactive binary-centric hook detection, Detection of Intrusions and Malware, and Vulnerability Assessment, pp.1-20, 2010. ,