. Kvm, Online; accessed 20-Feb, 2017.

D. Balzarotti, R. D. Pietro, and A. Villani, The impact of GPU-assisted malware on memory forensics: A??case study, Digital Investigation, vol.14, issue.S1, pp.16-24, 2015.
DOI : 10.1016/j.diin.2015.05.010

R. Battistoni, E. Gabrielli, and L. V. Mancini, A Host Intrusion Prevention System for Windows Operating Systems, pp.352-368, 2004.
DOI : 10.1007/978-3-540-30108-0_22
URL : http://craigchamberlain.com/library/insider/A Host Intrusion Prevention System for Windows Operating Systems.pdf

Z. Deng, X. Zhang, and D. Xu, SPIDER, Proceedings of the 29th Annual Computer Security Applications Conference on, ACSAC '13
DOI : 10.1145/2523649.2523675

A. Conf, ACSAC '13, pp.289-298

R. , D. Pietro, F. Lombardi, and A. Villani, CUDA Leaks: A Detailed Hack for CUDA and a (Partial) Fix, ACM Trans. Embed. Comput. Syst, vol.1515, issue.1, pp.1-1525, 2016.

D. Pietro and L. V. Mancini, Intrusion Detection Systems, 2008.

Y. Gu and Z. Lin, Derandomizing Kernel Address Space Layout for Memory Introspection and Forensics, Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, CODASPY '16, pp.62-72, 2016.
DOI : 10.1007/978-3-319-26362-5_25

C. B. Harrison, ODinn: An In-Vivo Hypervisor-based Intrusion Detection System for the Cloud, 2014.

Y. Hebbal, S. Laniepce, and J. Menaud, Virtual Machine Introspection: Techniques and Applications, 2015 10th International Conference on Availability, Reliability and Security, pp.676-685, 2015.
DOI : 10.1109/ARES.2015.43
URL : https://hal.archives-ouvertes.fr/hal-01165285

A. Henderson, A. Prakash, L. K. Yan, X. Hu, X. Wang et al., Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform, Proceedings of the 2014 International Symposium on Software Testing and Analysis, ISSTA 2014, pp.248-258, 2014.
DOI : 10.1145/2610384.2610407

J. Hizver and T. Chiueh, Real-time deep virtual machine introspection and its applications, ACM SIGPLAN Notices, vol.49, issue.7, pp.3-14, 2014.
DOI : 10.1145/2674025.2576196

G. Hoglund and J. Butler, Rootkits: Subverting the Windows Kernel, 2005.

A. Ionescu, How control flow guard drastically caused windows 8.1 address space and behavior changes, 2017.

J. D. Kornblum, Exploiting the rootkit paradox with windows memory analysis, International Journal of Digital Evidence, vol.5, issue.1, 2006.

T. K. Lengyel, S. Maresca, B. D. Payne, G. D. Webster, S. Vogl et al., Scalability, fidelity and stealth in the DRAKVUF dynamic malware analysis system, Proceedings of the 30th Annual Computer Security Applications Conference on, ACSAC '14, 2014.
DOI : 10.1007/978-3-642-38631-2_15

F. Lombardi and R. D. Pietro, Secure virtualization for cloud computing, Journal of Network and Computer Applications, vol.34, issue.4, pp.1113-1122, 2011.
DOI : 10.1016/j.jnca.2010.06.008

C. Mahapatra and S. Selvakumar, An online cross view difference and behavior based kernel rootkit detector, ACM SIGSOFT Software Engineering Notes, vol.36, issue.4, pp.1-9, 2011.
DOI : 10.1145/1988997.1989022

D. Mulfari, A. Celesti, A. Puliafito, and M. Villari, How cloud computing can support on-demand assistive services, Proceedings of the 10th International Cross-Disciplinary Conference on Web Accessibility, W4A '13, pp.1-27, 2013.
DOI : 10.1145/2461121.2461140

O. Corp, Oracle vm virtualbox programming guide and referenceOnline; accessed 20-Feb, 2017.

J. Rutkowska, Beyond the CPU: Defeating Hardware-based RAM acquisition, Black Hat Briefings, 2006.

M. Tech, Intercepting all system calls by hooking kifastsystemcall. http://www. malwaretech.com/2015/04/intercepting-all-system-calls-by.html, 2015.

M. Technet, What's changed in security technologies in windows 8.1. https: //technet.microsoft.com/it-it/library/dn344918.aspx, jul 2013, 2017.

W. Tsaur and L. Yeh, Identifying rootkit infections using a new windows hiddendriver-based rootkit, International Conference on Security and Management, pp.16-19, 2012.
DOI : 10.1109/socialcom.2010.127

S. Vömel and F. C. Freiling, Correctness, atomicity, and integrity: Defining criteria for forensically-sound memory acquisition, Digital Investigation, pp.125-137, 2012.
DOI : 10.1016/j.diin.2012.04.005

T. Y. Win, H. Tianfield, Q. Mair, T. A. Said, and O. F. Rana, Virtual Machine Introspection, Proceedings of the 7th International Conference on Security of Information and Networks, SIN '14, pp.405-405, 2014.
DOI : 10.1007/978-3-642-38631-2_13

J. Wyke, What is Zeus?, 2011.

F. Zhang, K. Leach, K. Sun, and A. Stavrou, SPECTRE: A dependable introspection framework via System Management Mode, 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp.1-12, 2013.
DOI : 10.1109/DSN.2013.6575343
URL : http://cs.gmu.edu/~astavrou/research/spectre-dsn13.pdf

N. Zhang, K. Sun, W. Lou, Y. T. Hou, and S. Jajodia, Now You See Me, Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15, pp.321-331, 2015.
DOI : 10.1145/2103799.2103815

X. Zhong, C. Xiang, M. Yu, Z. Qi, and H. Guan, A Virtualization Based Monitoring System for Mini-intrusive Live Forensics, International Journal of Parallel Programming, vol.1, issue.3, pp.455-471, 2015.
DOI : 10.1016/j.diin.2003.12.001