P. M. Chen and B. D. Noble, When Virtual Is Better Than Real, USENIX Workshop on Hot Topics in Operating Systems (HotOS), 2001.

T. Garfinkel and M. Rosenblum, A Virtual Machine Introspection Based Architecture for Intrusion Detection, ISOC Network and Distributed System Security Symposium (NDSS), 2003.

A. Dinaburg, P. Royal, M. Sharif, and W. Lee, Ether: Malware Analysis via Hardware Virtualization Extensions, ACM Conference on Computer and Communications Security (CCS), 2008.

Z. Gu, Z. Deng, D. Xu, and X. Jiang, Process Implanting: A New Active Introspection Framework for Virtualization, 2012.

S. Vogl, F. Kilic, C. Schneider, C. Eckert, and X. , International Conference on Network and System Security (NSS), 2013.

T. K. Lengyel, S. Maresca, B. D. Payne, G. D. Webster, S. Vogl et al., Kiayias, Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System, Annual Computer Security Applications Conference (ACSAC), 2014.

L. Litty, H. A. Lagar-cavilla, and D. Lie, Hypervisor Support for Identifying Covertly Executing Binaries, 2008.

T. Kittel, S. Vogl, T. K. Lengyel, J. Pfoh, and C. Eckert, Code Validation for Modern OS Kernels, Workshop on Malware Memory Forensics (MMF), 2014.

P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg et al., Spectre Attacks: Exploiting Speculative Execution

M. Lipp, M. Schwarz, T. Gruss, D. Prescher, W. Haas et al.,

M. Shockley, C. Maixner, R. Johnson, M. Deridder, and W. M. Petullo, Using VisorFlow to Control Information Flow without Modifying the Operating System Kernel or its Userspace, International Workshop on Managing Insider Security Threats, 2017.

Z. Deng, X. Zhang, and D. Xu, SPIDER: Stealthy Binary Program Instrumentation and Debugging via Hardware Virtualization, Annual Computer Security Applications Conference (ACSAC), 2013.

G. J. Popek and R. P. Goldberg, Formal Requirements for Virtualizable Third Generation Architectures, Communications of the ACM, vol.17, issue.7, pp.412-421, 1974.

C. Dall, J. Nieh, and K. Arm, International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2014.

J. Pfoh, C. Schneider, and C. Eckert, A Formal Model for Virtual Machine Introspection, Workshop on Virtual Machine Security, 2009.

J. Pfoh, C. Schneider, and C. Eckert, Nitro: Hardware-Based System Call Tracing for Virtual Machines, Advances in Information and Computer Security, 2011.

H. Shi, A. Alwabel, and J. Mirkovic, Cardinal Pill Testing of System Virtual Machines, USENIX Security Symposium, 2014.

T. Garfinkel, K. Adams, A. Warfield, and J. Franklin, Compatibility Is Not Transparency: VMM Detection Myths and Realities, 2007.

X. Chen, J. Andersen, Z. M. Mao, M. Bailey, and J. Nazario, Towards an Understanding of Anti-Virtualization and Anti-Debugging Behavior in Modern Malware, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2008.

N. Miramirkhani, M. P. Appini, N. Nikiforakis, and M. Polychronakis, Spotless sandboxes: Evading malware analysis systems using wear-and-tear artifacts, IEEE Symposium on Security and Privacy (S&P), 2017.
DOI : 10.1109/sp.2017.42

C. Domas, Breaking the x86 ISA

B. Jain, M. B. Baig, D. Zhang, D. E. Porter, and R. Sion, SoK: Introspections on Trust and the Semantic Gap, 2014.
DOI : 10.1109/sp.2014.45
URL : http://www.cs.stonybrook.edu/~porter/pubs/sok14.pdf

S. T. King, P. M. Chen, Y. Wang, C. Verbowski, H. J. Wang et al., SubVirt: Implementing Malware With Virtual Machines, 2006.
DOI : 10.1109/sp.2006.38

J. Rutkowska, Subverting VistaTM Kernel for Fun and Profit

D. A. Dai-zovi, Hardware Virtualization Rootkits

J. Rutkowska, A. Tereshkin, and . Isgameover,

F. M. David, E. M. Chan, J. C. Carlyle, and R. H. Campbell, Cloaker: Hardware Supported Rootkit Concealment, 2008.
DOI : 10.1109/sp.2008.8

N. Zhang, H. Sun, K. Sun, W. Lou, and Y. T. Hou, CacheKit: Evading Memory Introspection using Cache Incoherence, IEEE Symposium on Security and Privacy (S&P), 2016.
DOI : 10.1109/eurosp.2016.34

R. Buhren, J. Vetter, and J. Nordholz, The Threat of Virtualization: Hypervisor-Based Rootkits on the ARM Architecture, International Conference on Information and Communications Security (ICICS), 2016.

L. Martignoni, A. Fattori, R. Paleari, and L. Cavallaro, Live and Trustworthy Forensic Analysis of Commodity Production Systems, International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2010.