New system security mechanisms for the cloud computing infrastructure
暂无分享,去创建一个
[1] Elaine Shi,et al. Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.
[2] Michael Norrish,et al. seL4: formal verification of an OS kernel , 2009, SOSP '09.
[3] Cliff Changchun Zou,et al. SMM rootkits: a new breed of OS independent malware , 2008, SecureComm.
[4] Samuel T. King,et al. Detecting past and present intrusions through vulnerability-specific predicates , 2005, SOSP '05.
[5] Ronald Perez,et al. Linking remote attestation to secure tunnel endpoints , 2006, STC '06.
[6] Marco Cesati,et al. Understanding the Linux Kernel, Third Edition , 2005 .
[7] Zhi Wang,et al. HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity , 2010, 2010 IEEE Symposium on Security and Privacy.
[8] Jiang Wang,et al. HyperCheck: A Hardware-AssistedIntegrity Monitor , 2014, IEEE Transactions on Dependable and Secure Computing.
[9] Jonathan M. McCune,et al. Efficient TCB Reduction and Attestation , 2009 .
[10] Jennifer Rexford,et al. NoHype: virtualized cloud infrastructure without the virtualization , 2010, ISCA.
[11] Stefan Berger,et al. Building a MAC-based security architecture for the Xen open-source hypervisor , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).
[12] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[13] Trent Jaeger,et al. Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.
[14] Hovav Shacham,et al. Return-oriented programming without returns , 2010, CCS '10.
[15] Robert J. Creasy,et al. The Origin of the VM/370 Time-Sharing System , 1981, IBM J. Res. Dev..
[16] Pradeep K. Khosla,et al. SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[17] Samuel T. King,et al. ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.
[18] Shirley M. Radack,et al. National Vulnerability Database: Helping Information Technology System Users and Developers Find Current Information about Cyber Security Vulnerabilities | NIST , 2005 .
[19] Jon Watson,et al. VirtualBox: bits and bytes masquerading as machines , 2008 .
[20] Sergey Bratus,et al. TOCTOU, Traps, and Trusted Computing , 2008, TRUST.
[21] Duflot,et al. Using CPU System Management Mode to Circumvent Operating System Security Functions , 2022 .
[22] Yongdae Kim,et al. Remote Software-Based Attestation for Wireless Sensors , 2005, ESAS.
[23] Kang G. Shin,et al. Using hypervisor to provide data secrecy for user applications on a per-page basis , 2008, VEE '08.
[24] Arati Baliga,et al. Automatic Inference and Enforcement of Kernel Data Structure Invariants , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).
[25] Kuniyasu Suzaki,et al. Xenprobus, a Lightweight User-Space Probing Framework for Xen Virtual Machine , 2007, USENIX Annual Technical Conference.
[26] Xuxian Jiang,et al. Towards a VMM-based usage control framework for OS kernel integrity protection , 2007, SACMAT '07.
[27] Andrea C. Arpaci-Dusseau,et al. Antfarm: Tracking Processes in a Virtual Machine Environment , 2006, USENIX Annual Technical Conference, General Track.
[28] Michael K. Reiter,et al. Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.
[29] Elaine Shi,et al. BIND: a fine-grained attestation service for secure distributed systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[30] Wenke Lee,et al. Secure and Flexible Monitoring of Virtual Machines , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).
[31] Hovav Shacham,et al. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.
[32] Michael K. Reiter,et al. Minimal TCB Code Execution (Extended Abstract) , 2007 .
[33] Brian Rogers,et al. SecureME: a hardware-software approach to full system security , 2011, ICS '11.
[34] Juan A. Garay,et al. Software integrity protection using timed executable agents , 2006, ASIACCS '06.
[35] Andrea C. Arpaci-Dusseau,et al. VMM-based hidden process detection and identification using Lycosid , 2008, VEE '08.
[36] Kang G. Shin,et al. Soft tamper-proofing via program integrity verification in wireless sensor networks , 2005, IEEE Transactions on Mobile Computing.
[37] Xuxian Jiang,et al. Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing , 2008, RAID.
[38] Peng Ning,et al. SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms , 2011, CCS '11.
[39] Wenke Lee,et al. Lares: An Architecture for Secure Active Monitoring Using Virtualization , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[40] Wenke Lee,et al. Secure in-VM monitoring using hardware virtualization , 2009, CCS.
[41] Xuxian Jiang,et al. Analyzing and improving Linux kernel memory protection: a model checking approach , 2010, ACSAC '10.
[42] William A. Arbaugh,et al. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor , 2004, USENIX Security Symposium.
[43] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.
[44] Stefan Berger,et al. vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.
[45] Trent Jaeger,et al. PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.
[46] Udo Steinberg,et al. NOVA: a microhypervisor-based secure virtualization architecture , 2010, EuroSys '10.
[47] Men Long,et al. A hypervisor-based system for protecting software runtime memory and persistent storage , 2008, SpringSim '08.
[48] Adrian Perrig,et al. SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes , 2007, SOSP.
[49] H. Peter Hofstee,et al. Cell Broadband Engine processor vault security architecture , 2007, IBM J. Res. Dev..
[50] Jennifer Rexford,et al. Eliminating the hypervisor attack surface for a more secure cloud , 2011, CCS '11.
[51] Shigeru Chiba,et al. HyperSpector: virtual distributed monitoring environments for secure intrusion detection , 2005, VEE '05.
[52] Tal Garfinkel,et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.
[53] Xiaoxin Chen,et al. Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.
[54] Zhi Wang,et al. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity , 2010, CCS '10.
[55] Xuxian Jiang,et al. "Out-of-the-Box" Monitoring of VM-Based High-Interaction Honeypots , 2007, RAID.
[56] Peng Ning,et al. HIMA: A Hypervisor-Based Integrity Measurement Agent , 2009, 2009 Annual Computer Security Applications Conference.
[57] Tal Garfinkel,et al. Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.
[58] Stefan Berger,et al. TVDc: managing security in the trusted virtual datacenter , 2008, OPSR.
[59] Adrian Perrig,et al. Lockdown: A Safe and Practical Environment for Security Applications (CMU-CyLab-09-011) , 2009 .
[60] Jun Xu,et al. Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.
[61] Xuxian Jiang,et al. Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction , 2007, CCS '07.
[62] Felix C. Freiling,et al. Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms , 2009, USENIX Security Symposium.
[63] Peng Ning,et al. Remote attestation to dynamic system properties: Towards providing complete system integrity evidence , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.
[64] José Carlos Brustoloni,et al. Uclinux: a linux security module for trusted-computing-based usage controls enforcement , 2007, STC '07.
[65] Michael W. Hicks,et al. Automated detection of persistent kernel control-flow attacks , 2007, CCS '07.
[66] Abhinav Srivastava,et al. Robust signatures for kernel data structures , 2009, CCS.
[67] David Lie,et al. Hypervisor Support for Identifying Covertly Executing Binaries , 2008, USENIX Security Symposium.