Securing virtualization: techniques and applications
暂无分享,去创建一个
[1] Trent Jaeger,et al. PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.
[2] Dawson R. Engler,et al. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.
[3] Pradeep K. Khosla,et al. SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[4] Zhi Wang,et al. Defeating return-oriented rootkits with "Return-Less" kernels , 2010, EuroSys '10.
[5] Zhi Wang,et al. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity , 2010, CCS '10.
[6] Elaine Shi,et al. BIND: a fine-grained attestation service for secure distributed systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[7] Christopher Krügel,et al. Exploring Multiple Execution Paths for Malware Analysis , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[8] Robert Wahbe,et al. Efficient software-based fault isolation , 1994, SOSP '93.
[9] Somesh Jha,et al. The design and implementation of microdrivers , 2008, ASPLOS.
[10] Alfred V. Aho,et al. Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.
[11] Xi Wang,et al. Software fault isolation with API integrity and multi-principal modules , 2011, SOSP.
[12] Abhinav Srivastava,et al. Efficient Monitoring of Untrusted Kernel-Mode Execution , 2011, NDSS.
[13] A. Kivity,et al. kvm : the Linux Virtual Machine Monitor , 2007 .
[14] Robert N. M. Watson,et al. Capsicum: Practical Capabilities for UNIX , 2010, USENIX Security Symposium.
[15] Jennifer Rexford,et al. Eliminating the hypervisor attack surface for a more secure cloud , 2011, CCS '11.
[16] Brian N. Bershad,et al. Improving the reliability of commodity operating systems , 2005, TOCS.
[17] RICHARD J. FEIERTAG,et al. The foundations of a provably secure operating system (PSOS) , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).
[18] Yi-Min Wang,et al. Detecting stealth software with Strider GhostBuster , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[19] Xuxian Jiang,et al. Mapping kernel objects to enable systematic integrity checking , 2009, CCS.
[20] Zhenkai Liang,et al. HookFinder: Identifying and Understanding Malware Hooking Behaviors , 2008, NDSS.
[21] Elaine Shi,et al. Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.
[22] Shigeru Chiba,et al. BitVisor: a thin hypervisor for enforcing i/o device security , 2009, VEE '09.
[23] Xuxian Jiang,et al. Countering kernel rootkits with lightweight hook protection , 2009, CCS.
[24] Xuxian Jiang,et al. Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction , 2007, CCS '07.
[25] William A. Arbaugh,et al. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor , 2004, USENIX Security Symposium.
[26] David Lie,et al. Hypervisor Support for Identifying Covertly Executing Binaries , 2008, USENIX Security Symposium.
[27] Helen J. Wang,et al. SubVirt: implementing malware with virtual machines , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).
[28] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[29] Tal Garfinkel,et al. VMwareDecoupling Dynamic Program Analysis from Execution in Virtual Environments , 2008, USENIX Annual Technical Conference.
[30] Niels Provos,et al. Improving Host Security with System Call Policies , 2003, USENIX Security Symposium.
[31] Alexander Aiken,et al. A theory of type qualifiers , 1999, PLDI '99.
[32] Michael Norrish,et al. seL4: formal verification of an OS kernel , 2009, SOSP '09.
[33] Rusty Russell,et al. virtio: towards a de-facto standard for virtual I/O devices , 2008, OPSR.
[34] Tal Garfinkel,et al. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools , 2003, NDSS.
[35] Stephen McCamant,et al. Evaluating SFI for a CISC Architecture , 2006, USENIX Security Symposium.
[36] Bryan Ford,et al. Vx32: Lightweight User-level Sandboxing on the x86 , 2008, USENIX Annual Technical Conference.
[37] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.
[38] Lars Ole Andersen,et al. Program Analysis and Specialization for the C Programming Language , 2005 .
[39] Wenke Lee,et al. Secure in-VM monitoring using hardware virtualization , 2009, CCS.
[40] Scott A. Rotondo. Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.
[41] Wenke Lee,et al. Lares: An Architecture for Secure Active Monitoring Using Virtualization , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[42] Felix C. Freiling,et al. Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms , 2009, USENIX Security Symposium.
[43] Tal Garfinkel,et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.
[44] Michael W. Hicks,et al. Automated detection of persistent kernel control-flow attacks , 2007, CCS '07.
[45] Andrew Warfield,et al. Xen and the art of virtualization , 2003, SOSP '03.
[46] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[47] Zhi Wang,et al. Countering Persistent Kernel Rootkits through Systematic Hook Discovery , 2008, RAID.
[48] Ben Hardekopf,et al. Semi-sparse flow-sensitive pointer analysis , 2009, POPL '09.
[49] Jiang Wang,et al. HyperCheck: A Hardware-AssistedIntegrity Monitor , 2014, IEEE Transactions on Dependable and Secure Computing.
[50] Udo Steinberg,et al. NOVA: a microhypervisor-based secure virtualization architecture , 2010, EuroSys '10.
[51] Adrian Perrig,et al. SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes , 2007, SOSP.
[52] Gernot Heiser,et al. Hype and Virtue , 2007, HotOS.
[53] Dawson R. Engler,et al. Bugs as deviant behavior: a general approach to inferring errors in systems code , 2001, SOSP.
[54] Heng Yin,et al. Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.
[55] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[56] Silas Boyd-Wickizer,et al. Tolerating Malicious Device Drivers in Linux , 2010, USENIX Annual Technical Conference.
[57] Xuxian Jiang,et al. Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing , 2008, RAID.
[58] Jun Zhu,et al. Breaking up is hard to do: security and functionality in a commodity hypervisor , 2011, SOSP.
[59] Mark A. Hillebrand,et al. Balancing the Load , 2009, Journal of Automated Reasoning.
[60] Donghai Tian,et al. Practical Protection of Kernel Integrity for Commodity OS from Untrusted Extensions , 2011, NDSS.
[61] Steven Hand,et al. Improving Xen security through disaggregation , 2008, VEE '08.
[62] William A. Arbaugh,et al. An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data , 2006, USENIX Security Symposium.
[63] Martín Abadi,et al. XFI: software guards for system address spaces , 2006, OSDI '06.
[64] Michael K. Reiter,et al. Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.
[65] John Wilander,et al. A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention , 2003, NDSS.
[66] Emin Gün Sirer,et al. Device Driver Safety Through a Reference Validation Mechanism , 2008, OSDI.
[67] Wenke Lee,et al. K-Tracer: A System for Extracting Kernel Malware Behavior , 2009, NDSS.
[68] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.
[69] Alexander Aiken,et al. Verifying the Safety of User Pointer Dereferences , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[70] Zhi Wang,et al. HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity , 2010, 2010 IEEE Symposium on Security and Privacy.
[71] Adam Lackorzynski,et al. Virtual machines jailed: virtualization in systems with small trusted computing bases , 2009, VDTS '09.
[72] Ondrej Lhoták,et al. Points-to analysis using BDDs , 2003, PLDI '03.
[73] Miguel Castro,et al. Preventing Memory Error Exploits with WIT , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[74] Xuxian Jiang,et al. Multi-aspect profiling of kernel rootkit behavior , 2009, EuroSys '09.
[75] Muli Ben-Yehuda,et al. The Turtles Project: Design and Implementation of Nested Virtualization , 2010, OSDI.
[76] Neha Narula,et al. Native Client: A Sandbox for Portable, Untrusted x86 Native Code , 2009, IEEE Symposium on Security and Privacy.
[77] Trent Jaeger,et al. Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.
[78] Galen C. Hunt,et al. Detours: binary interception of Win32 functions , 1999 .