Lightweight Intrusion Detection of Rootkit with VMI-Based Driver Separation Mechanism

[1]  Davide Balzarotti,et al.  Hypervisor Memory Forensics , 2013, RAID.

[2]  Yangchun Fu,et al.  Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection , 2012, IEEE Symposium on Security and Privacy.

[3]  Christopher Krügel,et al.  A survey on automated dynamic malware-analysis techniques and tools , 2012, CSUR.

[4]  Xuxian Jiang,et al.  Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction , 2007, CCS '07.

[5]  Kahina Lazri,et al.  Engineering Intrusion Prevention Services for IaaS Clouds: The Way of the Hypervisor , 2013, 2013 IEEE Seventh International Symposium on Service-Oriented System Engineering.

[6]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[7]  Andrea C. Arpaci-Dusseau,et al.  Antfarm: Tracking Processes in a Virtual Machine Environment , 2006, USENIX Annual Technical Conference, General Track.

[8]  Radu Sion,et al.  SoK: Introspections on Trust and the Semantic Gap , 2014, 2014 IEEE Symposium on Security and Privacy.

[9]  Brian Hay,et al.  Forensics examination of volatile system data using virtual introspection , 2008, OPSR.

[10]  Sherali Zeadally,et al.  Virtualization: Issues, security threats, and solutions , 2013, CSUR.

[11]  Jonathon T. Giffin,et al.  2011 IEEE Symposium on Security and Privacy Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection , 2022 .

[12]  Ali A. Ghorbani,et al.  Research on Intrusion Detection and Response: A Survey , 2005, Int. J. Netw. Secur..