|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
| ASCII Text | x | ||
| Kara Nance, Matt Bishop, Brian Hay, "Virtual Machine Introspection: Observation or Interference?," IEEE Security & Privacy, vol. 6, no. 5, pp. 32-37, September/October, 2008. | |||
| BibTex | x | ||
| @article{ 10.1109/MSP.2008.134, author = {Kara Nance and Matt Bishop and Brian Hay}, title = {Virtual Machine Introspection: Observation or Interference?}, journal ={IEEE Security & Privacy}, volume = {6}, number = {5}, issn = {1540-7993}, year = {2008}, pages = {32-37}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2008.134}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - MGZN JO - IEEE Security & Privacy TI - Virtual Machine Introspection: Observation or Interference? IS - 5 SN - 1540-7993 SP32 EP37 EPD - 32-37 A1 - Kara Nance, A1 - Matt Bishop, A1 - Brian Hay, PY - 2008 KW - virtual machine monitoring KW - virtual machine introspection KW - intrusion monitoring KW - attack analysis VL - 6 JA - IEEE Security & Privacy ER - | |||
1. T. Garfinkel and M. Rosenblum, "A Virtual Machine Introspection-Based Architecture for Intrusion Detection," Proc. 10th Symp. Network and Distributed System Security (NDSS 03), Internet Society, 2003, pp. 191–206.
2. IBM Systems Virtualization Version 2 Release 1, IBM Corp., 2005; publib.boulder.ibm.com/infocenter/eserver/v1r2/topic/eicay/eicay.pdf.
3. Understanding Full Virtualization, Paravirtualization, and Hardware Assist, white paper, VMware, 2007; www.vmware.com/files/pdfVMware_paravirtualization.pdf .
4. S. Jones, A. Arpaci-Dusseau, and R. Arpaci-Dusseau, "VMM-based Hidden Process Detection and Identification Using Lycosid," Proc. ACM Int'l Conf. Virtual Execution Environments (VEE 08), ACM Press, 2008, pp. 91–100.
5. L. Litty and D. Lie, "Manitou: A Layer-Below Approach to Fighting Malware," Proc. Workshop Architectural and System Support for Improving Software Dependability (ASID 06), ACM Press, 2006, pp. 6–11.
6. A. Whitaker et al., "Constructing Services with Interposable Virtual Hardware," Proc. 1st Symp. Networked Systems Design and Implementation (NSDI 04), Mar. 2004.
7. B. Payne et al., "Lares: An Architecture for Secure Active Monitoring Using Virtualization," Proc. IEEE Symp. Security and Privacy, IEEE CS Press, 2008, pp. 233–247.
8. S. Jones, A. Arpaci-Dusseau, and R. Arpaci-Dusseau, "AntFarm: Tracking Processes in a Virtual Machine Environment," Proc. Annual Usenix Tech. Conf., Usenix Assoc., 2008, pp. 1–14.
9. A. Joshi et al., "Detecting Past and Present Intrusions through Vulnerability-Specific Predicates," Proc. Symp. Operating System Principles (SOSP), 2005, pp. 91–104.
10. G.W. Dunlap et al., "ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay," Proc. 2002 Symp. OS Design and Implementation (OSDI 02), ACM Press, 2002, pp. 211–224.
11. S. King, G. Dunlap, and P. Chen, "Debugging Operating Systems with Time-Traveling Virtual Machines," Proc. Annual Usenix Tech. Conf., Usenix Assoc., 2005; www.usenix.org/events/usenix05/tech/general/ kingking.pdf.
12. B. Hay and K. Nance, "Forensics Examination of Volatile System Data Using Virtual Introspection," ACM Sigops OS Review, vol. 42, no. 3, 2008, pp. 74–82.
13. M. Pollitt et al., "Virtualization and Digital Forensics: A Research and Education Agenda," J. Digital Forensic Practice, vol. 2, no. 2, 2008, pp. 62–73.