Baliga, A., Ganapathy, V., Iftode, L.: Detecting kernel-level rootkits using data structure invariants. IEEE Transactions on Dependable and Secure Computing 8, 670-684 (2011)
Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to RISC. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 27-38. ACM (2008)
Business Insider. Amazon's Cloud Crash Disaster Permanently Destroyed Many Customers' Data (2011), http://articles.businessinsider.com/2011-04-28/ tech/29958976 1 amazon-customer-customers-data-data-loss
Chiueh, T.C., Conover, M., Lu, M., Montague, B.: Stealthy deployment and execution of in-guest kernel agents. In: Proceedings of the Black Hat USA Security Conference (2009)
Criswell, J., Lenharth, A., Dhurjati, D., Adve, V.: Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In: SOSP 2007: Proceedings of the 21st ACM Symposium on Operating Systems Principles, pp. 351-366. ACM (2007)
Dewan, P., Durham, D., Khosravi, H., Long, M., Nagabhushan, G.: A hypervisor-based system for protecting software runtime memory and persistent storage. In: SpringSim 2008: Proceedings of the 2008 Spring Simulation Multiconference, pp. 828-835. Society for Computer Simulation International (2008)
Gadaleta, F., Younan, Y., Jacobs, B., Joosen, W., De Neve, E., Beosier, N.: Instruction-level countermeasures against stack-based buffer overflow attacks. In: Eurosys, pp. 7-12. ACM (2009)
Hund, R., Holz, T., Freiling, F.C.: Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms. In: SSYM 2009: Proceedings of the 18th Conference on USENIX Security Symposium, pp. 383-398. USENIX Association (2009)
Open Kernel labs. Why lmbench is evil?, http://www.ok-labs.com/blog/ entry/why-lmbench-is-evil/
Lee, Y.-C., Rahimi, S., Harvey, S.: A pre-kernel agent platform for security assurance. In: IEEE Symposium on Intelligent Agent (IA), pp. 1-7. IEEE (2011)
McVoy, L., Staelin, C.: LMbench: Portable tools for performance analysis. In: Proceedings of the 1996 Annual Conference on USENIX Annual Technical Conference, pp. 23-39. USENIX Association, Berkeley (1996)
Nikiforakis, N., Balduzzi, M., Van Acker, S., Joosen, W., Balzarotti, D.: Exposing the lack of privacy in file hosting services. In: Proceedings of the 4th USENIX conference on Large-Scale Exploits and Emergent Threats, LEET (2011)
Petroni Jr., N.L., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot - a coprocessor-based kernel runtime integrity monitor. In: Proceedings of the 13th USENIX Security Symposium, p. 13. USENIX Association (2004)
Riley, R., Jiang, X., Xu, D.: Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 1-20. Springer, Heidelberg (2008)
Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: Proceedings of Twenty-First ACM SIGOPS Symposium on Operating Systems Principles, pp. 335-350. ACM (2007)
Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: CCS 2007: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552-561. ACM (2007)
Shinagawa, T., Eiraku, H., Tanimoto, K., Omote, K., Hasegawa, S., Horie, T., Hirano, M., Kourai, K., Oyama, Y., Kawai, E., Kono, K., Chiba, S., Shinjo, Y., Kato, K.: BitVisor: a thin hypervisor for enforcing I/O device security. In: VEE 2009: Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, pp. 121-130. ACM (2009)
Wang, Z., Jiang, X., Cui, W., Ning, P.: Countering kernel rootkits with lightweight hook protection. In: CCS 2009: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 545-554. ACM (2009)
