A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf
.
Monitoring Integrity Using Limited Local Memory
2013
IEEE Transactions on Information Forensics and Security
System integrity monitors, such as rootkit detectors, rely critically on the ability to fetch and inspect pages containing code and data of a target system under study. To avoid being infected by malicious or compromised targets, state of the art system integrity monitors rely on virtualization technology to set up a tamper-proof execution environment. Consequently, the virtualization infrastructure is part of the trusted computing base. However, modern virtual machine monitors are complex
doi:10.1109/tifs.2013.2266095
fatcat:6rz6ootmnzelvp4sk73uzyptsy