Virtualization technology enables Cloud providers to efficiently use their computing services
and resources. Even if the benefits in terms of performance, maintenance, and cost are …

When designing computer monitoring systems, one goal has always been to have a
complete view of the monitored target and at the same time stealthily protect the monitor …

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-
assurance processes even in the presence of a malicious operating system. InkTag …

As modern attacks become more stealthy and persistent, detecting or preventing them at
their early stages becomes virtually impossible. Instead, an attack investigation or …

An essential goal of Virtual Machine Introspection (VMI) is assuring security policy
enforcement and overall functionality in the presence of an untrustworthy OS. A fundamental …

This paper presents NumChecker, a new Virtual Machine Monitor (VMM) based framework
to detect control-flow modifying kernel rootkits in a guest Virtual Machine (VM). NumChecker …

Cryptography plays an important role in computer and communication security. In practical
implementations of cryptosystems, the cryptographic keys are usually loaded into the …

The security of many applications relies on the kernel being secure, but history suggests that
kernel vulnerabilities are routinely discovered and exploited. In particular, exploitable …

External hardware-based kernel integrity monitors have been proposed to mitigate kernel-
level malwares. However, the existing external approaches have been limited to monitoring …

Control-flow integrity (CFI) is a promising technique to mitigate control-flow hijacking attacks.
In the past decade, dozens of CFI mechanisms have been proposed by researchers …