{"id":"https://openalex.org/W2101077503","doi":"https://doi.org/10.1007/978-3-540-74320-0_12","title":"A Forced Sampled Execution Approach to Kernel Rootkit Identification","display_name":"A Forced Sampled Execution Approach to Kernel Rootkit Identification","publication_year":2007,"publication_date":"2007-08-16","ids":{"openalex":"https://openalex.org/W2101077503","doi":"https://doi.org/10.1007/978-3-540-74320-0_12","mag":"2101077503"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-540-74320-0_12","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-540-74320-0_12","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018809196","display_name":"Jeffrey Wilhelm","orcid":null},"institutions":[{"id":"https://openalex.org/I1308906816","display_name":"NortonLifeLock (United States)","ror":"https://ror.org/0449t3a80","country_code":"US","type":"company","lineage":["https://openalex.org/I1308906816"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jeffrey Wilhelm","raw_affiliation_strings":["Core Research Group, Symantec Research Laboratories, \u00a0","Symantec Research Labs#TAB#"],"affiliations":[{"raw_affiliation_string":"Core Research Group, Symantec Research Laboratories, \u00a0","institution_ids":["https://openalex.org/I1308906816"]},{"raw_affiliation_string":"Symantec Research Labs#TAB#","institution_ids":["https://openalex.org/I1308906816"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111960386","display_name":"Tzi\u2010cker Chiueh","orcid":null},"institutions":[{"id":"https://openalex.org/I1308906816","display_name":"NortonLifeLock (United States)","ror":"https://ror.org/0449t3a80","country_code":"US","type":"company","lineage":["https://openalex.org/I1308906816"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tzi-cker Chiueh","raw_affiliation_strings":["Core Research Group, Symantec Research Laboratories, \u00a0","Symantec Research Labs#TAB#"],"affiliations":[{"raw_affiliation_string":"Core Research Group, Symantec Research Laboratories, \u00a0","institution_ids":["https://openalex.org/I1308906816"]},{"raw_affiliation_string":"Symantec Research Labs#TAB#","institution_ids":["https://openalex.org/I1308906816"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5018809196"],"corresponding_institution_ids":["https://openalex.org/I1308906816"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":null,"fwci":7.5007,"has_fulltext":false,"cited_by_count":91,"citation_normalized_percentile":{"value":0.97866034,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"219","last_page":"235"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.9720555543899536},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8043484687805176},{"id":"https://openalex.org/keywords/kernel","display_name":"Kernel (algebra)","score":0.6433995366096497},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.47403907775878906},{"id":"https://openalex.org/keywords/graph-kernel","display_name":"Graph kernel","score":0.44715237617492676},{"id":"https://openalex.org/keywords/configfs","display_name":"Configfs","score":0.4304662346839905},{"id":"https://openalex.org/keywords/linux-kernel","display_name":"Linux kernel","score":0.3243461847305298},{"id":"https://openalex.org/keywords/radial-basis-function-kernel","display_name":"Radial basis function kernel","score":0.2918846011161804},{"id":"https://openalex.org/keywords/kernel-method","display_name":"Kernel method","score":0.27587437629699707},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.2539934813976288},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.19537165760993958},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.1912180781364441}],"concepts":[{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.9720555543899536},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8043484687805176},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.6433995366096497},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.47403907775878906},{"id":"https://openalex.org/C100595998","wikidata":"https://www.wikidata.org/wiki/Q11731931","display_name":"Graph kernel","level":5,"score":0.44715237617492676},{"id":"https://openalex.org/C94127936","wikidata":"https://www.wikidata.org/wiki/Q5160105","display_name":"Configfs","level":3,"score":0.4304662346839905},{"id":"https://openalex.org/C553261973","wikidata":"https://www.wikidata.org/wiki/Q14579","display_name":"Linux kernel","level":2,"score":0.3243461847305298},{"id":"https://openalex.org/C75866337","wikidata":"https://www.wikidata.org/wiki/Q7280263","display_name":"Radial basis function kernel","level":4,"score":0.2918846011161804},{"id":"https://openalex.org/C122280245","wikidata":"https://www.wikidata.org/wiki/Q620622","display_name":"Kernel method","level":3,"score":0.27587437629699707},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.2539934813976288},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.19537165760993958},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.1912180781364441},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-3-540-74320-0_12","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-540-74320-0_12","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W161166442","https://openalex.org/W646127535","https://openalex.org/W1492832459","https://openalex.org/W1552906779","https://openalex.org/W1742385376","https://openalex.org/W2101451533","https://openalex.org/W2110978214","https://openalex.org/W2117030266","https://openalex.org/W2131523719","https://openalex.org/W2145056020","https://openalex.org/W2154933195","https://openalex.org/W2243493944","https://openalex.org/W2561675875","https://openalex.org/W4214931895"],"related_works":["https://openalex.org/W2370449689","https://openalex.org/W2382003837","https://openalex.org/W2367644348","https://openalex.org/W2354398839","https://openalex.org/W2379421806","https://openalex.org/W2614013133","https://openalex.org/W2025088090","https://openalex.org/W1514297880","https://openalex.org/W2912106162","https://openalex.org/W2101077503"],"abstract_inverted_index":null,"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":8},{"year":2018,"cited_by_count":7},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":12},{"year":2013,"cited_by_count":7},{"year":2012,"cited_by_count":6}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}