{"id":"https://openalex.org/W4247984266","doi":"https://doi.org/10.1145/2516951.2505124","title":"Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection","display_name":"Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection","publication_year":2013,"publication_date":"2013-09-01","ids":{"openalex":"https://openalex.org/W4247984266","doi":"https://doi.org/10.1145/2516951.2505124"},"language":"en","primary_location":{"id":"doi:10.1145/2516951.2505124","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2516951.2505124","pdf_url":null,"source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5059583347","display_name":"Yangchun Fu","orcid":null},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yangchun Fu","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026864098","display_name":"Zhiqiang Lin","orcid":"https://orcid.org/0000-0001-6527-5994"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhiqiang Lin","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5059583347"],"corresponding_institution_ids":["https://openalex.org/I162577319"],"apc_list":null,"apc_paid":null,"fwci":4.8092,"has_fulltext":false,"cited_by_count":23,"citation_normalized_percentile":{"value":0.95168005,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"16","issue":"2","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11181","display_name":"Advanced Data Storage Technologies","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.919029176235199},{"id":"https://openalex.org/keywords/semantic-gap","display_name":"Semantic gap","score":0.8089624047279358},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.49935173988342285},{"id":"https://openalex.org/keywords/bridging","display_name":"Bridging (networking)","score":0.49837660789489746},{"id":"https://openalex.org/keywords/introspection","display_name":"Introspection","score":0.49093392491340637},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.48639681935310364},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.47142428159713745},{"id":"https://openalex.org/keywords/kernel","display_name":"Kernel (algebra)","score":0.46591854095458984},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4553138017654419},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4299776554107666},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.4129635691642761},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.15762653946876526},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.09699156880378723},{"id":"https://openalex.org/keywords/image","display_name":"Image (mathematics)","score":0.0856441855430603}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.919029176235199},{"id":"https://openalex.org/C86034646","wikidata":"https://www.wikidata.org/wiki/Q474311","display_name":"Semantic gap","level":4,"score":0.8089624047279358},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.49935173988342285},{"id":"https://openalex.org/C174348530","wikidata":"https://www.wikidata.org/wiki/Q188635","display_name":"Bridging (networking)","level":2,"score":0.49837660789489746},{"id":"https://openalex.org/C129671850","wikidata":"https://www.wikidata.org/wiki/Q210501","display_name":"Introspection","level":2,"score":0.49093392491340637},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.48639681935310364},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.47142428159713745},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.46591854095458984},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4553138017654419},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4299776554107666},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.4129635691642761},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.15762653946876526},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.09699156880378723},{"id":"https://openalex.org/C115961682","wikidata":"https://www.wikidata.org/wiki/Q860623","display_name":"Image (mathematics)","level":2,"score":0.0856441855430603},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C180747234","wikidata":"https://www.wikidata.org/wiki/Q23373","display_name":"Cognitive psychology","level":1,"score":0.0},{"id":"https://openalex.org/C1667742","wikidata":"https://www.wikidata.org/wiki/Q10927554","display_name":"Image retrieval","level":3,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2516951.2505124","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2516951.2505124","pdf_url":null,"source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities","score":0.6700000166893005}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4387404794","https://openalex.org/W2380479582","https://openalex.org/W4387405288","https://openalex.org/W2128807628","https://openalex.org/W2098367901","https://openalex.org/W1555966012","https://openalex.org/W4234264766","https://openalex.org/W2048997531","https://openalex.org/W2415426693","https://openalex.org/W2580663612"],"abstract_inverted_index":{"It":[0],"is":[1,52,96,185],"generally":[2],"believed":[3],"to":[4,12,119,147,210],"be":[5,32],"a":[6,14,41,61,77,111,124,131,167],"tedious,":[7],"time-consuming,":[8],"and":[9,87,113,136,175,189,197],"error-prone":[10],"process":[11],"develop":[13],"virtual":[15],"machine":[16],"introspection":[17,107,152],"(VMI)":[18],"tool":[19],"because":[20],"of":[21,123,133,166,169],"the":[22,29,37,46,57,66,84,90,106,120,206,211],"semantic":[23,85],"gap.":[24],"Recent":[25],"advance":[26],"shows":[27],"that":[28,53,80,182],"semantic-gap":[30],"can":[31,81],"largely":[33],"narrowed":[34],"by":[35],"reusing":[36],"executed":[38],"code":[39,59,67],"from":[40,110],"trusted":[42],"OS":[43,171],"kernel.":[44],"However,":[45],"limitation":[47],"for":[48,194,200,205],"such":[49],"an":[50,141,150],"approach":[51],"it":[54,139,190],"only":[55],"reuses":[56],"exercised":[58],"through":[60,98],"training":[62],"process,":[63],"which":[64],"suffers":[65],"coverage":[68],"issues.":[69],"Thus,":[70],"in":[71],"this":[72],"article,":[73],"we":[74],"present":[75],"Vmst,":[76],"new":[78,134],"technique":[79,184],"seamlessly":[82],"bridge":[83],"gap":[86],"automatically":[88,104,148],"generate":[89],"VMI":[91],"tools.":[92],"The":[93,178],"key":[94],"idea":[95],"that,":[97],"system":[99],"wide":[100],"instruction":[101],"monitoring,":[102],"Vmst":[103,129,157],"identifies":[105],"related":[108],"data":[109,117,216],"secure-VM":[112],"online":[114],"redirects":[115],"these":[116],"accesses":[118],"kernel":[121],"memory":[122],"product-VM,":[125],"without":[126,215],"any":[127],"training.":[128],"offers":[130],"number":[132,168],"features":[135],"capabilities.":[137],"Particularly,":[138],"enables":[140],"in-VM":[142,213],"inspection":[143],"program":[144,208],"(e.g.,":[145],"ps)":[146],"become":[149],"out-of-VM":[151],"program.":[153],"We":[154],"have":[155],"tested":[156],"with":[158],"over":[159],"25":[160],"commonly":[161],"used":[162],"utilities":[163,196,202],"on":[164,203],"top":[165],"different":[170],"kernels":[172],"including":[173],"Linux":[174,195],"Microsoft":[176],"Windows.":[177],"experimental":[179],"results":[180],"show":[181],"our":[183],"general":[186],"(largely":[187],"OS-independent),":[188],"introduces":[191],"9.3X":[192],"overhead":[193,199],"19.6X":[198],"Windows":[201],"average":[204],"introspected":[207],"compared":[209],"native":[212],"execution":[214],"redirection.":[217]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":4},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":5},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}