[1] |
SPINELLIS D.Another level of indirection . Beautiful code[M]. CA:O′Reilly. 2007.
|
[2] |
CHEN H , CHEN J , MAO W ,et al. Daonity-grid security from two levels of virtualization[J]. Information Security Technical Report, 2007,12(3): 123-138.
|
[3] |
CHEN H , ZHANG F , CHEN C ,et al. Tamper-resistant execution in an untrusted operating system using a virtual machine monitor[R].FDUPPITR-2007-0801.
|
[4] |
LIU Y , XIA Y , GUAN H ,et al. Concurrent and consistent virtual machine introspection with hardware transactionalmemory[C]// 2014 IEEE 20th International Symposium on High Performance Computer Architecture. 2014: 416-427.
|
[5] |
LIU Y , ZHOU T , CHEN K ,et al. Thwarting memory disclosure with efficient hypervisor-enforced intra-domain isolation[C]// The 22th ACM Conference on Computer and Communications Security. 2015.
|
[6] |
ZHANG F , CHEN J , CHEN H ,et al. CloudVisor:retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization[C]// The 23rd ACM Symposium on Operating Systems Principles. 2011: 203-216.
|
[7] |
XIA Y , LIU Y , CHEN H . Architecture support for guest-transparent VM protection from untrusted hypervisor and physical attacks[C]// IEEE 19th International Symposium on High Performance Computer Architecture. 2013: 246-257.
|
[8] |
XIA Y , LIU Y , GUAN H ,et al. Secure outsourcing of virtual appliance[J].2015:1.IEEE Transactions on Cloud Computing, 2015:1.
|
[9] |
LI W , XIA Y , CHEN H ,et al. Reducing world switches in virtualized environment with flexible cross-world calls[C]// The 42nd Annual International Symposium on Computer Architecture,ACM. 2015: 375-387.
|
[10] |
CHEN X , GARFINKEL T , LEWIS E C ,et al. Overshadow:a virtualization-based approach to retrofitting protection in commodity operating systems[C]// ASPLOS. 2008.
|
[11] |
CHECKOWAY S , SHACHAM H . Iago attacks:why the system call API is a bad untrusted RPC interface[C]// The 18th International Conference on Architectural Support for Programming Languages and Operating Systems. 2013.
|
[12] |
HOFMANN O S , KIM S , DUNN A M ,et al. Inktag:secure applications on an untrusted operating system[C]// ASPLOS. 2013.
|
[13] |
XIA Y , LIU Y , CHEN H ,et al. Defending against VM Rollback Attack[C]// The 2nd International Workshop on Dependability of Clouds Data Centers and Virtual Machine Technology. 2012.
|
[14] |
CHEN H , WU X , YUAN L ,et al. Practical and efficient information flow tracking using speculative hardware[C]// The 35th International Symposium on Computer Architecture. 2008.
|
[15] |
CHEN H , YUAN L , WU X ,et al. Control flow obfuscation with information flow tracking[C]// The 42nd International Conference on Microarchitecture. 2009.
|
[16] |
YUAN L , XING W , CHEN H ,et al. Security Breaches as PMU deviation:detecting and identifying security attacks using performance counters[C]// ACM SIGOPS Asia-pacific Workshop on Systems. 2011.
|
[17] |
XIA Y , LIU Y , CHEN H ,et al. CFIMon:detecting violation of control flow integrity using performance counters[C]// The 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 2011.
|
[18] |
GARFINKEL T , ROSENBLUM M , et al . A virtual machine introspection based architecture for intrusion detection[C]// NDSS. 2003.
|
[19] |
PAYNE B D , DE CARBONE M , LEE W . Secure and flexible monitoring of virtual machines[C]// ACSAC. 2007: 385-397.
|
[20] |
SRINIVASAN D , WANG Z , JIANG X ,et al. Processout-grafting:an efficient out-of-vm approach for fine-grained process execution monitoring[C]// CCS. 2011: 363-374.
|
[21] |
STEINBERG U , KAUER B . NOVA:a micro-hypervisorbased secure virtualization architecture[C]// The 5th European Conference on Computer Systems,ACM. 2010: 209-222.
|
[22] |
WU C , WANG Z , JIANG X . Taming hosted hypervisors with (mostly) deprivileged execution[C]// NDSS. 2013.
|
[23] |
WANG Z , WU C , GRACE M ,et al. Isolating commodity hosted hypervisors with hyperlock[C]// The 7th ACM European Conference on Computer Systems. 2012: 127-140.
|
[24] |
COLP P , NANAVATI M , ZHU J ,et al. Breaking up is hard to do:security and functionality in a commodity hypervisor[C]// The 23rd ACM Symposium on Operating Systems Principles. 2011: 189-202.
|
[25] |
TAN C , XIA Y , CHEN H . TinyChecker:transparent protection of VMs against hypervisor failures with nested virtualization[C]// The Second International Workshop on Dependability of Clouds Data Centers and Virtual Machine Technology. 2012.
|
[26] |
OSVIK D A , SHAMIR A , TROMER E . Cache attacks and countermeasures:the case of aes[C]// Topics in Cryptology-CT-RSA 2006. 2006: 1-20.
|
[27] |
YAROM Y , FALKNER K . Flush+ reload:a high resolution,low noise,l3 cache side-channel attack[C]// The 23rd USENIX Security Symposium (USENIX Security 14). 2014: 719-732.
|
[28] |
SHI J , SONG X , CHEN H ,et al. Limiting cache-based side- channel in multi-tenant cloud using dynamic page coloring[C]// The 7th Workshop on Hot Topics in System Dependability. 2011: 194-199.
|
[29] |
LIU F , GE Q , YAROM Y ,et al. CATalyst:Defeating last-level cache side channel attacks in cloud computing[C]// IEEE Symposium on High-Performance Computer Architecture. 2016.
|
[30] |
ZHANG Y , REITER M K . Düppel:retrofitting commodity operat ing systems to mitigate cache side channels in the cloud[C]// The 20th ACM Conference on Computer and Communications Security. 2013: 827-837.
|
[31] |
XIA Y , LIU Y , TAN C ,et al. TinMan:eliminating confidential mobile data exposure with security-oriented offloading[C]// The 10th European Conference on Computer Systems. 2015.
|
[32] |
LI W , LI H , CHEN H ,et al. AdAttester:secure online advertisement attestation on mobile devicesusing trustzone[C]// The 13th International Conference on Mobile Systems,Applications,and Services. 2015.
|