. Uninitialized-kvm_vcpu_events->interrupt, pad structure member (cve- 2010-4525), . URL http

C. L. Abad and R. I. Bonilla, An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks, 27th International Conference on Distributed Computing Systems Workshops (ICDCSW'07), pp.60-60, 2007.
DOI : 10.1109/ICDCSW.2007.19

K. Adams and O. Agesen, A comparison of software and hardware techniques for x86 virtualization, Proceedings of the 12th international conference on Architectural support for programming languages and operating systems, pp.2-13, 2006.

A. A. Al-nashif, S. Kumar, G. Hariri, Y. Qu, F. Luo et al., Multi-Level Intrusion Detection System (ML-IDS), 2008 International Conference on Autonomic Computing, 2008.
DOI : 10.1109/ICAC.2008.25

P. Alex, L. Marc, and W. Aurelien, Analyse et prototypage de la virtualisation imbriquee dans le cloud, 2013.

F. Autrel and C. Coma, Motorbac 2: a security policy tool, 2008.

A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang et al., HyperSentry, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, 2010.
DOI : 10.1145/1866307.1866313

A. M. Azab, P. Ning, and X. Zhang, SICE, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pp.375-388, 2011.
DOI : 10.1145/2046707.2046752

A. Baliga, L. Iftode, and X. Chen, Automated containment of rootkits attacks, Computers & Security, vol.27, issue.7-8, pp.323-334, 2008.
DOI : 10.1016/j.cose.2008.06.003

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris et al., Xen and the art of virtualization, Proceedings of the nineteenth ACM symposium on Operating systems principles, SOSP '03, pp.164-177, 2003.

K. Barr, The VMware mobile virtualization platform, ACM SIGOPS Operating Systems Review, vol.44, issue.4, pp.124-135, 2010.
DOI : 10.1145/1899928.1899945

G. Barthe, G. Betarte, J. D. Campo, and C. Luna, Formally Verifying Isolation and Availability in an Idealized Model of Virtualization, Proceedings of the 17th international conference on Formal methods, pp.231-245, 2011.
DOI : 10.1007/s10207-004-0057-5

M. Bauer, Paranoid penguin: an introduction to novell apparmor, Linux J, issue.148, p.13, 2006.

M. Ben-yehuda, M. D. Day, Z. Dubitzky, M. Factor, N. Har-'el et al., The Turtles Project: Design and Implementation of Nested Virtualization, USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2010.

S. Berger, R. Cáceres, D. Pendarakis, R. Sailer, E. Valdez et al., TVDc, ACM SIGOPS Operating Systems Review, vol.42, issue.1, pp.40-47, 2008.
DOI : 10.1145/1341312.1341321

S. Berger, R. Careces, D. Pendarakis, R. Sailer, and E. Valdez, TVDc, ACM SIGOPS Operating Systems Review, vol.42, issue.1, 2008.
DOI : 10.1145/1341312.1341321

J. Kenneth and . Biba, Integrity considerations for secure computer systems, 1977.

J. Bickford, Rootkits on smart phones, Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, HotMobile '10, 2010.
DOI : 10.1145/1734583.1734596

T. Bissyande, Contributions for improving debugging of kernel-level services in a monolithic operating system
URL : https://hal.archives-ouvertes.fr/tel-00808877

A. Brown and C. Redlin, Measuring the Effectiveness of Self-Healing Autonomic Systems, Second International Conference on Autonomic Computing (ICAC'05), 2005.
DOI : 10.1109/ICAC.2005.39

E. Bruneton, T. Coupaye, M. Leclercq, V. Quéma, and J. Stefani, The FRACTAL component model and its support in Java, Software: Practice and Experience, vol.6, issue.11-12, pp.11-121257, 2006.
DOI : 10.1002/spe.767

S. Butt, H. Andrés-lagar-cavilla, A. Srivastava, and V. Ganapathy, Self-service cloud computing, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, pp.253-264
DOI : 10.1145/2382196.2382226

D. Champagne, Scalable security architecture for trusted software, 2010.

H. Chen, Y. B. Al-nashif, G. Qu, and S. Hariri, Self-Configuration of Network Security, 11th IEEE International Enterprise Distributed Object Computing Conference (EDOC 2007), 2007.
DOI : 10.1109/EDOC.2007.45

X. Chen, T. Garfinkel, E. C. Lewis, P. Subrahmanyam, C. A. Waldspurger et al., Overshadow: a Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems, International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2008.

X. Chen, J. Andersen, M. Mao, M. Bailey, and J. Nazario, Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware, Dependable Systems and Networks With FTCS and DCC IEEE International Conference on, pp.177-186, 2008.

D. Chess, C. Palmer, and S. White, Security in an autonomic computing environment, IBM Systems Journal, vol.42, issue.1, pp.107-118, 2003.
DOI : 10.1147/sj.421.0107

M. Christodorescu, R. Sailer, D. L. Schales, D. Sgandurra, and D. Zamboni, Cloud security is not (just) virtualization security, Proceedings of the 2009 ACM workshop on Cloud computing security, CCSW '09, 2009.
DOI : 10.1145/1655008.1655022
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.625.8837

. Cisco, Nexus 1000v

. Cloud-security-alliance, Security Guidance for Critical Areas of Focus in Cloud Computing

E. Cohen, M. Dahlweid, M. Hillebrand, D. Leinenbach, M. ?. Moskal et al., VCC: A Practical System for Verifying Concurrent C, Theorem Proving in Higher Order Logics Loscocco, and Andrew Warfield. Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor ACM Symposium on Operating Systems Principles (SOSP), pp.23-42, 2009.
DOI : 10.1007/978-3-540-74591-4_15

J. M. Combes, A. Wailly, and M. Laurent, Cga as alternative security credentials with ikev2: implementation and analysis
URL : https://hal.archives-ouvertes.fr/hal-00747186

N. Damianou, N. Dulay, E. Lupu, and M. Sloman, The Ponder Policy Specification Language, International Workshop on Policies for Distributed Systems and Networks (POLICY), 2001.
DOI : 10.1007/3-540-44569-2_2

S. De-capitani-di-vimercati, S. Foresti, P. Samarati, and S. Jajodia, Access control policies and languages, International Journal of Computational Science and Engineering, vol.3, issue.2, pp.94-102, 2007.
DOI : 10.1504/IJCSE.2007.015739

N. Palma, D. Hagimont, F. Boyer, and L. Broto, Self-Protection in a Clustered Distributed System. Parallel and Distributed Systems, IEEE Transactions on, vol.23, issue.2, pp.330-336, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00941373

D. Defour and E. Petit, Températures, erreurs matérielles et GPU, COMPAS'2013, pp.1-11

A. Dinaburg, P. Royal, M. Sharif, and W. Lee, Ether, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.51-62, 2008.
DOI : 10.1145/1455770.1455779

B. Dolan-gavitt, T. Leek, M. Zhivich, J. Giffin, and W. Lee, Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection, 2011 IEEE Symposium on Security and Privacy, pp.297-312, 2011.
DOI : 10.1109/SP.2011.11

B. Dolan-gavitt, B. Payne, and W. Lee, Leveraging forensic tools for virtual machine introspection, 2011.

S. Dolev, J. A. Garay, N. Gilboa, V. Kolesnikov, and Y. Yuditsky, Towards efficient private distributed computation on unbounded input streams -(extended abstract), ACNS, pp.69-83, 2013.

J. Donenfeld, Linux local privilege escalation via suid /proc/pid/mem write, 2012.

Y. Dong, Z. Yu, and G. Rose, Sr-iov networking in xen: architecture, design and implementation, Proceedings of the First conference on I/O virtualization , WIOV'08, pp.10-10, 2008.

G. Dunlap, Securing your cloud with xen's advanced security features, 2013.

A. Abou, E. Kalam, and Y. Deswarte, Multi-orbac: A new access control model for distributed, heterogeneous and collaborative systems, 8th IEEE International Symposium on Systems and Information Security, 2006.

N. Elhage, Virtunoid: Breaking out of KVM, Black Hat USA, 2011.

J. Strassner, The Design of a New Context-Aware Policy Model for Autonomic Networking, 2008 International Conference on Autonomic Computing, 2008.
DOI : 10.1109/ICAC.2008.36

X. Etchevers, T. Coupaye, F. Boyer, G. Noel-de-palma, and . Salaun, Automated Configuration of Legacy Applications in the Cloud, 2011 Fourth IEEE International Conference on Utility and Cloud Computing, pp.170-177, 2011.
DOI : 10.1109/UCC.2011.32
URL : https://hal.archives-ouvertes.fr/hal-00665592

X. Etchevers, T. Coupaye, F. Boyer, G. Noã«l-de-palma, and . Salaãoen, Automated Configuration of Legacy Applications in the Cloud, 2011 Fourth IEEE International Conference on Utility and Cloud Computing, 2011.
DOI : 10.1109/UCC.2011.32
URL : https://hal.archives-ouvertes.fr/hal-00665592

J. Fassino, THINK: vers une architecture de systemes flexibles, 2001.
URL : https://hal.archives-ouvertes.fr/tel-00005776

A. Porter-felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, A Survey of Mobile Malware in the Wild, ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2011.

D. Ferraiolo, J. Cugini, and R. Kuhn, Role-based access control (rbac): Features and motivations, Proceedings of 11th Annual Computer Security Application Conference, pp.241-289, 1995.

F. David, D. R. Ferraiolo, R. Kuhn, and . Chandramouli, Role- Based Access Controls -. Artech House, 2003.

P. Ferrie, Attacks on more virtual machine emulators

P. Ferrie, Attacks on virtual machine emulators

I. Foster, C. Kesselman, and S. Tuecke, The anatomy of the grid: enabling scalable virtual organizations, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid, pp.200-222, 2001.
DOI : 10.1109/CCGRID.2001.923162

E. Freudenthal, dRBAC: distributed role-based access control for dynamic coalition environments, Proceedings 22nd International Conference on Distributed Computing Systems, 2002.
DOI : 10.1109/ICDCS.2002.1022279

V. Ganapathy, M. J. Renzelmann, A. Balakrishnan, M. M. Swift, and S. Jha, The Design and Implementation of Microdrivers, International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2008.

T. Garfinkel, Traps and pitfalls: Practical problems in system call interposition based security tools, Proc. Network and Distributed Systems Security Symposium, pp.163-176, 2003.

T. Garfinkel and M. Rosenblum, A virtual machine introspection based architecture for intrusion detection, Proc. Network and Distributed Systems Security Symposium, pp.191-206, 2003.

T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh, Terra: A Virtual Machine-Based Platform for Trusted Computing, ACM Symposium on Operating Systems Principles (SOSP, 2003.

T. Garfinkel, K. Adams, A. Warfield, and J. Franklin, Compatibility is not transparency: VMM detection myths and realities, Proceedings of the 11th USENIX workshop on Hot topics in operating systems, HO- TOS'07, pp.1-6, 2007.

R. Geambasu, T. Kohno, A. Levy, and H. M. Levy, Vanish: Increasing Data Privacy with Self-Destructing Data, USENIX Security Symposium, 2009.

A. Goel, K. Po, K. Farhadi, Z. Li, and L. , The Taser Intrusion Recovery System, ACM Symposium on Operating Systems Principles (SOSP), 2005.

. Green-hills-software, Integrity Multivisor

T. Harada, Y. Handa, and . Itakura, Design and implementation of tomoyo linux, IPSJ Symposium Series, number 13, pp.101-110, 2009.

R. He, M. Lacoste, and J. Leneutre, A Policy Management Framework for Self-Protection of Pervasive Systems, 2010 Sixth International Conference on Autonomic and Autonomous Systems, 2010.
DOI : 10.1109/ICAS.2010.22

R. He, M. Lacoste, and J. Leneutre, ASPF: A Policy Administration Framework for Self-Protection of Large-Scale Systems, IARIA International Journal On Advances in Security, vol.3, pp.3-4104, 2010.

G. Heiser, The role of virtualization in embedded systems, Proceedings of the 1st workshop on Isolation and integration in embedded systems, IIES '08, 2010.
DOI : 10.1145/1435458.1435461

G. Heiser and B. Leslie, The OKL4 microvisor, Proceedings of the first ACM asia-pacific workshop on Workshop on systems, APSys '10, 2010.
DOI : 10.1145/1851276.1851282

K. Hess and A. Newman, Practical Virtualization Solutions: Virtualization from the Trenches, p.9780137142972, 2009.

J. Hwang, S. Zeng, F. Wu, and T. Wood, A Component Based Performance Comparison of Four Hypervisors, to appear in IFIP/IEEE Integrated Network Management Symposium, 2013.

J. Hwang, Xen on ARM: System Virtualization Using Xen Hypervisor for ARM-Based Secure Mobile Phones, 2008 5th IEEE Consumer Communications and Networking Conference, 2008.
DOI : 10.1109/ccnc08.2007.64

A. Ibrahim, J. Hamlyn-harris, J. Grundy, and M. Almorsy, CloudSec: A security monitoring appliance for Virtual Machines in the IaaS cloud model, 2011 5th International Conference on Network and System Security, 2011.
DOI : 10.1109/ICNSS.2011.6059967

A. S. Ibrahim, J. Hamlyn-harris, J. Grundy, and M. Almorsy, CloudSec: A security monitoring appliance for Virtual Machines in the IaaS cloud model, 2011 5th International Conference on Network and System Security, pp.113-120, 2011.
DOI : 10.1109/ICNSS.2011.6059967

. Int, Introduction to software guard extensions, Website 2013, p.6, 2013.

T. Jain and T. Agrawal, The haswell microarchitecture-4th generation processor

M. Jawurek and R. Aachen, Rsbac-a framework for enhanced linux system security, 2006.

X. Jiang and D. Xu, VIOLIN: Virtual Internetworking on Overlay Infrastructure, International Symposium on Parallel and Distributed Processing and Applications, 2004.
DOI : 10.1007/978-3-540-30566-8_107

X. Jiang, X. Wang, and D. Xu, Stealthy malware detection and monitoring through VMM-based ???out-of-the-box??? semantic view reconstruction, ACM Transactions on Information and System Security, vol.13, issue.2, pp.1-28, 2010.
DOI : 10.1145/1698750.1698752

A. Kalam, Y. Deswarte, A. Baï¿oena, and M. Kaï¿oeniche, PolyOrBAC: A security framework for Critical Infrastructures, International Journal of Critical Infrastructure Protection, vol.2, issue.4, pp.154-169, 2009.
DOI : 10.1016/j.ijcip.2009.08.005
URL : https://hal.archives-ouvertes.fr/hal-00851762

A. A. Kalam, R. E. Baida, P. Balbiani, S. Benferhat, F. Cuppens et al., Organization based access control, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, pp.120-131, 2003.
DOI : 10.1109/POLICY.2003.1206966
URL : https://hal.archives-ouvertes.fr/hal-01483818

K. Keahey and M. Tsugawa, Sky Computing, AndrÃ©a Matsunaga, and JosÃ© Fortes. Sky Computing, pp.43-51, 2009.
DOI : 10.1109/MIC.2009.94
URL : https://hal.archives-ouvertes.fr/inria-00551206

J. Kephart and W. Walsh, An artificial intelligence perspective on autonomic computing policies, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004., 2004.
DOI : 10.1109/POLICY.2004.1309145

O. Jeffrey and . Kephart, Autonomic computing: the first decade, Proceedings of the 8th ACM international conference on Autonomic computing, pp.1-2, 2011.

J. O. Kephart and D. M. Chess, The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003.
DOI : 10.1109/MC.2003.1160055

D. Kirat, G. Vigna, and C. Kruegel, BareBox, Proceedings of the 27th Annual Computer Security Applications Conference on, ACSAC '11, pp.403-412, 2011.
DOI : 10.1145/2076732.2076790

K. Kolyshkin, Virtualization in linux

K. Kolyshkin, Pid namespace details, 2007.

J. Kiszka and B. Wagner, Domain and type enforcement for real-time operating systems In Emerging Technologies and Factory Automation, Proceedings. ETFA '03. IEEE Conference, pp.439-446, 2003.

A. Kivity, kvm: the Linux virtual machine monitor, OLS '07: The 2007 Ottawa Linux Symposium, pp.225-230, 2007.

G. Klein, K. Elphinstone, G. Heiser-andronick, D. Cock, P. Derrin et al., seL4, Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP '09, pp.207-220, 2009.
DOI : 10.1145/1629575.1629596

R. Koller, R. Rangaswami, J. Marrero, I. Hernandez, G. Smith et al., Anatomy of a Real-Time Intrusion Prevention System, 2008 International Conference on Autonomic Computing, 2008.
DOI : 10.1109/ICAC.2008.24

K. Kortchinsky, CloudBurst: A VMware Guest to Host Escape Story, BLACKHAT, 2009.

D. Koufaty and D. T. Marr, Hyperthreading technology in the netburst microarchitecture . Micro, IEEE, vol.23, issue.2, pp.56-65, 2003.

S. Krakowiak, Principes des systemes d'exploitation des ordinateurs (Dunod informatique) (French Edition). Dunod, 1987. ISBN 2040186328. URL http://www. bibliography amazon.com/Principes-systemes-dexploitation-ordinateurs-informatique

R. Labarge and T. Mcguire, Cloud penetration testing. CoRR, abs/1301, 1912.

E. Carl and . Landwehr, Formal models for computer security, ACM Computing Surveys (CSUR), vol.13, issue.3, pp.247-278, 1981.

B. Lau and V. Svajcer, Measuring virtual machine detection in malware using DSD tracer, Journal in Computer Virology, vol.6, issue.3, pp.181-195, 2010.
DOI : 10.1007/s11416-008-0096-y

K. P. Lawton, Bochs: A portable pc emulator for unix/x, Linux J, issue.29es, 1996.

D. Leinenbach and T. Santen, Verifying the Microsoft Hyper-V Hypervisor with VCC, FM 2009: Formal Methods, p.806
DOI : 10.1007/978-3-642-05089-3_51

M. Lindorfer, C. Kolbitsch, and P. M. Comparetti, Detecting Environment-Sensitive Malware, Recent Advances in Intrusion Detection, pp.338-357, 2011.
DOI : 10.1007/978-3-540-75496-1_1

. Linux-vserver, Secure capabilities. URL http://linux-vserver.org/Paper# Secure _ Capabilities

Y. Mao, H. Chen, D. Zhou, X. Wang, N. Zeldovich et al., Software fault isolation with API integrity and multi-principal modules, Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP '11, 2011.
DOI : 10.1145/2043556.2043568

. Marco-d-'itri, Evading from linux containers

J. M. Mccune, Y. Li, N. Qu, Z. Zhou, A. Datta et al., TrustVisor: Efficient TCB Reduction and Attestation, 2010 IEEE Symposium on Security and Privacy, pp.143-158, 2010.
DOI : 10.1109/SP.2010.17

N. Mckeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson et al., OpenFlow, ACM SIGCOMM Computer Communication Review, vol.38, issue.2, pp.69-74, 2008.
DOI : 10.1145/1355734.1355746

L. Mcvoy and C. Staelin, Lmbench: Portable tools for performance analysis, Proceedings of the 1996 Annual Conference on USENIX Annual Technical bibliography 149

P. Mell and T. Grance, The nist definition of cloud computing (draft), NIST special publication, vol.800, p.145, 2011.

. Microsoft, Hyper-v architecture, 2008.

O. Mola and M. Bauer, Towards Cloud Management by Autonomic Manager Collaboration, International Journal of Communications, Network and System Sciences, vol.04, issue.12, pp.790-802, 2011.
DOI : 10.4236/ijcns.2011.432097

J. Morris, sVirt: Hardening Linux Virtualization with Mandatory Access Control, Linux.conf.au Conference, 2009.

D. G. Murray, G. Milos, and S. Hand, Improving Xen security through disaggregation, Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments , VEE '08, 2008.
DOI : 10.1145/1346256.1346278

K. Nance, M. Bishop, and B. Hay, Virtual Machine Introspection: Observation or Interference?, IEEE Security & Privacy Magazine, vol.6, issue.5, pp.32-37, 2008.
DOI : 10.1109/MSP.2008.134

A. Nguyen, H. Raj, S. Rayanchu, S. Saroiu, and A. Wolman, Delusional boot, Proceedings of the 7th ACM european conference on Computer Systems, EuroSys '12, pp.141-154
DOI : 10.1145/2168836.2168851

M. Anh, N. Nguyen, H. Schear, A. Jung, . Godiyal et al., Mavmm: Lightweight and purpose built vmm for malware analysis, Computer Security Applications Conference ACSAC'09. Annual, pp.441-450, 2009.

V. Nicomette, La protection dans les systèmes à objets répartis. These, Institut National Polytechnique de Toulouse -INPT, 1996.

. Objectsecurity, OpenPMF White Paper, 2011.

K. A. Oostendorp, L. Badger, C. D. Vance, W. G. Morrison, M. J. Petkac et al., Domain and type enforcement firewalls, DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings, pp.351-361, 2000.
DOI : 10.1109/discex.2000.825039

T. Ormandy, An empirical study into the security exposure to hosts of hostile virtualized environments, Test, pp.1-10, 2007.

S. Oulmakhzoune, N. Cuppens-boulahia, F. Cuppens, S. Morucci, M. Barhamgi et al., Privacy query rewriting algorithm instrumented by a privacy-aware access control model. annals of telecommunications-annales des télécommunications, pp.1-17, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00869138

R. Paleari, L. Martignoni, G. Fresi-roglia, and D. Bruschi, A fistful of red-pills: how to automatically generate procedures to detect cpu emulators, Proceedings of the 3rd USENIX conference on Offensive technologies , WOOT'09, pp.2-2

R. Paleari, L. Martignoni, G. Fresi-roglia, and D. Bruschi, A fistful of red-pills: How to automatically generate procedures to detect cpu emulators, Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), p.86, 2009.

A. Patel, Q. Qassim, and C. Wills, A survey of intrusion detection and prevention systems, Information Management & Computer Security, vol.18, issue.4, pp.277-290, 2010.
DOI : 10.1108/09685221011079199

B. Payne, Simplifying virtual machine introspection using libvmi, 2012.
DOI : 10.2172/1055635
URL : http://www.osti.gov/scitech/servlets/purl/1055635

B. Payne, M. Carbone, and W. Lee, Secure and Flexible Monitoring of Virtual Machines, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), 2007.
DOI : 10.1109/ACSAC.2007.10

M. Pearce, S. Zeadally, and R. Hunt, Virtualization, ACM Computing Surveys, vol.45, issue.2, pp.1-17, 2013.
DOI : 10.1145/2431211.2431216

G. Pék, B. Bencsáth, and L. Buttyán, nether: In-guest detection of out-of-the-guest malware analyzers, Proceedings of the Fourth European Workshop on System Security, p.3, 2011.

R. Perez, R. Sailer, and L. Van-doorn, vtpm: virtualizing the trusted platform module, Proc. 15th Conf. on USENIX Security Symposium, pp.305-320, 2006.

D. Perez-botero, B. Ruby, and . Lee, Characterizing the vm-hypervisor attack surface

D. Perez-botero, J. Szefer, and R. B. Lee, Characterizing hypervisor vulnerabilities in cloud computing servers, Proceedings of the 2013 international workshop on Security in cloud computing, Cloud Computing '13, pp.3-10
DOI : 10.1145/2484402.2484406

J. Petazzoni, Lxc website, 2013. URL http://www.socallinuxexpo.org/ sites

J. Pfoh, C. Schneider, and C. Eckert, A formal model for virtual machine introspection, Proceedings of the 1st ACM workshop on Virtual machine security, VMSec '09, 2009.
DOI : 10.1145/1655148.1655150

J. Gerald, R. P. Popek, and . Goldberg, Formal requirements for virtualizable third generation architectures, Commun. ACM, vol.17, issue.7, pp.412-421, 1974.

N. Provos, Improving host security with system call policies, Proceedings of the 12th conference on USENIX Security Symposium, pp.18-18, 2003.

T. Raffetseder, C. Kruegel, and E. Kirda, Detecting System Emulators, Information Security, pp.1-18, 2007.
DOI : 10.1007/978-3-540-75496-1_1

M. Rak, L. Liccardo, and R. Aversa, A SLA-based interface for security management in cloud and GRID integrations, 2011 7th International Conference on Information Assurance and Security (IAS), 2011.
DOI : 10.1109/ISIAS.2011.6122783

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds, ACM Conference on Computer and Communications Security (CCS), 2009.

S. Roschke, F. Cheng, and C. Meinel, Intrusion Detection in the Cloud, International Conference on Dependable, Autonomic, and Secure Computing, 2009.

S. Rueda, Y. Sreenivasan, and T. Jaeger, Flexible security configuration for virtual machines, Proceedings of the 2nd ACM workshop on Computer security architectures, CSAW '08, 2008.
DOI : 10.1145/1456508.1456515

J. Rutkowska and R. Wojtczuk, The Qubes OS Architecture, 2010.

J. Rutkowska, Red pill... or how to detect vmm using (almost) one cpu instruction, 2004.

J. Rutkowska and A. Tereshkin, Bluepilling the Xen Hypervisor, BlackHat Technical Security Conference (BLACKHAT), 2008.

J. Rutkowska and R. Wojtczuk, Preventing and detecting xen hypervisor subversions, Blackhat Briefings USA, 2008.

R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez et al., Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor, 21st Annual Computer Security Applications Conference (ACSAC'05), 2005.
DOI : 10.1109/CSAC.2005.13

C. Schaufler, The simplified mandatory access control kernel, 2008.

A. Seshadri, M. Luk, N. Qu, and A. Perrig, SecVisor: a Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes, ACM Symposium on Operating Systems Principles (SOSP), 2007.

M. Sharif, W. Lee, W. Cui, and W. Lee, Secure in-VM monitoring using hardware virtualization, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, 2009.
DOI : 10.1145/1653662.1653720

W. Shi, J. Lee, T. Suh, D. H. Woo, and X. Zhang, Architectural support of multiple hypervisors over single platform for enhancing cloud computing security, Proceedings of the 9th conference on Computing Frontiers, CF '12, pp.75-84
DOI : 10.1145/2212908.2212920

T. Shinagawa, H. Eiraku, K. Tanimoto, K. Omote, S. Hasegawa et al., BitVisor, Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, VEE '09, 2009.
DOI : 10.1145/1508293.1508311

Y. Shoham, Elsevier artint 931 agent-oriented programming, 1991.

F. M. Sibai and D. A. Menascé, Defeating the insider threat via autonomic network capabilities, 2011 Third International Conference on Communication Systems and Networks (COMSNETS 2011), 2011.
DOI : 10.1109/COMSNETS.2011.5716431

S. Smalley, C. Vance, and W. Salamon, Implementing selinux as a linux security module, 2001.

J. Smith and R. Nair, Virtual Machines: Versatile Platforms for Systems and Processes (The Morgan Kaufmann Series in Computer Architecture and Design), 2005.

D. Song, D. Brumley, J. Heng-yin, I. Caballero, M. G. Jager et al., BitBlaze: A New Approach to Computer Security via Binary Analysis, Proceedings of the 4th International Conference on Information Systems Security, ICISS '08, pp.1-25, 2008.
DOI : 10.1007/978-3-540-73368-3_52

B. Sotomayor, R. S. Montero, I. M. Llorente, and I. Foster, Virtual Infrastructure Management in Private and Hybrid Clouds, IEEE Internet Computing, vol.13, issue.5, pp.14-22, 2009.
DOI : 10.1109/MIC.2009.119

B. Spengler, Detection, prevention, and containment: A study of grsecurity, Libres Software Meeting, 2002.

M. H. Sqalli, F. Haidari, and K. Salah, EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing, 2011 Fourth IEEE International Conference on Utility and Cloud Computing, pp.49-56, 2011.
DOI : 10.1109/UCC.2011.17

A. Srivastava and J. Giffin, Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections, Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, RAID '08, pp.39-58
DOI : 10.1007/978-3-540-87403-4_3

U. Steinberg and B. Kauer, NOVA, Proceedings of the 5th European conference on Computer systems, EuroSys '10, 2010.
DOI : 10.1145/1755913.1755935

J. Strassner, Policy-Based Network Management: Solutions for the Next Generation, 2003.

J. Strassner, N. Agoulmine, and E. Lehtihet, FOCALE: A Novel Autonomic Networking Architecture, Latin American Autonomic Computing Symposium (LAACS), 2006.

A. Sundararaj and P. Dinda, Towards Virtual Networks for Virtual Machine Grid Computing, USENIX Virtual Machine Research and Technology Symposium (VM), 2004.

M. Sutton, A. Greene, and P. Amini, Fuzzing: Brute Force Vulnerability Discovery, 2007.

M. M. Swift, B. N. Bershad, and H. M. Levy, Improving the Reliability of Commodity Operating Systems, ACM Symposium on Operating Systems Principles (SOSP), 2003.

. Swsoft, Virtuozzo linux virtualization

J. Szefer and R. B. Lee, Architectural support for hypervisor-secure virtualization, Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS XVII, pp.437-450
DOI : 10.1145/2189750.2151022

J. Szefer, E. Keller, R. B. Lee, and J. Rexford, Eliminating the hypervisor attack surface for a more secure cloud, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, 2011.
DOI : 10.1145/2046707.2046754

J. Szefer, E. Keller, B. Ruby, J. Lee, and . Rexford, Eliminating the hypervisor attack surface for a more secure cloud, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pp.401-412, 2011.
DOI : 10.1145/2046707.2046754

R. Ta-min, L. Litty, and D. Lie, Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable, USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2006.

L. Tan, E. M. Chan, R. Farivar, N. Mallick, J. C. Carlyle et al., iKernel: Isolating Buggy and Malicious Device Drivers Using Hardware Virtualization Support, Third IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC 2007), 2007.
DOI : 10.1109/DASC.2007.16

A. S. Tanenbaum, Modern Operating Systems

H. Tews, T. Weber, M. Völp, E. Poll, M. Van-eekelen et al., Nova micro-hypervisor verification, 2008.

H. Tews, Formal methods in the robin project: Specification and verification of the nova microhypervisor, Citeseer, pp.59-68, 2007.

C. Thompson, M. Huntley, and C. Link, Virtualization detection: New strategies and their effectiveness

A. Tolnai and S. Solms, The Cloud???s Core Virtual Infrastructure Security, Global Security, Safety, and Sustainability, pp.19-27, 2010.
DOI : 10.1007/978-3-642-15717-2_3

S. Tripathi, N. Droux, T. Srinivasan, and K. Belgaied, Crossbow, Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures, VISA '09, 2009.
DOI : 10.1145/1592648.1592658

K. Twidle, N. Dulay, E. Lupu, and M. Sloman, Ponder2: A Policy System for Autonomous Pervasive Environments, International Conference on Autonomic and Autonomous Systems, 2009.

A. Vasudevan, B. Parno, N. Qu, . Virgild, A. Gligor et al., Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms, Trust and Trustworthy Computing, p.34
DOI : 10.1007/978-3-642-30921-2_3

A. Vasudevan, S. Chaki, L. Jia, J. Mccune, J. Newsome et al., Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework, 2013 IEEE Symposium on Security and Privacy, 2013.
DOI : 10.1109/SP.2013.36

A. Velte and T. Velte, Microsoft Virtualization with Hyper-V, p.9780071614030, 2010.

A. Virtualization, Amd-v nested paging. White paper.[Online] Available: http://sites. amd. com/us/business/it-solutions/virtualization, 2008.

. Vmware, Understanding full virtualization, paravirtualization, and hardware assist

. Vmware, Performance evaluation of intel ept hardware assist, 2009.

. Vmware, Understanding memory resource management in vmware esx server, 2009.

A. Wailly, M. Lacoste, and H. Debar, Towards Multi-Layer Autonomic Isolation of Cloud Computing and Networking Resources, 2011 Conference on Network and Information Systems Security, 2011.
DOI : 10.1109/SAR-SSI.2011.5931358
URL : https://hal.archives-ouvertes.fr/hal-01300936

A. Wailly, M. Lacoste, and H. Debar, Towards Multi-Layer Autonomic Isolation of Cloud Computing and Networking Resources, 2011 Conference on Network and Information Systems Security, pp.1-9, 2011.
DOI : 10.1109/SAR-SSI.2011.5931358
URL : https://hal.archives-ouvertes.fr/hal-01300936

A. Wailly, M. Lacoste, and H. Debar, KungFuVisor: Enabling Hypervisor Self-Defense, EUROSYS Doctoral Workshop (EURODW), 2012.
URL : https://hal.archives-ouvertes.fr/hal-00738069

A. Wailly, M. Lacoste, and H. Debar, VESPA, Proceedings of the 9th international conference on Autonomic computing, ICAC '12, 2012.
DOI : 10.1145/2371536.2371564
URL : https://hal.archives-ouvertes.fr/hal-00738174

F. Wang, P. Chen, B. Mao, and L. Xie, Randhyp: Preventing attacks via xen hypercall interface Information Security and Privacy Research, volume 376 of IFIP Advances in Information and Communication Technology, pp.138-149

J. Wang, A. Stavrou, and A. Ghosh, HyperCheck: A Hardware-Assisted Integrity Monitor, International Symposium on Recent Advances in Intrusion Detection, 2010.
DOI : 10.1007/978-3-642-15512-3_9

Y. Wang, D. Beck, B. Vo, and C. Verbowski, Detecting Stealth Software with Strider GhostBuster, International Conference on Dependable Systems and Networks (DSN), 2005.

Z. Wang and X. Jiang, HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity, 2010 IEEE Symposium on Security and Privacy, 2010.
DOI : 10.1109/SP.2010.30

Z. Wang, C. Wu, M. Grace, and X. Jiang, Isolating commodity hosted hypervisors with HyperLock, Proceedings of the 7th ACM european conference on Computer Systems, EuroSys '12, pp.127-140
DOI : 10.1145/2168836.2168850
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.687.3236

N. M. Robert, J. Watson, B. Anderson, K. Laurie, and . Kennaway, Capsicum: practical capabilities for unix, Proceedings of the 19th USENIX conference on Security, USENIX Security'10, pp.3-3, 1929824.

D. Williams, H. Jamjoom, and H. Weatherspoon, Plug into the Supercloud, IEEE Internet Computing, vol.17, issue.2, pp.28-34
DOI : 10.1109/MIC.2012.145

R. Wojtczuk, A stitch in time saves nine a stitch in time saves nine: A case of multiple os vulnerability. 2012. URL http://media.blackhat.com/bh-us-12

C. Wu, Z. Wang, and X. Jiang, Taming Hosted Hypervisors with (Mostly) Deprivileged Execution, Proceedings of the Network and Distributed System Security Symposium (NDSS), 2013.

. Xen, org security team. cve-2013-1922 -qemu-nbd format-guessing due to missing format specification

P. Zech, M. Felderer, and R. Breu, Towards a Model Based Security Testing Approach of Cloud Computing Environments, 2012 IEEE Sixth International Conference on Software Security and Reliability Companion, pp.47-56, 2012.
DOI : 10.1109/SERE-C.2012.11

F. Zhang, J. Chen, H. Chen, and B. Zang, CloudVisor, Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP '11, 2011.
DOI : 10.1145/2043556.2043576

Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart, Cross-VM side channels and their use to extract private keys, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, pp.305-316
DOI : 10.1145/2382196.2382230

Z. Zhang, Q. Wen, and W. Tang, An Efficient Mutation-Based Fuzz Testing Approach for Detecting Flaws of Network Protocol, 2012 International Conference on Computer Science and Service System, pp.814-817, 2012.
DOI : 10.1109/CSSS.2012.208

F. Zhao, Y. Jiang, G. Xiang, H. Jin, and W. Jiang, VRFPS: A Novel Virtual Machine-Based Real-time File Protection System, 2009 Seventh ACIS International Conference on Software Engineering Research, Management and Applications, pp.217-224, 2009.
DOI : 10.1109/SERA.2009.23