ch. 1. A primer on detection for security : 1.1 Today's approach: "compromise-first detection"
ch. 2. 2014 Endpoint exploitation trends : 2.1 Zero-day trends
2.2 Notable zero-day exploitation techniques
2.3 Emerging zero-day exploitation techniques
ch. 3. The proposed solution : 3.1 The principle of least priviledge ; 3.2 Detection's folly
ch. 4. Protection's weak link : 4.1 Desktop virtualization does not secure the Endpoint
4.2 Detection and isolation using VMs
ch. 5. Micro-Virtualization : 5.1 Related work ; 5.2 A practical example ; 5.3 Hardware-enforced task isolation ; 5.4 Hardware virtulization technology ; 5.5 Micro-virtualization at work ; 5.6 The microvisor ; 5.7 Memory and CPU isolation ; 5.8 Virtualized file system (VFS) ; 5.9 Virtualized IP Networking
the mobile SDN ; 5.10 Virtualized desktop services ; 5.11 Creation and management of Micro-VMs ; 5.12 Reducing the attack surface
ch. 6. Advanced forensics and analysis : 6.1 Micro-VM behavioral analysis ; 6.2 Advanced live forensics ; 6.3 LAVA architecture ; 6.4 Conclusion.
