Efficient Kernel Integrity Monitor Design for Commodity Mobile Application Processors
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Heo, Ingoo | ko |
| dc.contributor.author | Jang, Daehee | ko |
| dc.contributor.author | Moon, Hyungon | ko |
| dc.contributor.author | Cho, Hansu | ko |
| dc.contributor.author | Lee, Seungwook | ko |
| dc.contributor.author | Kang, Brent Byunghoon | ko |
| dc.contributor.author | Paek, Yunheung | ko |
| dc.date.accessioned | 2015-11-20T09:06:56Z | - |
| dc.date.available | 2015-11-20T09:06:56Z | - |
| dc.date.created | 2015-05-12 | - |
| dc.date.created | 2015-05-12 | - |
| dc.date.created | 2015-05-12 | - |
| dc.date.issued | 2015-02 | - |
| dc.identifier.citation | JOURNAL OF SEMICONDUCTOR TECHNOLOGY AND SCIENCE, v.15, no.1, pp.48 - 59 | - |
| dc.identifier.issn | 1598-1657 | - |
| dc.identifier.uri | http://hdl.handle.net/10203/201014 | - |
| dc.description.abstract | In recent years, there are increasing threats of rootkits that undermine the integrity of a system by manipulating OS kernel. To cope with the rootkits, in Vigilare, the snoop-based monitoring which snoops the memory traffics of the host system was proposed. Although the previous work shows its detection capability and negligible performance loss, the problem is that the proposed design is not acceptable in recent commodity mobile application processors (APs) which have become de facto the standard computing platforms of smart devices. To mend this problem and adopt the idea of snoop-based monitoring in commercial products, in this paper, we propose a snoop-based monitor design called S-Mon, which is designed for the AP platforms. In designing S-Mon, we especially consider two design constraints in the APs which were not addressed in Vigilare; the unified memory model and the crossbar switch interconnect. Taking into account those, we derive a more realistic architecture for the snoop-based monitoring and a new hardware module, called the region controller, is also proposed. In our experiments on a simulation framework modeling a production-quality device, it is shown that our S-Mon can detect the rootkit attacks while the runtime overhead is also negligible. | - |
| dc.language | English | - |
| dc.publisher | IEEK PUBLICATION CENTER | - |
| dc.title | Efficient Kernel Integrity Monitor Design for Commodity Mobile Application Processors | - |
| dc.type | Article | - |
| dc.identifier.wosid | 000353277200009 | - |
| dc.identifier.scopusid | 2-s2.0-84924128371 | - |
| dc.type.rims | ART | - |
| dc.citation.volume | 15 | - |
| dc.citation.issue | 1 | - |
| dc.citation.beginningpage | 48 | - |
| dc.citation.endingpage | 59 | - |
| dc.citation.publicationname | JOURNAL OF SEMICONDUCTOR TECHNOLOGY AND SCIENCE | - |
| dc.identifier.doi | 10.5573/JSTS.2015.15.1.048 | - |
| dc.contributor.localauthor | Kang, Brent Byunghoon | - |
| dc.contributor.nonIdAuthor | Heo, Ingoo | - |
| dc.contributor.nonIdAuthor | Moon, Hyungon | - |
| dc.contributor.nonIdAuthor | Cho, Hansu | - |
| dc.contributor.nonIdAuthor | Lee, Seungwook | - |
| dc.contributor.nonIdAuthor | Paek, Yunheung | - |
| dc.description.isOpenAccess | N | - |
| dc.type.journalArticle | Article | - |
| dc.subject.keywordAuthor | Security | - |
| dc.subject.keywordAuthor | application processor | - |
| dc.subject.keywordAuthor | smart mobile device | - |
| dc.subject.keywordAuthor | snoop-based integrity monitoring | - |
- Appears in Collection
- CS-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.