File Download
There are no files associated with this item.
SFX Link
- Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
- Moon, Hyungon
- Computer Systems Security Lab.
Views & Downloads
Detailed Information
Cited time in 
Cited time in 
Cited time in
Metadata Downloads
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.citation.endPage | 59 | - |
| dc.citation.number | 1 | - |
| dc.citation.startPage | 48 | - |
| dc.citation.title | JOURNAL OF SEMICONDUCTOR TECHNOLOGY AND SCIENCE | - |
| dc.citation.volume | 15 | - |
| dc.contributor.author | Heo, Ingoo | - |
| dc.contributor.author | Jang, Daehee | - |
| dc.contributor.author | Moon, Hyungon | - |
| dc.contributor.author | Cho, Hansu | - |
| dc.contributor.author | Lee, Seungwook | - |
| dc.contributor.author | Kang, Brent Byunghoon | - |
| dc.contributor.author | Paek, Yunheung | - |
| dc.date.accessioned | 2023-12-22T01:38:59Z | - |
| dc.date.available | 2023-12-22T01:38:59Z | - |
| dc.date.created | 2018-08-14 | - |
| dc.date.issued | 2015-02 | - |
| dc.description.abstract | In recent years, there are increasing threats of rootkits that undermine the integrity of a system by manipulating OS kernel. To cope with the rootkits, in Vigilare, the snoop-based monitoring which snoops the memory traffics of the host system was proposed. Although the previous work shows its detection capability and negligible performance loss, the problem is that the proposed design is not acceptable in recent commodity mobile application processors (APs) which have become de facto the standard computing platforms of smart devices. To mend this problem and adopt the idea of snoop-based monitoring in commercial products, in this paper, we propose a snoop-based monitor design called S-Mon, which is designed for the AP platforms. In designing S-Mon, we especially consider two design constraints in the APs which were not addressed in Vigilare; the unified memory model and the crossbar switch interconnect. Taking into account those, we derive a more realistic architecture for the snoop-based monitoring and a new hardware module, called the region controller, is also proposed. In our experiments on a simulation framework modeling a production-quality device, it is shown that our S-Mon can detect the rootkit attacks while the runtime overhead is also negligible. | - |
| dc.identifier.bibliographicCitation | JOURNAL OF SEMICONDUCTOR TECHNOLOGY AND SCIENCE, v.15, no.1, pp.48 - 59 | - |
| dc.identifier.doi | 10.5573/JSTS.2015.15.1.048 | - |
| dc.identifier.issn | 1598-1657 | - |
| dc.identifier.scopusid | 2-s2.0-84924128371 | - |
| dc.identifier.uri | https://scholarworks.unist.ac.kr/handle/201301/24553 | - |
| dc.identifier.url | http://www.dbpia.co.kr/Journal/ArticleDetail/NODE06270397 | - |
| dc.identifier.wosid | 000353277200009 | - |
| dc.language | 영어 | - |
| dc.publisher | IEEK PUBLICATION CENTER | - |
| dc.title | Efficient Kernel Integrity Monitor Design for Commodity Mobile Application Processors | - |
| dc.type | Article | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.subject.keywordAuthor | Security | - |
| dc.subject.keywordAuthor | application processor | - |
| dc.subject.keywordAuthor | smart mobile device | - |
| dc.subject.keywordAuthor | snoop-based integrity monitoring | - |
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.