dc.citation.conferencePlace |
US |
- |
dc.citation.endPage |
526 |
- |
dc.citation.startPage |
511 |
- |
dc.citation.title |
USENIX Security Symposium |
- |
dc.contributor.author |
Lee, Hojoon |
- |
dc.contributor.author |
Moon, Hyungon |
- |
dc.contributor.author |
Jang, DaeHee |
- |
dc.contributor.author |
Kim, Kihwan |
- |
dc.contributor.author |
Lee, Jihoon |
- |
dc.contributor.author |
Paek, Yunheung |
- |
dc.contributor.author |
Kang, Brent Byunghoon |
- |
dc.date.accessioned |
2023-12-20T00:40:18Z |
- |
dc.date.available |
2023-12-20T00:40:18Z |
- |
dc.date.created |
2018-08-14 |
- |
dc.date.issued |
2013-08-14 |
- |
dc.description.abstract |
Kernel rootkits undermine the integrity of system by manipulating its operating system kernel. External hardware-based monitors can serve as a root of trust that is resilient to rootkit attacks. The existing external hardware-based approaches lack an event-triggered verification scheme for mutable kernel objects. To address the issue, we present KI-Mon, a hardware-based platform for event-triggered kernel integrity monitor. A refined form of bus traffic monitoring efficiently verifies the update values of the objects, and callback verification routines can be programmed and executed for a designated event space. We have built a KI-Mon prototype to demonstrate the efficacy of KI-Mon's event-triggered mechanism in terms of performance overhead for the monitored host system and the processor usage of the KI-Mon processor. |
- |
dc.identifier.bibliographicCitation |
USENIX Security Symposium, pp.511 - 526 |
- |
dc.identifier.scopusid |
2-s2.0-85076279101 |
- |
dc.identifier.uri |
https://scholarworks.unist.ac.kr/handle/201301/33424 |
- |
dc.language |
영어 |
- |
dc.publisher |
USENIX Association |
- |
dc.title |
KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object |
- |
dc.type |
Conference Paper |
- |
dc.date.conferenceDate |
2013-08-14 |
- |