File Download
There are no files associated with this item.
SFX Link
- Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
- Moon, Hyungon
- Computer Systems Security Lab.
Views & Downloads
Detailed Information
Cited time in 
Cited time in 
Cited time in
Metadata Downloads
Extrax: Security extension to extract cache resident information for snoop-based external monitors
- Author(s)
- Lee, J., Lee Y., Moon, Hyungon, Heo, I., Paek, Y.
- Issued Date
- 2015-03-09
- Citation
- Design Automation and Test in Europe Conference, pp.151 - 156
- Abstract
- Advent of rootkits has urged researchers to conduct much research on defending the integrity of OS kernels. Even though recently proposed snoop-based monitors have shown to provide higher performance and security level compared to conventional hypervisor-based monitors, we discovered that the use of write-back caches in a system would seriously undermine the effectiveness of snoop-based monitors. To address the problem, we propose a special hardware unit called Extrax which makes use of existing hardware logic, core debugging interface, to extract necessary information for security monitoring. Being implemented to refine the debug information for security purposes, Extrax assists snoop-based monitors to detect attacks that exploit write-back caches. Experimental results show that our system can detect more advanced attacks, which the state-of-the-art snoop-based hardware monitors cannot capture, with moderate area overhead and power consumption.
- Publisher
- 2015 Design, Automation and Test in Europe Conference and Exhibition, DATE 2015
- ISSN
- 1530-1591
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.