File Download
There are no files associated with this item.
SFX Link
- Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
- Moon, Hyungon
- Computer Systems Security Lab.
Views & Downloads
Detailed Information
Cited time in 
Cited time in 
Cited time in
Metadata Downloads
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.citation.conferencePlace | US | - |
| dc.citation.conferencePlace | Raleigh, NC | - |
| dc.citation.endPage | 37 | - |
| dc.citation.startPage | 28 | - |
| dc.citation.title | ACM conference on Computer and communications security | - |
| dc.contributor.author | Moon, Hyungon | - |
| dc.contributor.author | Lee, Hojoon | - |
| dc.contributor.author | Lee, Jihoon | - |
| dc.contributor.author | Kim, Kihwan | - |
| dc.contributor.author | Paek, Yunheung | - |
| dc.contributor.author | Kang, Brent Byunghoon | - |
| dc.date.accessioned | 2023-12-20T01:39:58Z | - |
| dc.date.available | 2023-12-20T01:39:58Z | - |
| dc.date.created | 2018-08-14 | - |
| dc.date.issued | 2012-10-16 | - |
| dc.description.abstract | In this paper, we present Vigilare system, a kernel integrity monitor that is architected to snoop the bus traffic of the host system from a separate independent hardware. This snoop-based monitoring enabled by the Vigilare system, overcomes the limitations of the snapshot-based monitoring employed in previous kernel integrity monitoring solutions. Being based on inspecting snapshots collected over a certain interval, the previous hardware-based monitoring solutions cannot detect transient attacks that can occur in between snapshots. We implemented a prototype of the Vigilare system on Gaisler's grlib-based system-on-a-chip (SoC) by adding Snooper hardware connections module to the host system for bus snooping. To evaluate the benefit of snoop-based monitoring, we also implemented similar SoC with a snapshot-based monitor to be compared with. The Vigilare system detected all the transient attacks without performance degradation while the snapshot-based monitor could not detect all the attacks and induced considerable performance degradation as much as 10% in our tuned STREAM benchmark test. | - |
| dc.identifier.bibliographicCitation | ACM conference on Computer and communications security, pp.28 - 37 | - |
| dc.identifier.doi | 10.1145/2382196.2382202 | - |
| dc.identifier.issn | 1543-7221 | - |
| dc.identifier.scopusid | 2-s2.0-84869408742 | - |
| dc.identifier.uri | https://scholarworks.unist.ac.kr/handle/201301/33425 | - |
| dc.identifier.url | https://dl.acm.org/citation.cfm?doid=2382196.2382202 | - |
| dc.language | 영어 | - |
| dc.publisher | 2012 ACM Conference on Computer and Communications Security, CCS 2012 | - |
| dc.title | Vigilare: Toward snoop-based kernel integrity monitor | - |
| dc.type | Conference Paper | - |
| dc.date.conferenceDate | 2012-10-16 | - |
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.