Zobrazeno 1 - 10
of 19
pro vyhledávání: '"Ingoo Heo"'
Autor:
Brent Byunghoon Kang, Hyungon Moon, Yunheung Paek, Ingoo Heo, Kihwan Kim, Jinsoo Jang, Hojoon Lee, Daehee Jang
Publikováno v:
IEEE Transactions on Dependable and Secure Computing. 16:287-300
External hardware-based kernel integrity monitors have been proposed to mitigate kernel-level malwares. However, the existing external approaches have been limited to monitoring the static regions of kernel while the latest rootkits manipulate the dy
Publikováno v:
ACM Transactions on Design Automation of Electronic Systems. 22:1-25
The ARM CoreSight Program Trace Macrocell (PTM) has been widely deployed in recent ARM processors for real-time debugging and tracing of software. Using PTM, the external debugger can extract execution behaviors of applications running on an ARM proc
Publikováno v:
IEEE Transactions on Dependable and Secure Computing. 14:145-157
To protect the integrity of operating system kernels, we present Vigilare system , a kernel integrity monitor that is architected to snoop the bus traffic of the host system from a separate independent hardware. This snoop-based monitoring enabled by
Publikováno v:
ACM Transactions on Design Automation of Electronic Systems. 22:1-29
For decades, various concepts in security monitoring have been proposed. In principle, they all in common in regard to the monitoring of the execution behavior of a program (e.g., control-flow or dataflow) running on the machine to find symptoms of a
Autor:
Changho Choi, Brent Byunghoon Kang, Yunheung Paek, Yongje Lee, Minsu Kim, Jinyong Lee, Ingoo Heo
Publikováno v:
ACM Transactions on Design Automation of Electronic Systems. 20:1-32
In recent years, dynamic program analysis (DPA) has been widely used in various fields such as profiling, finding bugs, and security. However, existing solutions have their own weaknesses. Software solutions provide flexibility in DPA but they suffer
Autor:
Yunheung Paek, Hyungon Moon, Seung-Wook Lee, Hansu Cho, Ingoo Heo, Daehee Jang, Brent Byunghoon Kang
Publikováno v:
JSTS:Journal of Semiconductor Technology and Science. 15:48-59
In recent years, there are increasing threats of rootkits that undermine the integrity of a system by manipulating OS kernel. To cope with the rootkits, in Vigilare, the snoop-based monitoring which snoops the memory traffics of the host system was p
Autor:
Jinyong Lee, Jangseop Shin, Yu-Yuan Chen, Yunheung Paek, Hongce Zhang, Ingoo Heo, Ruby B. Lee
Publikováno v:
ICCAD
To access sensitive information, some recent advanced attacks have been successful in exploiting implicit flows in a program in which sensitive data affects the control path and in turn affects other data. To track the sensitive data through implicit
Publikováno v:
DATE
Code reuse attack (CRA) is a powerful technique that allows attackers to perform arbitrary computation by reusing the existing code fragments. To defend from CRAs while complying with the conventional ARM-based SoC design principles, the previous har
Publikováno v:
2015 International SoC Design Conference (ISOCC).
Code reuse attack (CRA) is a powerful exploitation technique that allows attackers to perform arbitrary computation. To maximize the performance, prior hardware solutions to CRAs require invasive modifications to the CPU architecture or substantial s
Publikováno v:
HASP@ISCA
In recent years, there is a growing need to protect security and privacy of the data against various attacks on software running on smart mobile devices. The attackers mostly attempt to acquire privileges to control system behaviors as they want. As