{"title":"Stream cipher hash based execution monitoring (SCHEM) framework for intrusion detection on embedded processors","authors":"A. Chaudhari, J. Abraham","doi":"10.1109/IOLTS.2012.6313864","DOIUrl":null,"url":null,"abstract":"Hardware based execution monitoring of applications holds the promise for an effective and tamper-proof solution for intrusion detection on processor. This paper presents a practical hardware based intrusion detection framework which uses stream cipher based hashing techniques for runtime control flow and instruction integrity monitoring. This framework enables accurate monitoring of the control flow of a process with an instruction level granularity. Additional hardware required for implementation of our framework has very low power and area overheads which makes it possible to practically implement execution monitoring even on embedded processors. Our technique achieves an order of magnitude lower power overhead compared to other similar techniques. Furthermore, our implementation of the developed framework has a low intrusion detection latency, which enables us to verify the control flow integrity of the executing code before the violating control flow instructions are retired from the processor pipeline.","PeriodicalId":246222,"journal":{"name":"2012 IEEE 18th International On-Line Testing Symposium (IOLTS)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE 18th International On-Line Testing Symposium (IOLTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IOLTS.2012.6313864","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Hardware based execution monitoring of applications holds the promise for an effective and tamper-proof solution for intrusion detection on processor. This paper presents a practical hardware based intrusion detection framework which uses stream cipher based hashing techniques for runtime control flow and instruction integrity monitoring. This framework enables accurate monitoring of the control flow of a process with an instruction level granularity. Additional hardware required for implementation of our framework has very low power and area overheads which makes it possible to practically implement execution monitoring even on embedded processors. Our technique achieves an order of magnitude lower power overhead compared to other similar techniques. Furthermore, our implementation of the developed framework has a low intrusion detection latency, which enables us to verify the control flow integrity of the executing code before the violating control flow instructions are retired from the processor pipeline.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
