KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object

@inproceedings{Lee2013KIMonAH,
  title={KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object},
  author={Hojoon Lee and Hyungon Moon and DaeHee Jang and Kihwan Kim and Jihoon Lee and Yunheung Paek and Brent ByungHoon Kang},
  booktitle={USENIX Security Symposium},
  year={2013}
}
Kernel rootkits undermine the integrity of system by manipulating its operating system kernel. External hardware-based monitors can serve as a root of trust that is resilient to rootkit attacks. The existing external hardware-based approaches lack an event-triggered verification scheme for mutable kernel objects. To address the issue, we present KI-Mon, a hardware-based platform for event-triggered kernel integrity monitor. A refined form of bus traffic monitoring efficiently verifies the… CONTINUE READING
Highly Cited
This paper has 51 citations. REVIEW CITATIONS
34 Extracted Citations
31 Extracted References
Similar Papers

Citing Papers

Publications influenced by this paper.
Showing 1-10 of 34 extracted citations

51 Citations

01020201320142015201620172018
Citations per Year
Semantic Scholar estimates that this publication has 51 citations based on the available data.

See our FAQ for additional information.

Referenced Papers

Publications referenced by this paper.
Showing 1-10 of 31 references

Lguest: The simple x86 hypervisor. http:// lguest.ozlabs.org

  • R. RUSSELL
  • Last accessed April
  • 2012
1 Excerpt

Ramspeed, a cache and memory benchmarking tool. http://www.alasir.com/ramspeed

  • R. M. HOLLANDER
  • Last accessed April
  • 2012
3 Excerpts

Similar Papers

Loading similar papers…