FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3100243191> ?p ?o ?g. }

• W3100243191 abstract "Highly privileged software, such as firmware, is an attractive target for attackers. Thus, BIOS vendors use cryptographic signatures to ensure firmware integrity at boot time. Nevertheless, such protection does not prevent an attacker from exploiting vulnerabilities at runtime. To detect such attacks, we propose an event-based behavior monitoring approach that relies on an isolated co-processor. We instrument the code executed on the main CPU to send information about its behavior to the monitor. This information helps to resolve the semantic gap issue. Our approach does not depend on a specific model of the behavior nor on a specific target. We apply this approach to detect attacks targeting the System Management Mode (SMM), a highly privileged x86 execution mode executing firmware code at runtime. We model the behavior of SMM using invariants of its control-flow and relevant CPU registers (CR3 and SMBASE). We instrument two open-source firmware implementations: EDK II and coreboot. We evaluate the ability of our approach to detect state-of-the-art attacks and its runtime execution overhead by simulating an x86 system coupled with an ARM Cortex A5 co-processor. The results show that our solution detects intrusions from the state of the art, without any false positives, while remaining acceptable in terms of performance overhead in the context of the SMM (i.e., less than the 150 $mu$s threshold defined by Intel)." @default.
• W3100243191 created "2020-11-23" @default.
• W3100243191 creator A5026667916 @default.
• W3100243191 creator A5051495407 @default.
• W3100243191 creator A5056367729 @default.
• W3100243191 creator A5078241470 @default.
• W3100243191 date "2018-03-07" @default.
• W3100243191 modified "2023-09-27" @default.
• W3100243191 title "Co-processor-based Behavior Monitoring: Application to the Detection of Attacks Against the System Management Mode" @default.
• W3100243191 cites W1429241971 @default.
• W3100243191 cites W1522250664 @default.
• W3100243191 cites W1598700299 @default.
• W3100243191 cites W161166442 @default.
• W3100243191 cites W1631846088 @default.
• W3100243191 cites W17390021 @default.
• W3100243191 cites W1823377586 @default.
• W3100243191 cites W1969501726 @default.
• W3100243191 cites W1992891694 @default.
• W3100243191 cites W1993736952 @default.
• W3100243191 cites W1996931407 @default.
• W3100243191 cites W2004456327 @default.
• W3100243191 cites W2013892605 @default.
• W3100243191 cites W2019776007 @default.
• W3100243191 cites W2030660170 @default.
• W3100243191 cites W2048229966 @default.
• W3100243191 cites W2054840305 @default.
• W3100243191 cites W2072102701 @default.
• W3100243191 cites W2088272026 @default.
• W3100243191 cites W2089448621 @default.
• W3100243191 cites W2101889913 @default.
• W3100243191 cites W2109219878 @default.
• W3100243191 cites W2129355354 @default.
• W3100243191 cites W2133592286 @default.
• W3100243191 cites W2140697712 @default.
• W3100243191 cites W2144642151 @default.
• W3100243191 cites W2147657366 @default.
• W3100243191 cites W2151849720 @default.
• W3100243191 cites W2153185479 @default.
• W3100243191 cites W2156182786 @default.
• W3100243191 cites W2165779143 @default.
• W3100243191 cites W2171929398 @default.
• W3100243191 cites W2258876169 @default.
• W3100243191 cites W2405102949 @default.
• W3100243191 cites W2560221416 @default.
• W3100243191 cites W2626912599 @default.
• W3100243191 cites W3023860284 @default.
• W3100243191 cites W94181602 @default.
• W3100243191 hasPublicationYear "2018" @default.
• W3100243191 type Work @default.
• W3100243191 sameAs 3100243191 @default.
• W3100243191 citedByCount "1" @default.
• W3100243191 countsByYear W31002431912018 @default.
• W3100243191 crossrefType "proceedings-article" @default.
• W3100243191 hasAuthorship W3100243191A5026667916 @default.
• W3100243191 hasAuthorship W3100243191A5051495407 @default.
• W3100243191 hasAuthorship W3100243191A5056367729 @default.
• W3100243191 hasAuthorship W3100243191A5078241470 @default.
• W3100243191 hasBestOaLocation W31002431911 @default.
• W3100243191 hasConcept C111919701 @default.
• W3100243191 hasConcept C149635348 @default.
• W3100243191 hasConcept C151730666 @default.
• W3100243191 hasConcept C170723468 @default.
• W3100243191 hasConcept C177264268 @default.
• W3100243191 hasConcept C199360897 @default.
• W3100243191 hasConcept C26771161 @default.
• W3100243191 hasConcept C2776760102 @default.
• W3100243191 hasConcept C2777904410 @default.
• W3100243191 hasConcept C2779343474 @default.
• W3100243191 hasConcept C2779960059 @default.
• W3100243191 hasConcept C41008148 @default.
• W3100243191 hasConcept C48103436 @default.
• W3100243191 hasConcept C67212190 @default.
• W3100243191 hasConcept C86803240 @default.
• W3100243191 hasConceptScore W3100243191C111919701 @default.
• W3100243191 hasConceptScore W3100243191C149635348 @default.
• W3100243191 hasConceptScore W3100243191C151730666 @default.
• W3100243191 hasConceptScore W3100243191C170723468 @default.
• W3100243191 hasConceptScore W3100243191C177264268 @default.
• W3100243191 hasConceptScore W3100243191C199360897 @default.
• W3100243191 hasConceptScore W3100243191C26771161 @default.
• W3100243191 hasConceptScore W3100243191C2776760102 @default.
• W3100243191 hasConceptScore W3100243191C2777904410 @default.
• W3100243191 hasConceptScore W3100243191C2779343474 @default.
• W3100243191 hasConceptScore W3100243191C2779960059 @default.
• W3100243191 hasConceptScore W3100243191C41008148 @default.
• W3100243191 hasConceptScore W3100243191C48103436 @default.
• W3100243191 hasConceptScore W3100243191C67212190 @default.
• W3100243191 hasConceptScore W3100243191C86803240 @default.
• W3100243191 hasLocation W31002431911 @default.
• W3100243191 hasLocation W31002431912 @default.
• W3100243191 hasLocation W31002431913 @default.
• W3100243191 hasOpenAccess W3100243191 @default.
• W3100243191 hasPrimaryLocation W31002431911 @default.
• W3100243191 hasRelatedWork W2014720601 @default.
• W3100243191 hasRelatedWork W2118046102 @default.
• W3100243191 hasRelatedWork W2261546377 @default.
• W3100243191 hasRelatedWork W2331345037 @default.
• W3100243191 hasRelatedWork W2399135376 @default.
• W3100243191 hasRelatedWork W2498531798 @default.
• W3100243191 hasRelatedWork W2508667123 @default.

• next