Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | 조영필 | - |
dc.date.accessioned | 2021-03-11T04:23:45Z | - |
dc.date.available | 2021-03-11T04:23:45Z | - |
dc.date.issued | 2019-12 | - |
dc.identifier.citation | IEEE ACCESS, v. 7, page. 186517-186528 | en_US |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | https://ieeexplore.ieee.org/document/8938809 | - |
dc.identifier.uri | https://repository.hanyang.ac.kr/handle/20.500.11754/160538 | - |
dc.description.abstract | Field programmable gate arrays (FPGAs) have been increasingly mounted on commodity systems. As a matter of fact, such an emerging adoption of FPGAs in the commodity systems is attributed to their versatility came from the programmable property. Accordingly many industrial and academic attempts have been performed to exploit FPGAs in a variety of applications. In this paper, we note that FPGAs also can be used to protect the host CPU from a nasty security threat, called code reuse attacks (CRAs). Code reuse attack (CRA) is a powerful technique that allows attackers to execute arbitrary code. Control-flow integrity (CFI) has been popularly employed to mitigate CRAs. CFI entails CRA monitoring that checks if a program runs as directed by its control-flow graph. However, as monitoring naturally incurs non-negligible runtime overhead to the host CPU, many studies proposed hardware techniques to lessen the monitoring overhead. To facilitate the immediate deployment of a hardware-based solution, we propose a CRA monitor, called ActiMon, that can be implemented on an SoC FPGA where the host CPU and FPGA are manufactured together in a single platform. However, implementing the CRA monitor operating on FPGA arouses a new challenge that has never been addressed in the previous solutions: the operating clock of FPGA is many times slower than the CPU. By overcoming this speed difference, we ultimately purpose to evince the feasibility of FPGA as a computing device in the field of CRA defense. For this purpose, we have developed a highly efficient algorithm designed to run on FPGA whose goal is to monitor the existence of CRAs on the host CPU residing in the same SoC FPGA platform. Empirical results show that ActiMon runs on our target SoC FPGA platform efficiently enough to catch up to the speed of host code execution and promptly detects two important types of CRAs, JOP (Jump-Oriented Programming) and ROP (Return-Oriented Programming), as soon as they occurred in the host system. We assert that such results are encouraging thanks to our unified, lightweight ROP/JOP detection mechanism based on a list of active functions, and also to additional optimizations to leverage the inherent capabilities of FPGA for parallel computation. | en_US |
dc.description.sponsorship | This work was supported in part by the Institute of Information and Communications Technology Planning and Evalution (IITP) Grant Funded by the Korean Government (MSIT) under Grant 2018-0-00230 (Development on Autonomous Trust Enhancement Technology of IoT Device and Study on Adaptive IoT Security Open Architecture based on Global Standardization [TrusThingz Project]) and Grant 2017-0-00213 (Development of Cyber Self Mutation Technologies for Proactive Cyber Defense), in part by the National Research Foundation of Korea (NRF) Grant Funded by the Korean Government (MSIT) under Grant NRF-2017R1A2A1A17069478 and Grant NRF-2018R1D1A1B07049870, in part by the BK21 Plus Project in 2019, and in part by the EDA tool from the IC Design Education Center (IDEC), South Korea. | en_US |
dc.language.iso | en | en_US |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | en_US |
dc.subject | Code reuse attacks (CRAs) | en_US |
dc.subject | control-flow integrity (CFI) | en_US |
dc.subject | external monitor | en_US |
dc.subject | field programmable gate arrays (FPGAs) | en_US |
dc.subject | hardware-based security | en_US |
dc.title | ActiMon: Unified JOP and ROP Detection With Active Function Lists on an SoC FPGA | en_US |
dc.type | Article | en_US |
dc.relation.no | 7 | - |
dc.identifier.doi | 10.1109/ACCESS.2019.2961416 | - |
dc.relation.page | 186517-186528 | - |
dc.relation.journal | IEEE ACCESS | - |
dc.contributor.googleauthor | Oh, Hyunyoung | - |
dc.contributor.googleauthor | Yang, Myonghoon | - |
dc.contributor.googleauthor | Cho, Yeongpil | - |
dc.contributor.googleauthor | Paek, Yunheung | - |
dc.relation.code | 2019036307 | - |
dc.sector.campus | S | - |
dc.sector.daehak | COLLEGE OF ENGINEERING[S] | - |
dc.sector.department | DEPARTMENT OF COMPUTER SCIENCE | - |
dc.identifier.pid | ypcho | - |
dc.identifier.orcid | https://orcid.org/0000-0001-7842-1719 | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.