Hardware-assisted intrusion detection by preserving reference information integrity

Junghee Lee, Chrysostomos Nicopoulos, Gi Hwan Oh, Sang Won Lee, Jongman Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Malware detectors and integrity checkers detect malicious activities by comparing against reference data. To ensure their trustworthy operation, it is crucial to protect the reference data from unauthorized modification. This paper proposes the Soteria Security Card (SSC), an append-only storage. To the best of our knowledge, this work is the first to introduce the concept of an append-only storage and its application to information security. The SSC framework allows only read and append operations, and forbids over-write and erase operations. By exploiting this trait, we can protect the reference data that must be updated constantly. It is demonstrated how SSC facilitates log protection and file integrity checking.

Original languageEnglish
Title of host publicationAlgorithms and Architectures for Parallel Processing - 13th International Conference, ICA3PP 2013, Proceedings
Pages291-300
Number of pages10
EditionPART 1
DOIs
Publication statusPublished - 2013 Dec 1
Externally publishedYes
Event13th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2013 - Vietri sul Mare, Italy
Duration: 2013 Dec 182013 Dec 20

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 1
Volume8285 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference13th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2013
CountryItaly
CityVietri sul Mare
Period13/12/1813/12/20

    Fingerprint

Keywords

  • Hardware
  • Log
  • Protection
  • Security

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Lee, J., Nicopoulos, C., Oh, G. H., Lee, S. W., & Kim, J. (2013). Hardware-assisted intrusion detection by preserving reference information integrity. In Algorithms and Architectures for Parallel Processing - 13th International Conference, ICA3PP 2013, Proceedings (PART 1 ed., pp. 291-300). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8285 LNCS, No. PART 1). https://doi.org/10.1007/978-3-319-03859-9_25