| A Coprocessor-Based Introspection Framework Via Intel Management Engine | |
|---|---|
| Author | |
| Abstract |
During the past decade, virtualization-based (e.g., virtual machine introspection) and hardware-assisted approaches (e.g., x86 SMM and ARM TrustZone) have been used to defend against low-level malware such as rootkits. However, these approaches either require a large Trusted Computing Base (TCB) or they must share CPU time with the operating system, disrupting normal execution. In this article, we propose an introspection framework called Nighthawk that transparently checks system integrity and monitor the runtime state of target system.
|
| Year of Publication |
2021
|
| Journal |
IEEE Transactions on Dependable and Secure Computing
|
| Volume |
18
|
| Number of Pages |
1920-1932
|
| Date Published |
07/2021
|
| ISSN Number |
1941-0018
|
| URL |
https://ieeexplore.ieee.org/document/9397383
|
| DOI |
10.1109/TDSC.2021.3071092
|
| Google Scholar | BibTeX | XML | DOI | |