Supporting A Dynamic Program Signature: An Intrusion Detection Framework for Microprocessors

Author

Inoue, Koji

Author_Institution

Department of Informatics, Kyushu University, 6-1 Kasuga-Koen, Kasuga, Fukuoka 816-8580 Japan; PRESTO, Japan Science and Technology Agency, 4-1-8 Honcho Kawaguchi, Saitama 332-0012 Japan. inoue@i.kyushu-u.ac.jp

fYear

2006

fDate

10-13 Dec. 2006

Firstpage

160

Lastpage

163

Abstract

To address computer security issues, a hardware-based intrusion detection technique is proposed. This uses the dynamic program execution behavior for authentication. Based on secret key information, an execution behavior is determined. Next, a secure compiler constructs object code which generates the predetermined execution behavior at runtime. During program execution, a secure profiler monitors the execution behavior. If the profiler cannot detect the expected behavior, it sends an alarm signal to the microprocessor for terminating program execution. Since attack code cannot anticipate the execution behavior required, malicious attacks can be detected and prohibited at the start of program execution.

Keywords

invasive software; attack code; authentication; computer security issues; dynamic program execution; dynamic program signature; execution behavior; hardware-based intrusion detection; intrusion detection framework; microprocessors; secret key information; secure compiler; Authentication; Buffer overflow; Computer displays; Computer security; Data security; Informatics; Information security; Intrusion detection; Microprocessors; Runtime;

fLanguage

English

Publisher

ieee

Conference_Titel

Electronics, Circuits and Systems, 2006. ICECS '06. 13th IEEE International Conference on

Conference_Location

Nice

Print_ISBN

1-4244-0395-2

Electronic_ISBN

1-4244-0395-2

Type

conf

DOI

10.1109/ICECS.2006.379744

Filename

4263328