Hardware-Assisted Application Integrity Monitor

Existing hardware-assisted methods monitor the integrity of hyper visors and operating systems, which are critical to system integrity. This protection is possible because of ``non-volatile\´\´ data structures present in the machine\´s physical memory. In contrast, applications offer a more challenging protection target because they are dynamically allocated. Therefore, robust defenses against application tampering is still a difficult tasks that has remained an open problem. We propose "AppCheck," a hardware-assisted framework the protects the integrity of applications and server processes. We achieve that by leveraging semantic information extracted from the source code and input from a human developer. Unlike pure software defenses, AppCheck employs existing x86 features, namely System Management Mode, to acquire the necessary memory contents. If any of the these critical components become altered during runtime, AppCheck signals an alarm to a remote server notifying the operators of a potential security breach or software corruption.