Efficient and Practical Security Monitoring on System-on-Chip with Application-Specific Hardware Modules : 시스템온칩 상에서의 효율적이고 실용적인 보안 모니터링을 위한 응용 특화 하드웨어 모듈

Cited 0 time in Web of Science Cited 0 time in Scopus

Ingoo Heo

공과대학 전기·컴퓨터공학부
Issue Date
서울대학교 대학원
Security monitoringdebug interfaceSoC level integrationexternal hardware engine
학위논문 (박사)-- 서울대학교 대학원 : 전기·컴퓨터공학부, 2016. 2. 백윤흥.
Many researchers have proposed the concept of security monitoring, which watches the execution behavior of a program (e.g, control-flow or data-flow) running on the machine to find the existence of malicious attacks. Among the proposed approaches in the literature, software-based works are known to be relatively easy to be adopted to the commercial products, but may incur tremendous runtime overhead. Although many hardware-based solutions provide high performance, the inherent problem of them is that they usually mandate drastic change to the internal processor architecture. More recent ones to minimize the change have proposed external devices for security monitoring. However, these approaches intrinsically suffer from the high overhead to communicate with their external devices. Consequently, they either significantly lose performance, or inevitably make invasive modifications to the processor inside.

In this thesis, I propose several approaches for efficient security monitoring, where external hardware engines conduct the task of monitoring. The main priority in desinging the engines is not to require any modification in the host processor core internal. Thus, the engines introduced in this thesis are designed as external hardware modules and integrated to the host processor using the existing interface in the system. Complying with the rule, I explored the architectural design space for the engine and in ths thesis, three types of such approaches will be presented. Starting from the hardware engine that utilizes only the system bus, I will introduce the final solution that exploits the debug interface of the commercial processor. From the design exploration, this thesis shows various design decisions that can be applied in the current commercial platforms.
Files in This Item:
Appears in Collections:
College of Engineering/Engineering Practice School (공과대학/대학원)Dept. of Electrical and Computer Engineering (전기·정보공학부)Theses (Ph.D. / Sc.D._전기·정보공학부)
  • mendeley

Items in S-Space are protected by copyright, with all rights reserved, unless otherwise indicated.