The dragonbeam framework: Hardware-protected security modules for in-place intrusion detection

Man Ki Yoon, Mihai Christodorescu, Lui Sha, Sibin Mohan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The sophistication of malicious adversaries is increasing every day and most defenses are often easily overcome by such attackers. Many existing defensive mechanisms often make differing assumptions about the underlying systems and use varied architectures to implement their solutions. This often leads to fragmentation among solutions and could even open up additional vulnerabilities in the system. We present the DragonBeam Framework that enables system designers to implement their own monitoring methods and analyses engines to detect intrusions in modern operating systems. It is built upon a novel hardware/software mechanism. Depending on the type of monitoring that is implemented using this framework, the impact on the monitored system is very low. This is demonstrated by the use cases presented in this paper that also showcase how the DragonBeam framework can be used to detect different types of attack.

Original languageEnglish (US)
Title of host publicationSYSTOR 2016 - Proceedings of the 9th ACM International Systems and Storage Conference
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)9781450343817
DOIs
StatePublished - Jun 6 2016
Event9th ACM International Systems and Storage Conference, SYSTOR 2016 - Haifa, Israel
Duration: Jun 6 2016Jun 8 2016

Publication series

NameSYSTOR 2016 - Proceedings of the 9th ACM International Systems and Storage Conference

Other

Other9th ACM International Systems and Storage Conference, SYSTOR 2016
CountryIsrael
CityHaifa
Period6/6/166/8/16

ASJC Scopus subject areas

  • Computer Science Applications
  • Electrical and Electronic Engineering
  • Hardware and Architecture
  • Software

Fingerprint Dive into the research topics of 'The dragonbeam framework: Hardware-protected security modules for in-place intrusion detection'. Together they form a unique fingerprint.

Cite this