HARDWARE-BASED KERNEL CODE INSERTION ATTACK DETECTING DEVICE AND METHOD THEREFOR
摘要
Disclosed are a hardware-based kernel code insertion attack detecting device and a method therefor. The device detects an insertion attack, using: a trace managing unit for recognizing an indirect branch destination address by parsing a packet received from a program trace interface (PTI) of a host system; a report managing unit for receiving a report associated with an event, such as a mode change, through a trampoline; and a traffic managing unit for detecting an attempt to write on a physical code area of a memory by snooping the traffic of a bus.
申请公布号
SG11201610083T(A)
申请公布日期
2017.01.27
申请号
SGT11201610083
申请日期
2016.04.26
申请人
SEOUL NATIONAL UNIVERSITY R&DB FOUNDATION
发明人
PAEK, YUN HEUNG;MOON, HYUN GON;LEE, JIN YONG;PAEK, YUN HEUNG;MOON, HYUN GON;LEE, JIN YONG