An intrusion-tolerant and self-recoverable network service system using a security enhanced chip multiprocessor

Proceedings - Second International Conference on Autonomic Computing, ICAC 2005

Volumn 2005, Issue , 2005, Pages 263-273

  Shi, Weidong ^a   Lee, Hsien Hsin S ^a   Gu, Guofei ^a   Falk, Laura ^b   Mudge, Trevor N ^b   Ghosh, Mrinmoy ^a  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

^b UNIVERSITY OF MICHIGAN   (United States)

Author keywords

Buffer overflow; Chip multi processor; Intrusion tolerant computing; Rootkits; Self healing; Survivable service

Indexed keywords

BUFFER OVERFLOW; CHIP MULTI PROCESSORS; INTRUSION-TOLERANT COMPUTING; ROOTKITS; SELF-HEALING; SURVIVABLE SERVICE;

CACHE MEMORY; COMPUTER CRIME; FAULT TOLERANT COMPUTER SYSTEMS; SECURITY SYSTEMS; SYSTEMS ANALYSIS;

MICROPROCESSOR CHIPS;

EID: 33745495377     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICAC.2005.8     Document Type: Conference Paper

References (28)

1. Common vulnerabilities and exposures. http://cve.mitre.org/.
2. US-CERT Vulnerability Notes. http://www.kb.cert.org/vuls.
3. Aleph One. Smashing The Stack For Fun And Profit. Phrack, 7(49), November 1996.
4. L. A. Barroso, K. Gharachorloo, R. McNamara, A. Nowatzyk, S. Qadeer, B. Sano, S. Smith, R. Stets, and B. Verghese. Piranha: a Scalable Architecture based on Single-chip Multiprocessing. In Proceedings of the 27th International Symposium on Computer Architecture, pages 282-293. ACM Press, 2000.
5. Chkrootkit. http://www.chkrootkit.org/.
6. G. W. Dunlap, S. T. King, S. Cinar, M. A. Basrai, and P. M. Chen. ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. In Proc. of the 2002 Symposium on Operating Systems Design and Implementation, Dec 2002.
7. T. Garfinkel and M. Rosenblum. A Virtual Machine Introspection based Architecture for Intrusion Detection. In Proc. of the Internet Society's 2003 Symposium on Network and Distributed System Security, February 2003.
8. Intel. Intel Architecture Software Developer's Manual Volume S: System Programming Guide, 2002.
9. K. Lawton. Welcome to the Bochs x86 PC Emulation Software Home Page, http://www.bochs.com.
10. Kad. Handling Interrupt Descriptor Table for Fun and Profit. Phrack, 11(59), 2002.
11. Kerncheck. http://la-samhna.de/library/kern_check.c.
12. V. Kiriansky, D. Bruening, and S. Amarasinghe. Secure Execution Via Program Shepherding. In Proc. of the 11th Usenix Security Symposium, Aug 2002.
13. K. Krewell. Sun's Niagara Pours on the Cores. Microprocessor Report, September 13 2004.
14. S. Labs. Loadable Kernel Module Rootkits. http://la-samha.de/library/lkm. html, July, 2002.
15. J. G. Levine, J. B. Grizzard, and H. L. Owen. A Methodology to Detect and Characterize Kernel Level Rootkit Exploits Involving Redirection of the System Call Table. In Proc. of the 2nd IEEE International Information Assurance Workshop, pages 107-128, 2004.
16. K. Olukotun, B. A. Nayfeh, L. Hammond, K. Wilson, and K. Chang. The Case for a Single-Chip Multiprocessor. In Proc. of the 7th International Conference on Architectural Support for Programming Languages and Operating Systems, pages 2-11. ACM Press, 1996.
17. V. Paxson. Bro: A System for Detecting Network Intruders in Real-Time. In Computer Networks, 31(23-24), pages pp. 2435-2463, 14 Dec. 1999.
18. A. G. Pennington, J. D. Strunk, J. L. Griffin, C. A. Soules, G. R. Goodson, and G. R. Ganger. Storage-based Intrusion Detection: Watching Storage Activity for Suspicious Behavior. In Proc. of the 12th USENIX Security Symposium, August 2003.
19. J. Pincus and B. Baker. Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. In IEEE Security and Privacy, 2(4), pages 20-27, 2004.
20. Plaguez. Weakening the Linux Kernel. Phrack, 8(52), 1998.
21. P. Samarati, D. Gollmann, and R. Molva, editors. Computer Security - ESORICS 2004, 9th European Symposium on Research Computer Security, Sophia Antipolis, France, September 13-15, 2004, Proceedings, volume 3193 of Lecture Notes in Computer Science. Springer, 2004.
22. Scut. Exploiting format string vulnerabilities. 2001.
23. Sd and Devik. Linux On-the-fly Kernel Patching without LKM. Phrack, 11(58), 2002.
24. K. Seifried. Honeypotting with VMware: Basics. http://www.seifried.org/ security/ids/20020107-honeypotwmware-basics/html.
25. A. Shilov. Amd targets quad-core microprocessors for 2007. http://www.xbitla.bs.com/uews/cpu/display/20040813040951.html.
26. S. Sidiroglou and A. D. Keromytis. A Network Worm Vaccine Architecture. In Proceedings of the 12th International Workshop on Enabling Technologies, page 220. IEEE Computer Society, 2003.
27. S. Sidiroglou, M. E. Locasto, S. W. Boyd, and A. D. Keromytis. Building a Reactive Immune System for Software Services. Report CUCS-038-04, Columbia University, Newyork, NY, 2004.
28. J. M. Tendler, J. S. Dodson, J. S. Fields, H. L. Jr., and B. Sinharoy. POWER4 System Microarchitecture. IBM Journal of Research and Development, 46(1), 2002.