HKUST Institutional Repository >
Computer Science and Engineering >
CSE Conference Papers >
Please use this identifier to cite or link to this item:
|Title: ||LWRM : a lightweight response mechanism for TCG TOCTOU attack|
|Authors: ||Chang, Xiaolin|
Muppala, Jogesh K.
|Keywords: ||TOCTOU attacks|
|Issue Date: ||Dec-2009 |
|Citation: ||Proceedings 28th IEEE International Performance Computing and Communications Conference (IPCCC 2009), 14-16 December 2009, Scottsdale, AZ, USA, p. 200-207.|
|Abstract: ||The current TCG architecture suffers from the Time-of-Check-To-Time-of-Use (TOCTOU) attacks in commodity PC operating systems (OS), in which kernel rootkits can get unrestricted access to OS resources. VMM-based approaches running at a privilege level higher than that of virtual machine (VM) kernel can effectively detect dynamic or static data attacks occurring in VMs. This paper proposes a lightweight response mechanism (LWRM) for TCG TOCTOU attacks occurring in VMs. LWRM has the following features: (1) compared to the existing response mechanism, LWRM is more effective in defeating the TCG TOCTOU attacks; (2) LWRM imposes less overhead on the system during normal execution; (3) LWRM is transparent to the kernel rootkits; and (4) LWRM can work in the scenarios with more than one run-time trusted virtual machine. We describe the design idea and the implementation by using the Xen virtual machine monitor (VMM) and the virtual TPM facility shipped with the Xen.|
|Rights: ||© 2009 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.|
|Appears in Collections:||CSE Conference Papers|
Files in This Item:
All items in this Repository are protected by copyright, with all rights reserved.