ICORe

Continuous and proactive extrospection on multi-core IoT devices

Penghui Zhang, Haehyun Cho, Ziming Zhao, Adam Doupe, Gail-Joon Ahn

Research output: Contribution to conferencePaper

Abstract

In this paper, we present ICORE, a novel continuous and proactive extrospection system with high visibility on IoT devices deploying multi-core ARM platforms. Dedicated cores named Isolated Cores are configured to stay in the TrustZone secure world upon system boot to perform monitoring functionalities to extrospect static normal world kernel memory area proactively, continuously, and stealthily. Different from the existing TrustZone paradigm, in which secure world serves as the slave of the normal world, ICORE makes the secure world play a master role. Therefore, ICORE remains stealthy and proactive to perform monitoring functionalities. The evaluation results show that ICORE is effective and imposes negligible performance degradation using the SPEC CPU2017 benchmark.

Original languageEnglish (US)
Pages851-860
Number of pages10
DOIs
StatePublished - Jan 1 2019
Event34th Annual ACM Symposium on Applied Computing, SAC 2019 - Limassol, Cyprus
Duration: Apr 8 2019Apr 12 2019

Conference

Conference34th Annual ACM Symposium on Applied Computing, SAC 2019
CountryCyprus
CityLimassol
Period4/8/194/12/19

Fingerprint

Monitoring
Visibility
Data storage equipment
Degradation
Internet of things

Keywords

  • ARM TrustZone
  • CPU isolation
  • Extrospection

ASJC Scopus subject areas

  • Software

Cite this

Zhang, P., Cho, H., Zhao, Z., Doupe, A., & Ahn, G-J. (2019). ICORe: Continuous and proactive extrospection on multi-core IoT devices. 851-860. Paper presented at 34th Annual ACM Symposium on Applied Computing, SAC 2019, Limassol, Cyprus. https://doi.org/10.1145/3297280.3297364

ICORe : Continuous and proactive extrospection on multi-core IoT devices. / Zhang, Penghui; Cho, Haehyun; Zhao, Ziming; Doupe, Adam; Ahn, Gail-Joon.

2019. 851-860 Paper presented at 34th Annual ACM Symposium on Applied Computing, SAC 2019, Limassol, Cyprus.

Research output: Contribution to conferencePaper

Zhang, P, Cho, H, Zhao, Z, Doupe, A & Ahn, G-J 2019, 'ICORe: Continuous and proactive extrospection on multi-core IoT devices' Paper presented at 34th Annual ACM Symposium on Applied Computing, SAC 2019, Limassol, Cyprus, 4/8/19 - 4/12/19, pp. 851-860. https://doi.org/10.1145/3297280.3297364
Zhang P, Cho H, Zhao Z, Doupe A, Ahn G-J. ICORe: Continuous and proactive extrospection on multi-core IoT devices. 2019. Paper presented at 34th Annual ACM Symposium on Applied Computing, SAC 2019, Limassol, Cyprus. https://doi.org/10.1145/3297280.3297364
Zhang, Penghui ; Cho, Haehyun ; Zhao, Ziming ; Doupe, Adam ; Ahn, Gail-Joon. / ICORe : Continuous and proactive extrospection on multi-core IoT devices. Paper presented at 34th Annual ACM Symposium on Applied Computing, SAC 2019, Limassol, Cyprus.10 p.
@conference{3e6941ad076a411f94b9d9a9a6b598c7,
title = "ICORe: Continuous and proactive extrospection on multi-core IoT devices",
abstract = "In this paper, we present ICORE, a novel continuous and proactive extrospection system with high visibility on IoT devices deploying multi-core ARM platforms. Dedicated cores named Isolated Cores are configured to stay in the TrustZone secure world upon system boot to perform monitoring functionalities to extrospect static normal world kernel memory area proactively, continuously, and stealthily. Different from the existing TrustZone paradigm, in which secure world serves as the slave of the normal world, ICORE makes the secure world play a master role. Therefore, ICORE remains stealthy and proactive to perform monitoring functionalities. The evaluation results show that ICORE is effective and imposes negligible performance degradation using the SPEC CPU2017 benchmark.",
keywords = "ARM TrustZone, CPU isolation, Extrospection",
author = "Penghui Zhang and Haehyun Cho and Ziming Zhao and Adam Doupe and Gail-Joon Ahn",
year = "2019",
month = "1",
day = "1",
doi = "10.1145/3297280.3297364",
language = "English (US)",
pages = "851--860",
note = "34th Annual ACM Symposium on Applied Computing, SAC 2019 ; Conference date: 08-04-2019 Through 12-04-2019",

}

TY - CONF

T1 - ICORe

T2 - Continuous and proactive extrospection on multi-core IoT devices

AU - Zhang, Penghui

AU - Cho, Haehyun

AU - Zhao, Ziming

AU - Doupe, Adam

AU - Ahn, Gail-Joon

PY - 2019/1/1

Y1 - 2019/1/1

N2 - In this paper, we present ICORE, a novel continuous and proactive extrospection system with high visibility on IoT devices deploying multi-core ARM platforms. Dedicated cores named Isolated Cores are configured to stay in the TrustZone secure world upon system boot to perform monitoring functionalities to extrospect static normal world kernel memory area proactively, continuously, and stealthily. Different from the existing TrustZone paradigm, in which secure world serves as the slave of the normal world, ICORE makes the secure world play a master role. Therefore, ICORE remains stealthy and proactive to perform monitoring functionalities. The evaluation results show that ICORE is effective and imposes negligible performance degradation using the SPEC CPU2017 benchmark.

AB - In this paper, we present ICORE, a novel continuous and proactive extrospection system with high visibility on IoT devices deploying multi-core ARM platforms. Dedicated cores named Isolated Cores are configured to stay in the TrustZone secure world upon system boot to perform monitoring functionalities to extrospect static normal world kernel memory area proactively, continuously, and stealthily. Different from the existing TrustZone paradigm, in which secure world serves as the slave of the normal world, ICORE makes the secure world play a master role. Therefore, ICORE remains stealthy and proactive to perform monitoring functionalities. The evaluation results show that ICORE is effective and imposes negligible performance degradation using the SPEC CPU2017 benchmark.

KW - ARM TrustZone

KW - CPU isolation

KW - Extrospection

UR - http://www.scopus.com/inward/record.url?scp=85065674321&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065674321&partnerID=8YFLogxK

U2 - 10.1145/3297280.3297364

DO - 10.1145/3297280.3297364

M3 - Paper

SP - 851

EP - 860

ER -