Secore: Continuous extrospection with high visibility on multi-core ARM platforms

Penghui Zhang; Bernard Ngabonziza; Haehyun Cho; Ziming Zhao; Adam Doupe; Gail-Joon Ahn

doi:10.1145/3176258.3176948

Secore: Continuous extrospection with high visibility on multi-core ARM platforms

Penghui Zhang, Bernard Ngabonziza, Haehyun Cho, Ziming Zhao, Adam Doupe, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We present SeCore, which is a novel continuous extrospection system on multi-core ARM platform. SeCore leverages ARM TrustZone technology to keep one core in the secure world and assure the integrity of the static kernel data and code in the normal world. By breaking the original time-sharing paradigm of such systems, SeCore enables continuous coprocessor-like monitoring with high visibility into the rich execution environment on mobile and IoT platforms. By ensuring that secure tools execute on certain physical CPU cores, the system’s attack surface is also significantly reduced.

Original language	English (US)
Title of host publication	CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy
Publisher	Association for Computing Machinery, Inc
Pages	161-163
Number of pages	3
ISBN (Electronic)	9781450356329
DOIs	https://doi.org/10.1145/3176258.3176948
State	Published - Mar 13 2018
Event	8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018 - Tempe, United States Duration: Mar 19 2018 → Mar 21 2018

Publication series

Name	CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy
Volume	2018-January

Conference

Conference	8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018
Country/Territory	United States
City	Tempe
Period	3/19/18 → 3/21/18

ASJC Scopus subject areas

Computer Science Applications
Information Systems
Software

Access to Document

10.1145/3176258.3176948

Cite this

Zhang, P., Ngabonziza, B., Cho, H., Zhao, Z., Doupe, A., & Ahn, G-J. (2018). Secore: Continuous extrospection with high visibility on multi-core ARM platforms. In CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy (pp. 161-163). (CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy; Vol. 2018-January). Association for Computing Machinery, Inc. https://doi.org/10.1145/3176258.3176948

Secore: Continuous extrospection with high visibility on multi-core ARM platforms. / Zhang, Penghui; Ngabonziza, Bernard; Cho, Haehyun et al.
CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2018. p. 161-163 (CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy; Vol. 2018-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Zhang, P, Ngabonziza, B, Cho, H, Zhao, Z, Doupe, A & Ahn, G-J 2018, Secore: Continuous extrospection with high visibility on multi-core ARM platforms. in CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy, vol. 2018-January, Association for Computing Machinery, Inc, pp. 161-163, 8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018, Tempe, United States, 3/19/18. https://doi.org/10.1145/3176258.3176948

Zhang P, Ngabonziza B, Cho H, Zhao Z, Doupe A , Ahn G-J. Secore: Continuous extrospection with high visibility on multi-core ARM platforms. In CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc. 2018. p. 161-163. (CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy). doi: 10.1145/3176258.3176948

Zhang, Penghui ; Ngabonziza, Bernard ; Cho, Haehyun et al. / Secore : Continuous extrospection with high visibility on multi-core ARM platforms. CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2018. pp. 161-163 (CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy).

@inproceedings{11542cd5a65647369a574cec7c6ee13b,

title = "Secore: Continuous extrospection with high visibility on multi-core ARM platforms",

abstract = "We present SeCore, which is a novel continuous extrospection system on multi-core ARM platform. SeCore leverages ARM TrustZone technology to keep one core in the secure world and assure the integrity of the static kernel data and code in the normal world. By breaking the original time-sharing paradigm of such systems, SeCore enables continuous coprocessor-like monitoring with high visibility into the rich execution environment on mobile and IoT platforms. By ensuring that secure tools execute on certain physical CPU cores, the system{\textquoteright}s attack surface is also significantly reduced.",

author = "Penghui Zhang and Bernard Ngabonziza and Haehyun Cho and Ziming Zhao and Adam Doupe and Gail-Joon Ahn",

note = "Funding Information: This work is partially supported by a grant from the Center for Cybersecurity and Digital Forensics at Arizona State University. Publisher Copyright: {\textcopyright} 2018 Copyright held by the owner/author(s).; 8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018 ; Conference date: 19-03-2018 Through 21-03-2018",

year = "2018",

month = mar,

day = "13",

doi = "10.1145/3176258.3176948",

language = "English (US)",

series = "CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy",

publisher = "Association for Computing Machinery, Inc",

pages = "161--163",

booktitle = "CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy",

}

TY - GEN

T1 - Secore

T2 - 8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018

AU - Zhang, Penghui

AU - Ngabonziza, Bernard

AU - Cho, Haehyun

AU - Zhao, Ziming

AU - Doupe, Adam

AU - Ahn, Gail-Joon

N1 - Funding Information: This work is partially supported by a grant from the Center for Cybersecurity and Digital Forensics at Arizona State University. Publisher Copyright: © 2018 Copyright held by the owner/author(s).

PY - 2018/3/13

Y1 - 2018/3/13

N2 - We present SeCore, which is a novel continuous extrospection system on multi-core ARM platform. SeCore leverages ARM TrustZone technology to keep one core in the secure world and assure the integrity of the static kernel data and code in the normal world. By breaking the original time-sharing paradigm of such systems, SeCore enables continuous coprocessor-like monitoring with high visibility into the rich execution environment on mobile and IoT platforms. By ensuring that secure tools execute on certain physical CPU cores, the system’s attack surface is also significantly reduced.

AB - We present SeCore, which is a novel continuous extrospection system on multi-core ARM platform. SeCore leverages ARM TrustZone technology to keep one core in the secure world and assure the integrity of the static kernel data and code in the normal world. By breaking the original time-sharing paradigm of such systems, SeCore enables continuous coprocessor-like monitoring with high visibility into the rich execution environment on mobile and IoT platforms. By ensuring that secure tools execute on certain physical CPU cores, the system’s attack surface is also significantly reduced.

UR - http://www.scopus.com/inward/record.url?scp=85050312259&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85050312259&partnerID=8YFLogxK

U2 - 10.1145/3176258.3176948

DO - 10.1145/3176258.3176948

M3 - Conference contribution

AN - SCOPUS:85050312259

T3 - CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy

SP - 161

EP - 163

BT - CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery, Inc

Y2 - 19 March 2018 through 21 March 2018

ER -

Secore: Continuous extrospection with high visibility on multi-core ARM platforms

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this