{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T13:46:53Z","timestamp":1762004813525,"version":"3.41.0"},"reference-count":68,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2016,5,27]],"date-time":"2016-05-27T00:00:00Z","timestamp":1464307200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100003725","name":"National Research Foundation of Korea","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100003725","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Development on the SW\/HW Modules of Processor Monitor for System Intrusion Detection"},{"name":"Korean government","award":["2014R1A2A1A10051792"],"award-info":[{"award-number":["2014R1A2A1A10051792"]}]},{"name":"Korean government (Ministry of Science, ICT, and Future Planning","award":["R0190-15-2010"],"award-info":[{"award-number":["R0190-15-2010"]}]},{"DOI":"10.13039\/501100010418","name":"Institute for Information and Communications Technology Promotion","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100010418","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Information Technology Research Center","award":["IITP-2016-R0992-16-1006"],"award-info":[{"award-number":["IITP-2016-R0992-16-1006"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Des. Autom. Electron. Syst."],"published-print":{"date-parts":[[2017,1,31]]},"abstract":"For decades, various concepts in security monitoring have been proposed. In principle, they all in common in regard to the monitoring of the execution behavior of a program (e.g., control-flow or dataflow) running on the machine to find symptoms of attacks. Among the proposed monitoring schemes, software-based ones are known for their adaptability on the commercial products, but there have been concerns that they may suffer from nonnegligible runtime overhead. On the other hand, hardware-based solutions are recognized for their high performance. However, most of them have an inherent problem in that they usually mandate drastic changes to the internal processor architecture. More recent ones have strived to minimize such modifications by employing external hardware security monitors in the system. However, these approaches intrinsically suffer from the overhead caused by communication between the host and the external monitor. Our solution also relies on external hardware for security monitoring, but unlike the others, ours tackles the communication overhead by using the core debug interface (CDI), which is readily available in most commercial processors for debugging. We build our system simply by plugging our monitoring hardware into the processor via CDI, precluding the need for altering the processor internals. To validate the effectiveness of our approach, we implement two well-known monitoring techniques on our proposed framework: dynamic information flow tracking and branch regulation. The experimental results on our FPGA prototype show that our external hardware monitors efficiently perform monitoring tasks with negligible performance overhead, mainly with thanks to the support of CDI, which helps us reduce communication costs substantially.<\/jats:p>","DOI":"10.1145\/2907611","type":"journal-article","created":{"date-parts":[[2016,5,31]],"date-time":"2016-05-31T12:15:09Z","timestamp":1464696909000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Efficient Security Monitoring with the Core Debug Interface in an Embedded Processor"],"prefix":"10.1145","volume":"22","author":[{"given":"Jinyong","family":"Lee","sequence":"first","affiliation":[{"name":"Seoul National University, Seoul, South Korea"}]},{"given":"Ingoo","family":"Heo","sequence":"additional","affiliation":[{"name":"Seoul National University, Seoul, South Korea"}]},{"given":"Yongje","family":"Lee","sequence":"additional","affiliation":[{"name":"Samsung Electronics Co., Ltd and Seoul National University, Seoul, South Korea"}]},{"given":"Yunheung","family":"Paek","sequence":"additional","affiliation":[{"name":"Seoul National University, Seoul, South Korea"}]}],"member":"320","published-online":{"date-parts":[[2016,5,27]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_2_1_2_1","unstructured":"ARM Limited. 1999. AMBA Specification. Available at http:\/\/soc.eecs.yuntech.edu.tw\/Course\/SoC\/doc\/amba.pdf. ARM Limited. 1999. AMBA Specification. Available at http:\/\/soc.eecs.yuntech.edu.tw\/Course\/SoC\/doc\/amba.pdf."},{"key":"e_1_2_1_3_1","unstructured":"ARM Limited. 2011. Embedded Trace Macrocell Architecture Specification. Available at http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0014q\/IHI0014Q_etm_architecture_spec.pdf. ARM Limited. 2011. Embedded Trace Macrocell Architecture Specification. Available at http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0014q\/IHI0014Q_etm_architecture_spec.pdf."},{"key":"e_1_2_1_4_1","volume-title":"Retrieved","author":"ARM.","year":"2013","unstructured":"ARM. 2013 . ARM CoreSight Architecture Specification v2.0 . Retrieved April 28, 2016, from http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0029d\/IHI0029D_coresight_architecture_spec_v2_0.pdf. ARM. 2013. ARM CoreSight Architecture Specification v2.0. Retrieved April 28, 2016, from http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0029d\/IHI0029D_coresight_architecture_spec_v2_0.pdf."},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of theUSENIX Security Conference. 15--28","author":"Bellardo John","year":"2003","unstructured":"John Bellardo and Stefan Savage . 2003 . 802.11 denial-of-service attacks: Real vulnerabilities and practical solutions . In Proceedings of theUSENIX Security Conference. 15--28 . John Bellardo and Stefan Savage. 2003. 802.11 denial-of-service attacks: Real vulnerabilities and practical solutions. In Proceedings of theUSENIX Security Conference. 15--28."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2744922"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455776"},{"volume-title":"Proceedings of the 24th USENIX Security Symposium (USENIX Security\u201915)","author":"Carlini Nicholas","key":"e_1_2_1_8_1","unstructured":"Nicholas Carlini , Antonio Barresi , Mathias Payer , David Wagner , and Thomas R. Gross . 2015. Control-flow bending: On the effectiveness of control-flow integrity . In Proceedings of the 24th USENIX Security Symposium (USENIX Security\u201915) . 161--176. Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-flow bending: On the effectiveness of control-flow integrity. In Proceedings of the 24th USENIX Security Symposium (USENIX Security\u201915). 161--176."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10772-6_13"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1394608.1382153"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2006.158"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1321631.1321673"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.52"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273440.1250722"},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS\u201912)","author":"Davi Lucas","year":"2012","unstructured":"Lucas Davi , Alexandra Dmitrienko , Manuel Egele , Thomas Fischer , Thorsten Holz , Ralf Hund , Stefan N\u00fcrnberger , and Ahmad-Reza Sadeghi . 2012 . MoCFI: A framework to mitigate control-flow attacks on smartphones . In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS\u201912) . Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan N\u00fcrnberger, and Ahmad-Reza Sadeghi. 2012. MoCFI: A framework to mitigate control-flow attacks on smartphones. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS\u201912)."},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966920"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/2354410.2355153"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2010.17"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346295"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.micpro.2010.10.002"},{"key":"e_1_2_1_22_1","unstructured":"Gaisler. 2004. LEON3 Processor User\u2019s Manual. Gaisler Research. Gaisler. 2004. LEON3 Processor User\u2019s Manual. Gaisler Research."},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.43"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SMARTCOMP-W.2014.7046672"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/1128020.1128563"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2746238"},{"volume-title":"Retrieved","year":"2015","key":"e_1_2_1_27_1","unstructured":"Intel. 2015 . Intel 64 and IA-32 Architectures Software Developer Manuals . Retrieved April 28, 2016, from http:\/\/www.intel.com\/content\/www\/us\/en\/processors\/architectures-software-developer-manuals.html. Intel. 2015. Intel 64 and IA-32 Architectures Software Developer Manuals. Retrieved April 28, 2016, from http:\/\/www.intel.com\/content\/www\/us\/en\/processors\/architectures-software-developer-manuals.html."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1555815.1555806"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2009.5270347"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/2337159.2337171"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2013.6522324"},{"key":"e_1_2_1_32_1","unstructured":"Kaspersky Lab. 2012. Dorifel Malware Encrypts Files Steals Financial Data May Be Related to Zeus or Citadel. Available at http:\/\/threatpost.com\/. Kaspersky Lab. 2012. Dorifel Malware Encrypts Files Steals Financial Data May Be Related to Zeus or Citadel. Available at http:\/\/threatpost.com\/."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2768566.2768569"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2007.8"},{"key":"e_1_2_1_35_1","unstructured":"Mentor Graphics. 2007. ModelSim. https:\/\/www.mentor.com\/products\/fv\/modelsim\/. Mentor Graphics. 2007. ModelSim. https:\/\/www.mentor.com\/products\/fv\/modelsim\/."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23271"},{"key":"e_1_2_1_37_1","volume-title":"Retrieved","author":"DLP.","year":"2012","unstructured":"My DLP. 2012 . Data Leak Prevention Solution . Retrieved April 28, 2016, from https:\/\/www.mydlp.com\/. MyDLP. 2012. Data Leak Prevention Solution. Retrieved April 28, 2016, from https:\/\/www.mydlp.com\/."},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the Workshop on Interaction Between Compilers and Computer Architectures.","author":"Nagarajan Vijay","year":"2008","unstructured":"Vijay Nagarajan , Ho-Seop Kim , Youfeng Wu , and Rajiv Gupta . 2008 . Dynamic information flow tracking on multicores . In Proceedings of the Workshop on Interaction Between Compilers and Computer Architectures. Vijay Nagarajan, Ho-Seop Kim, Youfeng Wu, and Rajiv Gupta. 2008. Dynamic information flow tracking on multicores. In Proceedings of the Workshop on Interaction Between Compilers and Computer Architectures."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273442.1250746"},{"key":"e_1_2_1_40_1","volume-title":"Retrieved","author":"Newsome James","year":"2005","unstructured":"James Newsome and Dawn Song . 2005 . Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software . Retrieved April 28, 2016, from http:\/\/valgrind.org\/docs\/newsome2005.pdf. James Newsome and Dawn Song. 2005. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. Retrieved April 28, 2016, from http:\/\/valgrind.org\/docs\/newsome2005.pdf."},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594295"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813644"},{"key":"e_1_2_1_43_1","unstructured":"William Orme. 2008. Debug and Trace for Multicore SOCs. White Paper. ARM. William Orme. 2008. Debug and Trace for Multicore SOCs. White Paper. ARM."},{"volume-title":"Proceedings of the USENIX Security Conference. 447--462","author":"Pappas Vasilis","key":"e_1_2_1_44_1","unstructured":"Vasilis Pappas , Michalis Polychronakis , and Angelos D. Keromytis . 2013. Transparent ROP exploit mitigation using indirect branch tracing . In Proceedings of the USENIX Security Conference. 447--462 . Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis. 2013. Transparent ROP exploit mitigation using indirect branch tracing. In Proceedings of the USENIX Security Conference. 447--462."},{"key":"e_1_2_1_45_1","volume-title":"Retrieved","author":"Team X","year":"2003","unstructured":"Pa X Team . 2003 . Address Space Layout Randomization . Retrieved April 28, 2016, from http:\/\/pax.grsecurity.net\/docs\/aslr.txt. PaX Team. 2003. Address Space Layout Randomization. Retrieved April 28, 2016, from http:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.5555\/2026647.2026664"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.micpro.2012.02.013"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2006.29"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/265924.265927"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.51"},{"key":"e_1_2_1_51_1","volume-title":"Proceedings of the USENIX Annual Technical Conference, General Track. 17--30","author":"Seward Julian","year":"2005","unstructured":"Julian Seward and Nicholas Nethercote . 2005 . Using Valgrind to detect undefined value errors with bit-precision . In Proceedings of the USENIX Annual Technical Conference, General Track. 17--30 . Julian Seward and Nicholas Nethercote. 2005. Using Valgrind to detect undefined value errors with bit-precision. In Proceedings of the USENIX Annual Technical Conference, General Track. 17--30."},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2463209.2488898"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629911.1629951"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_2_1_55_1","volume-title":"Retrieved","author":"Lab Sogeti ESEC","year":"2012","unstructured":"Sogeti ESEC Lab . 2012 . Analysis of the Jailbreakme v3 Font Exploit . Retrieved April 28, 2016, from http:\/\/esec-lab.sogeti.com\/posts\/2011\/07\/16\/analysis-of-the-jailbreakme-v3-font-exploit.html. Sogeti ESEC Lab. 2012. Analysis of the Jailbreakme v3 Font Exploit. Retrieved April 28, 2016, from http:\/\/esec-lab.sogeti.com\/posts\/2011\/07\/16\/analysis-of-the-jailbreakme-v3-font-exploit.html."},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/1037187.1024404"},{"key":"e_1_2_1_58_1","unstructured":"Synopsys. 2009. Design Compiler. http:\/\/www.synopsys.com\/Tools\/Implementation\/RTLSynthesis\/DesignCompiler\/Pages\/default.aspx. Synopsys. 2009. Design Compiler. http:\/\/www.synopsys.com\/Tools\/Implementation\/RTLSynthesis\/DesignCompiler\/Pages\/default.aspx."},{"key":"e_1_2_1_59_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Tice Caroline","year":"2014","unstructured":"Caroline Tice , Tom Roeder , Peter Collingbourne , Stephen Checkoway , \u00dalfar Erlingsson , Luis Lozano , and Geoff Pike . 2014 . Enforcing forward-edge control-flow integrity in gcc & llvm . In Proceedings of the USENIX Security Symposium. Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, \u00dalfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing forward-edge control-flow integrity in gcc & llvm. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2008.4658637"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.40"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/605397.605429"},{"key":"e_1_2_1_63_1","volume-title":"Proceedings of the 2012 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201912)","author":"Xia Yubin","year":"2012","unstructured":"Yubin Xia , Yutao Liu , Haibo Chen , and Binyu Zang . 2012 . CFIMon: Detecting violation of control flow integrity using performance counters . In Proceedings of the 2012 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201912) . IEEE, Los Alamitos, CA, 1--12. Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. 2012. CFIMon: Detecting violation of control flow integrity using performance counters. In Proceedings of the 2012 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201912). IEEE, Los Alamitos, CA, 1--12."},{"key":"e_1_2_1_64_1","unstructured":"Xilinx. 2011. Microblaze Processor Reference Guide v13. 4. Xilinx. Xilinx. 2011. Microblaze Processor Reference Guide v13. 4. Xilinx."},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"volume-title":"Proceedings of the USENIX Security Conference. 337--352","author":"Zhang Mingwei","key":"e_1_2_1_67_1","unstructured":"Mingwei Zhang and R. Sekar . 2013. Control flow integrity for COTS binaries . In Proceedings of the USENIX Security Conference. 337--352 . Mingwei Zhang and R. Sekar. 2013. Control flow integrity for COTS binaries. In Proceedings of the USENIX Security Conference. 337--352."},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.5555\/998680.1006720"},{"key":"e_1_2_1_69_1","unstructured":"Yu Zhu Jaeyeon Jung Dawn Song Tadayoshi Kohno and David Wetherall. 2009. Privacy Scope: A Precise Information Flow Tracking System for Finding Application Leaks. Ph.D. Dissertation. University of California Berkeley. Yu Zhu Jaeyeon Jung Dawn Song Tadayoshi Kohno and David Wetherall. 2009. Privacy Scope: A Precise Information Flow Tracking System for Finding Application Leaks. Ph.D. Dissertation. University of California Berkeley."}],"container-title":["ACM Transactions on Design Automation of Electronic Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2907611","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2907611","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:54:26Z","timestamp":1750222466000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2907611"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,5,27]]},"references-count":68,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2017,1,31]]}},"alternative-id":["10.1145\/2907611"],"URL":"https:\/\/doi.org\/10.1145\/2907611","relation":{},"ISSN":["1084-4309","1557-7309"],"issn-type":[{"type":"print","value":"1084-4309"},{"type":"electronic","value":"1557-7309"}],"subject":[],"published":{"date-parts":[[2016,5,27]]},"assertion":[{"value":"2015-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-03-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-05-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}