EPA-RIMM: Extensible, Performance Aware Runtime Integrity Checking
The goal of this project is to develop a framework for System Management
Mode-based Security Mechanisms that will address the performance challenges and expand the flexibility of runtime checking.
System Management Mode (SMM) is a special x86 processor mode that privileged software such as kernels or hypervisors cannot access or interrupt. Previously, it has been assumed that time spent in SMM would be relatively small and therefore its side effects on privileged software were unimportant; recently, researchers have proposed uses, such as security-related checks, that would greatly increase the amount of runtime spent in this mode.
In initial work we have investigated the performance impacts of time spent in SMM, to characterize the different types of resulting interference.
This work is supported in part by NSF award #1528185.
- [Research Poster] Brian Delgado and Karen L. Karavanic, "EPA-RIMM: Extensible, Performance-Aware SMM Runtime Integrity Measurement" 25th USENIX Security Symposium, August 10-12, 2016, Austin TX.
Konstantin Macarenco, Kristina Frye, Benjamin Hamlin, and Karen L. Karavanic, "The Effects of System Management Interrupts on Multithreaded, Hyper-Threaded, and MPI Applications" Sixth International Workshop on Parallel Software Tools and Tool Infrastructures (PSTI 2016).
Brian Delgado and Karen L. Karavanic, "Performance Implications of System Management Mode," The 2013 IEEE International Symposium on Workload Characterization (IISWC), September 22-24, Portland, OR USA. (preprint)
- Ph.D.: Brian Delgado, John Fastabend, Cody Shepherd
- M.S.: Dylan Abraham, Alexander Freed, Payal Joshi
- Undergraduate: Stephen Rivera
- Project Alums: Will Huiras, Tejaswini Vibhute(Intel), Andy Wood, Konstantin Macarenco, Mitch Souders