CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University
Center for Education and Research in Information Assurance and Security

Countermeasures based on hardware performance counters in processors.

Principal Investigator: Chris Foreman

Hardware performance counters prevalent in modern processors can be leveraged to detect malicious code and activity. The benefits of HPCs are that they run on the processor hardware and thus, typically execute quickly with low overheads. They also execute at kernel priveledge and are difficult to spoof or modify by an attacker. Much information is collectable by HPCs, and this can be used to form heuristic-based, signature-based, and more advanced attack detection countermeasures.

Personnel

Other PIs: Elisa Bertino

Students: Fang-Yu Rao

Keywords: attack, countermeasure, detection, hardware performance counter