The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 10, 2017
Filed:
Apr. 25, 2014
Snu R&db Foundation, Seoul, KR;
Yun Heung Paek, Seoul, KR;
Brent Byunghoon Kang, Fairfax, VA (US);
Hyungon Moon, Seoul, KR;
Hojoon Lee, Daejeon, KR;
Jihoon Lee, Hwaseong, KR;
Kihwan Kim, Seoul, KR;
SNU R&DB FOUNDATION, Seoul, KR;
Abstract
A snoop-based kernel integrity monitoring apparatus and a method thereof are provided. More particularly, provided are a kernel integrity monitoring apparatus which is provided as a hardware device independent of a host system, and snoops traffic occurring in a system bus of the host system and by detecting a write attempt in a kernel immutable region, monitors integrity of the kernel, and a method thereof. According to the apparatus and method, by analyzing traffic of the system bus of the host system, a write attempt in the kernel immutable region is detected. Thus, a transient attack which is difficult for a snapshot method to detect can be detected.