Decoupled Execution State Monitor
Date
Authors
Major Professor
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Authors
Research Projects
Organizational Units
The Department of Electrical and Computer Engineering (ECpE) contains two focuses. The focus on Electrical Engineering teaches students in the fields of control systems, electromagnetics and non-destructive evaluation, microelectronics, electric power & energy systems, and the like. The Computer Engineering focus teaches in the fields of software systems, embedded systems, networking, information security, computer architecture, etc.
History
The Department of Electrical Engineering was formed in 1909 from the division of the Department of Physics and Electrical Engineering. In 1985 its name changed to Department of Electrical Engineering and Computer Engineering. In 1995 it became the Department of Electrical and Computer Engineering.
Dates of Existence
1909-present
Historical Names
- Department of Electrical Engineering (1909-1985)
- Department of Electrical Engineering and Computer Engineering (1985-1995)
Related Units
- College of Engineering (parent college)
- Department of Physics and Electrical Engineering (predecessor)
Journal Issue
Is Version Of
Versions
Series
Department
Abstract
Adversaries can exploit memory corruption vulnerabilities to gain control over the flow of the program being executed. Control-flow integrity (CFI) has for sometime now been the best approach to protect against these attacks. However, most existing CFI implementations can be circumvented by an advanced attack model. This project aims to detect CFI violations using a decoupled monitoring platform that is separately integrated from the system being monitored. This creative component aims to provide an emulation of the decoupled monitoring platform to perform rapid prototyping and exploring of such monitoring approaches. The causes for the CFI violations could be from board-level hardware Trojans, in silicon Trojans, or even software vulnerabilities like code injection attacks and code reuse attacks. The project takes into consideration all these vulnerabilities and aims to detect a violation caused by any.