Sciweavers

HICSS
2011
IEEE

XTRec: Secure Real-Time Execution Trace Recording on Commodity Platforms

13 years 4 months ago
XTRec: Secure Real-Time Execution Trace Recording on Commodity Platforms
We propose XTRec, a primitive that can record the instruction-level execution trace of a commodity computing system. Our primitive is resilient to compromise to provide integrity of the recorded execution trace. We implement XTRec on the AMD platform running the Windows OS. The only software component that is trusted in the system during runtime is XTRec itself, which contains only 2,195 lines of code permitting manual audits to ensure security and safety. We use XTRec to show whether a particular code has been executed on a system, or conversely to prove that some malware has not executed on the system. This is a highly desirable property to ensure information assurance, especially in critical e-government infrastructure. Our experimental results show that the imposed overhead is 2x– 4x for real-world applications. This overhead is primarily due to CPU Branch Trace Messages(BTM), a ubiquitous debugging feature used to record control-flow instructions. Hardware improvements to BTM ...
Amit Vasudevan, Ning Qu, Adrian Perrig
Added 20 Aug 2011
Updated 20 Aug 2011
Type Journal
Year 2011
Where HICSS
Authors Amit Vasudevan, Ning Qu, Adrian Perrig
Comments (0)