Digital Library[ Search Result ]
A Software-based Secure Disaggregated Memory System on Commodity Servers
Yewon Yong, Taehoon Kim, Sungho Lee, Changdae Kim
http://doi.org/10.5626/JOK.2024.51.9.757
A disaggregated memory system is a technology that consolidates memory from multiple servers. While this technique provides large amounts of memory for applications, it also poses serious security threats due to sensitive data transmission between servers. Several studies have addressed this issue by relying on specialized hardware. However, the use of such hardware introduces not only additional costs but also challenges in adopting it on commercial servers because of compatibility issues. In this paper, we propose a software-based mechanism to ensure the security of disaggregated memory systems. Our approach aims to prevent security threats by performing encryption and integrity verification on data transmitted between servers within a disaggregated memory system. To minimize the performance overhead associated with software implementation, our approach overlaps data transmission and decryption, and encrypts only private data. In addition, we optimize the size of encryption metadata to reduce memory overhead. Through empirical evaluations, we demonstrate that our proposed software-based security mechanism incurs negligible additional performance overhead, particularly when the performance overhead from the disaggregated memory system is already minimal.
A Traffic-Classification Method Using the Correlation of the Network Flow
YoungHoon Goo, Kyuseok Shim, Sungho Lee, Baraka D. Sija, MyungSup Kim
Presently, the ubiquitous emergence of high-speed-network environments has led to a rapid increase of various applications, leading to constantly complicated network traffic. To manage networks efficiently, the traffic classification of specific units is essential. While various traffic-classification methods have been studied, a methods for the complete classification of network traffic has not yet been developed. In this paper, a correlation model of the network flow is defined, and a traffic-classification method for which this model is used is proposed. The proposed network-correlation model for traffic classification consists of a similarity model and a connectivity model. Suggestion for the effectiveness of the proposed method is demonstrated in terms of accuracy and completeness through experiments.
A Dynamic Approach to Extract the Original Semantics and Structure of VM-based Obfuscated Binary Executables
In recent years, the obfuscation techniques are commonly exploited to protect malwares, so obfuscated malwares have become a big threat. Especially, it is extremely hard to analyze virtualization obfuscated malwares based on unusual virtual machines, because the original program is hidden by the virtual machine as well as its semantics is mixed with the semantics of the virtual machine. To confront this threat, we suggest a framework to analyze virtualization obfuscated programs based on the dynamic analysis. First, we extract the dynamic execution trace of the virtualization obfuscated executables. Second, we analyze the traces by translating machine instruction sequences into the intermediate representation and extract the virtual machine architecture by constructing dynamic context flow graphs. Finally, we extract abstract semantics of the original program using the extracted virtual machine architecture. In this paper, we propose a method to extract the information of the original program from a virtualization obfuscated program by some commercial obfuscation tools. We expect that our tool can be used to understand virtualization obfuscated programs and integrate other program analysis techniques so that it can be applied to analysis of the semantics of original programs using the abstract semantics.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr