User profiles for Hyungon Moon
 | Hyungon MoonUNIST Verified email at unist.ac.kr Cited by 958 |
libmpk: Software abstraction for intel memory protection keys (intel {MPK})
Intel Memory Protection Keys (MPK) is a new hardware primitive to support thread-local
permission control on groups of pages without requiring modification of page tables. …
permission control on groups of pages without requiring modification of page tables. …
Fuzzing file systems via two-dimensional input space exploration
File systems, a basic building block of an OS, are too big and too complex to be bug free.
Nevertheless, file systems rely on regular stress-testing tools and formal checkers to find bugs, …
Nevertheless, file systems rely on regular stress-testing tools and formal checkers to find bugs, …
HDFI: Hardware-assisted data-flow isolation
Memory corruption vulnerabilities are the root cause of many modern attacks. Existing defense
mechanisms are inadequate; in general, the software-based approaches are not efficient …
mechanisms are inadequate; in general, the software-based approaches are not efficient …
A {Log-Structured} Merge Tree-aware Message Authentication Scheme for Persistent {Key-Value} Stores
Persistent key-value stores (KVSs) are fundamental building blocks of modern software
products. A KVS stores persistent states for the products in the form of objects associated with …
products. A KVS stores persistent states for the products in the form of objects associated with …
Vigilare: toward snoop-based kernel integrity monitor
In this paper, we present Vigilare system, a kernel integrity monitor that is architected to
snoop the bus traffic of the host system from a separate independent hardware. This snoop-…
snoop the bus traffic of the host system from a separate independent hardware. This snoop-…
Ki-mon arm: A hardware-assisted event-triggered monitoring platform for mutable kernel object
External hardware-based kernel integrity monitors have been proposed to mitigate kernel-level
malwares. However, the existing external approaches have been limited to monitoring …
malwares. However, the existing external approaches have been limited to monitoring …
{TRust}: A Compilation Framework for In-process Isolation to Protect Safe Rust against Untrusted Code
Rust was invented to help developers build highly safe systems. It comes with a variety of
programming constructs that put emphasis on safety and control of memory layout. Rust …
programming constructs that put emphasis on safety and control of memory layout. Rust …
Accelerating n-bit operations over tfhe on commodity cpu-fpga
TFHE is a fully homomorphic encryption (FHE) scheme that evaluates Boolean gates, which
we will hereafter call Tgates, over encrypted data. TFHE is considered to have higher …
we will hereafter call Tgates, over encrypted data. TFHE is considered to have higher …
Kernel code integrity protection at the physical address level on RISC-V
An operating system kernel has the highest privilege in most computer systems, making its
code integrity critical to the entire system’s security. Failure to protect the kernel code integrity …
code integrity critical to the entire system’s security. Failure to protect the kernel code integrity …
Hardware assisted randomization of data
Data-oriented attacks are gaining traction thanks to advances in code-centric mitigation
techniques for memory corruption vulnerabilities. Previous work on mitigating data-oriented …
techniques for memory corruption vulnerabilities. Previous work on mitigating data-oriented …