Visible to the public CAREER: Exo-Core: An Architecture to Detect Malware as Computational AnomaliesConflict Detection Enabled

Project Details

Lead PI

Performance Period

Mar 01, 2015 - Feb 29, 2020

Institution(s)

University of Texas at Austin

Award Number


Applications that run on billions of mobile devices backed by enormous datacenters hold the promise of personal, always-on healthcare; of intelligent vehicles and homes; and thus of a healthier, more efficient society. It is imperative to make such applications secure by protecting their integrity and keeping their data confidential. However, malicious programs (``malware'') today can subvert the best software-level defenses by impersonating benign processes on mobile devices or by attacking victim processes through the hardware on shared datacenter servers. Grappling with such intelligent malware requires fundamental advances in the hardware-software organization of computer systems.

The key observation behind the research project here is that, while seemingly disparate, intelligent malware relies on hiding its hardware-level behaviors from operating system-level monitors. By exposing instruction-level and micro-architectural behaviors to software analysis, the proposed Exo-core architecture enables a new class of malware detectors. In addition, Exo-core introduces programmable hardware accelerators to synthesize run-time program traces into robust models of benign programs. The project will also integrate research in hardware-software foundations of computer security into a new two-semester research course for undergraduate students.