Entropy Assessment of Windows OS Performance Counters
نویسندگان
چکیده
The security of many cryptographic constructions depends on random number generators for providing unpredictable keys, nonces, initialization vectors and other parameters. Modern operating systems implement cryptographic pseudo-random number generators (PRNGs) to fulfill this need. Performance counters and other system parameters are often used as a low-entropy source to initialize (seed) the generators. We perform an experiment to analyze all performance counters in standard installation of Microsoft Windows 7 operating system, and assess their suitability as entropy sources. Besides selecting top 19 counters, we analyze their mutual information (independence) as well as robustness in the virtual environment. Final selection contains 14 counters with sufficient overall entropy for practical applications.
منابع مشابه
Hardware-Assisted Rootkits: Abusing Performance Counters on the ARM and x86 Architectures
In this paper, a novel hardware-assisted rootkit is introduced, which leverages the performance monitoring unit (PMU) of a CPU. By configuring hardware performance counters to count specific architectural events, this research effort proves it is possible to transparently trap system calls and other interrupts driven entirely by the PMU. This offers an attacker the opportunity to redirect contr...
متن کاملUsing Computational Intelligence to Identify Performance Bottlenecks in a Computer System
System administrators have to analyze a number of system parameters to identify performance bottlenecks in a system. The major contribution of this paper is a utility – EvoPerf – which has the ability to autonomously monitor different system-wide parameters, requiring no user intervention, to accurately identify performance based anomalies (or bottlenecks). EvoPerf uses Windows Perfmon utility ...
متن کاملUtilizing performance monitor counters to effectively guide windows and SQL server tuning efforts
Window and the SQL Server database management system provide many performance counters. However, the vast number of counters and the fact that numerous explanations provided via the Windows Performance Monitor simply restate the name of the counter make resolving performance problems in this environment a daunting task. This paper discusses methodologies, metrics, and techniques that can be uti...
متن کاملWindows Performance Monitoring and Data Reduction using WatchTower and Argus Extended Abstract
We describe and evaluate WatchTower, a system that simplifies the collection of Windows performance counter data, and Argus, a statistical methodology for evaluating this data and reducing the sheer volume of it. This is especially important when monitoring the performance of clusters for high performance computing. WatchTower’s overheads are comparable to those of Microsoft’s perfmon tool, whi...
متن کاملInitial Results of Testing Some Statistical Properties of Hard Disks Workload in Personal Computers in Terms of Non-Extensive Entropy and Long-Range Dependencies
The aim of this paper is to present some preliminary results and non-extensive statistical properties of selected operating system counters related to hard drive behaviour. A number of experiments have been carried out in order to generate the workload and analyse the behaviour of computers during man–machine interaction. All analysed computers were personal ones, worked under Windows operating...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1311.3139 شماره
صفحات -
تاریخ انتشار 2013