Malicious code detection for open firmware

被引：8

作者：

Adelstein, F ^{[1
]}

Stillerman, M ^{[1
]}

Kozen, D ^{[1
]}

机构：

[1] ATC NY, Ithaca, NY 14850 USA

来源：

18TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS | 2002年

关键词：

D O I：

10.1109/CSAC.2002.1176312

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. In this paper we describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for Open Firmware boot platforms.

引用

页码：403 / 412

页数：10

共 50 条

[1] Malicious Firmware Detection with Hardware Performance Counters
Wang, Xueyang
Konstantinou, Charalambos
Maniatakos, Michail
Karri, Ramesh
Lee, Serena
Robison, Patricia
Stergiou, Paul
Kim, Steve
[J]. IEEE TRANSACTIONS ON MULTI-SCALE COMPUTING SYSTEMS, 2016, 2 (03): : 160 - 173
[2] Demonstration: Efficient code certification for open firmware
Stillerman, M
Kozen, D
[J]. DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, VOL II, PROCEEDINGS, 2003, : 147 - 148
[3] Hardware-based Detection of Malicious Firmware Modification in Microgrids
Srivastava, Amisha
Thakur, Sneha
Kuruvila, Abraham Peedikayil
Balsara, Poras T.
Basu, Kanad
[J]. PROCEEDINGS OF THE 37TH INTERNATIONAL CONFERENCE ON VLSI DESIGN, VLSID 2024 AND 23RD INTERNATIONAL CONFERENCE ON EMBEDDED SYSTEMS, ES 2024, 2024, : 186 - 191
[4] Malicious Code Detection Based on Code Semantic Features
Zhang, Yu
Li, Binglong
[J]. IEEE ACCESS, 2020, 8 : 176728 - 176737
[5] Detection of malicious code in user mode
Sangeetha, R.
[J]. 2013 INTERNATIONAL CONFERENCE ON INFORMATION COMMUNICATION AND EMBEDDED SYSTEMS (ICICES), 2013, : 146 - 149
[6] Risk Assessment Model Building and Malicious Behavior Detection on Computer Firmware
Wang, Xiaozhen
Liu, Baoxu
[J]. HIGH PERFORMANCE NETWORKING, COMPUTING, AND COMMUNICATION SYSTEMS, 2011, 163 : 548 - 555
[7] Detection technology of malicious code based on semantic
Lu, Qingmei
Wang, Yulin
[J]. MULTIMEDIA TOOLS AND APPLICATIONS, 2017, 76 (19) : 19543 - 19555
[8] THE BEHAVIOR ORIENTED DETECTION OF MALICIOUS CODE OVERVIEW
Deng, Jin-Cheng
Liu, Dan
Hu, Yue
Liang, Zong-Wen
[J]. 2012 INTERNATIONAL CONFERENCE ON WAVELET ACTIVE MEDIA TECHNOLOGY AND INFORMATION PROCESSING (LCWAMTIP), 2012, : 235 - 238
[9] Unknown Malicious Code Detection - Practical Issues
Moskovitch, Robert
Elovici, Yuval
[J]. PROCEEDINGS OF THE 7TH EUROPEAN CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2008, : 145 - 152
[10] An ensemble framework for interpretable malicious code detection
Cheng, Jieren
Zheng, Jiachen
Yu, Xiaomei
[J]. INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS, 2022, 37 (12) : 10100 - 10117

← 1 2 3 4 5 →