• DocumentCode
    3136270
  • Title

    Malicious code detection for open firmware

  • Author

    Adelstein, Frank ; Stillerman, Matt ; Kozen, Dexter

  • Author_Institution
    ATC-NY, Ithaca, NY, USA
  • fYear
    2002
  • fDate
    2002
  • Firstpage
    403
  • Lastpage
    412
  • Abstract
    Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. We describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for open firmware boot platforms.
  • Keywords
    device drivers; firmware; operating systems (computers); security of data; global information infrastructure; load-time verification; malicious boot firmware; malicious code detection; onboard device drivers; open firmware; operating system; security risk; third-party device manufacturers; Communication system security; Computer science; Computer security; Drives; Hardware; Information security; Manufacturing; Microprogramming; Operating systems; Software prototyping;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2002. Proceedings. 18th Annual
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-1828-1
  • Type

    conf

  • DOI
    10.1109/CSAC.2002.1176312
  • Filename
    1176312
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3136270