Title :
Malicious code detection for open firmware
Author :
Adelstein, Frank ; Stillerman, Matt ; Kozen, Dexter
Author_Institution :
ATC-NY, Ithaca, NY, USA
Abstract :
Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. We describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for open firmware boot platforms.
Keywords :
device drivers; firmware; operating systems (computers); security of data; global information infrastructure; load-time verification; malicious boot firmware; malicious code detection; onboard device drivers; open firmware; operating system; security risk; third-party device manufacturers; Communication system security; Computer science; Computer security; Drives; Hardware; Information security; Manufacturing; Microprogramming; Operating systems; Software prototyping;
Conference_Titel :
Computer Security Applications Conference, 2002. Proceedings. 18th Annual
Print_ISBN :
0-7695-1828-1
DOI :
10.1109/CSAC.2002.1176312
