• DocumentCode
    758967
  • Title

    Alien vs. Quine

  • Author

    Graizer, V. ; Naccache, David

  • Author_Institution
    Univ. Paris II
  • Volume
    5
  • Issue
    2
  • fYear
    2007
  • Firstpage
    26
  • Lastpage
    31
  • Abstract
    Is it possible to prove that a computer is malware-free without pulling out its hard disk? This article introduces a novel hardware inspection technique based on the injection of carefully crafted code and the analysis of its output and execution time. In theory, the easiest way to exterminate malware is to reformat the disk and then reinstall the operating system (OS) from a trusted distribution GD. This procedure assumes we can force computers to boot from trusted media, but most modern PCs have a flash BIOS, which means that the code component in charge of booting is recorded on a rewritable memory chip. Specific programs called flashers - or even malware such as the CIH (Chernobyl) virus - have the ability to update this chip. This article addresses this concern, namely, ascertaining that malware doesn´t re-flash the BIOS to derail disk-reformatting attempts or simulate their successful completion
  • Keywords
    invasive software; operating systems (computers); telecommunication security; Chernobyl virus; computer operating system; disk-reformatting; flash BIOS; hardware inspection technique; malware detection; quine; Clocks; Computer security; Cryptography; Feeds; Hard disks; Hardware; Inspection; Linear discriminant analysis; Privacy; attacks; code; malware; quine; security; worms;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2007.28
  • Filename
    4140987
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=758967