期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于硬件资源访问控制的固件恶意行为研究 被引量:1

Research on malicious behavior of firmware based on hardware resources access control
在线阅读 下载PDF
导出
摘要 固件与传统的应用软件一样,都有可能存在木马、后门、逻辑炸弹等具有恶意行为的代码。由于固件具有硬件相关性、任务执行的阶段性与高内聚性等特点,使得传统的程序恶意行为描述方法不能适用于固件程序。探讨了固件程序及固件恶意行为的特点和本质特征,描述了一种基于硬件资源访问控制策略的固件程序恶意行为形式化建模和检测方法,并对该方法的有效性进行了实验验证。 As same as the traditional application and system software,firmware also faced the risk of malicious code like hobbyhorse,back door,logical bomb and so on.Firmware exhibited strong cohesion and hardware relativity,which make the malicious action in firmware to be different from that in the traditional software.This paper analyzed the specificities of firmware and the malicious behavior about it,then expatiated the essence of the malicious behavior of the firmware,and presented a firmware formal definition and detecting method which was based on the hardware resources access control policy.Experimental results prove that the method is effective to detect the malicious firmware.
作者 张翠艳 张平 胡刚 薛亮
机构地区 解放军信息工程大学信息工程学院
出处 《计算机应用研究》 CSCD 北大核心 2011年第7期2709-2711,2714,共4页 Application Research of Computers
基金 国家"863"计划资助项目(2009AA01Z434)
关键词 固件恶意行为 用户意愿 硬件资源访问控制 恶意固件检测 firmware malicious behavior user's intention hardware resources access control malicious firmware detection
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1HEASMAN J. Implementing and detecting an ACPI BIOS Rootkit: Blackhat DC[R]. 2006.
  • 2HEASMAN J. "Implementing and detecting a PCI Rootkit: Blackhat DC [R]. 2007.
  • 3KING S T, TUCEK J, COZZIE A, et al. Designing and implementing malicious hardware [ C]//Proc of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats. 2008.
  • 4BORG S. Securing the supply chain for electronic equipment: a strategy and framework [ R ]. 2009.
  • 5COHEN F. Computer viruses-theory and experiments [ J ]. Computers and Security, 1987,6( 1 ) :22-35.
  • 6CHESS D M, WHITE S R. An undetectable computer virus[ C]// Proc of Virus Bulletin Conference. Orlando : [ s. n. ] , 2000.
  • 7NECULA G C. Pr0of-carrying code[ C]//Proc of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. Paris France: [s. n. ] , 1997:106-119.
  • 8BISHOP M. Computer security art and science[ M ]. Singapore:Pearson Education, 2005:435-436.
  • 9何鸿君,罗莉,董黎明,何修雄,侯方勇,钟广军.广义病毒的形式化定义及识别算法[J].计算机学报,2010,33(3):562-568. 被引量:7
  • 10COHEN F. Computational aspects of computer viruses[ J]. Computers and Security, 1989,8(4) :325-344.

二级参考文献29

  • 1夏一民,罗军,张民选.基于条件范围约束的越界访问检测方法[J].计算机研究与发展,2006,43(10):1760-1766. 被引量:2
  • 2汪黎,杨学军,王戟,罗宇.操作系统内核程序函数执行上下文的自动检验[J].软件学报,2007,18(4):1056-1067. 被引量:5
  • 3Singh Prabhat K, Lakhotia Arun. Analysis and detection of computer viruses and worms.. An annotated bibliography. ACM SIGNPLAN Notices, 2002, 37(2): 29-35.
  • 4Cohen F. Computer viruses-theory and experiments. Computers and Security, 1987, 6(1): 22-35.
  • 5Chess David M, White Steve R. An undetectable computer virus//Proceedings of the Virus Bulletin Conference. Orlando, FL, 2000.
  • 6Adleman L M. An abstract theory of computer viruses//Goldwasser J ed. Advances in CryptoIogy. LNCS 403. New York Springer-Verlag, 1988:354-374.
  • 7Cohen F. Computational aspects of computer viruses. Computers and Security, 1989, 8(4): 325-344.
  • 8Godefroid P, Levin M Y, Molnar D. Automated whitebox fuzz testing//Proceedings of the Network and Distributed System Security Symposium. San Diego, CA, 2008.
  • 9Cadar C, Ganesh V, Pawlowski P M, Dill D L, Engler D R. EXE: Automatically generating inputs of death//Proceedings of the 13th ACM Conference on Computer and Communications Security. Alexandria, VA, USA, 2006:322-335.
  • 10Linn C, Debray S. Obfuscation of executable code to improve resistance to static disassembly//Proceedings of the 10th ACM Conference on Computer and Communications Security. Washing:ton DC, USA, 2003:290-299.

共引文献14

同被引文献19

引证文献1

二级引证文献20

计算机应用研究
2011年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部