Research on Attack Method of Unified Extensible Firmware Interface

Artigo Revisado por pares

Research on Attack Method of Unified Extensible Firmware Interface

2012; East China Computer Technology Research Institute; Linguagem: Inglês

ISSN

1000-3428

Autores

Jiayong Chen,

Tópico(s)

Digital and Cyber Forensics

Resumo

By analyzing framework and boot sequence of Unified Extensible Firmware Interface(UEFI),this paper finds out that UEFI does not verify its Extensible Firmware Interface(EFI) driver and EFI application and it leads to some secure problems.Three methods of attacking UEFI are proposed,including OS Loader infecting,NVRAM variable modification and EFI runtime driver injection.Analysis result shows that all of the methods can hijack the operating system kernel.

Ver no editor

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Research on Attack Method of Unified Extensible Firmware Interface