Zhou et al., 2010 - Google Patents
Detection about vulnerabilities and malicious codes for legacy biosZhou et al., 2010
- Document ID
- 10973421780062780628
- Author
- Zhou Z
- Luan H
- Li B
- Zhu S
- Publication year
- Publication venue
- 2010 Second International Conference on Communication Systems, Networks and Applications
External Links
Snippet
An implementation of legacy BIOS Trojan is demonstrated to attest that planting malicious codes into legacy BIOS, which can be executed during runtime of BIOS and OS, is feasible. Then vulnerabilities of legacy BIOS are analyzed. To detect above vulnerabilities and …
- 238000001514 detection method 0 title abstract description 26
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/4401—Bootstrapping
- G06F9/4406—Loading of operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/445—Programme loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2589862C1 (en) | Method of detecting malicious code in random-access memory | |
| US7877801B2 (en) | Method and system to detect malicious software | |
| US8352939B1 (en) | System, method and computer program product for performing a security or maintenance operation in association with virtual disk data | |
| JP4629796B2 (en) | File conversion in a limited process | |
| US8505103B2 (en) | Hardware trust anchor | |
| US7853804B2 (en) | System and method for secure data disposal | |
| US6907396B1 (en) | Detecting computer viruses or malicious software by patching instructions into an emulator | |
| Spensky et al. | LO-PHI: Low-Observable Physical Host Instrumentation for Malware Analysis. | |
| US9178900B1 (en) | Detection of advanced persistent threat having evasion technology | |
| EP2441026B1 (en) | Anti-virus trusted files database | |
| US20110219453A1 (en) | Security method and apparatus directed at removeable storage devices | |
| CN101866408A (en) | A transparent trust chain construction system based on virtual machine architecture | |
| US8973135B2 (en) | Selectively scanning objects for infection by malware | |
| US20110209218A1 (en) | Environmental imaging | |
| US8185729B2 (en) | Method of converting personal computers into thin client computers | |
| CN106687979A (en) | Cross View Malware Detection | |
| CN110363011B (en) | Method and apparatus for verifying security of UEFI-based BIOS | |
| CN107944279A (en) | BIOS vulnerability scanners and scan method based on UEFI | |
| Kleissner | Stoned bootkit | |
| Bacs et al. | Slick: an intrusion detection system for virtualized storage devices | |
| Wong | Forensic analysis of the windows registry | |
| US9342694B2 (en) | Security method and apparatus | |
| WO2020110053A1 (en) | Malicious code protection for computer systems based on system call table modification and runtime application patching | |
| Zhou et al. | Detection about vulnerabilities and malicious codes for legacy bios | |
| RU2592383C1 (en) | Method of creating antivirus record when detecting malicious code in random-access memory |