Fernand Lone Sang , LAAS-CNRS, Toulouse cedex 4
Vincent Nicomette , LAAS-CNRS, Toulouse Cedex 4
Yves Deswarte , LAAS-CNRS, Toulouse cedex 4
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2013.79
Abstract. This paper presents a multi-purpose FPGA-based tool designed to analyze I/O attacks against PCs. Instead of making the CPU execute malicious software (or malware), I/O attacks use I/O controllers or peripheral devices to run attacks and, as such, they cannot be detected by traditional anti-malware techniques. Our tool comes as an I/O controller that can be programed, for instance, as a malicious I/O controller that would host a Trojan horse. It can be used to prepare proof-of-concepts of I/O attacks, but also to apply fuzzing techniques to identify vulnerabilities that could be exploited to perform I/O attacks in a given model of PC.
Fernand Lone Sang, Vincent Nicomette, Yves Deswarte, "A Tool to Analyze Potential I/O Attacks Against PCs", IEEE Security & Privacy, , no. 1, pp. 1, PrePrints PrePrints, doi:10.1109/MSP.2013.79