Malicious Code Detection for Open Firmware

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Frank Adelstein Articles by Matt Stillerman Articles by Dexter Kozen

18th Annual Computer Security Applications Conference (ACSAC '02)

San Diego California

December 09-December 13

ISBN: 0-7695-1828-1

	ASCII Text	x
	Frank Adelstein, Matt Stillerman, Dexter Kozen, "Malicious Code Detection for Open Firmware," Computer Security Applications Conference, Annual, pp. 403, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002.

	BibTex	x
	@article{ 10.1109/CSAC.2002.1176312, author = {Frank Adelstein and Matt Stillerman and Dexter Kozen}, title = {Malicious Code Detection for Open Firmware}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2002}, issn = {1063-9527}, pages = {403}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176312}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Malicious Code Detection for Open Firmware SN - 1063-9527 SP EP A1 - Frank Adelstein, A1 - Matt Stillerman, A1 - Dexter Kozen, PY - 2002 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Frank Adelstein, ATC- NY

Matt Stillerman, ATC- NY

Dexter Kozen, Cornell University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176312

Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. In this paper we describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for Open Firmware boot platforms.

Citation:

Frank Adelstein, Matt Stillerman, Dexter Kozen, "Malicious Code Detection for Open Firmware," acsac, pp.403, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.