Hardware-based Cyber Threats

被引：1

作者：

Alves, Thiago ^{[1
]}

Morris, Thomas ^{[1
]}

机构：

[1] Univ Alabama, Elect & Comp Engn, Huntsville, AL 35899 USA

来源：

ICISSP: PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY | 2018年

关键词：

Cyber-security; Embedded Systems; Computer Hardware Security;

D O I：

10.5220/0006577202590266

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

During the last decade, cyber-security experts have been trying to mitigate attacks against computer networks and software. After the internet, the proliferation of thousands of virus, worms and trojans became easier, which then required enhancements for Operating Systems, browsers and anti-virus software in order to keep their users safe. However, what happens when the threat comes from the hardware? The Operating System trusts entirely in the hardware to perform its operations. If the hardware has been taken, it becomes much harder to regain control of the system. This paper describes eight different approaches to hardware attacks against software. It also demonstrates how to perform an attack using a USB device patched to behave like a generic HID Input Device, in order to insert malicious code in the system.

引用

页码：259 / 266

页数：8

共 10 条

[1]

Chen ThomasM., 2004, Statistical Methods in Computer Security, P265

[2]

Cui A, 2013, 2013 NETW DISTR SYST 2013 NETW DISTR SYST

[3]

EMBLETON S, 2008, P 4 INT C SEC PRIV C

[4]

King S, 2008, P 13 INT C ARCH SUPP P 13 INT C ARCH SUPP

[5]

Sang F, 2010, 2010 5 INT C MAL UNW 2010 5 INT C MAL UNW

[6]

Sparks S, 2009, P 4 INT S INF COMP C P 4 INT S INF COMP C

[7]

Universal Serial Bus,, 2001, DEV CLASS DEF HUM IN DEV CLASS DEF HUM IN

[8]

Wang X, 2012, 2012 IEEE INT S DEF 2012 IEEE INT S DEF

[9]

Yarom Y, 2014, PROCEEDINGS OF THE 23RD USENIX SECURITY SYMPOSIUM, P719

[10]

Zaddach J., 2013, P 29 ANN COMP SEC AP

← 1 →