摘要: 根据基本输入输出系统(BIOS)恶意代码的植入方式,将其分为工业标准体系结构、高级配置和电源管理接口、外部设备互连模块恶意代码3类,分别对其实现过程进行研究。在此基础上,设计一种BIOS恶意代码检测系统,包括采样、模块分解、解压缩、恶意代码分析模块。应用结果表明,该系统能检测出BIOS镜像文件中植入的恶意代码,可有效增强BIOS的安全性。
关键词:
基本输入输出系统,
恶意代码,
安全检测
Abstract: Based on the implantation method of Basic Input Output System(BIOS) malicious code, this paper divides the malicious code into Industry Standard Architecture(ISA), Advanced Configuration and Power management Interface(ACPI) and Peripheral Component Interconnect (PCI) module malicious code, and analyzes the implementation processes of three types of BIOS malicious code. It designs a BIOS malicious code detection system which includes the modules of sampling, module disassembling, decompressing and malicious code analyzing. Application results show that this system can detect the malicious code in BIOS image file, and it can effectively enhance the security of BIOS.
Key words:
Basic Input Output System(BIOS),
malicious code,
security detection
中图分类号:
王晓箴, 刘宝旭, 潘林. BIOS恶意代码实现及其检测系统设计[J]. 计算机工程, 2010, 36(21): 17-18,21.
WANG Xiao-Jian, LIU Bao-Xu, BO Lin. BIOS Malicious Code Implementation and Its Detection System Design[J]. Computer Engineering, 2010, 36(21): 17-18,21.