作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (19): 111-113. doi: 10.3969/j.issn.1000-3428.2011.19.036

• 安全技术 • 上一篇    下一篇

PCI设备的安全性分析

沈永军,祝跃飞,张长河   

  1. (解放军信息工程大学信息工程学院,郑州 450002)
  • 收稿日期:2011-04-13 出版日期:2011-10-05 发布日期:2011-10-05
  • 作者简介:沈永军(1986-),男,硕士研究生,主研方向:信息安全;祝跃飞,教授、博士;张长河,讲师
  • 基金资助:
    国家“863”计划基金资助项目(2008AA01Z420)

Security Analysis of PCI Device

SHEN Yong-jun, ZHU Yue-fei, ZHANG Chang-he   

  1. (Institute of Information Engineering, PLA Information Engineering University, Zhengzhou 450002, China)
  • Received:2011-04-13 Online:2011-10-05 Published:2011-10-05

摘要: 对PCI扩展ROM规范进行分析,研究其存在的安全隐患,在此基础上,对计算机系统进行渗透性攻击,并提出隐患检测和防护措施。利用扩展ROM代码在完整性保护上存在的缺陷,将恶意代码写入扩展ROM中,通过该恶意代码篡改系统的启动模块,达到攻击系统内核、获得系统权限的目的。实验结果表明,渗透性攻击能实现对计算机系统的控制,防护措施能确保系统安全。

关键词: PCI设备, 扩展ROM, 完整性保护, 启动过程, 中断向量

Abstract: This paper deeply analyzes the secure hidden danger of PCI extended ROM and presents a method to penetratively attack control the computer, system by using this secure vulnerabilities, and proposes the measure for hidden danger detection and preventation. The method writes the malicious codes into extended ROM, using the integrity protection fault of extended ROM codes. The malicious code in extended ROM can tamper system startup module and attack the system kernel to get the system permission. Experimental results show that the attack can control the operating system, detection and preventation measure can protect the system security.

Key words: PCI device, extended ROM, integrity protection, startup procedure, interrupt vector

中图分类号: