摘要: 对PCI扩展ROM规范进行分析,研究其存在的安全隐患,在此基础上,对计算机系统进行渗透性攻击,并提出隐患检测和防护措施。利用扩展ROM代码在完整性保护上存在的缺陷,将恶意代码写入扩展ROM中,通过该恶意代码篡改系统的启动模块,达到攻击系统内核、获得系统权限的目的。实验结果表明,渗透性攻击能实现对计算机系统的控制,防护措施能确保系统安全。
关键词:
PCI设备,
扩展ROM,
完整性保护,
启动过程,
中断向量
Abstract: This paper deeply analyzes the secure hidden danger of PCI extended ROM and presents a method to penetratively attack control the computer, system by using this secure vulnerabilities, and proposes the measure for hidden danger detection and preventation. The method writes the malicious codes into extended ROM, using the integrity protection fault of extended ROM codes. The malicious code in extended ROM can tamper system startup module and attack the system kernel to get the system permission. Experimental results show that the attack can control the operating system, detection and preventation measure can protect the system security.
Key words:
PCI device,
extended ROM,
integrity protection,
startup procedure,
interrupt vector
中图分类号:
沈永军, 祝跃飞, 张长河. PCI设备的安全性分析[J]. 计算机工程, 2011, 37(19): 111-113.
CHEN Yong-Jun, CHU Ti-Fei, ZHANG Chang-He. Security Analysis of PCI Device[J]. Computer Engineering, 2011, 37(19): 111-113.