Top

Automatic Control and Computer Sciences

Published in:

01-12-2019

Analysis of the Security of UEFI BIOS Embedded Software in Modern Intel-Based Computers

Authors: I. D. Pankov, A. S. Konoplev, A. Yu. Chernov

Published in: Automatic Control and Computer Sciences | Issue 8/2019

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The paper presents an overview of current attacks on BIOS and Intel ME embedded software of modern Intel-based computers. We describe the results of the analysis of its security for system boards of basic manufacturers. We also allocate classes of attacks that make it possible to create implants whose discovery by traditional methods of searching for undeclared features becomes impossible or extremely difficult.

previous article Security Infrastructure of FANET Based on Secret Sharing and Authenticated Encryption

next article On the Construction of a Cybervisor for the Intelligent Monitoring and Control of Data Centers

Ermolov, A., Bypassing Intel Boot Guard, 2017. https://embedi.com/blog/bypassing-intel-boot-guard.

Ververis, V., Security Evaluation of Intel’s Active Management Technology, 2010. https://people.kth.se/~maguire/ DEGREE-PROJECT-REPORTS/100402-Vassilios_Ververis-with-cover.pdf.

Wojtczuk, R. and Tereshkin, A., Introducing Ring -3 Rootkits, 2009. https://invisiblethingslab.com/resources/ bh09usa/Ring%20-3%20Rootkits.pdf.

Ermolov, M. and Goryachy, M., How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel ME, 2018. http://blog.ptsecurity.com/2018/01/running-unsigned-code-in-intel-me.html.

Sklyarov, D., Intel ME 11.x Firmware Images Unpacker. https://github.com/ptresearch/unME11.

Sklyarov, D., Intel ME 12.x Firmware Images Unpacker. https://github.com/ptresearch/unME12.

Skochinsky, I., Rootkit in your laptop: Hidden code in your chipset and how to discover what exactly it does, 2012. http://me.bios.io/images/c/ca/Rootkit_in_your_laptop.pdf.

Ermolov, A., Schrödinger Trusted Boot Intel Boot Guard, 2017. https://dsec.ru/wp-content/uploads/pdf-dsec-old/.

Ermolov, M. and Goryachy, M., Disabling Intel ME 11 via undocumented mode, 2017. https://www.ptsecurity.com/ upload/corporate/ww-en/analytics/Intel-ME-disable-eng.pdf.

10.

Kallenberg, C. and Wojtczuk, R., Speed Racer: Exploiting an Intel Flash Protection Race Condition. http://composter.com.ua/documents/Exploiting_Flash_Protection_Race_Condition.pdf.

Title: Analysis of the Security of UEFI BIOS Embedded Software in Modern Intel-Based Computers
Authors: I. D. Pankov
A. S. Konoplev
A. Yu. Chernov
Publication date: 01-12-2019
Publisher: Pleiades Publishing
Published in: Automatic Control and Computer Sciences / Issue 8/2019
Print ISSN: 0146-4116
Electronic ISSN: 1558-108X
DOI: https://doi.org/10.3103/S0146411619080224

Springer Professional

Abstract

Please log in to get access to your license.

Other articles of this Issue 8/2019

Security Infrastructure of FANET Based on Secret Sharing and Authenticated Encryption

Preparing Datasets for Training in a Neural Network System of Intrusion Detection in Industrial Systems

Analysis of Approaches to Group Authentication in Large-Scale Industrial Systems

Detection of Information Security Breaches in a Digital Production System Based on the Component Interaction Model

Face Recognition Based on the Coefficient Tree for Three Scale Wavelet Transformation

Spoofing Attack on Eigenfaces-Based Biometric Identification System