Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hardware Security – Highlevel Survey Review for Exam 4

Published byKnud Anders Frederiksen Modified over 6 years ago

Similar presentations

Presentation on theme: "Hardware Security – Highlevel Survey Review for Exam 4"— Presentation transcript:

1 Hardware Security – Highlevel Survey Review for Exam 4
CS 3503 Dr. Clincy Professor of CS Hardware Security – Highlevel Survey Review for Exam 4 Dr. Clincy Lecture Slide 1 1

2 Hardware security You only need to know Hardware Security at the level it is covered in the slides The slides will not be available for the exam though

3 What is Roots of Trust (RoT) ?
Hardware security What is Roots of Trust (RoT) ? RoT is a set of functions in the trusted computing module that is always trusted by the computer’s operating system (OS). RoTs serves as a separate computer engine controlling cryptographic processor on a PC Typically, RoTs are implemented in hardware rather than software because of its immutability (unchangeable object), smaller attack surface, and reliable behavior.

4 Reverse engineering (RE) oF machine code for malware analysis
RE will figure out the program’s flow in understanding program behavior RE will find out virus and malware signatures used in antivirus programs (Anti-virus program determines a signature of a program and compares that signature to a list of known bad signatures)

5 Intel chipsec CHIPSEC is a framework developed by Intel for analyzing security of PC platforms including hardware, system firmware (BIOS) and the configuration of platform components. It allows you the ability to create security test suites, security assessment tools for various low level components and interfaces as well as forensic capabilities for firmware. 

6 Hardware/Firmware worms
What is firmware? Firmware is a piece of software stored in read-on-memory (ROM) or flash memory that comes with hardware. Chi worm CIH is a computer virus developed by a Taiwanese college student in (Chen Ing-hau). This virus erases the first megabyte of a hard drive and PC BIOS firmware. It causes the blue screen - the first megabyte has the partition tables and master boot record (MBR), which causes the computers not to boot. It hides itself in a Portable Executable (PE) file under Windows 95, 98, and ME. It does not spread via Windows NT-based operating systems such Windows XP, 7, 8, and 10.

7 Hardware/Firmware worms
Thunderstrike 2 worm The Thunderstrike 2 is a firmware type of worms created to prove that MACs may be attacked via an Apple Thunderbolt Ethernet adapter. The worm hides in the Option ROM of the Thurderbolt Ethernet adapter, which is loaded and infected when the MAC’s firmware is connected to the network. An attacker could compromise the boot firmware on MacBooks via a phishing or malicious web site. The compromised MacBook will spread the worm by being connected to any other device.

8 Why ARE firmware VIRUSES hard to DETECT and remove ?
Most the anti-virus software does not have the privilege to scan the firmware simply because its operations rely on the firmware. Moreover, the firmware may disguise itself by reporting normal responses for any requests made by upper level applications. This makes it difficult to detect. Also, the firmware is basically part of the hardware. Unless you explicitly flash (clean) and re-store the firmware, re-installing OS will not remove the worm sitting in firmware.

9 Latest hardware attack development
Analog malicious hardware – exploiting the analog properties of circuits (ie. Replace digital gates with analog components and then take away charge from a target wire every time it toggles and store that charge in a capacitor – the capacitor’s voltage exceed some threshold, it deploys a payload) - “Fabrication-time” attacker can leverage analog circuits to create a hardware attack that is small (i.e., requires as little as one gate and requires an unlikely trigger sequence before effecting a chip’s functionality) – third party companies are typically the culprits/suspects Countermeasures: Fingerprinting – fabrication causes microscopic variations in chips that are unpredictable On-chip sensors – sensors can be used for monitoring Eliminate unused space – try to eliminate space for hackers to place malicious code in firmware

10 Exam 4 Review All Chapter 4 Sections 5.1 and 5.2 Lectures 17+
Open Book (closed notes and closed PPT) – must make copies of pages if you don’t have a book T/F, FIB, Matching, Short problems, Assembly

Download ppt "Hardware Security – Highlevel Survey Review for Exam 4"

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.

ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Students: Jacek Czeszewski and Marcos Verdini Rosa Professor: José Manuel Magalhães Cruz.

Students: Jacek Czeszewski and Marcos Verdini Rosa Professor: José Manuel Magalhães Cruz.
Chapter 9_3 Following Instructions: Principles of Computer Operation.

Chapter 9_3 Following Instructions: Principles of Computer Operation.
Operating Systems.

Operating Systems.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.

Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Lesson 4 Computer Software

Lesson 4 Computer Software
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Under the Hood Monica Loza 1 st period. 5 places to save on a PC On a PC: Flash Drive Send it to your E-mail Save to the desktop Save on a CD iCloud Thaw.

Under the Hood Monica Loza 1 st period. 5 places to save on a PC On a PC: Flash Drive Send it to your Save to the desktop Save on a CD iCloud Thaw.
Vocabulary. Touch Screen Touch Pad Processor The processor is the brains of the computer. Intel and AMD are the primary manufacturers of the more.

Vocabulary. Touch Screen Touch Pad Processor The processor is the brains of the computer. Intel and AMD are the primary manufacturers of the more.
1 Higher Computing Topic 8: Supporting Software Updated 16-6-11.

1 Higher Computing Topic 8: Supporting Software Updated
Backup Procedure  To prevent against data loss, computer users should have backup procedures  A backup is a copy of information stored on a computer.

Backup Procedure  To prevent against data loss, computer users should have backup procedures  A backup is a copy of information stored on a computer.
Chapter 3 Installing Windows XP Professional. Preparing for installation Pre-installation requirement; ◦ Hardware requirements ◦ Hardware compatibility.

Chapter 3 Installing Windows XP Professional. Preparing for installation Pre-installation requirement; ◦ Hardware requirements ◦ Hardware compatibility.
MCTS Guide to Microsoft Windows Vista Chapter 4 Managing Disks.

MCTS Guide to Microsoft Windows Vista Chapter 4 Managing Disks.
Mathieu Castets October 17th, 2012.  What is a rootkit?  History  Uses  Types  Detection  Removal  References 2/11.

Mathieu Castets October 17th,  What is a rootkit?  History  Uses  Types  Detection  Removal  References 2/11.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Similar presentations

Ads by Google