摘要
随着信息技术飞速发展,木马病毒和黑客攻击也不断花样翻新。目前,已经出现了以固件木马为手段,对路由器、防火墙、服务器进行渗透,对我国信息安全造成现实威胁。固件木马的特点是先于操作系统启动,不易被杀毒软件发现和清除。对固件木马攻击方式进行研究,设计和实现了基于UEFI固件的攻击验证原型系统,模拟真实的固件木马运行环境,验证固件木马对计算机的攻击效果。
With the rapid development of information technology,various computer virus and hacking attacks emerge in an endless stream. At present,by means of fireware Trojans,the routers,firewalls,servers and other equipment are attacked and penetrated,thus causing great threat to the state information security. What is more,the firmware Trojan usually starts earlier than operating system,so it is not easy for virus- killing software to find and eliminate it. Firmware Trojan attack is studied in this paper and the prototype system based on UEFI firmware attack verification system is designed and implemented. Actual operating environment of firmware Trojan is simulated and the attack of firmware Trojan upon computers also verified.
出处
《信息安全与通信保密》
2016年第7期89-93,共5页
Information Security and Communications Privacy
基金
北京市教委科技项目:可信云计算安全体系及关键技术研究(No.007000546615020)
