Understanding DMA Malware
|
|
- Stewart Snow
- 7 years ago
- Views:
Transcription
1 Technische Universität Berlin Security in Telecommunications Weiss Understanding DMA Malware DIMVA2012 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment Patrick Stewin and Iurii Bystrov,, Heraklion, Greece
2 Malicious Software Arms Race top secret (wwwhsbccouk) Countermeasures Anti-virus, firewalls, etc Stealth attacks, see rootkit evolution 2
3 Dedicated Hardware Video Card NIC Memory Access Memory Access µcontroller Memory Access Memory Controller Controller Memory CPU Main Memory Separated Execution Environments 3
4 Common Hardware (HW) Features Host CPU Applications OS Kernel Direct Memory Access DMA Engine DMA capable Device Runtime Memory Runtime Memory Firmware Processor In/Outgoing Data Direct Memory Access (DMA) capable Computer Platform Precondition for stealth malware 1st party DMA: CPU CPU 2 IRQ Dedicated HW Dedicated HW DMA DMA Memory Memory 1 DMA Dedicated HW Dedicated HW DMA 4
5 DMA Malware Definition More than controlling a DMA engine Malware functionality executed on dedicated HW No physical access Rootkit/stealth capabilities Optional: Survival of power off mode 5
6 DMA Malware Properties Three phases Search Process data Exfiltration/infiltration MCH MCH (Northbridge) (Northbridge) Management Engine (embedded µcontroller) SRAM ARC4 Core 1110 ROM DMA DMA Malware RAM RAM DMA Capable Device Integrated in Intel Chipsets Core functionality Virtual/physical memory address mapping Overcoming address randomization Search space restriction 6
7 Comparison of DMA Attacks USB [Maynor '05] no Without Physical Access no no Survives Reboot/ Standby/ Power off Firewire [Dornseif et al'04/'05] & [Boileau'06] no no NIC [Delugre'10] no no () Video+NIC [Triulzi'08/'10] this work () Malware Functionality PCMCIA [Aumaitre et al'10] ME [Tereshkin'09] NIC [Duflot et al'10] Rootkit/Stealth Capabilities 7
8 DAGGER Our DMA Malware Example MCH (Northbridge) DmA based keylogger Management Engine ARC4 Core Implements all three phases Search keyboard buffer Monitor keyboard buffer Exfiltrate keystroke codes DAGGER SRAM ROM DMA RAM RAM ICH (Southbridge) LAN Controller Wired Wireless OOB OOB PHY Evaluation of core functionalities Network DAGGER Monitoring the Host's Keyboard Buffer Proof of concept for stealing short-living runtime data stealthily! Infiltration via security vulnerability 8
9 DAGGER Implementation Different search strategies Virtual/physical memory address mapping Windows Linux page tables offset Address randomization randomization mechanism in place no randomization Search space Object Manager restrictions Namespace Directory address ranges Platform: Intel Q35 chipset, 2GB RAM, 4-core 3GHz CPU 9
10 Search Time in ms (scale type: log10) Evaluation Several Operating System Kernels Test Run 10
11 Evaluation Attacking Linux Harddisk Encryption Aggressive search mode Linux Unified Key Setup (LUKS)/ Device Mapper's crypt (dm-crypt) setup DAGGER can catch pre boot authentication passphrase 11
12 Evaluation Anti-virus software, firewalls, Wireshark, Mamutu, etc Several USB keyboards Windows swap behavior Performance overhead for host system Manageability Engine firmware condition Status tools Active Management Technology webserver 12
13 Countermeasures Input/Output Memory Management Unit (I/OMMU) Intel: Virtualization Technology for Directed I/O (VT-d) Issues Missing (Windows) or experimental (Linux) drivers CoPilot [Petroni et al'04]/deepwatch [Bulygin'08] or DAGGER? policy conflict Attack with DAGGER's execution environment DMA Malware DMA Malware 1a DMA DMA #DMAR' = #DMAR 1 1 #DMAR BIOS 2 4 Memory Memory Bootloader 3 #DMAR' VT-d VT-d configure System Software 5 DMA Malware Modifying the Number of DMA Remapping Engines (DMAR, part of VT-d) 13
14 Conclusion DMA Malware definition Focus on stealth attacks Evaluation of DMA Malware core functionalities DMA Malware is Effective Efficient enough for real attacks Specialized countermeasures must be developed 14
15 Technische Universität Berlin Security in Telecommunications Weiss Understanding DMA Malware DIMVA2012 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment Patrick Stewin and Iurii Bystrov,, Heraklion, Greece
16 Technische Universität Berlin Security in Telecommunications Backup
17 Background x86 Platform CPU Video Video Card Card GPU VRAM MCH MCH (Northbridge) (Northbridge) RAM Manageability Engine (embedded µcontroller) VT-d NIC NIC Processor RAM SATA Controller Flash BIOS Firmware: ME, NIC ICH ICH (Southbridge) (Southbridge) FireWire Controller USB Controller Further Further PCIe Add-in Card(s) Card(s) PCI-to-PCIe Bridge 17
18 DAGGER Example DmA based KeyloGGER Malware Implementation based on Intel Manageability Engine (ME) Executes firmware such as Active Management Technology, Identity Protection Technology, Integrated Trusted Platform Module, etc Objectives Find keyboard buffer Permanently monitor keyboard buffer Exfiltrate keystroke codes MCH (Northbridge) Manageability Engine ARC4 Core SRAM ROM DMA ICH (Southbridge) LAN Controller Wired Wireless OOB PHY Normal System RAM ME RAM Flash Flash BIOS ME FW OOB
19 Windows Attack Details BIOS MBR Memory Buffer bootmgr winloadexe? OslpLoadAllModules Buffer address stable for one system May vary from system to system Step I haldll Image Kernel Image KiInitialPCR Constant relative virtual address Step II OMND (Hash Table) 19: KdVersionBlock KiInitialPCR 16: Driver Device 24: Object Directory Driver (Hash Table) 36: ObpRootDirectoryObject KdDebuggerDataBlock kbdhid i8042prt Device Object DeviceExtension Driver Object kbdhid Driver Object i8042prt DeviceExtension Structure Keystroke Code Buffer 19
20 Linux Attack Details If pointer mod 0x400 == 0 Constant offset struct usb_device *dev Start URB signature scan dma_addr_t transfer_dma && 2 If field mod 0x20 == 0 Check physical buffer address for garbage 3 1 Check substrings USB and Keyboard USB Device Structure Constant offset USB Request Block Structure char *product If substrings USB and Keyboard found 20
21 DAGGER Evaluation Performance Overhead, Windows Host 21
22 Evaluation Performance Overhead, Linux Host 22
23 Evaluation Effectiveness and Efficiency Several Operating System Kernels Windows 7 Windows Vista Linux 300 Linux 2632 Several Keyboards Logitech Dell FujitsuSiemens Swap file behavior Windows 7 23
24 Evaluation Several Keyboards, Windows Host 24
25 Evaluation Several Keyboards, Linux Host 25
26 Evaluation Swap File Behavior, Windows Host 26
27 Evaluation ME Firmware Condition Different hooking strategies for Windows and Linux attacks Windows Local Manageability Service driver AMT Status Tool Manageability Developer Toolkit Manageability Connector Tool Linux Intel AMT Open-source Tools and Drivers ME Status ZTCLocalAgent AMT webserver 27
Guardian: Hypervisor as Security Foothold for Personal Computers
Guardian: Hypervisor as Security Foothold for Personal Computers Yueqiang Cheng, Xuhua Ding Singapore Management University (SMU) The International Conference on Trust & Trustworthy Computing (TRUST),
More informationI/O Attacks in Intel-PC Architectures and Countermeasures
I/O Attacks in Intel-PC Architectures and Countermeasures Fernand Lone Sang, Vincent Nicomette and Yves Deswarte Laboratoire d Analyse et d Architecture des Systèmes LAAS-CNRS Toulouse, France July 6,
More informationImplementation and Implications of a Stealth Hard-Drive Backdoor
March 3rd 2014 OSSIR/JSSI 2014 Paper first presented at ACSAC 2013 Awarded Best Student Paper Award Implementation and Implications of a Stealth Hard-Drive Backdoor Jonas Zaddach Davide Balzarotti Aure
More informationIntroducing Ring -3 Rootkits
Introducing Ring -3 Rootkits Alexander Tereshkin and Rafal Wojtczuk Black Hat USA, July 29 2009 Las Vegas, NV 1 Introducing Ring -3 2 Getting there 3 Writing useful Ring -3 rootkits A Quest to Ring -3
More informationFrontiers in Cyber Security: Beyond the OS
2013 DHS S&T/DoD ASD (R&E) CYBER SECURITY SBIR WORKSHOP Frontiers in Cyber Security: Beyond the OS Clear Hat Consulting, Inc. Sherri Sparks 7/23/13 Company Profile CHC was founded in 2007 by S. Sparks
More informationFastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems
Fastboot Techniques for x86 Architectures Marcus Bortel Field Application Engineer QNX Software Systems Agenda Introduction BIOS and BIOS boot time Fastboot versus BIOS? Fastboot time Customizing the boot
More informationDisk encryption... (not only) in Linux. Milan Brož mbroz@redhat.com
Disk encryption... (not only) in Linux Milan Brož mbroz@redhat.com FDE - Full Disk Encryption FDE (Full Disk Encryption) whole disk FVE (Full Volume Encryption) just some volumes (dis)advantages? + for
More informationSecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes!
SecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes! Kun Sun, Jiang Wang, Fengwei Zhang, Angelos Stavrou! Center for Secure Information Systems! George Mason University!
More informationEUCIP - IT Administrator. Module 1 - PC Hardware. Version 2.0
EUCIP - IT Administrator Module 1 - PC Hardware Version 2.0 Module 1 Goals Module 1 The PC Hardware module requires the candidate to know and recognise the basic physical make-up of a personal computer
More informationTrustworthy Computing
Stefan Thom Senior Software Development Engineer and Security Architect for IEB, Microsoft Rob Spiger, Senior Security Strategist Trustworthy Computing Agenda Windows 8 TPM Scenarios Hardware Choices with
More informationIntel Trusted Platforms Overview
Intel Trusted Platforms Overview Greg Clifton Intel Customer Solutions Group Director, DoD & Intelligence 2006 Intel Corporation Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationVMWare Workstation 11 Installation MICROSOFT WINDOWS SERVER 2008 R2 STANDARD ENTERPRISE ED.
VMWare Workstation 11 Installation MICROSOFT WINDOWS SERVER 2008 R2 STANDARD ENTERPRISE ED. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *If you are using
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define
More informationA+ Unit Two: Hardware Basics
A+ Unit Two: Hardware Basics Student Name Member of Team Team Lead AM/PM A+ Test Essentials 701 2.2 Explain motherboard components, types and features A+ Certification Objectives Covered I/O interfaces
More informationv1 System Requirements 7/11/07
v1 System Requirements 7/11/07 Core System Core-001: Windows Home Server must not exceed specified sound pressure level Overall Sound Pressure level (noise emissions) must not exceed 33 db (A) SPL at ambient
More informationvpro Prerequisites and Trade-offs for the dc7700 Business PC with Intel vpro Technology
vpro Prerequisites and Trade-offs for the dc7700 Business PC with Intel vpro Technology Introduction............................................................ 2 Prerequisites............................................................
More informationChapter 4. System Software. What You Will Learn... Computers Are Your Future. System Software. What You Will Learn... Starting the Computer
What You Will Learn... Computers Are Your Future Chapter 4 The two major components of operating system software Why a computer isn t useful without an operating system The five basic functions of an operating
More informationWindows 7 XP Mode for HP Business PCs
Windows 7 XP Mode for HP Business PCs Table of Contents: Introduction...1 Disclaimer...1 Main features and benefits... 2 Hardware Requirements...2 Minimum Hardware Requirements... 3 Recommended Hardware
More informationH ARDWARE C ONSIDERATIONS
H ARDWARE C ONSIDERATIONS for Sidewinder 5 firewall software Dell Precision 530 This document provides information on specific system hardware required for running Sidewinder firewall software on a Dell
More informationEncrypted File Systems. Don Porter CSE 506
Encrypted File Systems Don Porter CSE 506 Goals Protect confidentiality of data at rest (i.e., on disk) Even if the media is lost or stolen Protecting confidentiality of in-memory data much harder Continue
More informationHP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances
HP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances Introduction............................................................ 2 What is Virtualization?....................................................2
More informationThe Value of Physical Memory for Incident Response
The Value of Physical Memory for Incident Response MCSI 3604 Fair Oaks Blvd Suite 250 Sacramento, CA 95864 www.mcsi.mantech.com 2003-2015 ManTech Cyber Solutions International, All Rights Reserved. Physical
More informationEUCIP IT Administrator - Module 1 PC Hardware Syllabus Version 3.0
EUCIP IT Administrator - Module 1 PC Hardware Syllabus Version 3.0 Copyright 2011 ECDL Foundation All rights reserved. No part of this publication may be reproduced in any form except as permitted by ECDL
More informationIntel vpro. Technology-based PCs SETUP & CONFIGURATION GUIDE FOR
SETUP & CONFIGURATION GUIDE FOR Intel vpro Technology-based PCs This Setup Guide details what makes a true Intel vpro technology-based PC, and how to set up and configure Intel AMT (Active Management Technology)
More informationMODULE 3 VIRTUALIZED DATA CENTER COMPUTE
MODULE 3 VIRTUALIZED DATA CENTER COMPUTE Module 3: Virtualized Data Center Compute Upon completion of this module, you should be able to: Describe compute virtualization Discuss the compute virtualization
More informationIntel vpro and Information Security. Itai Yarom Senior Technical Lead LAN Access Division Intel Israel
Intel vpro and Information Security Itai Yarom Senior Technical Lead LAN Access Division Intel Israel The Power of Two: It s all about You The Intel brand delivers a promise to you and your customers,
More informationIntel Server Board S5000PALR Intel Server System SR1500ALR
Server WHQL Testing Services Enterprise Platforms and Services Division Intel Server Board S5000PALR Intel Server System SR1500ALR Intel Server System SR2500ALBRPR Server Test Submission (STS) Report For
More informationA+ Guide to Managing and Maintaining Your PC, 7e. Chapter 1 Introducing Hardware
A+ Guide to Managing and Maintaining Your PC, 7e Chapter 1 Introducing Hardware Objectives Learn that a computer requires both hardware and software to work Learn about the many different hardware components
More informationBIOS Update Release Notes
PRODUCTS: D945GCCR (Standard BIOS) BIOS Update Release Notes BIOS Version 0060 August 8, 2008 CR94510J.86A.0060.2008.0807.1918 Fixed issue where new BIOS SETUP settings may contain random data when using
More informationUEFI on Dell BizClient Platforms
UEFI on Dell BizClient Platforms Authors: Anand Joshi Kurt Gillespie This document is for informational purposes only and may contain typographical errors and technical inaccuracies. The content is provided
More informationAwardBIOS Setup Utility
AwardBIOS Setup Utility Modifications to the BIOS Setup settings should be performed by advanced users only. Setting items to incorrect values may cause your system to malfunction. Introducing BIOS Setup...2
More informationFall 2009. Lecture 1. Operating Systems: Configuration & Use CIS345. Introduction to Operating Systems. Mostafa Z. Ali. mzali@just.edu.
Fall 2009 Lecture 1 Operating Systems: Configuration & Use CIS345 Introduction to Operating Systems Mostafa Z. Ali mzali@just.edu.jo 1-1 Chapter 1 Introduction to Operating Systems An Overview of Microcomputers
More informationChapter 8: Installing Linux The Complete Guide To Linux System Administration Modified by M. L. Malone, 11/05
Chapter 8: Installing Linux The Complete Guide To Linux System Administration Modified by M. L. Malone, 11/05 At the end of this chapter the successful student will be able to Describe the main hardware
More informationLinux Embedded devices with PicoDebian Martin Noha 28.9.2006
Embedded systems Linux Embedded devices with PicoDebian Martin Noha 28.9.2006 24.03.2005 1 Agenda Why did I look in this stuff? What is an embedded device? Characteristic hardware global requirements for
More informationCOURCE TITLE DURATION CompTIA A+ Certification 40 H.
COURCE TITLE DURATION CompTIA A+ Certification 40 H. Overview: The target student is anyone with basic computer user skills who is interested in: obtaining a job as an IT professional or PC technician.
More informationGuide to SATA Hard Disks Installation and RAID Configuration
Guide to SATA Hard Disks Installation and RAID Configuration 1. Guide to SATA Hard Disks Installation...2 1.1 Serial ATA (SATA) Hard Disks Installation...2 2. Guide to RAID Confi gurations...3 2.1 Introduction
More informationA+ Practical Applications Solution Key
A+ Practical Applications Solution Key Module 1 Assignment: Introducing Microsoft Windows - answer the following questions: 1. What attributes are available in the NTFS file system that are not available
More informationPenetration Testing Windows Vista TM BitLocker TM
Penetration Testing BitLocker TM Drive Encryption Douglas MacIver Penetration Engineer System Integrity Group, Corporation Hack In The Box 2006/09/21 2006 Corporation. All rights reserved. Trustworthy
More informationBIOS and CMOS. Overview. The Function of BIOS. The Bus
Overview BIOS and CMOS In this chapter, you will learn to Explain the function of BIOS Distinguish among various CMOS setup utility options Describe BIOS and device drives Troubleshoot the Power-On Self
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: DG31PR, DG31PRBR (Standard BIOS) BIOS Version 0070 About This Release: February 8, 2010 Integrated Graphics Option ROM Revision: PXE LAN Option ROM Revision: Improved
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: DG31PR, DG31PRBR (Standard BIOS) BIOS Version 0059 October 24, 2008 PRG3110H.86A.0059.2008.1024.1834 Added Fixed Disk Boot Sector option under Maintenance Mode. Fixed
More informationDell Client. Take Control of Your Environment. Powered by Intel Core 2 processor with vpro technology
Dell Client Systems Take Control of Your Environment Powered by Intel Core 2 processor with vpro technology Simplifying IT As IT infrastructures grow, heterogeneous environments expand. Growing infrastructures
More informationBIOS Update Release Notes
PRODUCTS: DX58SO (Standard BIOS) BIOS Update Release Notes BIOS Version 3435 February 11, 2009 SOX5810J.86A.3435.2009.0210.2311 Intel(R) RAID for SATA - ICH10: Raid Option ROM 8.7.0.1007 Added nvidia*
More informationComputer Setup User Guide
Computer Setup User Guide Copyright 2008 Hewlett-Packard Development Company, L.P. Bluetooth is a trademark owned by its proprietor and used by Hewlett-Packard Company under license. Intel is a trademark
More informationIntel Desktop Board D925XECV2 Specification Update
Intel Desktop Board D925XECV2 Specification Update Release Date: July 2006 Order Number: C94210-005US The Intel Desktop Board D925XECV2 may contain design defects or errors known as errata, which may cause
More informationIOMMU: A Detailed view
12/1/14 Security Level: Security Level: IOMMU: A Detailed view Anurup M. Sanil Kumar D. Nov, 2014 HUAWEI TECHNOLOGIES CO., LTD. Contents n IOMMU Introduction n IOMMU for ARM n Use cases n Software Architecture
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: DH55TC, DH55HC, DH55PJ (Standard BIOS) BIOS Version 0040 - TCIBX10H.86A.0040.2010.1018.1100 October 18, 2010 Integrated Graphics Option ROM Revision on HC/TC: 2017 PC
More informationCourse/Program Credential(s): Credential Certificate Postsecondary Degree University Degree Other:
Course Title: Information Technology Fundamentals Unit: Computer Basics Content Standard(s) and 1. Distinguish between input and output devices, including monitor, keyboard, mouse, and scanner. 2. Utilize
More informationDell PowerEdge T130 Owner's Manual
Dell PowerEdge T130 Owner's Manual Regulatory Model: E36S Series Regulatory Type: E36S001 Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your
More informationGuide to SATA Hard Disks Installation and RAID Configuration
Guide to SATA Hard Disks Installation and RAID Configuration 1. Guide to SATA Hard Disks Installation...2 1.1 Serial ATA (SATA) Hard Disks Installation...2 2. Guide to RAID Configurations...3 2.1 Introduction
More informationHi and welcome to the Microsoft Virtual Academy and
Hi and welcome to the Microsoft Virtual Academy and 2012 Microsoft Corporation 1 the start of the Windows 8 Security Insights training. My name is Milad Aslaner I m part of the Premier Field Engineering
More informationAttacking Hypervisors via Firmware and Hardware
Attacking Hypervisors via Firmware and Hardware Alex Matrosov (@matrosov), Mikhail Gorobets, Oleksandr Bazhaniuk (@ABazhaniuk), Andrew Furtak, Yuriy Bulygin (@c7zero) Advanced Threat Research Agenda Hypervisor
More informationM-Shield mobile security technology
Technology for Innovators TM M-Shield mobile security technology making wireless secure Overview As 3G networks are successfully deployed worldwide, opportunities are arising to deliver to end-users a
More informationH ARDWARE C ONSIDERATIONS
H ARDWARE C ONSIDERATIONS for Sidewinder 5 firewall software Compaq ProLiant ML370 G2 This document provides information on specific system hardware required for running Sidewinder firewall software on
More informationSmart Nest Thermostat A Smart Spy in Your Home
Smart Nest Thermostat A Smart Spy in Your Home Grant Hernandez, Orlando Arias, Daniel Buentello, and Yier Jin Security in Silicon Laboratory, University of Central Florida Outline IoT Era: Security and
More informationKaspersky Endpoint Security 10 for Windows. Deployment guide
Kaspersky Endpoint Security 10 for Windows Deployment guide Introduction Typical Corporate Network Network servers Internet Gateway Workstations Mail servers Portable media Malware Intrusion Routes Viruses
More informationWhat the student will need:
COMPTIA SERVER+: The Server+ course is designed to help the student take and pass the CompTIA Server+ certification exam. It consists of Book information, plus real world information a student could use
More informationComputer Setup (F10) Utility Guide Business PCs
Computer Setup (F10) Utility Guide Business PCs Copyright 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Microsoft, Windows, and Windows
More informationUnit 4 Objectives. System Software. Component 4: Introduction to Information and Computer Science. Unit 4: Application and System Software Lecture 2
Component 4: Introduction to Information and Computer Science Unit 4: Application and System Software Lecture 2 This material was developed by Oregon Health & Science University, funded by the Department
More informationVirtualization Technology
Virtualization Technology A Manifold Arms Race Michael H. Warfield Senior Researcher and Analyst mhw@linux.vnet.ibm.com 2008 IBM Corporation Food for Thought Is Virtual Reality an oxymoron or is it the
More informationPractice Test for the 220-801 Domain 1 - PC Hardware (Brought to you by RMRoberts.com)
Practice Test for the 220-801 Domain 1 - PC Hardware (Brought to you by RMRoberts.com) This is a practice test designed to determine if you are ready to take the CompTIA 220-801 certification test. Only
More informationCPU. Motherboard RAM. Power Supply. Storage. Optical Drives
CPU Motherboard RAM Power Supply Storage Optical Drives GPU 2 The CPU is the brain of a computer CPU receives instructions from software programs stored in memory Instructions are read and the tasks performed
More informationInstalling Microsoft Windows on HP Compaq and EliteBook Notebook PCs
Installing Microsoft Windows on HP Compaq and EliteBook Notebook PCs Executive summary... 2 Purpose... 2 Audience... 2 System requirements and prerequisites... 2 Installing the operating system and system
More informationDetecting Peripheral-based Attacks on the Host Memory
Fakultät für Elektrotechnik und Informatik Institut für Softwaretechnik und Theoretische Informatik Lehrstuhl für Security in Telecommunications Detecting Peripheral-based Attacks on the Host Memory vorgelegt
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: DG43NB, DP43TF (Standard BIOS) BIOS Version 0069 November 17, 2008 NBG4310H.86A.0069.2008.1117.2016 ME Version: 1096 SKU4 MEBx Version:5.0.5.0004 Vbios:1702 Updated
More informationIntel Server Board S3420GPV
Server WHQL Testing Services Enterprise Platforms and Services Division Intel Server Board S3420GPV Rev 1.0 Server Test Submission (STS) Report For the Microsoft Windows Logo Program (WLP) Dec. 30 th,
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationTotal Defense Endpoint Premium r12
DATA SHEET Total Defense Endpoint Premium r12 Overview: Total Defense Endpoint Premium Edition r12 offers comprehensive protection for networks, endpoints and groupware systems from intrusions, malicious
More informationCache, 2 GB DDR2-SDRAM, Supermicro PDSMA+ mainboard, 5 PCI
December 15 th, 2015 Hardware Compatibility List ETAS RTPC 6.2.0 Introduction The purpose of this document is to guide the user in the selection of a suitable PC for the installation of ETAS RTPC 6.2.0.
More informationNetworking Virtualization Using FPGAs
Networking Virtualization Using FPGAs Russell Tessier, Deepak Unnikrishnan, Dong Yin, and Lixin Gao Reconfigurable Computing Group Department of Electrical and Computer Engineering University of Massachusetts,
More informationConfiguring and Using AMT on TS140 and TS440
Configuring and Using AMT on TS140 and TS440 Lenovo ThinkServer TS Series Servers Lenovo Enterprise Product Group Version 1.0 September 17, 2013 2013 Lenovo. All rights reserved. LENOVO PROVIDES THIS PUBLICATION
More informationHow to Encrypt your Windows 7 SDS Machine with Bitlocker
How to Encrypt your Windows 7 SDS Machine with Bitlocker ************************************ IMPORTANT ******************************************* Before encrypting your SDS Windows 7 Machine it is highly
More informationUpdating Your Firmware
Updating Your Firmware WARNING: This firmware update is only valid for OCZ VERTEX Solid State Drives Flashing your Vertex will result in complete data loss. Please back up your drive before proceeding
More informationHP Z Turbo Drive PCIe SSD
Performance Evaluation of HP Z Turbo Drive PCIe SSD Powered by Samsung XP941 technology Evaluation Conducted Independently by: Hamid Taghavi Senior Technical Consultant June 2014 Sponsored by: P a g e
More informationHP BUSINESS NOTEBOOK PC F10 SETUP OVERVIEW
HP BUSINESS NOTEBOOK PC F10 SETUP OVERVIEW 2011 Business Notebook Models Technical white paper Table of contents Executive summary... 2 System requirements... 2 Supported models... 2 Enhancements... 2
More informationClearOS Network, Gateway, Server Quick Start Guide
ClearOS Network, Gateway, Server Quick Start Guide Welcome ClearOS is computer Operating System (OS) that provides enterprise-level network security and application services to the Small/Medium-sized Business
More informationAttacking Intel Trusted Execution Technology
Attacking Intel Trusted Execution Technology Rafal Wojtczuk rafal@invisiblethingslab.com Joanna Rutkowska joanna@invisiblethingslab.com ---===[ Invisible Things Lab ]===--- Abstract In this paper we present
More informationHardware + Software Solutions for The Best in Client Management & Security. Malcolm Hay Intel Technology Manager
Hardware + Software Solutions for The Best in Client Management & Security Malcolm Hay Intel Manager vpro - Hardware Management & Security for the New Era of End User Computing Hardware Management Intel
More informationVirtualised MikroTik
Virtualised MikroTik MikroTik in a Virtualised Hardware Environment Speaker: Tom Smyth CTO Wireless Connect Ltd. Event: MUM Krackow Feb 2008 http://wirelessconnect.eu/ Copyright 2008 1 Objectives Understand
More informationSamsung Magician v.4.5 Introduction and Installation Guide
Samsung Magician v.4.5 Introduction and Installation Guide 1 Legal Disclaimer SAMSUNG ELECTRONICS RESERVES THE RIGHT TO CHANGE PRODUCTS, INFORMATION AND SPECIFICATIONS WITHOUT NOTICE. Products and specifications
More informationDEVICE DRIVERS AND TERRUPTS SERVICE MECHANISM Lesson-14: Device types, Physical and Virtual device functions
DEVICE DRIVERS AND TERRUPTS SERVICE MECHANISM Lesson-14: Device types, Physical and Virtual device functions 1 Device Types For each type of device, there is a set of the generic commands. For example,
More informationSMM Rootkits: A New Breed of OS Independent Malware
SMM Rootkits: A New Breed of OS Independent Malware Shawn Embleton University of Central Florida sembleton@cs.ucf.edu Sherri Sparks University of Central Florida ssparks@cs.ucf.edu Cliff Zou University
More informationLSM-based Secure System Monitoring Using Kernel Protection Schemes
LSM-based Secure System Monitoring Using Kernel Protection Schemes Takamasa Isohara, Keisuke Takemori, Yutaka Miyake KDDI R&D Laboratories Saitama, Japan {ta-isohara, takemori, miyake}@kddilabs.jp Ning
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationIntel RAID Controller Troubleshooting Guide
Intel RAID Controller Troubleshooting Guide A Guide for Technically Qualified Assemblers of Intel Identified Subassemblies/Products Intel order number C18781-001 September 2, 2002 Revision History Troubleshooting
More informationData At Rest Protection
Data At Rest Protection Dell Data Protection Encryption Full Volume Encryption Whitepaper October 2011 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL
More informationCompTIA Security+ In this course, you will implement, monitor, and troubleshoot infrastructure, application, information, and operational security.
CompTIA Security+ Duration: 40 Hrs Course Description Overview: CompTIA Security+ (Exam SY0-401) is the primary course you will need to take if your job responsibilities include securing network services,
More informationSignal Customized Helpdesk Course
Signal Customized Helpdesk Course This course is a combination of modules taken from two Microsoft Courses: 50311A and 50331A. It is geared toward staff who handle helpdesk calls and troubleshoot end user
More informationOutline. Outline. Why virtualization? Why not virtualize? Today s data center. Cloud computing. Virtual resource pool
Outline CS 6V81-05: System Security and Malicious Code Analysis Overview of System ization: The most powerful platform for program analysis and system security Zhiqiang Lin Department of Computer Science
More informationTEST REPORT Dell PERC H700 average percentage win in IOPS over FEBRUARY 2006 Dell PERC 6/i across RAID 5 and RAID 10. Internal HDD tests
Dell 6Gbps vs. 3Gbps RAID controller performance comparison Test report commissioned by Dell Inc. January 2010 Executive summary We compared the performance of the 6Gbps Dell PowerEdge RAID Controller
More information2014 Teradici Corporation.
VDI Client Comparison Thick, Thin, and PCoIP Zero Clients Agenda > Thick, Thin, and PCoIP Zero Clients > Repurposed PCs to Thin Clients > Thin Clients > PCoIP Zero Clients > Total Cost of Ownership Review
More informationPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {hans.loehr,ahmad.sadeghi,marcel.winandy}@trust.rub.de
More informationThe PC Boot Process - Windows XP.
The PC Boot Process - Windows XP. Power supply switched on. The power supply performs a selftest. When all voltages and current levels are acceptable, the supply indicates that the power is stable and
More informationUEFI Driver Development Guide for All Hardware Device Classes
UEFI Driver Development Guide for All Hardware Device Classes Nov 2011 Version 1.0 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL
More informationOne-Stop Intel TXT Activation Guide
One-Stop Intel TXT Activation Guide DELL* PowerEdge 12G Server Systems Intel Trusted Execution Technology (Intel TXT) for Intel Xeon processor-based servers is commonly used to enhance platform security
More informationios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33
ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33 Why care about ios Security? 800M 800 million ios devices activated 130 million in last year 98%
More informationSystemWall: An Isolated Firewall using Hardware-based Memory Introspection
SystemWall: An Isolated Firewall using Hardware-based Memory Introspection Sebastian Biedermann 1 and Jakub Szefer 2 1 Security Engineering Group Department of Computer Science Technische Universität Darmstadt
More informationSystem Requirements. SuccessMaker 5
System Requirements SuccessMaker 5 System requirements are subject to change. For the latest information on system requirements, go to support.pearsonschool.com. For more information about Digital Learning
More informationAppliedMicro Trusted Management Module
AppliedMicro Trusted Management Module Majid Bemanian, Sr. Director of Marketing, Applied Micro Processor Business Unit July 12, 2011 Celebrating 20 th Anniversary of Power Architecture 1 AppliedMicro
More information