Skip to main content


eCommons@Cornell >
College of Engineering >
Computer Science >
Computer Science Technical Reports >

Please use this identifier to cite or link to this item:
Title: Malicious Code Detection for Open Firmware
Authors: Adelstein, Frank
Stillerman, Matt
Kozen, Dexter
Keywords: computer science
technical report
Issue Date: 27-Sep-2002
Publisher: Cornell University
Abstract: Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. In this paper we describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for Open Firmware boot platforms.
Appears in Collections:Computer Science Technical Reports

Files in This Item:

File SizeFormat
2002-1875.ps108.56 kBPostscriptView/Open

Refworks Export

Items in eCommons are protected by copyright, with all rights reserved, unless otherwise indicated.


© 2014 Cornell University Library Contact Us