A Chipset Level Network Backdoor: Bypassing Host-Based Firewall IDS

机译：芯片组级网络后门：绕过基于主机的防火墙和IDS

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Chipsets refer to a set of specialized chips on a computer's motherboard or an expansion card [12]. In this paper we present a proof of concept chipset level rootkitetwork backdoor. It interacts directly with network interface card hardware based on a widely deployed Intel chipset 8255x, and we tested it successfully on two different Ethernet cards with this chipset. The network backdoor has the ability to both covertly send out packets and receive packets, without the need to disable security software installed in the compromised host in order to hide its presence. Because of its low-level position in a computer system, the backdoor is capable of bypassing virtually all commodity firewall and host-based intrusion detection software, including popular, widely deployed applications like Snort and Zone Alarm Security Suite. Such network backdoors, while complicated and hardware specific, are likely to become serious threats in high profile attacks like corporate espionage or cyber terrorist attacks.

机译：芯片组是指计算机主板或扩展卡上的一组专用芯片[12]。在本文中，我们提出了概念证明芯片组级别的rootkit /网络后门。它可以与基于广泛部署的Intel芯片组8255x的网络接口卡硬件直接交互，并且我们已经使用该芯片组在两个不同的以太网卡上成功对其进行了测试。网络后门具有隐蔽发送数据包和接收数据包的能力，而无需禁用受感染主机中安装的安全软件以隐藏其存在。由于后门在计算机系统中的地位很低，因此它能够绕过几乎所有商品防火墙和基于主机的入侵检测软件，包括受欢迎的，广泛部署的应用程序，例如Snort和Zone Alarm Security Suite。这种网络后门虽然复杂且特定于硬件，但在诸如企业间谍活动或网络恐怖袭击等高调攻击中可能会成为严重威胁。

著录项

来源
《4th ACM symposium on information, computer and communications security 2009》|2009年|P.125-134|共10页
会议地点 Sydney(AU);Sydney(AU)
作者
Sherri Sparks; Shawn Embleton; Cliff C. Zou;
展开▼
作者单位

School of Electrical Engineering and Computer Science University of Central Florida 4000 Central Florida Blvd., Orlando, FL USA 32816-2362;

School of Electrical Engineering and Computer Science University of Central Florida 4000 Central Florida Blvd., Orlando, FL USA 32816-2362;

School of Electrical Engineering and Computer Science University of Central Florida 4000 Central Florida Blvd., Orlando, FL USA 32816-2362;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全信息论;
关键词
rootkit; network backdoor; hardware security;

机译：rootkit;网络后门；硬件安全;

相似文献

外文文献
中文文献
专利

1. Host-based firewalling 'not optimal,' analyst says [J] . Kathleen Lau Computerworld Canada . 2011,第2期

机译：分析师表示，基于主机的防火墙“并非最佳”
2. Mining a high level access control policy in a network with multiple firewalls [J] . Safaa Hachana, Nora Cuppens-Boulahia, Frederic Cuppens Information Security Technical Report . 2015,第feba期

机译：在具有多个防火墙的网络中挖掘高级访问控制策略
3. Low-level network assessment: firewalls [J] . David Morgan Network security . 2005,第Jan期

机译：低层网络评估：防火墙
4. A chipset level network backdoor [C] . Sherri Sparks, Shawn Embleton, Cliff C. Zou Proceedings of the 4th International Symposium on Information, Computer, and Communications Security . 2009

机译：芯片组级网络后门
5. Firewall Policy Diagram: Novel Data Structures and Algorithms for Modeling, Analysis, and Comprehension of Network Firewalls. [D] . Clark, Patrick G. 2013

机译：防火墙策略图：用于网络防火墙建模，分析和理解的新颖数据结构和算法。
6. A Portable Spectrometric System for Quantitative Prediction of the Soluble Solids Content of Apples with a Pre-calibrated Multispectral Sensor Chipset [O] . Nhut-Thanh Tran, Masayuki Fukuzawa 2020

机译：用于使用预校准的多光谱传感器芯片组定量预测苹果可溶性固体含量的便携式光谱系统
7. Protecting the DNS Infrastructure of a Top Level Domain: Dynamic Firewalling with Network Sensors [O] . Afonso, Joao, Veiga, Pedro 2008

机译：保护顶级域的DNS基础结构：使用网络传感器的动态防火墙

A Chipset Level Network Backdoor: Bypassing Host-Based Firewall IDS

摘要

著录项

相似文献

相关主题

期刊订阅