The Security Analysis of PCI-E Device
This paper analyzes the specification and secure vulnerabilities of PCI Express and presents a method to add a different functionality to the Expansion ROM image.The additional code can be injected into the Expansion ROM image because of the flaw in the integrity protection.The added code in the re-flashed Expansion ROM can tamper system Startup module and attack the kernel during its execution.A targeted experimental scenario is designed to prove the effect of the flaw in PCI Express.In the end,the detection methods and solutions are proposed to solve these issues.
PCI-E Expansion ROM configuration space startup process
Yongjun Shen Yuefei Zhu Yu Zhu Changhe Zhang
Dept of Network Engineering,Institute of Information Engineering,PL A Information Engineering University ZHENGZHOU,China
国际会议
太原
英文
135-138
2011-02-26(万方平台首次上网日期,不代表论文的发表时间)