Premium
A study of hardware architecture based attacks to bypass operating system security
Author(s) -
Lokhande Vaibhav G.,
Vidyarthi Deepti
Publication year - 2019
Publication title -
security and privacy
Language(s) - English
Resource type - Journals
ISSN - 2475-6725
DOI - 10.1002/spy2.81
Subject(s) - exploit , computer science , malware , hardware architecture , vulnerability (computing) , software , architecture , enterprise information security architecture , embedded system , computer security , operating system , computer hardware , art , visual arts
Malware target a vulnerability, bug or loophole in software to exploit the system, escalate privileges, extract inaccessible data, or execute code for malicious purpose. We can assert that over the period of time, both hardware and software have evolved and so are their vulnerabilities. But most of the vulnerabilities identified or researched are software oriented. On similar lines, there can be vulnerabilities in the hardware architecture that can be exploited, hidden from upper layer securities like operating system (OS) reference monitor, antivirus, etc. It is difficult to trace the vulnerabilities in the hardware primarily due to complex architecture and difficulties to observe the effects of operations performed across the system. Just like the software, the hardware architecture can also be exploited to develop malware and to gain access to sensitive data. This paper discusses the attacks that exploit the operations performed at the hardware level. We have discussed the different exploits that use the hardware architecture to extract data, their limitations and the future of hardware architecture based exploits. At the end, the data extraction process is validated through our implementation of one of the hardware architecture based exploits. We question about the impact on system security if the hardware architecture is exploited.