Recent years have seen a growing concern over System Management Mode (SMM) and its broad access to platform resources. The SMI Transfer Monitor (STM) is Intel’s most powerful executing CPU context. The STM is a firmware-based hypervisor that applies the principle of least privilege to powerful System Management Interrupt (SMI) handlers that control runtime firmware. These handlers have traditionally had full access to memory as well as the register state of applications and kernel code even when their functionality did not require it. The STM has been been enabled for UEFI and, most recently, coreboot firmware, adding protection against runtime SMM-based attacks as well as establishing a firmware-based Trusted Execution Environment (TEE) ca...
Abstract—The advent of cloud computing and inexpensive multi-core desktop architectures has led to t...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
The current TCG architecture suffers from the Time-of-Check-To-Time-of-Use (TOCTOU) attacks in commo...
Detecting unexpected changes in a system\u27s runtime environment is critical to resilience. A repur...
Today\u27s interconnected world consists of a broad set of online activities including banking, shop...
The acquisition of volatile memory of running systems has become a prominent and essential procedure...
International audienceHighly privileged software, such as firmware, is an attractive target for atta...
Kernel-level attacks or rootkits can compromise the security of an operating system by executing wit...
Software vulnerabilities widely exist among various software from operating system kernel to web bro...
System integrity monitors, such as rootkit detectors, rely critically on the ability to fetch and in...
The acquisition of volatile memory of running systems has become a prominent and essential procedure...
In this paper we present the results of our research into security of the Intel ® Trusted Execution ...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
A virtual machine monitor (VMM) supports execution of multiple unmodified operating systems in virtu...
Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilitie...
Abstract—The advent of cloud computing and inexpensive multi-core desktop architectures has led to t...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
The current TCG architecture suffers from the Time-of-Check-To-Time-of-Use (TOCTOU) attacks in commo...
Detecting unexpected changes in a system\u27s runtime environment is critical to resilience. A repur...
Today\u27s interconnected world consists of a broad set of online activities including banking, shop...
The acquisition of volatile memory of running systems has become a prominent and essential procedure...
International audienceHighly privileged software, such as firmware, is an attractive target for atta...
Kernel-level attacks or rootkits can compromise the security of an operating system by executing wit...
Software vulnerabilities widely exist among various software from operating system kernel to web bro...
System integrity monitors, such as rootkit detectors, rely critically on the ability to fetch and in...
The acquisition of volatile memory of running systems has become a prominent and essential procedure...
In this paper we present the results of our research into security of the Intel ® Trusted Execution ...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
A virtual machine monitor (VMM) supports execution of multiple unmodified operating systems in virtu...
Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilitie...
Abstract—The advent of cloud computing and inexpensive multi-core desktop architectures has led to t...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
The current TCG architecture suffers from the Time-of-Check-To-Time-of-Use (TOCTOU) attacks in commo...