Skip to Main content Skip to Navigation
Theses

Protection des systèmes informatiques contre les attaques par entrées-sorties

Fernand Lone Sang 1
1 LAAS-TSF - Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique
LAAS - Laboratoire d'analyse et d'architecture des systèmes
Abstract : Nowadays, attacks against computer systems may involve hardware components in order to bypass the numerous countermeasures against malicious software. This PhD thesis focuses on this novel class of attacks and specifically deals with Input/Output attacks. In such attacks, attackers divert legitimate hardware features, such as I/O mechanisms, to achieve different malicious actions. Since detecting such attacks by conventional software techniques is not easy (as far as they do not require the intervention of the CPU), we have analyzed these attacks in order to propose appropriate countermeasures based mainly on reliable and unavoidable hardware components. This manuscript focuses on two cases : hardware components that can be deliberately designed to be malicious and acting in the same way as a program incorporating a Trojan horse ; and vulnerable hardware components that have been modified by a hacker, either locally or through the network, to include malicious functions (typically a backdoor in the firmware). To identify the potential I/O attacks, we developed an attack model which takes into account the different abstraction levels in a computer system. Then, we studied these attacks with two complementary approaches : the classical approach to vulnerability analysis consisting in identifying a vulnerability, developing a proof-of-concept and proposing countermeasures ; and fuzzing-based vulnerability analysis, using IronHide, a fault injection tool we have designed, which is able to simulate a powerful malicious hardware. The results obtained with both approaches are discussed and several countermeasures to the vulnerabilities we identified, based on existing hardware components, are proposed.
Document type :
Theses
Complete list of metadata

Cited literature [99 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-00863020
Contributor : Fernand Lone Sang <>
Submitted on : Wednesday, September 18, 2013 - 10:17:36 AM
Last modification on : Thursday, June 10, 2021 - 3:02:54 AM
Long-term archiving on: : Friday, December 20, 2013 - 2:36:12 PM

Identifiers

  • HAL Id : tel-00863020, version 1

Citation

Fernand Lone Sang. Protection des systèmes informatiques contre les attaques par entrées-sorties. Cryptographie et sécurité [cs.CR]. INSA de Toulouse, 2012. Français. ⟨tel-00863020⟩

Share

Metrics

Record views

1914

Files downloads

63696