Using CPU System Management Mode to Circumvent Operating System Security Functions

@inproceedings{DuflotUsingCS,
  title={Using CPU System Management Mode to Circumvent Operating System Security Functions},
  author={Duflot and Etiemble and Grumelard}
}
In this paper we show how hardware functionalities can be misused by an attacker to extend her control over a system. The originality of our approach is that it exploits seldom used processor and chipset functionalities, such as switching to system management mode, to escalate local privileges in spite of security restrictions imposed by the operating system. As an example we present a new attack scheme against OpenBSD on x86-based architectures. On such a system the superuser is only granted… CONTINUE READING
Highly Cited
This paper has 50 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.

Citations

Publications citing this paper.
Showing 1-10 of 36 extracted citations

Vigilare: toward snoop-based kernel integrity monitor

ACM Conference on Computer and Communications Security • 2012
View 7 Excerpts
Highly Influenced

Flexible Hardware-Managed Isolated Execution: Architecture, Software Support and Applications

IEEE Transactions on Dependable and Secure Computing • 2018
View 1 Excerpt

Towards Transparent Debugging

IEEE Transactions on Dependable and Secure Computing • 2018
View 2 Excerpts

Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping

IEEE Transactions on Dependable and Secure Computing • 2017
View 3 Excerpts

Intel SGX Explained

IACR Cryptology ePrint Archive • 2016
View 2 Excerpts

fewer than 50 Citations

0510'10'13'16'19
Citations per Year
Semantic Scholar estimates that this publication has 50 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 12 references

Cryptography in OpenBSD: An Overview

USENIX Annual Technical Conference, FREENIX Track • 1999
View 10 Excerpts
Highly Influenced

A Binary Rewriting Defense Against Stack based Buffer Overflow Attacks

USENIX Annual Technical Conference, General Track • 2003
View 1 Excerpt

Address obfuscation: An approach to combat buffer overflows, format-string attacks and more

S. Bhatkar, D. DuVarney, R. Sekar
Proceedings of the 12th Usenix Security Symposium, August • 2003
View 1 Excerpt

Countering code-injection attacks with instruction-set randomization

ACM Conference on Computer and Communications Security • 2003
View 1 Excerpt

Cryptopage-1 vers la fin du piratage informatique?

R. Keryell
Proceedings of Forum on Information Systems and Security EUROSEC’01, March • 2001
View 1 Excerpt

Similar Papers

Loading similar papers…