Utilizing Hardware Features for Covert Loading and Execution of Software

Utilizing Hardware Features for Covert Loading and Execution of Software

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-08-M-1435
Agency Tracking Number: O081-IA2-1202
Amount: $99,906.00
Phase: Phase I
Program: SBIR
Awards Year: 2008
Solicitation Year: 2008
Solicitation Topic Code: OSD08-IA2
Solicitation Number: 2008.1
Small Business Information
3601 43rd Street South, Wisconsin Rapids, WI, 54494
DUNS: 118017685
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Rico Valdez
 Analyst 2
 (602) 268-0873
 rvaldez@cyberdefenseagency.com
Business Contact
 Laure Johnson
Title: Financial Controller
Phone: (715) 424-2642
Email: ljohnson@cyberdefenseagency.com
Research Institution
N/A
Abstract
Current methods for the covert loading and execution of software typically operate at ring zero or are hypervisor based. Detecting the presence of hidden processes is a cat and mouse game when using traditional kernel-based techniques, and timing analysis and other methods have demonstrated the ability to detect the presence of a hypervisor as well. Modern hardware platforms provide opportunities to execute code completely outside of the context of the operating system. Some of the challenges of covertly executing code on the hardware resources, outside the context of the operating system, involve interfacing with the overlying OS and finding ways to meaningfully interact with it. To fully explore the possibilities of covert loading and execution of software, we must further investigate the approaches for leveraging the hardware resources of a system to execute code covertly. This research looks at BIOS modifications, peripheral cards, and Systems Management Mode (SMM), as well as an investigation into the capabilities introduced with the Extensible Firmware Interface (EFI), and the possibilities for covert code execution using this emerging architecture.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government