抗电路板级物理攻击的操作系统防御技术研究
作者:
作者单位:

作者简介:

张倩颖(1986-),女,博士,讲师,CCF专业会员,主要研究领域为嵌入式操作系统,系统安全,形式化验证.
赵世军(1985-),男,博士,华为技术有限公司技术专家,主要研究领域为信息安全,系统安全,可信计算.

通讯作者:

赵世军,E-mail:zqyzsj@gmail.com

中图分类号:

基金项目:

国家自然科学基金(61802375,61602325,61876111,61877040);北京市教委科技计划一般项目(KM20190028005);中国科学院计算技术研究所计算机体系结构国家重点实验室开放课题(CARCH201920)


Survey of Research on Protection Mechanisms of Operating System against Board Level Physical Attacks
Author:
Affiliation:

Fund Project:

National Natural Science Foundation of China (61802375, 61602325, 61876111, 61877040); Project of Beijing Municipal Education Commission (KM20190028005); Open Research Fund of State Key Laboratory of Computer Architecture (Institute of Computing Technology, Chinese Academy of Sciences) (CARCH201920)

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    计算设备处理和存储日益增多的敏感信息,如口令和指纹信息等,对安全性提出更高要求.物理攻击技术的发展催生了一种通过攻击电路板级硬件组件来获取操作系统机密信息的攻击方法:电路板级物理攻击.该类攻击具有工具简单、成本低、易流程化等特点,极容易被攻击者利用形成黑色产业,是操作系统面临的新安全威胁和挑战.在处理器上扩展内存加密引擎可抵抗该类攻击,但是目前大部分计算设备并未配备该硬件安全机制.学术界和产业界提出软件方式抗电路板级物理攻击的操作系统防御技术,该类技术已成为近年来的研究热点.深入分析了该类技术的研究进展,总结其技术优势和不足,并探讨其发展趋势.首先,介绍了电路板级物理攻击的定义、威胁模型、现实攻击实例.之后,介绍软件方式抗电路板级物理攻击的操作系统防御技术所依赖的一些基础技术.然后,对该类防御技术的研究进展按照保护范围进行分类总结和归纳.最后,分析了该类防御技术的优势与不足,给出工程实现建议,并探讨该类防御技术未来的研究趋势.

    Abstract:

    Computing devices are processing and storing more and more sensitive information, such as passwords and personal fingerprints, so higher security requirements are required for them. With the development of physical attacks, a new kind of attack called board level physical attacks is developed, and this kind of attack can obtain secrets in the operating system by attacking hardware components at the printed circuit board (PCB) level. This newly proposed attack only uses simple tools, its cost is inexpensive, and it can be streamlined simply, so it can be leveraged by attackers to form new underground industry easily. Therefore it is a new security threat and challenge for operating systems. A common defense against this kind of attack is to extend a specialized memory encryption engine to the CPU, but most current computing devices are not equipped with such hardware security mechanisms. Thus, the academic fields and industrial fields propose software-based techniques to defend board level physical attacks, and these techniques have been becoming a research hotspot in recent years. This paper deeply analyzes the development of these techniques, summarizes their advantages and disadvantages, and discusses their development trends. First, the paper introduces the definition, threat model and some real-world attack cases of the board level physical attacks. Second, the paper describes the building blocks relied by the software-based techniques to defense the board level physical attacks. Third, the paper makes a survey of and categorizes the related work on the software-based defense technology according to their protection domains. At last, the paper analyzes the advantages and disadvantages of the technology, gives suggestions on how to implement it in practice, and discusses some development trends of this technology.

    参考文献
    相似文献
    引证文献
引用本文

张倩颖,赵世军.抗电路板级物理攻击的操作系统防御技术研究.软件学报,2020,31(10):3120-3146

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2020-02-10
  • 最后修改日期:2020-04-04
  • 录用日期:
  • 在线发布日期: 2020-06-11
  • 出版日期: 2020-10-06
文章二维码
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号