Notification:
We are currently experiencing intermittent issues impacting performance. We apologize for the inconvenience.
By Topic

Exploiting an I/OMMU vulnerability

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Sang, F.L. ; LAAS, CNRS, Toulouse, France ; Lacombe, E. ; Nicomette, V. ; Deswarte, Y.

It is difficult to protect an operating system kernel in an efficient way. Attackers can corrupt or subvert it by two different means: (1) the CPU; (2) the Direct Memory Access (DMA) capability of I/O controllers. DMA-based attacks can be blocked using an I/OMMU. This component, embedded in most of current chipsets, enables the operating system to virtualize the main memory for I/O controllers and to restrict their access to only some memory regions. In this paper, we present different vulnerabilities we identified on Intel VT-d, which implements an I/OMMU. An example of exploitation of one of them is then detailed. Finally, we give some recommendations to prevent these vulnerabilities from being used for malicious purposes.

Published in:

Malicious and Unwanted Software (MALWARE), 2010 5th International Conference on

Date of Conference:

19-20 Oct. 2010