SlideShare a Scribd company logo
Run-time firmware integrity verification:
what if you can’t trust your network card?
International Symposium on Recent Advances in Intrusion Detection
Menlo Park, September 2011
Loïc Duflot, Yves-Alexis Perez, Benjamin Morin
ANSSI
French Network and Information Security Agency
firstname.lastname@ssi.gouv.fr
Introduction
Embedded devices
Embedded systems are increasingly prevalent in computers
Network cards, hard drive controllers, chipsets, basebands, etc.
Some have high processing capabilities (“smart” devices)
They act as black-box execution environments
They constitute a potential threat for the platforms’ security
They have access to sensitive information
They generally lack the protections available on standard proces-
sors (e.g., an MMU)
They potentially run with high privileges w.r.t the main operating
system
ANSSI – French Network and Information Security Agency 2/26
Introduction
Attacks against embedded devices
Vulnerabilities were found in several embedded software and firmware
in the past few years :
Basebands Weinmann [13]
Network controllers Duflot and Perez [4], Triulzi [12], Delugré [3]
Keyboard controllers Chen [2], Gazet [6]
Chipsets Ortega and Sacco [9]
Defending a system against such attacks is difficult because firmware
are running out of the scope of the operating system.
Existing IDSes have probably overlooked these attacks
they mainly monitor the operating system and applications
those attacks are still quite new
ANSSI – French Network and Information Security Agency 3/26
Introduction
Example from our own proof-of-concept attack
In [4], we demonstrated how it is possible for an attacker to take
full control of a computer
by exploiting a vulnerability in the network adapter, and
adding a back-door in the OS kernel using DMA accesses ;
the back-door opens a reverse shell when the kernel processes an
ICMP message with a particular type.
Our proof-of-concept attack was based on a real world vulnera-
bility
the vulnerability lied in the ASF remote administration function of
the network adapter of the target machine.
it was unconditionally exploitable when the ASF function was acti-
vated to any attacker that would be able to send UDP packets to
the machine.
ANSSI – French Network and Information Security Agency 4/26
Problem statement
Problems & existing solutions
Compromised device?
Consequences
system full OS compromise
rootkit re-injection at startup
Counter-measures
system I/O MMU (Intel Vt-d and AMD IOMMU)
ANSSI – French Network and Information Security Agency 5/26
Problem statement
Problems & existing solutions
Compromised device?
Consequences
system full OS compromise
rootkit re-injection at startup
platform attacks against other devices on the same buses [11]
Counter-measures
system I/O MMU (Intel Vt-d and AMD IOMMU)
platform PCI Express Access Control Services
ANSSI – French Network and Information Security Agency 5/26
Problem statement
Problems & existing solutions
Compromised device?
Consequences
system full OS compromise
rootkit re-injection at startup
platform attacks against other devices on the same buses [11]
network silent data leak
stepping stone to attack the whole network silently
won’t be blocked by firewalls on vulnerable machines
Counter-measures
system I/O MMU (Intel Vt-d and AMD IOMMU)
platform PCI Express Access Control Services
network ?
ANSSI – French Network and Information Security Agency 5/26
Problem statement
Firmware integrity checks
We need to check the firmware’s integrity
At load time
Peripherals’ firmware should be measured during a trusted boot
This can be achieved by means of a TPM
At runtime
Our objective is to check that the firmware is running untampered
The operating system acts as the verifier of the network card’s ex-
ecution
We assume that the operating system is trusted
ANSSI – French Network and Information Security Agency 6/26
Problem statement
Existing solutions
Remote firmware attestation [7, 8] ?
Based on a challenge-response protocol
The target computes a checksum over its entire memory
The verifier checks the correctness of the returned checksum
ANSSI – French Network and Information Security Agency 7/26
Problem statement
Existing solutions
Remote firmware attestation [7, 8] ?
Based on a challenge-response protocol
The target computes a checksum over its entire memory
The verifier checks the correctness of the returned checksum
..
ANSSI – French Network and Information Security Agency 7/26
Problem statement
Existing solutions
Remote firmware attestation [7, 8] ?
Based on a challenge-response protocol
The target computes a checksum over its entire memory
The verifier checks the correctness of the returned checksum
Remote firmware attestation is difficult [1, 10, 5]
Severe constraints imposed by the checksum function execution
Is it really suitable for a network card?
ANSSI – French Network and Information Security Agency 7/26
Problem statement
Existing solutions
Remote firmware attestation [7, 8] ?
Based on a challenge-response protocol
The target computes a checksum over its entire memory
The verifier checks the correctness of the returned checksum
Remote firmware attestation is difficult [1, 10, 5]
Severe constraints imposed by the checksum function execution
Is it really suitable for a network card?
Software symbiotes ?
might be an interesting solution, requires further investigations
seems quite intrusive
ANSSI – French Network and Information Security Agency 7/26
Embedded device intrusion detection approach
What is a network card?
Quite simple in theory
transfer ethernet frames from the host to the wire
and vice versa
Increasingly complex in practice...
advanced capabilities (PXE, TSO...)
platform administration functions
active even when OS is down or absent
runs a firmware on embedded CPU
ANSSI – French Network and Information Security Agency 8/26
Embedded device intrusion detection approach
What is (graphically) a network card?
ANSSI – French Network and Information Security Agency 9/26
Embedded device intrusion detection approach
Intrusion detection model
Our detection method is anomaly-based
The model of normal behavior is based on the NIC’s memory layout
The memory profile is built empirically, by means of the observed
NIC’s memory accesses during “normal” network sessions
Memory areas used to execute code, read and/or write data are
distinguished in the model
The card in run in step-by-step (debug) mode during detection
Any memory access that is outside the NIC’s memory profile is
interpreted as an attempt to divert the firmware’s control flow
Heuristics used to detect anomalous memory accesses
Step-by-step instruction comparison
Step-by-step instruction address checking
Shadow return stack
ANSSI – French Network and Information Security Agency 10/26
Embedded device intrusion detection approach
Detection heuristics (1/2)
Step-by-step instruction comparison
Basically consists in checking that the instruction that is to be
run is the same as the reference model’s one
This technique only works if the code is not self modifying (which
is the case for the firmware we are considering)
Step-by-step address checking
Basically consists in checking that the instruction pointer value is
consistent
The network card running code in the heap, in the stack or in the
memory scratchpad is indicative of an anomaly
ANSSI – French Network and Information Security Agency 11/26
Embedded device intrusion detection approach
Detection heuristics (2/2)
Shadow call stack
Basically consists in maintaining a copy of the call stack of the
firmware on the host side
On an identified CALL-like instruction, the return address is pushed
on the shadow stack
On an identified RET-like instruction, the return address is checked
against the saved one
Other heuristics (not implemented)
Another heuristic could consist in searching for anything that
meets the statistical profile of executable code in data area
This detection technique is prone to false positives
ANSSI – French Network and Information Security Agency 12/26
Prototype implementation : NAVIS
Network Adapter Verification and Integrity checking Solution
We designed our verification framework, NAVIS
based on card instrumentation
implements detection heuristics
prevents control flow modifications
We used:
Broadcom BCM5754 and BCM5755M network cards
ASF firmware
Preventing confusion:
From now on:
CPU is the main CPU on the motherboard, running the OS
MIPS is the management processor on the network controller
ANSSI – French Network and Information Security Agency 13/26
Prototype implementation : NAVIS
Instrumenting the card
Accessing NIC’s memory
The NIC’s internal memory is mapped in the main memory
This mechanism provides access to the firmware running on the NIC
ANSSI – French Network and Information Security Agency 14/26
Prototype implementation : NAVIS
Instrumenting the card
Accessing NIC’s memory
The NIC’s internal memory is mapped in the main memory
This mechanism provides access to the firmware running on the NIC
..
ANSSI – French Network and Information Security Agency 14/26
Prototype implementation : NAVIS
Instrumenting the card
Accessing NIC’s memory
The NIC’s internal memory is mapped in the main memory
This mechanism provides access to the firmware running on the NIC
Identifying memory areas
Broadcom docs and drivers reveal that firmware files have three
areas (text, data, rodata)
But they do not provide the mappings for these area
The mappings can be identified by tracking the MIPS activity
ANSSI – French Network and Information Security Agency 14/26
Prototype implementation : NAVIS
Instrumenting the card
Accessing NIC’s memory
The NIC’s internal memory is mapped in the main memory
This mechanism provides access to the firmware running on the NIC
Identifying memory areas
Broadcom docs and drivers reveal that firmware files have three
areas (text, data, rodata)
But they do not provide the mappings for these area
The mappings can be identified by tracking the MIPS activity
NIC’s internal registers
state, control and breakpoint registers are accessible from the host
ANSSI – French Network and Information Security Agency 14/26
Prototype implementation : NAVIS
Instrumenting the card
Accessing NIC’s memory
The NIC’s internal memory is mapped in the main memory
This mechanism provides access to the firmware running on the NIC
Identifying memory areas
Broadcom docs and drivers reveal that firmware files have three
areas (text, data, rodata)
But they do not provide the mappings for these area
The mappings can be identified by tracking the MIPS activity
NIC’s internal registers
state, control and breakpoint registers are accessible from the host
This allows us to monitor the activity of the firmware, detect
anomalous behaviours and stop the adapter when a problem is
detected
ANSSI – French Network and Information Security Agency 14/26
Prototype implementation : NAVIS
Network controller memory map
code exec instructions executed by the MIPS
MIPS writes addresses written by the MIPS (SH, SB, SW)
MIPS reads addresses read by the MIPS (LH/LHU, LB/LBU, LW)
other writes network packets written to the card memory by DMA from host and by PHY from
the wire
1
10
100
1000
10000
100000
1e+06
1e+07
1e+08
0x0 0x20000
count
address
R/W/X memory mapping
EXT W
CPU X
CPU R
CPU W
RCB
TX
ring
RX
ring
TXMBUF RXMBUF scratchpad
cpu stack
ANSSI – French Network and Information Security Agency 15/26
Prototype implementation : NAVIS
Memory map analysis
External writes
in RX/TX rings . and in the
scratchpad area . (traffic from
and to the main host)
in unmapped areas... .
inside the MIPS code area! .
1
10
100
1000
10000
100000
1e+06
1e+07
1e+08
0x0 0x20000
count
address
R/W/X memory mapping
EXT W
CPU X
CPU R
CPU W
RCB
TX
ring
RX
ring
TXMBUF RXMBUF scratchpad
cpu stack
.....
ANSSI – French Network and Information Security Agency 16/26
Prototype implementation : NAVIS
Memory map analysis
MIPS execution
mostly at the beginning of
scratchpad . plus few instruc-
tions at the end .
1
10
100
1000
10000
100000
1e+06
1e+07
1e+08
0x0 0x20000
count
address
R/W/X memory mapping
EXT W
CPU X
CPU R
CPU W
RCB
TX
ring
RX
ring
TXMBUF RXMBUF scratchpad
cpu stack
...
ANSSI – French Network and Information Security Agency 16/26
Prototype implementation : NAVIS
Memory map analysis
MIPS reads/writes
in the Rings . Control Blocks
and TXMBUF . (presumably ASF
traffic)
in the scratchpad, with four dif-
ferent areas:
just after the main code area .
in the packets area (presum-
ably ASF traffic) .
just after the MIPS code area
after the MIPS code area,
just before scrachpad end (the
stack) .
1
10
100
1000
10000
100000
1e+06
1e+07
1e+08
0x0 0x20000
count
address
R/W/X memory mapping
EXT W
CPU X
CPU R
CPU W
RCB
TX
ring
RX
ring
TXMBUF RXMBUF scratchpad
cpu stack
......
ANSSI – French Network and Information Security Agency 16/26
Prototype implementation : NAVIS
Challenges in monitoring the MIPS
Control flow instructions
No CALL/RET instructions on MIPS architecture
Fortunately, the firmware code is rather simple
Function calls can reliably be inferred from jump instructions (JAL)
and a specific register (R31) used to store return addresses
Interrupts triggered by the network adapter
Cause unexpected changes in the control flow (looks like an attack)
The firmware uses a single interrupt handler, starting at a fixed
address
Return from the interrupt vector is done through register R27
Dealing with interrupts is manageable by monitoring this behaviour
ANSSI – French Network and Information Security Agency 17/26
Prototype implementation : NAVIS
Summary
we know where the MIPS reads and writes data
where the MIPS executes code
how to find function calls and RET
issues there are external writes to the MIPS code area
there are writes in unmapped areas
interrupts make it harder to follow control flow
remarks no way to enforce rodata
no such thing as NX on those MIPS processor
no segmentation/pagination
This allows to detect any unexpected change in the control flow
When a return value is modified on the stack
But data on the stack, heap and scratchpad can still be modified
by the attacker.
ANSSI – French Network and Information Security Agency 18/26
Experimental results
It works!
We tried the various proof-of-concept attacks we created as
part of previous researches
they are all detected
an alert is reported in NAVIS
the network controler is stopped
one can either reset the card and start fresh,
or try to investigate in the debugger
Since we detect control flow modification, other attacks should be
detected as well
ANSSI – French Network and Information Security Agency 19/26
Experimental results
Performance
The monitoring is expected to have a negative impact on the NIC’s
performance
The MIPS CPU is run in step-by-step mode
Various tests are done at each MIPS cycle (bounds, call stack, etc.)
So each MIPS cycle requires many CPU cycles
Still, performance is not that poor
We still manage to achieve gigabit speed...
... at the cost of 100% CPU usage on one core (active loop and
context switches)
However, what is really important is
packets rate and packet loss
when firmware processes packets
when NAVIS checks are active (ASF traffic)
ANSSI – French Network and Information Security Agency 20/26
Experimental results
UDP/9
UDP/623
Without Navis With Navis
ANSSI – French Network and Information Security Agency 21/26
Conclusion and future work
Limitations of the approach
The detection model is highly adapter-specific:
we tested on BCM5754 and BCM5755M adapters
it could be adapted to other Broadcom adapters (provided they use
the same kind of firmwares)
our concept can be ported to other devices as long as similar debug
capabilities are present
Can an attacker prevent us to control the NIC?
We cannot prevent arbitrary writes in code area (since standard
behavior seems to allow it)
High processing cost
ANSSI – French Network and Information Security Agency 22/26
Conclusion and future work
Conclusion
We proposed NAVIS, a firmware integrity attestation
framework:
firmware integrity attestation is a (very) hard problem
our proof of concept is highly firmware and adapter specific
NAVIS can detect and prevent most low level attacks on NIC
firmware
But it requires the OS to be trusted.
And protecting the OS stays the highest priority.
If the embedded devices implement more functions, could they have
more protections too?
ANSSI – French Network and Information Security Agency 23/26
Conclusion and future work
Questions & Answers
Thank your for your attention
Do you have any question?
No network cards were harmed in the making of this paper
ANSSI – French Network and Information Security Agency 24/26
Conclusion and future work
Bibliography I
[1] Claude Castelluccia, Aur´elien Francillon, Daniele Perito, and Claudio Soriente. On the
difficulty of software-based attestation of embedded devices. In Proceedings of 16th ACM
Conference on Computer and Communications Security, November 2009.
[2] K. Chen. Reversing and exploiting an apple firmware update. BlackHat, 2009.
[3] Guillaume Delugr´e. Closer to metal : Reverse ingineering the broadcom netextreme’s
firmware. Hack.lu, 2010.
[4] Lo¨ıc Duflot and Yves-Alexis Perez. Can you still trust your network card? CanSecWest,
2010.
[5] Aur´elien Francillon, Claude Castelluccia, Daniele Perito, and Claudio Soriente. Comments
on “refutation of on the difficulty of software based attestation of embedded devices”. -, 2010.
[6] Alexandre Gazet. Sticky fingers & kbc custom shop. -, 2011.
[7] Yanlin Li, Jonathan M. McCune, and Adrian Perrig. SBAP: Software-Based Attestation for
Peripherals. In Proceedings of the 3rd International Conference on Trust and Trustworthy
Computing (Trust 2010), June 2010.
[8] Yanlin Li, Jonathan M. McCune, and Adrian Perrig. VIPER: Verifying the integrity of pe-
ripheral’s firmware. In Proceedings of CCS’11, 2011.
[9] Alfredo Ortega and Anibal Sacco. Deactivate the rootkit. BlackHat, 2009.
ANSSI – French Network and Information Security Agency 25/26
Conclusion and future work
Bibliography II
[10] Adrian Perrig and Leendert Van Doorn. Refutation of “on the difficulty of software based
attestation of embedded devices”. -, 2010.
[11] Fernand L. Sang, Eric Lacombe, Vincent Nicomette, and Yves Deswarte. Exploiting an
I/OMMU vulnerability. In MALWARE ’10: 5th International Conference on Malicious and
Unwanted Software, pages 7–14, 2010.
[12] Arrigo Triulzi. Taking NIC backdoors to the next level. CanSecWest, 2010.
[13] Ralf-Philipp Weinmann. All Your Baseband Are Belong To Us. CCC, 2010.
ANSSI – French Network and Information Security Agency 26/26

More Related Content

What's hot

Research of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortResearch of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on Snort
Francis Yang
 
Reconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatformsReconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatforms
Abdullah Deeb
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system
UrmilasSrinivasan
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detection
IJCNCJournal
 
Seguridad en laptops
Seguridad en laptopsSeguridad en laptops
Seguridad en laptops
Dionisio Nieto
 
IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...
IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...
IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...
IEEEMEMTECHSTUDENTPROJECTS
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Lumension
 
Informatica
InformaticaInformatica
Informatica
Kevin Vinicio
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
David Sweigert
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
David Sweigert
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processors
NebyueAwoke
 
Stuxnet dc9723
Stuxnet dc9723Stuxnet dc9723
Stuxnet dc9723
Iftach Ian Amit
 
[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection
Hieu Le Dinh
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control
أحلام انصارى
 
Vishwanath rakesh ece 561
Vishwanath rakesh ece 561Vishwanath rakesh ece 561
Vishwanath rakesh ece 561
RAKESH_CSU
 
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAREAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
ijp2p
 
Host security
Host securityHost security
Host security
Jarno Niemela
 

What's hot (17)

Research of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on SnortResearch of Intrusion Preventio System based on Snort
Research of Intrusion Preventio System based on Snort
 
Reconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatformsReconfigurable trust forembeddedcomputingplatforms
Reconfigurable trust forembeddedcomputingplatforms
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detection
 
Seguridad en laptops
Seguridad en laptopsSeguridad en laptops
Seguridad en laptops
 
IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...
IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...
IEEE 2014 JAVA PARALLEL DISTRIBUTED PROJECTS Rre a-game-theoretic-intrusion-r...
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
 
Informatica
InformaticaInformatica
Informatica
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processors
 
Stuxnet dc9723
Stuxnet dc9723Stuxnet dc9723
Stuxnet dc9723
 
[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection
 
Operating system vulnerability and control
Operating system vulnerability and control Operating system vulnerability and control
Operating system vulnerability and control
 
Vishwanath rakesh ece 561
Vishwanath rakesh ece 561Vishwanath rakesh ece 561
Vishwanath rakesh ece 561
 
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAREAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATA
 
Host security
Host securityHost security
Host security
 

Similar to What if you can’t trust your network card? (slides)

50120140501013
5012014050101350120140501013
50120140501013
IAEME Publication
 
Cloud Computing and PSo
Cloud Computing and PSoCloud Computing and PSo
Cloud Computing and PSo
surya kumar palla
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentation
rohancool
 
Todd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane's PhD Proposal
Todd Deshane's PhD Proposal
Todd Deshane
 
CSEC 610 Individual Assignment Essay
CSEC 610 Individual Assignment EssayCSEC 610 Individual Assignment Essay
CSEC 610 Individual Assignment Essay
Rochelle Schear
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
 
Network intrusi detection system
Network intrusi detection systemNetwork intrusi detection system
Network intrusi detection system
Maulana Arif
 
Network intrusi detection system
Network intrusi detection systemNetwork intrusi detection system
Network intrusi detection system
Duwinowo NT
 
Ccc study material
Ccc study materialCcc study material
Ccc study material
KHURSHEEDAHMED38
 
outpass system
outpass systemoutpass system
outpass system
Dhivakar K
 
Implementation and implications of a stealth hard drive backdoor
Implementation and implications of a stealth hard drive backdoorImplementation and implications of a stealth hard drive backdoor
Implementation and implications of a stealth hard drive backdoor
Gaetano Zappulla
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved Security
Datacomsystemsinc
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
Mohamed Monsef
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
Laura Arrigo
 
Complete security package for usb thumb drive
Complete security package for usb thumb driveComplete security package for usb thumb drive
Complete security package for usb thumb drive
Alexander Decker
 
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
bartholomeocoombs
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
annette228280
 

Similar to What if you can’t trust your network card? (slides) (20)

50120140501013
5012014050101350120140501013
50120140501013
 
Cloud Computing and PSo
Cloud Computing and PSoCloud Computing and PSo
Cloud Computing and PSo
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentation
 
Todd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane's PhD Proposal
Todd Deshane's PhD Proposal
 
CSEC 610 Individual Assignment Essay
CSEC 610 Individual Assignment EssayCSEC 610 Individual Assignment Essay
CSEC 610 Individual Assignment Essay
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
 
Network intrusi detection system
Network intrusi detection systemNetwork intrusi detection system
Network intrusi detection system
 
Network intrusi detection system
Network intrusi detection systemNetwork intrusi detection system
Network intrusi detection system
 
Ccc study material
Ccc study materialCcc study material
Ccc study material
 
outpass system
outpass systemoutpass system
outpass system
 
Implementation and implications of a stealth hard drive backdoor
Implementation and implications of a stealth hard drive backdoorImplementation and implications of a stealth hard drive backdoor
Implementation and implications of a stealth hard drive backdoor
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved Security
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
 
Complete security package for usb thumb drive
Complete security package for usb thumb driveComplete security package for usb thumb drive
Complete security package for usb thumb drive
 
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 

Recently uploaded

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Jeffrey Haguewood
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS  at Code Europe 2024Introduction of Cybersecurity with OSS  at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms  calicut university B. sc Cs 4th sem.pdfdbms  calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
Pravash Chandra Das
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 

Recently uploaded (20)

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS  at Code Europe 2024Introduction of Cybersecurity with OSS  at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms  calicut university B. sc Cs 4th sem.pdfdbms  calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 

What if you can’t trust your network card? (slides)

  • 1. Run-time firmware integrity verification: what if you can’t trust your network card? International Symposium on Recent Advances in Intrusion Detection Menlo Park, September 2011 Loïc Duflot, Yves-Alexis Perez, Benjamin Morin ANSSI French Network and Information Security Agency firstname.lastname@ssi.gouv.fr
  • 2. Introduction Embedded devices Embedded systems are increasingly prevalent in computers Network cards, hard drive controllers, chipsets, basebands, etc. Some have high processing capabilities (“smart” devices) They act as black-box execution environments They constitute a potential threat for the platforms’ security They have access to sensitive information They generally lack the protections available on standard proces- sors (e.g., an MMU) They potentially run with high privileges w.r.t the main operating system ANSSI – French Network and Information Security Agency 2/26
  • 3. Introduction Attacks against embedded devices Vulnerabilities were found in several embedded software and firmware in the past few years : Basebands Weinmann [13] Network controllers Duflot and Perez [4], Triulzi [12], Delugré [3] Keyboard controllers Chen [2], Gazet [6] Chipsets Ortega and Sacco [9] Defending a system against such attacks is difficult because firmware are running out of the scope of the operating system. Existing IDSes have probably overlooked these attacks they mainly monitor the operating system and applications those attacks are still quite new ANSSI – French Network and Information Security Agency 3/26
  • 4. Introduction Example from our own proof-of-concept attack In [4], we demonstrated how it is possible for an attacker to take full control of a computer by exploiting a vulnerability in the network adapter, and adding a back-door in the OS kernel using DMA accesses ; the back-door opens a reverse shell when the kernel processes an ICMP message with a particular type. Our proof-of-concept attack was based on a real world vulnera- bility the vulnerability lied in the ASF remote administration function of the network adapter of the target machine. it was unconditionally exploitable when the ASF function was acti- vated to any attacker that would be able to send UDP packets to the machine. ANSSI – French Network and Information Security Agency 4/26
  • 5. Problem statement Problems & existing solutions Compromised device? Consequences system full OS compromise rootkit re-injection at startup Counter-measures system I/O MMU (Intel Vt-d and AMD IOMMU) ANSSI – French Network and Information Security Agency 5/26
  • 6. Problem statement Problems & existing solutions Compromised device? Consequences system full OS compromise rootkit re-injection at startup platform attacks against other devices on the same buses [11] Counter-measures system I/O MMU (Intel Vt-d and AMD IOMMU) platform PCI Express Access Control Services ANSSI – French Network and Information Security Agency 5/26
  • 7. Problem statement Problems & existing solutions Compromised device? Consequences system full OS compromise rootkit re-injection at startup platform attacks against other devices on the same buses [11] network silent data leak stepping stone to attack the whole network silently won’t be blocked by firewalls on vulnerable machines Counter-measures system I/O MMU (Intel Vt-d and AMD IOMMU) platform PCI Express Access Control Services network ? ANSSI – French Network and Information Security Agency 5/26
  • 8. Problem statement Firmware integrity checks We need to check the firmware’s integrity At load time Peripherals’ firmware should be measured during a trusted boot This can be achieved by means of a TPM At runtime Our objective is to check that the firmware is running untampered The operating system acts as the verifier of the network card’s ex- ecution We assume that the operating system is trusted ANSSI – French Network and Information Security Agency 6/26
  • 9. Problem statement Existing solutions Remote firmware attestation [7, 8] ? Based on a challenge-response protocol The target computes a checksum over its entire memory The verifier checks the correctness of the returned checksum ANSSI – French Network and Information Security Agency 7/26
  • 10. Problem statement Existing solutions Remote firmware attestation [7, 8] ? Based on a challenge-response protocol The target computes a checksum over its entire memory The verifier checks the correctness of the returned checksum .. ANSSI – French Network and Information Security Agency 7/26
  • 11. Problem statement Existing solutions Remote firmware attestation [7, 8] ? Based on a challenge-response protocol The target computes a checksum over its entire memory The verifier checks the correctness of the returned checksum Remote firmware attestation is difficult [1, 10, 5] Severe constraints imposed by the checksum function execution Is it really suitable for a network card? ANSSI – French Network and Information Security Agency 7/26
  • 12. Problem statement Existing solutions Remote firmware attestation [7, 8] ? Based on a challenge-response protocol The target computes a checksum over its entire memory The verifier checks the correctness of the returned checksum Remote firmware attestation is difficult [1, 10, 5] Severe constraints imposed by the checksum function execution Is it really suitable for a network card? Software symbiotes ? might be an interesting solution, requires further investigations seems quite intrusive ANSSI – French Network and Information Security Agency 7/26
  • 13. Embedded device intrusion detection approach What is a network card? Quite simple in theory transfer ethernet frames from the host to the wire and vice versa Increasingly complex in practice... advanced capabilities (PXE, TSO...) platform administration functions active even when OS is down or absent runs a firmware on embedded CPU ANSSI – French Network and Information Security Agency 8/26
  • 14. Embedded device intrusion detection approach What is (graphically) a network card? ANSSI – French Network and Information Security Agency 9/26
  • 15. Embedded device intrusion detection approach Intrusion detection model Our detection method is anomaly-based The model of normal behavior is based on the NIC’s memory layout The memory profile is built empirically, by means of the observed NIC’s memory accesses during “normal” network sessions Memory areas used to execute code, read and/or write data are distinguished in the model The card in run in step-by-step (debug) mode during detection Any memory access that is outside the NIC’s memory profile is interpreted as an attempt to divert the firmware’s control flow Heuristics used to detect anomalous memory accesses Step-by-step instruction comparison Step-by-step instruction address checking Shadow return stack ANSSI – French Network and Information Security Agency 10/26
  • 16. Embedded device intrusion detection approach Detection heuristics (1/2) Step-by-step instruction comparison Basically consists in checking that the instruction that is to be run is the same as the reference model’s one This technique only works if the code is not self modifying (which is the case for the firmware we are considering) Step-by-step address checking Basically consists in checking that the instruction pointer value is consistent The network card running code in the heap, in the stack or in the memory scratchpad is indicative of an anomaly ANSSI – French Network and Information Security Agency 11/26
  • 17. Embedded device intrusion detection approach Detection heuristics (2/2) Shadow call stack Basically consists in maintaining a copy of the call stack of the firmware on the host side On an identified CALL-like instruction, the return address is pushed on the shadow stack On an identified RET-like instruction, the return address is checked against the saved one Other heuristics (not implemented) Another heuristic could consist in searching for anything that meets the statistical profile of executable code in data area This detection technique is prone to false positives ANSSI – French Network and Information Security Agency 12/26
  • 18. Prototype implementation : NAVIS Network Adapter Verification and Integrity checking Solution We designed our verification framework, NAVIS based on card instrumentation implements detection heuristics prevents control flow modifications We used: Broadcom BCM5754 and BCM5755M network cards ASF firmware Preventing confusion: From now on: CPU is the main CPU on the motherboard, running the OS MIPS is the management processor on the network controller ANSSI – French Network and Information Security Agency 13/26
  • 19. Prototype implementation : NAVIS Instrumenting the card Accessing NIC’s memory The NIC’s internal memory is mapped in the main memory This mechanism provides access to the firmware running on the NIC ANSSI – French Network and Information Security Agency 14/26
  • 20. Prototype implementation : NAVIS Instrumenting the card Accessing NIC’s memory The NIC’s internal memory is mapped in the main memory This mechanism provides access to the firmware running on the NIC .. ANSSI – French Network and Information Security Agency 14/26
  • 21. Prototype implementation : NAVIS Instrumenting the card Accessing NIC’s memory The NIC’s internal memory is mapped in the main memory This mechanism provides access to the firmware running on the NIC Identifying memory areas Broadcom docs and drivers reveal that firmware files have three areas (text, data, rodata) But they do not provide the mappings for these area The mappings can be identified by tracking the MIPS activity ANSSI – French Network and Information Security Agency 14/26
  • 22. Prototype implementation : NAVIS Instrumenting the card Accessing NIC’s memory The NIC’s internal memory is mapped in the main memory This mechanism provides access to the firmware running on the NIC Identifying memory areas Broadcom docs and drivers reveal that firmware files have three areas (text, data, rodata) But they do not provide the mappings for these area The mappings can be identified by tracking the MIPS activity NIC’s internal registers state, control and breakpoint registers are accessible from the host ANSSI – French Network and Information Security Agency 14/26
  • 23. Prototype implementation : NAVIS Instrumenting the card Accessing NIC’s memory The NIC’s internal memory is mapped in the main memory This mechanism provides access to the firmware running on the NIC Identifying memory areas Broadcom docs and drivers reveal that firmware files have three areas (text, data, rodata) But they do not provide the mappings for these area The mappings can be identified by tracking the MIPS activity NIC’s internal registers state, control and breakpoint registers are accessible from the host This allows us to monitor the activity of the firmware, detect anomalous behaviours and stop the adapter when a problem is detected ANSSI – French Network and Information Security Agency 14/26
  • 24. Prototype implementation : NAVIS Network controller memory map code exec instructions executed by the MIPS MIPS writes addresses written by the MIPS (SH, SB, SW) MIPS reads addresses read by the MIPS (LH/LHU, LB/LBU, LW) other writes network packets written to the card memory by DMA from host and by PHY from the wire 1 10 100 1000 10000 100000 1e+06 1e+07 1e+08 0x0 0x20000 count address R/W/X memory mapping EXT W CPU X CPU R CPU W RCB TX ring RX ring TXMBUF RXMBUF scratchpad cpu stack ANSSI – French Network and Information Security Agency 15/26
  • 25. Prototype implementation : NAVIS Memory map analysis External writes in RX/TX rings . and in the scratchpad area . (traffic from and to the main host) in unmapped areas... . inside the MIPS code area! . 1 10 100 1000 10000 100000 1e+06 1e+07 1e+08 0x0 0x20000 count address R/W/X memory mapping EXT W CPU X CPU R CPU W RCB TX ring RX ring TXMBUF RXMBUF scratchpad cpu stack ..... ANSSI – French Network and Information Security Agency 16/26
  • 26. Prototype implementation : NAVIS Memory map analysis MIPS execution mostly at the beginning of scratchpad . plus few instruc- tions at the end . 1 10 100 1000 10000 100000 1e+06 1e+07 1e+08 0x0 0x20000 count address R/W/X memory mapping EXT W CPU X CPU R CPU W RCB TX ring RX ring TXMBUF RXMBUF scratchpad cpu stack ... ANSSI – French Network and Information Security Agency 16/26
  • 27. Prototype implementation : NAVIS Memory map analysis MIPS reads/writes in the Rings . Control Blocks and TXMBUF . (presumably ASF traffic) in the scratchpad, with four dif- ferent areas: just after the main code area . in the packets area (presum- ably ASF traffic) . just after the MIPS code area after the MIPS code area, just before scrachpad end (the stack) . 1 10 100 1000 10000 100000 1e+06 1e+07 1e+08 0x0 0x20000 count address R/W/X memory mapping EXT W CPU X CPU R CPU W RCB TX ring RX ring TXMBUF RXMBUF scratchpad cpu stack ...... ANSSI – French Network and Information Security Agency 16/26
  • 28. Prototype implementation : NAVIS Challenges in monitoring the MIPS Control flow instructions No CALL/RET instructions on MIPS architecture Fortunately, the firmware code is rather simple Function calls can reliably be inferred from jump instructions (JAL) and a specific register (R31) used to store return addresses Interrupts triggered by the network adapter Cause unexpected changes in the control flow (looks like an attack) The firmware uses a single interrupt handler, starting at a fixed address Return from the interrupt vector is done through register R27 Dealing with interrupts is manageable by monitoring this behaviour ANSSI – French Network and Information Security Agency 17/26
  • 29. Prototype implementation : NAVIS Summary we know where the MIPS reads and writes data where the MIPS executes code how to find function calls and RET issues there are external writes to the MIPS code area there are writes in unmapped areas interrupts make it harder to follow control flow remarks no way to enforce rodata no such thing as NX on those MIPS processor no segmentation/pagination This allows to detect any unexpected change in the control flow When a return value is modified on the stack But data on the stack, heap and scratchpad can still be modified by the attacker. ANSSI – French Network and Information Security Agency 18/26
  • 30. Experimental results It works! We tried the various proof-of-concept attacks we created as part of previous researches they are all detected an alert is reported in NAVIS the network controler is stopped one can either reset the card and start fresh, or try to investigate in the debugger Since we detect control flow modification, other attacks should be detected as well ANSSI – French Network and Information Security Agency 19/26
  • 31. Experimental results Performance The monitoring is expected to have a negative impact on the NIC’s performance The MIPS CPU is run in step-by-step mode Various tests are done at each MIPS cycle (bounds, call stack, etc.) So each MIPS cycle requires many CPU cycles Still, performance is not that poor We still manage to achieve gigabit speed... ... at the cost of 100% CPU usage on one core (active loop and context switches) However, what is really important is packets rate and packet loss when firmware processes packets when NAVIS checks are active (ASF traffic) ANSSI – French Network and Information Security Agency 20/26
  • 32. Experimental results UDP/9 UDP/623 Without Navis With Navis ANSSI – French Network and Information Security Agency 21/26
  • 33. Conclusion and future work Limitations of the approach The detection model is highly adapter-specific: we tested on BCM5754 and BCM5755M adapters it could be adapted to other Broadcom adapters (provided they use the same kind of firmwares) our concept can be ported to other devices as long as similar debug capabilities are present Can an attacker prevent us to control the NIC? We cannot prevent arbitrary writes in code area (since standard behavior seems to allow it) High processing cost ANSSI – French Network and Information Security Agency 22/26
  • 34. Conclusion and future work Conclusion We proposed NAVIS, a firmware integrity attestation framework: firmware integrity attestation is a (very) hard problem our proof of concept is highly firmware and adapter specific NAVIS can detect and prevent most low level attacks on NIC firmware But it requires the OS to be trusted. And protecting the OS stays the highest priority. If the embedded devices implement more functions, could they have more protections too? ANSSI – French Network and Information Security Agency 23/26
  • 35. Conclusion and future work Questions & Answers Thank your for your attention Do you have any question? No network cards were harmed in the making of this paper ANSSI – French Network and Information Security Agency 24/26
  • 36. Conclusion and future work Bibliography I [1] Claude Castelluccia, Aur´elien Francillon, Daniele Perito, and Claudio Soriente. On the difficulty of software-based attestation of embedded devices. In Proceedings of 16th ACM Conference on Computer and Communications Security, November 2009. [2] K. Chen. Reversing and exploiting an apple firmware update. BlackHat, 2009. [3] Guillaume Delugr´e. Closer to metal : Reverse ingineering the broadcom netextreme’s firmware. Hack.lu, 2010. [4] Lo¨ıc Duflot and Yves-Alexis Perez. Can you still trust your network card? CanSecWest, 2010. [5] Aur´elien Francillon, Claude Castelluccia, Daniele Perito, and Claudio Soriente. Comments on “refutation of on the difficulty of software based attestation of embedded devices”. -, 2010. [6] Alexandre Gazet. Sticky fingers & kbc custom shop. -, 2011. [7] Yanlin Li, Jonathan M. McCune, and Adrian Perrig. SBAP: Software-Based Attestation for Peripherals. In Proceedings of the 3rd International Conference on Trust and Trustworthy Computing (Trust 2010), June 2010. [8] Yanlin Li, Jonathan M. McCune, and Adrian Perrig. VIPER: Verifying the integrity of pe- ripheral’s firmware. In Proceedings of CCS’11, 2011. [9] Alfredo Ortega and Anibal Sacco. Deactivate the rootkit. BlackHat, 2009. ANSSI – French Network and Information Security Agency 25/26
  • 37. Conclusion and future work Bibliography II [10] Adrian Perrig and Leendert Van Doorn. Refutation of “on the difficulty of software based attestation of embedded devices”. -, 2010. [11] Fernand L. Sang, Eric Lacombe, Vincent Nicomette, and Yves Deswarte. Exploiting an I/OMMU vulnerability. In MALWARE ’10: 5th International Conference on Malicious and Unwanted Software, pages 7–14, 2010. [12] Arrigo Triulzi. Taking NIC backdoors to the next level. CanSecWest, 2010. [13] Ralf-Philipp Weinmann. All Your Baseband Are Belong To Us. CCC, 2010. ANSSI – French Network and Information Security Agency 26/26