UEFI-based Malware

Unified Extensible Firmware Interface(UEFI) malware represents a sophisticated and insidious form of cyber threat that targets the firmware of a computer, specifically the UEFI, which is responsible for initializing hardware and booting the operating system. Unlike traditional malware that resides w...

Descripción completa

Detalles Bibliográficos
Autor: Alba Cerveró, Marc
Tipo de recurso: tesis de maestría
Fecha de publicación:2024
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/420737
Acceso en línea:https://hdl.handle.net/2117/420737
Access Level:acceso abierto
Palabra clave:Computer security
Malware (Computer software)
Computer engineering
Cybersecurity
UEFI
Malware
Firmware
Computer Engineering
Seguretat informàtica
Programari maliciós
Enginyeria informàtica (Enginyeria)
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Àrees temàtiques de la UPC::Informàtica::Arquitectura de computadors
Descripción
Sumario:Unified Extensible Firmware Interface(UEFI) malware represents a sophisticated and insidious form of cyber threat that targets the firmware of a computer, specifically the UEFI, which is responsible for initializing hardware and booting the operating system. Unlike traditional malware that resides within the operating system, UEFI malware operates at a lower level, granting it unprecedented persistence and control over a system and its layers. This master thesis examines the specifics of UEFI booting service, real exploitation cases, the design and development of a UEFI malware application and mitigation strategies of UEFI malware. We explore case studies of notable UEFI malware instances to illustrate its evolution and sophistication. Additionally, we discuss how UEFI malware bypasses standard security measures, its methods of infection and propagation, and the challenges it poses to detection and removal. In addition, the study approaches the design and development of a simple use case for a UEFI malware application to lay out a practical demonstration. Finally, this thesis outlines current and emerging defensive measures designed to prevent and mitigate firmware integrity.