Logo des Repositoriums
 

DMA Security in the Presence of IOMMUs

dc.contributor.authorSchwarz, Christian
dc.contributor.authorReusch, Viktor
dc.contributor.authorPlaneta, Maksym
dc.date.accessioned2022-03-08T09:59:33Z
dc.date.available2022-03-08T09:59:33Z
dc.date.issued2022
dc.description.abstractFaulty, vulnerable or malicious PCIe devices can harm a system through DMA. IOMMUs can act as a security mechanism to protect against this problem by restricting the memory that is accessible via DMA. Unfortunately, there are methods to bypass the IOMMU restrictions. This paper is a survey over the currently existing bypasses and their feasibility. Current systems might be exploited from any untrusted source of DMA, which includes peripheral PCIe devices, virtual machines using SR-IOV, and even RDMA network cards, which enable remote attacks. Key strategies for the attacks presented here are Rowhammer, cache side-channels, and the exploitation of weaknesses in device drivers, e.g., for network cards, or protocols like PCIe or Ethernet OAM. An attacker can potentially achieve denial of service, the reading of confidential data, and even arbitrary code execution. Fortunately, there are some precautions to reduce the risks for affected systems.en
dc.identifier.doi10.18420/fgbs2022f-04
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/38507
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofTagungsband des FG-BS Frühjahrstreffens 2022
dc.subjectIOMMU
dc.subjectDMA
dc.subjectPCIe
dc.subjectSR-IOV
dc.subjectRDMA
dc.subjectThunderbolt
dc.subjectRowhammer
dc.titleDMA Security in the Presence of IOMMUsen
dc.typeText
gi.citation.publisherPlaceBonn
gi.conference.date17.-18. März 2022
gi.conference.locationHamburg, Deutschland
gi.document.qualitydigidoc

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
Paper04.pdf
Größe:
546.88 KB
Format:
Adobe Portable Document Format