Research on Malicious Behavior of Firmware Based on Hardware Resources Access Control

As same as the traditional application and system software, firmware also faced the risk of malicious code like hobbyhorse, back door, logical bomb and so on. Firmware exhibited strong cohesion and hardware relativity, which make the malicious action in firmware to be different from that in the traditional software. This paper analyzed the specificities of firmware and the malicious behaviour about it, then expatiate the essence of the malicious behaviour of the firmware, and presented a firmware formal definition and detecting method which was based on the hardware resources access control policy. Experimental results proved that the method was effective to detect the malicious firmware.