UEFI-based Malware
Tutor/a - Director/a
Estudiante
Alba Cerveró, Marc
Tipo de documento
Projecte Final de Màster Oficial
Fecha
2024
rights
Acceso abierto
Editorial
Universitat Politècnica de Catalunya
Titulaciones
UPCommons
Resumen
Unified Extensible Firmware Interface(UEFI) malware represents a sophisticated and insidious form of cyber threat that targets the firmware of a computer, specifically the UEFI, which is responsible for initializing hardware and booting the operating system. Unlike traditional malware that resides within the operating system, UEFI malware operates at a lower level, granting it unprecedented persistence and control over a system and its layers. This master thesis examines the specifics of UEFI booting service, real exploitation cases, the design and development of a UEFI malware application and mitigation strategies of UEFI malware. We explore case studies of notable UEFI malware instances to illustrate its evolution and sophistication. Additionally, we discuss how UEFI malware bypasses standard security measures, its methods of infection and propagation, and the challenges it poses to detection and removal. In addition, the study approaches the design and development of a simple use case for a UEFI malware application to lay out a practical demonstration. Finally, this thesis outlines current and emerging defensive measures designed to prevent and mitigate firmware integrity.
