Characterizing, exploiting, and detecting DMA code injection vulnerabilities in the presence of an IOMMU
Alex Markuze, Shay Vargaftik, Gil Kupfer, Boris Pismeny, Nadav Amit, Adam Morrison, Dan Tsafrir
Abstract
Direct memory access (DMA) renders a system vulnerable to DMA attacks, in which I/O devices access memory regions not intended for their use. Hardware input-output memory management units (IOMMU) can be used to provide protection. However, an IOMMU cannot prevent all DMA attacks because it only restricts DMA at page-level granularity, leading to sub-page vulnerabilities.
Topics & Concepts
Computer scienceMemory protectionMemory managementEmbedded systemCode (set theory)GranularityRandom access memoryDirect memory accessPhysical addressComputer hardwareOperating systemVirtual memorySemiconductor memoryProgramming languageTransfer (computing)Set (abstract data type)Security and Verification in ComputingDiamond and Carbon-based Materials ResearchAdvanced Malware Detection Techniques