Date Added: Oct 2011
Recent research demonstrates that malware can infect peripherals' firmware in a typical x86 computer system, e.g., by exploiting vulnerabilities in the firmware itself or in the firmware update tools. Verifying the integrity of peripherals' firmware is thus an important challenge. The authors propose software-only attestation protocols to verify the integrity of peripherals' firmware, and show that they can detect all known software-based attacks. They implement their scheme using a Netgear GA620 network adapter in an x86 PC, and evaluate their system with known attacks.