We are pleaased to announce that our paper has been accepted for publication at the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2024). Congratulations to Matsuo-kun and the team!
Kazuki Matsuo, Satoshi Tanda, Yuhei Kawakoya, Kuniyasu Suzaki, and Tatsuya Mori, “SmmPack: Obfuscation for SMM Modules,” Proceedings of DIMVA 2024 (accepted for publication)
In this paper, we address the urgent need to improve computer security for System Management Mode (SMM), the most privileged operating mode in x86 and x86-64 processors. Recognizing that SMM is frequently exploited by attackers to bypass critical security measures, we developed SmmPack. The key idea is to encrypt the SMM modules, making it much harder for hackers to access and analyze. Our extensive testing has shown that SmmPack not only effectively strengthens security, but also preserves computer performance. In addition, we have demonstrated the practicality of deploying and managing SmmPack, including during BIOS updates. This breakthrough represents a significant advancement in protecting the highly privileged SMM and securing computers against advanced cyber threats.
Image generated by ChatGPT