UEFI-Based (unified extensible firmware interface-based) BIOS (basic input/output system) vulnerability scanning device and method
A vulnerability scanning and vulnerability technology, which is applied in the computer field, can solve problems such as potential safety hazards and difficult expansion of traditional BIOS, and achieve the effect of enhancing security
Inactive Publication Date: 2018-04-20
ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
View PDF3 Cites 5 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Its appearance not only changed the booting method of the traditional BIOS, but also solved the problem that the traditional BIOS is difficult to expand, and provided users with a convenient underlying development environment, but at the same time inevitably brought some security risks
At present, the existing technology lacks detection means for BIOS vulnerabilities
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment
[0039] like figure 1 As shown, the embodiment of the present invention provides a UEFI-based BIOS vulnerability scanning device. The device includes a vulnerability library, a UEFI firmware startup information scanning unit, a BIOS configuration information scanning unit, and a driver health status scanning unit.
[0040] The vulnerability database is used to store the characteristic codes of the vulnerabilities, which are used as the matching objects of the characteristic codes in the vulnerability scanning process to verify whether there are vulnerabilities in the BIOS to be tested.
[0041] The UEFI firmware startup information scanning unit implements acquisition, processing and analysis of startup item information to verify the validity of the startup item.
[0042] The BIOS configuration information scanning unit realizes the acquisition and analysis of the basic configuration information of the BIOS, so as to judge whether it meets the requirements of normal startup.
...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides a UEFI-Based (unified extensible firmware interface-based) BIOS (basic input / output system) vulnerability scanning device, comprising: a vulnerability library for storing characteristic codes of vulnerabilities and using the characteristic codes as characteristic code matching objects during vulnerability scanning to verify whether a BIOS to be detected has vulnerabilities;a UEFI firmware startup information scanning unit for acquiring, processing and analyzing startup item information to verify legality of startup items; a BIOS configuration information scanning unit for acquiring and analyzing basic configuration information of the BIOS to judge whether the BIOS meets the requirement for normal startup; a drive health state scanning unit for scanning drives of devices loaded by the UEFI BIOS and state of a controller so as to detect whether the drives are in normal operating state or whether the drives are tampered. The UEFI-based BIOS vulnerability scanning device herein is suitable for scenes requiring scanning of UEFI-based BIOS vulnerabilities, thereby ensuring safety and reliability of the BIOS. The invention also provides a UEFI-based BIOS vulnerability scanning method.
Description
technical field [0001] The invention relates to the technical field of computers, in particular to a UEFI-based BIOS vulnerability scanning device and scanning method. Background technique [0002] With the rapid development of computer technology and network informatization, the number of computer virus outbreaks and the speed of new computer viruses are showing a rapid increase year by year. How to find and remove viruses in the first place has become a matter of great concern to the industry. In order to solve the shortcomings of the traditional BIOS, Intel Corporation proposed a new generation of firmware technology EFI, which later developed into UEFI (Unified Extensible Firmware Interface). This technology shields the underlying hardware features by adding a layer of abstraction between the hardware and the operating system. The environment boots the system in a general way, and UEFI also provides a debugging environment that allows users to run certain applications b...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/57
CPCG06F21/572G06F2221/034
Inventor 杨晋博
Owner ZHENGZHOU YUNHAI INFORMATION TECH CO LTD