For example, a Trojan might leak a cryptographic algorithm's secret key through unused RS-232 ports. Sensitive data can be leaked via radio frequency, optical or thermal power, timing side-channels, and interfaces, such as RS-232 and JTAG (Joint Test Action Group). 5.5.4.3 Leak InformationĪ Trojan can also leak information through both covert and overt channels. For example, a Trojan might insert more buffers in the chip's interconnections and, hence, consume more power, which in turn could drain the battery quickly. These include functional, interface, or parametric characteristics, such as power and delay. 5.5.4.2 Downgrade PerformanceĪ Trojan can downgrade performance by intentionally changing device parameters. For example, a Trojan might cause an error detection module to accept inputs that should be rejected. Trojan can change the functionality of the target device, and cause subtle errors that might be difficult to detect during manufacturing test. The severity of these effects on target hardware or systems can range from subtle disturbances to catastrophic system failures. Trojans can also be characterized by their payload, that is, the malicious effects caused by them when they become activated. Swarup Bhunia, Mark Tehranipoor, in Hardware Security, 2019 5.5.4 Payload This Trojan modifies the registry so that it is executed every time the system is booted.
A Trojan affects more recent versions of Windows, specifically XP SP2. These two Trojans install servers that allow unrestricted remote access to certain versions of Microsoft Windows. Some examples of popular backdoor Trojans include Back Oriface and NetBus. When an attacker compromises a system, it is not uncommon for them to replace certain system executables with versions containing Trojans in order to leave backdoors, hide specific information about the environment from administrators, or hide the intrusion itself. A good example of this is the GNU File Transfer Protocol (FTP) server compromise ( ).Ī classic use for Trojans is with rootkits. Because Trojans mask themselves as legitimate software, they are not easy to detect. Users who cannot verify the source of the software then become victims. An attacker may compromise a vendor's Web site and plant Trojan copies of its software. A Trojan can be sent in an e-mail disguised as an attractive piece of software, or, ironically, as a security update. There are many vectors for Trojan software. Trojan software is software that looks legitimate, but is actually used as a vehicle for conducting malicious activity on a host. In Host Integrity Monitoring Using Osiris and Samhain, 2005 Trojans
0 kommentar(er)
