Uncategorized

# New Class of Malware Attacks Specific Chips

Computer scientists reveal malware that attacks specific processors rather than the operating system that runs on them.
November 10, 2010

Computer malware is insidious and dangerous but there are well known limits to the kinds of attacks that it can be used to mount. One of the most obvious is that the malware has to be targeted at a weakness in a specific operating system.

So there’s no shortage of malware targeting the Windows operating system, for example, but this is easy enough to avoid by using a Mac.

But Anthony Desnos and friends at the Ecole Superiore d’Informatique, Electronique, Automatique (ESIEA) in Paris say it ought to be possible to make malware much more insidious. Today, they show how to create malware that targets a specific processor rather than the operating system that runs on it. That kind of attack is much harder to protect against.

The first step in such an undertaking is to work out how to identify a processor, a task that is by no means straightforward but not impossible.

One clue comes from a bug in Intel’s P5 chip back in 1994 that caused it to make floating point errors in various calculations. A simple way to discover whether anybody is using such a chip would be to carry out a calculation that the P5 is known to screw up.

Desnos and co point out that all chips have mathematical limitations that are determined by the standards they use for encoding numbers and carrying out floating point arithmetic. Some of these are well known.

For example, many processors use the IEEE P754 standard for 32-bit number formats and basic mathematical operations. Here, the first bit represents the sign of the number, the next 8 bits represent the exponent and the final 23 bits represent the mantissa.

(One way to represent a number is to write down its digits and then indicate where the decimal point should go. So the number 123.45 can be written as 12345 x 10^-2. 12345 is the mantissa and -2 is the exponent. )

This standard has various known limitations. Consider, for example, the expression:

F(X,Y) = (1682XY^4 + 3X^3 + 29XY^2 - 2X^5 + 832)/107751

When X = 192119201 and Y = 35675640, the answer is 1783. But a processor using the IEEE P754 standard will calcalute that F(X,Y) = −7.18056 x 10^20. A dead give away.

The problem for Desnos and co is to find a set of floating point calculations like this that can uniquely identify any processor.

And they’ve gone some way to finding them using tasks such as calculating sin(10^10 pi) for various different numerical values of pi. They can’t yet spot specific processors but they can use this technique to identify families of them (see table above). It’s then just a question of running some code that does the damage.

Desnos and co say this kind of approach would allow much more specific cyberattacks than are possible today. “If such an approach is possible, this would enable far more precise and targeted attacks, at a finer level in a large network of heterogeneous machines but with generic malware,” they say.

That’s a worrying new addition to the armoury of malice. Highly targeted cyber attacks have obvious value, as demonstrated recently by the Stuxnet worm aimed at computer systems used to control industrial machines and apparently targeted at Iran and China.

The only question now is how long till we see processor-dependent malware in the wild.

Ref: arxiv.org/abs/1011.1638: Processor-Dependent Malware… And Codes

### DeepMind’s cofounder: Generative AI is just a phase. What’s next is interactive AI.

“This is a profound moment in the history of technology,” says Mustafa Suleyman.

New variants will pose a challenge, but early signs suggest the shots will still boost antibody responses.

### Human-plus-AI solutions mitigate security threats

With the right human oversight, emerging technologies like artificial intelligence can help keep business and customer data secure

### Next slide, please: A brief history of the corporate presentation

From million-dollar slide shows to Steve Jobs’s introduction of the iPhone, a bit of show business never hurt plain old business.

### Stay connected

Illustration by Rose Wong

## Get the latest updates fromMIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!