An Introspection-Based Memory Scraper Attack against Virtualized Point of Sale Systems
نویسندگان
چکیده
Retail industry Point of Sale (POS) computer systems are frequently targeted by hackers for credit/debit card data. Faced with increasing security threats, new security standards requiring encryption for card data storage and transmission were introduced making harvesting card data more difficult. Encryption can be circumvented by extracting unencrypted card data from the volatile memory of POS systems. One scenario investigated in this empirical study is the introspection-based memory scraping attack. Vulnerability of nine commercial POS applications running on a virtual machine was assessed with a novel tool, which exploited the virtual machine state introspection capabilities supported by modern hypervisors to automatically extract card data from the POS virtual machines. The tool efficiently extracted 100% of the credit/debit card data from all POS applications. This is the first detailed description of an introspection-based memory scraping attack on virtualized POS systems.
منابع مشابه
Analysis and Detection of Heap-based Malwares Using Introspection in a Virtualized Environment
Malware detection and analysis is a major part of computer security. There is an arm race between security experts and malware developers to develop various techniques to secure computer systems and to nd ways to circumvent these security methods. In recent years process heap-based attacks have increased signi cantly. These attacks exploit the system under attack via the heap, typically by usin...
متن کاملA Call to Arms: Defending Against Point of Sale Malware
Point of Sale (PoS) malware has been alarmingly successful over the past year and is estimated to have cost businesses billions of dollars. While PoS malware does not represent any major technical evolution, it suggests that cybercrime is shifting focus from the consumer to the retailer. Rather than relying on infecting relatively small groups of users with specific vulnerabilities who may cond...
متن کاملParadigms for Virtualization Based Host Security a Dissertation Submitted to the Department of Computer Science and the Committee on Graduate Studies of Stanford University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy
Virtualization has been one of the most potent forces reshaping the landscape of systems software in the last 10 years and has become ubiquitous in the realm of enterprise compute infrastructure and in the emerging field of cloud computing. This presents a variety of new opportunities when designing host based security architectures. We present several paradigms for enhancing host security leve...
متن کاملAutomated Forensic Techniques for Locating Zero-day Exploits
.............................................................................................................................. ii Acknowledgments: ............................................................................................................ iv List of tables: ...................................................................................................................... ix ...
متن کاملAn Identity Based Encryption Scheme Resilient to RAM Scraper Like Malware Attacks
Modern software ecosystem is data-centric. Data exfiltration due to the attacks of Memory Scraper type malwares is an emerging threat. In this paper, we set up an appropriate mathematical model capturing the threat such attacks pose to Identity Based Cryptosystems (IBE). Following the formalism, we demonstrate an attack on popular Boneh-Franklin CCA2 secure IBE construction that compels us to r...
متن کامل