2017  •   Computer and Information Sciences

Detection and Mitigation of Malicious Modifications on the Minnowboard Turbot

Lead Presenter: Bryan Koch

PI: Agnes Chan

Winner


Computer and Information Sciences

Malicious modifications affecting the hardware or firmware of commercial off-the-shelf (COTS) devices is far more persistent than traditional software-based malware, and can be hard to detect and remove once the devices are deployed in an organization. This research analyzes and proposes cost-effective procedures to detect and mitigate malicious modifications associated with the supply chain of the Minnowboard Turbot, an open-source COTS device. Findings demonstrate that screening hardware with existing quality assurance techniques and installing clean firmware on the device can successfully mitigate most of the supply chain risks. These procedures and risk analysis provide a road map for identifying supply chain risk on other commercial off-the-shelf devices.

View Poster