| With the rapid development of computer technology and the network, theincrease speed of new computer viruses become more and more quickly year by year,how to detect and cleaning the virus in good season is not only a problem that theworld is confronted but one that needs to be solved.In order to solve the shortage of the legacy BIOS, the Intel Corporation putforward a new generation of firmware technology named EFI, a later UEFI (short forUnified Extensible Firmware Interface). It defines system specification for a newgeneration BIOS platform. It also provides a general interface to boot an operatingsystem and load applications, and supplies runtime services.The thesis puts forward a kind of solution under pre-boot environment which isbased on the UEFI specification; this solution can scan and process the disk filebefore the operating system to be loaded as the result of the UEFI structure and theprinciple of system to be load. This solution not only gets rid of the limit that betweenoperating system and scanning engine, but also provides the function that scanning theBIOS loophole. The solution prevented the security threat effectively from firmwareitself, have guaranteed the integrity of the security system. Firstly, the researchdiscusses the UEFI specification and its basic concepts and implementation, thensome basic knowledge of UEFI application and its implement mechanism areintroduced process. According to the relevant content on UEFI research, the thesisputs forward the architecture of virus scanning engine based on UEFI. After that, thedesign and implementation of virus scanning engine, such as command line parsing,virus database loading and pattern matching by Aho-Corasick algorithm. Finally, inorder to validation the function of the UEFI virus scanning engine, four related testcases will be made. |
PDF Full Text Request