{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T18:31:58Z","timestamp":1742927518556,"version":"3.40.3"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030553036"},{"type":"electronic","value":"9783030553043"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-55304-3_25","type":"book-chapter","created":{"date-parts":[[2020,8,7]],"date-time":"2020-08-07T16:04:03Z","timestamp":1596816243000},"page":"479-504","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Rolling Attack: An Efficient Way to Reduce Armors of Office Automation Devices"],"prefix":"10.1007","author":[{"given":"Linyu","family":"Li","sequence":"first","affiliation":[]},{"given":"Lei","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Can","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Jie","family":"Gou","sequence":"additional","affiliation":[]},{"given":"Jiawei","family":"Yin","sequence":"additional","affiliation":[]},{"given":"Xiaorui","family":"Gong","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,8,6]]},"reference":[{"key":"25_CR1","unstructured":"0xrepnz: Abusing signed windows drivers. https:\/\/repnz.github.io\/posts\/abusing-signed-drivers\/"},{"key":"25_CR2","unstructured":"Arm: Description of trustzone. https:\/\/developer.arm.com\/ip-products\/security-ip\/trustzone\/. Accessed 4 Apr 2018"},{"key":"25_CR3","unstructured":"Bruno: Code check(mate) in SMM. https:\/\/www.synacktiv.com\/posts\/exploit\/code-checkmate-in-smm.html"},{"key":"25_CR4","unstructured":"Bulygin, Y., Furtak, A., Bazhaniuk, O.: A tale of one software bypass of windows 8 secure boot. Black Hat USA (2013)"},{"key":"25_CR5","unstructured":"Chen, Y., Zhang, Y., Wang, Z., Wei, T.: Downgrade attack on trustzone. arXiv preprint arXiv:1707.05082 (2017)"},{"key":"25_CR6","unstructured":"Cui, A., Costello, M., Stolfo, S.: When firmware modifications attack: a case study of embedded exploitation (2013)"},{"issue":"12","key":"25_CR7","doi-asserted-by":"publisher","first-page":"1590","DOI":"10.1002\/sec.166","volume":"6","author":"S Embleton","year":"2013","unstructured":"Embleton, S., Sparks, S., Zou, C.C.: SMM rootkit: a new breed of OS independent malware. Secur. Commun. Netw. 6(12), 1590\u20131605 (2013)","journal-title":"Secur. Commun. Netw."},{"key":"25_CR8","unstructured":"UEFI Forum: Description of UEFI. https:\/\/uefi.org\/specifications"},{"key":"25_CR9","unstructured":"h5ai: Firmware center. https:\/\/firmware.center"},{"key":"25_CR10","unstructured":"Intel: SMM protection in EDKII Intel. https:\/\/uefi.org\/sites\/default\/files\/resources\/Jiewen%20Yao%20-%20SMM%20Protection%20in%20%20EDKII_Intel.pdf"},{"key":"25_CR11","unstructured":"ReFirm Labs: Binwalk description. https:\/\/github.com\/ReFirmLabs\/binwalk"},{"key":"25_CR12","unstructured":"Lenovo: Lenovo bios security vulnerabilities description. https:\/\/support.lenovo.com\/us\/en\/product_security\/ps500279"},{"key":"25_CR13","unstructured":"Cauldron Development LLC: Oh brother tools. https:\/\/github.com\/CauldronDevelopmentLLC\/oh-brother"},{"key":"25_CR14","unstructured":"Lyon, G.: Nmap introduction. https:\/\/nmap.org\/"},{"key":"25_CR15","unstructured":"Matrosov, A.: UEFI firmware rootkits (2017). https:\/\/www.blackhat.com\/docs\/asia-17\/materials\/asia-17-Matrosov-The-UEFI-Firmware-Rootkits-Myths-And-Reality.pdf"},{"key":"25_CR16","unstructured":"M\u00fcller, J., Mladenov, V., Somorovsky, J., Schwenk, J.: PRET firmware updates (2017). http:\/\/hacking-printers.net\/wiki\/index.php\/Firmware_updates"},{"key":"25_CR17","doi-asserted-by":"crossref","unstructured":"M\u00fcller, J., Mladenov, V., Somorovsky, J., Schwenk, J.: SoK: exploiting network printers. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 213\u2013230. IEEE (2017)","DOI":"10.1109\/SP.2017.47"},{"key":"25_CR18","unstructured":"Muthukadan, B.: Selenium description. https:\/\/selenium-python.readthedocs.io\/"},{"key":"25_CR19","unstructured":"P\u00e9rigaud, F., Gazet, A., Czarny, J.: Subverting your server through its BMC: the HPE iLO4 case. Recon Brussels (2018)"},{"key":"25_CR20","unstructured":"Check Point Research: Faxploit: breaking the unthinkable. https:\/\/research.checkpoint.com\/2018\/sending-fax-back-to-the-dark-ages\/"},{"key":"25_CR21","unstructured":"Scrapy: Scrapy framwork (2020). https:\/\/scrapy.org\/"},{"key":"25_CR22","unstructured":"FoxGlove Security: A sheep in Wolf\u2019s clothing - finding RCE in HP\u2019s printer fleet (2017). https:\/\/foxglovesecurity.com\/2017\/11\/20\/a-sheep-in-wolfs-clothing-finding-rce-in-hps-printer-fleet\/"},{"key":"25_CR23","unstructured":"Kraud Security: CVE-2018-1207. https:\/\/github.com\/KraudSecurity\/Exploits\/tree\/master\/CVE-2018-1207"},{"key":"25_CR24","doi-asserted-by":"crossref","unstructured":"Sheffer, Y., Holz, R., Saint-Andre, P.: Summarizing known attacks on transport layer security (TLS) and datagram TLS (DTLS). RFC 7457 (2015)","DOI":"10.17487\/rfc7457"},{"key":"25_CR25","unstructured":"Sophos: Serial console port. https:\/\/community.sophos.com\/kb\/en-us\/123197"},{"issue":"4","key":"25_CR26","first-page":"1","volume":"8","author":"CCT Teyou","year":"2018","unstructured":"Teyou, C.C.T., Zhang, P.: Solving downgrade and dos attack due to the four ways handshake vulnerabilities (WIFI). Int. J. Eng. Manag. Res. (IJEMR) 8(4), 1\u201310 (2018)","journal-title":"Int. J. Eng. Manag. Res. (IJEMR)"},{"key":"25_CR27","unstructured":"Wiki: Office automation (2018). https:\/\/en.wikipedia.org\/wiki\/Office_automation"},{"key":"25_CR28","unstructured":"Wikipedia: Antivirus software. https:\/\/en.wikipedia.org\/wiki\/Antivirus_software"},{"key":"25_CR29","unstructured":"Wikipedia: APT description. https:\/\/en.wikipedia.org\/wiki\/Advanced_persistent_threat"},{"key":"25_CR30","unstructured":"Wikipedia: BMC description. https:\/\/en.wikipedia.org\/wiki\/Intelligent_Platform_Management_Interface"},{"key":"25_CR31","unstructured":"Wikipedia: BOOTP description. https:\/\/en.wikipedia.org\/wiki\/Bootstrap_Protocol"},{"key":"25_CR32","unstructured":"Wikipedia: Description of BIOS. https:\/\/en.wikipedia.org\/wiki\/BIOS"},{"key":"25_CR33","unstructured":"Wikipedia: Transport layer security. https:\/\/en.wikipedia.org\/wiki\/Transport_Layer_Security"},{"key":"25_CR34","doi-asserted-by":"crossref","unstructured":"Zaddach, J., Bruno, L., Francillon, A., Balzarotti, D., et al.: AVATAR: a framework to support dynamic security analysis of embedded systems\u2019 firmwares. In: NDSS 2014, pp. 1\u201316 (2014)","DOI":"10.14722\/ndss.2014.23229"},{"key":"25_CR35","unstructured":"Zoomeye: zoomeye (2020). https:\/\/www.zoomeye.org\/statistics"}],"container-title":["Lecture Notes in Computer Science","Information Security and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-55304-3_25","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,23]],"date-time":"2021-04-23T17:45:58Z","timestamp":1619199958000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-55304-3_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030553036","9783030553043"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-55304-3_25","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"6 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACISP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australasian Conference on Information Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Perth, WA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acisp2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/acisp2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"151","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,7","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}