{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,26]],"date-time":"2026-04-26T01:35:22Z","timestamp":1777167322973,"version":"3.51.4"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031641701","type":"print"},{"value":"9783031641718","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-64171-8_23","type":"book-chapter","created":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T11:02:33Z","timestamp":1720609353000},"page":"439-459","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["SmmPack: Obfuscation for\u00a0SMM Modules with\u00a0TPM Sealed Key"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-0402-5312","authenticated-orcid":false,"given":"Kazuki","family":"Matsuo","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Satoshi","family":"Tanda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0912-0087","authenticated-orcid":false,"given":"Kuniyasu","family":"Suzaki","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-9310-0493","authenticated-orcid":false,"given":"Yuhei","family":"Kawakoya","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1583-4174","authenticated-orcid":false,"given":"Tatsuya","family":"Mori","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,7,9]]},"reference":[{"key":"23_CR1","unstructured":"RWEverything read & Write everything. http:\/\/rweverything.com\/ (2017)"},{"key":"23_CR2","unstructured":"Unified extensible firmware interface forum. https:\/\/uefi.org\/ (2021)"},{"key":"23_CR3","doi-asserted-by":"crossref","unstructured":"Halderman, J.A., et\u00a0al.: Lest we remember: cold boot attacks on encryption keys. In: Proceedings of 17th USENIX Security Symp, pp. 91\u201398 (2008)","DOI":"10.1145\/1506409.1506429"},{"key":"23_CR4","unstructured":"Ant: deitybounce ant product data. https:\/\/www.eff.org\/files\/2014\/01\/06\/20131230-appelbaum-nsa_ant_catalog.pdf (2013)"},{"key":"23_CR5","doi-asserted-by":"crossref","unstructured":"Bauer, J., Gruhn, M., Freiling, F.C.: Lest we forget: cold-boot attacks on scrambled ddr3 memory. In: Proceedings of the Third Annual DFRWS Europe, pp. s65\u2013s74 (2016)","DOI":"10.1016\/j.diin.2016.01.009"},{"key":"23_CR6","unstructured":"Binarly: [BRLY-2021-004] SMM callout vulnerability in SMM driver on multiple HP devices (SMM arbitrary code execution). https:\/\/www.binarly.io\/advisories\/BRLY-2021-004\/index.html (2021)"},{"key":"23_CR7","unstructured":"Binarly: [BRLY-2021-032] The heap buffer overflow vulnerability in child SW SMI handler on multiple HP devices. https:\/\/www.binarly.io\/advisories\/BRLY-2021-032\/index.html (2021)"},{"key":"23_CR8","unstructured":"Binarly: [BRLY-2021-040] SMM Callout Vulnerability In SMM Driver On Multiple HP Devices. https:\/\/www.binarly.io\/advisories\/BRLY-2021-040\/index.html (2021)"},{"key":"23_CR9","unstructured":"Binarly: firmware supply chain is hard(coded). https:\/\/www.binarly.io\/posts\/Firmware_Supply_Chain_is_Hard(coded)\/index.html (2021)"},{"key":"23_CR10","unstructured":"Binarly: [BRLY-2022-016] Stack overflow vulnerability In SMI handler. https:\/\/www.binarly.io\/advisories\/BRLY-2022-016\/index.html (2022)"},{"key":"23_CR11","unstructured":"Bulygin, Y., Gorobets, M., Furtak, A., Bazhaniuk, A.: Fractured backbone: breaking modern OS defenses with firmware attacks. https:\/\/www.blackhat.com\/docs\/us-17\/wednesday\/us-17-Bulygin-Fractured-Backbone-Breaking-Modern-OS-Defenses-With-Firmware-Attacks.pdf (2017)"},{"key":"23_CR12","unstructured":"chipsec: chipsec. https:\/\/github.com\/chipsec\/chipsec (2023)"},{"key":"23_CR13","doi-asserted-by":"crossref","unstructured":"Collberg, C., Davidson, J., Giacobazzi, R., Gu, Y.X., Herzberg, A., Wang, F.Y.: Toward digital asset protection. In: Proceedings of the 2011 IEEE Intelligent Systems, pp. 8\u201313 (2021)","DOI":"10.1109\/MIS.2011.106"},{"key":"23_CR14","doi-asserted-by":"crossref","unstructured":"Hudson, T., Kovah, X., Kallenberg, C.: Thunderstrike 2: Sith strike a macbook firmware worm. https:\/\/legbacore.com\/Research_files\/ts2-blackhat.pdf#page=22 (2015)","DOI":"10.1145\/2757667.2757673"},{"key":"23_CR15","unstructured":"Intel Corporation: Intel\u00ae hardware shield - below-the-OS security. https:\/\/www.intel.com\/content\/dam\/www\/central-libraries\/us\/en\/documents\/below-the-os-security-white-paper.pdf, May 2021"},{"key":"23_CR16","unstructured":"Intel corporation: intel\u00ae hardware shield - intel\u00ae total memory encryption. https:\/\/www.intel.com\/content\/dam\/www\/central-libraries\/us\/en\/documents\/white-paper-intel-tme.pdf (2021)"},{"key":"23_CR17","unstructured":"Intel corporation: intel\u00ae trusted execution technology (intel\u00ae txt). https:\/\/cdrdv2-public.intel.com\/315168\/315168_TXT_MLE_DG_rev_017_4.pdf (2023)"},{"key":"23_CR18","unstructured":"Kaplan, D., Powell, J., Woller, T.: AMD memory encryption. https:\/\/www.amd.com\/system\/files\/TechDocs\/memory-encryption-white-paper.pdf (2021)"},{"key":"23_CR19","unstructured":"kokke: tiny-aes-c. https:\/\/github.com\/kokke\/tiny-AES-c, December 2021"},{"key":"23_CR20","unstructured":"Lin, J.: Multi-key total memory encryption on windows 11 22h2. https:\/\/techcommunity.microsoft.com\/t5\/windows-os-platform-blog\/multi-key-total-memory-encryption-on-windows-11-22h2\/ba-p\/3683043 (2022)"},{"key":"23_CR21","unstructured":"MachineHunter: Smmpack. https:\/\/github.com\/MachineHunter\/SmmPack (2023)"},{"key":"23_CR22","unstructured":"Malhotra, A.: Amd ryzen\u2122 pro 5000 series mobile processors making defenses count: Designing for substantial depth. https:\/\/www.amd.com\/system\/files\/documents\/amd-security-white-paper.pdf (2021)"},{"key":"23_CR23","unstructured":"shop, U.: Up squared pro atom quad core 04\/64. https:\/\/up-shop.org\/up-squared-pro-atom-quad-core-0464.html (2023)"},{"key":"23_CR24","unstructured":"tpm2 software: tpm2-tools. https:\/\/github.com\/tpm2-software\/tpm2-tools (2023)"},{"key":"23_CR25","unstructured":"The MITRE corporation: CVE search results. https:\/\/cve.mitre.org\/cgi-bin\/cvekey.cgi?keyword=smm (2023)"},{"key":"23_CR26","unstructured":"TheSecMaster: be aware about these six unpatched SMM vulnerabilities in HP enterprise devices. https:\/\/thesecmaster.com\/be-aware-about-these-six-unpatched-smm-vulnerabilities-in-hp-enterprise-devices\/, September 2022"},{"key":"23_CR27","unstructured":"TianoCore community: 38. SW SMI confused deputy SmramSaveState.c. https:\/\/edk2-docs.gitbook.io\/security-advisory\/sw-smi-confused-deputy-smramsavestate_c (2021)"},{"key":"23_CR28","unstructured":"TianoCore community: Tcg trusted boot chain in edk ii. https:\/\/tianocore-docs.github.io\/edk2-TrustedBootChain\/release-1.00\/3_TCG_Trusted_Boot_Chain_in_EDKII.html, March 2021"},{"key":"23_CR29","unstructured":"TianoCore community: edk2. https:\/\/github.com\/tianocore\/edk2 (2023)"},{"key":"23_CR30","unstructured":"Trusted computing group: TCG platform reset attack mitigation specification. https:\/\/www.trustedcomputinggroup.org\/wp-content\/uploads\/Platform-Reset-Attack-Mitigation-Specification.pdf (2008)"},{"key":"23_CR31","unstructured":"Trusted computing group: https:\/\/trustedcomputinggroup.org\/ (2023)"},{"key":"23_CR32","unstructured":"Wojtczuk, R.: Analysis of the attack surface of windows 10 virtualization-based security. https:\/\/www.blackhat.com\/docs\/us-16\/materials\/us-16-Wojtczuk-Analysis-Of-The-Attack-Surface-Of-Windows-10-Virtualization-Based-Security.pdf (2016)"},{"key":"23_CR33","unstructured":"Yao, J., Zimmer, V.J.: A tour beyond bios capsule update and recovery in edk ii. https:\/\/github.com\/tianocore-docs\/Docs\/raw\/master\/White_Papers\/A_Tour_Beyond_BIOS_Capsule_Update_and_Recovery_in_EDK_II.pdf (2016)"},{"key":"23_CR34","doi-asserted-by":"crossref","unstructured":"Yitbarek, S.F., Aga, M.T., Das, R., Austin, T.: Cold boot attacks are still hot: security analysis of memory scramblers in modern processors. In: Proceedings of the 2017 IEEE HPCA Symp, pp. s65\u2013s74 (2016)","DOI":"10.1109\/HPCA.2017.10"},{"key":"23_CR35","unstructured":"Zimmer, V., Kinney, M., Hughes, R.: Capsule update LVFS: improving system firmware updates. https:\/\/archive.fosdem.org\/2020\/schedule\/event\/firmware_culisfu\/attachments\/slides\/3709\/export\/events\/attachments\/firmware_culisfu\/slides\/3709\/FOSDEM_2020_Intel_Capsule_Update.pdf(2020)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-64171-8_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,10]],"date-time":"2024-07-10T11:15:50Z","timestamp":1720610150000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-64171-8_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031641701","9783031641718"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-64171-8_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"9 July 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lausanne","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Switzerland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 July 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 July 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva.org\/dimva2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}