{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:16:00Z","timestamp":1763468160247},"publisher-location":"Berlin, Heidelberg","reference-count":43,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642412837"},{"type":"electronic","value":"9783642412844"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-41284-4_1","type":"book-chapter","created":{"date-parts":[[2013,10,22]],"date-time":"2013-10-22T17:35:11Z","timestamp":1382463311000},"page":"1-20","source":"Crossref","is-referenced-by-count":10,"title":["A Primitive for Revealing Stealthy Peripheral-Based Attacks on the Computing Platform\u2019s Main Memory"],"prefix":"10.1007","author":[{"given":"Patrick","family":"Stewin","sequence":"first","affiliation":[]}],"member":"297","reference":[{"key":"1_CR1","unstructured":"Delugr\u00e9, G.: Closer to metal: Reverse engineering the Broadcom NetExtreme\u2019s firmware. Sogeti ESEC Lab (2010), http:\/\/esec-lab.sogeti.com\/dotclear\/public\/publications\/10-hack.lu-nicreverse_slides.pdf"},{"key":"1_CR2","unstructured":"Delugr\u00e9, G.: How to develop a rootkit for Broadcom NetExtreme network cards. Sogeti ESEC Lab (2011), http:\/\/esec-lab.sogeti.com\/dotclear\/public\/publications\/11-recon-nicreverse_slides.pdf"},{"key":"1_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1007\/978-3-642-23644-0_20","volume-title":"Recent Advances in Intrusion Detection","author":"L. Duflot","year":"2011","unstructured":"Duflot, L., Perez, Y.-A., Morin, B.: What if you can\u2019t trust your network card? In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol.\u00a06961, pp. 378\u2013397. Springer, Heidelberg (2011)"},{"key":"1_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-642-37300-8_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"P. Stewin","year":"2013","unstructured":"Stewin, P., Bystrov, I.: Understanding DMA malware. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol.\u00a07591, pp. 21\u201341. Springer, Heidelberg (2013)"},{"key":"1_CR5","unstructured":"Triulzi, A.: Project Maux Mk.II. The Alchemist Owl (2008), http:\/\/www.alchemistowl.org\/arrigo\/Papers\/Arrigo-Triulzi-PACSEC08-Project-Maux-II.pdf"},{"key":"1_CR6","unstructured":"Triulzi, A.: The Jedi Packet Trick takes over the Deathstar. The Alchemist Owl (2010), http:\/\/www.alchemistowl.org\/arrigo\/Papers\/Arrigo-Triulzi-CANSEC10-Project-Maux-III.pdf"},{"key":"1_CR7","unstructured":"Breuk, R., Spruyt, A.: Integrating DMA attacks in Metasploit. Sebug (2012), http:\/\/sebug.net\/paper\/Meeting-Documents\/hitbsecconf2012ams\/D2%20SIGINT%20-%20Rory%20Breuk%20and%20Albert%20Spruyt%20-%20Integrating%20DMA%20Attacks%20in%20Metasploit.pdf"},{"key":"1_CR8","unstructured":"Breuk, R., Spruyt, A.: Integrating DMA attacks in exploitation frameworks. Faculty of Science. University of Amsterdam (2012), http:\/\/staff.science.uva.nl\/~delaat\/rp\/2011-2012\/p14\/report.pdf"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Duflot, L., Perez, Y., Valadon, G., Levillain, O.: Can you still trust your network card (2010), http:\/\/www.ssi.gouv.fr\/IMG\/pdf\/csw-trustnetworkcard.pdf","DOI":"10.1007\/978-3-642-23644-0_20"},{"issue":"3","key":"1_CR10","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1535\/itj.1003.02","volume":"10","author":"D. Abramson","year":"2006","unstructured":"Abramson, D., Jackson, J., Muthrasanallur, S., Neiger, G., Regnier, G., Sankaran, R., Schoinas, I., Uhlig, R., Vembu, B., Wiegert, J.: Intel Virtualization Technology for Directed I\/O. Intel Technology Journal\u00a010(3), 179\u2013192 (2006)","journal-title":"Intel Technology Journal"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Li, Y., McCune, J., Perrig, A.: VIPER: Verifying the integrity of peripherals\u2019 firmware. In: Proceedings of the ACM Conference on Computer and Communications Security (2011)","DOI":"10.1145\/2046707.2046711"},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"Sang, F.L., Lacombe, E., Nicomette, V., Deswarte, Y.: Exploiting an I\/OMMU vulnerability. In: Malicious and Unwanted Software, pp. 7\u201314 (2010)","DOI":"10.1109\/MALWARE.2010.5665798"},{"key":"1_CR13","unstructured":"Wojtczuk, R., Rutkowska, J., Tereshkin, A.: Another Way to Circumvent Intel Trusted Execution Technology. ITL (2009), http:\/\/invisiblethingslab.com\/resources\/misc09\/Another%20TXT%20Attack.pdf"},{"key":"1_CR14","unstructured":"Wojtczuk, R., Rutkowska, J.: Following the White Rabbit: Software attacks against Intel VT-d technology. ITL (2011), http:\/\/www.invisiblethingslab.com\/resources\/2011\/Software%20Attacks%20on%20Intel%20VT-d.pdf"},{"key":"1_CR15","unstructured":"Wojtczuk, R., Rutkowska, J.: Attacking Intel TXT via SINIT code execution hijacking. ITL (2011), http:\/\/www.invisiblethingslab.com\/resources\/2011\/Attacking_Intel_TXT_via_SINIT_hijacking.pdf"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Duflot, L., Perez, Y., Morin, B.: Run-time firmware integrity verification: what if you can\u2019t trust your network card? FNISA (2011), http:\/\/www.ssi.gouv.fr\/IMG\/pdf\/Duflot-Perez_runtime-firmware-integrity-verification.pdf","DOI":"10.1007\/978-3-642-23644-0_20"},{"key":"1_CR17","doi-asserted-by":"publisher","first-page":"857","DOI":"10.1145\/2046707.2093511","volume-title":"Proceedings of the 18th ACM Conference on Computer and Communications Security","author":"P. Stewin","year":"2011","unstructured":"Stewin, P., Seifert, J.-P., Mulliner, C.: Poster: Towards Detecting DMA Malware. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 857\u2013860. ACM, New York (2011)"},{"key":"1_CR18","unstructured":"Buchanan, B.: Computer Busses. Electronics & Electrical. Taylor & Francis (2010)"},{"key":"1_CR19","unstructured":"Budruk, R., Anderson, D., Shanley, T.: Pci Express System Architecture. PC System Architecture Series. Addison-Wesley (2004)"},{"key":"1_CR20","unstructured":"Hennessy, J.L., Patterson, D.A.: Computer Architecture: A Quantitative Approach, 3rd edn. Morgan Kaufmann (2005)"},{"key":"1_CR21","unstructured":"Intel Corporation. Intel 3 Series Express Chipset Family. Intel Corporation (2007), http:\/\/www.intel.com\/Assets\/PDF\/datasheet\/316966.pdf"},{"key":"1_CR22","unstructured":"Intel Corporation. Intel I\/O Controller Hub (ICH9) Family. Intel Corporation (2008), http:\/\/www.intel.com\/content\/dam\/doc\/datasheet\/io-controller-hub-9-datasheet.pdf"},{"key":"1_CR23","unstructured":"Abbott, D.: PCI Bus Demystified. Demystifying technology series. Elsevier (2004)"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Anderson, D., Shanley, T.: Pci System Architecture. PC System Architecture Series. Addison-Wesley (1999)","DOI":"10.1016\/B978-075065988-8\/50004-6"},{"key":"1_CR25","unstructured":"Intel Corporation. Intel 64 and IA-32 Architectures Software Developer\u2019s Manual \u2014 Volume 3 (3A, 3B & 3C): System Programming Guide. Intel Corporation (March 2012), http:\/\/download.intel.com\/products\/processor\/manual\/325384.pdf"},{"key":"1_CR26","unstructured":"Reinders, J.: VTune Performance Analyzer Essentials: Measurement and Tuning Techniques for Software Developers. Engineer to Engineer Series. Intel Press (2005)"},{"key":"1_CR27","unstructured":"Intel Corporation. Intel VTune Amplifier 2013. Intel Corporation (2013), http:\/\/software.intel.com\/sites\/products\/documentation\/doclib\/stdxe\/2013\/amplifierxe\/lin\/ug_docs\/index.htm"},{"key":"1_CR28","unstructured":"Intel Corporation. Universal Host Controller Interface (UHCI) Design Guide. The Slackware Linux Project (1996), ftp:\/\/ftp.slackware.com\/pub\/netwinder\/pub\/misc\/docs\/29765002-usb-uhci%20design%20guide.pdf Revision 1.1"},{"key":"1_CR29","unstructured":"Russinovich, M.E., Solomon, D.A., Ionescu, A.: Windows Internals 6th Edition, Part 2. Microsoft Press (2012)"},{"key":"1_CR30","unstructured":"Trusted Computing Group. TCG PC Client Specific Impementation Specification For Conventional BIOS. TCG: http:\/\/www.trustedcomputinggroup.org\/files\/temp\/64505409-1D09-3519-AD5C611FAD3F799B\/PCClientImplementationforBIOS.pdf , 2005."},{"key":"1_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-642-13869-0_2","volume-title":"Trust and Trustworthy Computing","author":"Y. Li","year":"2010","unstructured":"Li, Y., McCune, J.M., Perrig, A.: SBAP: Software-based attestation for peripherals. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol.\u00a06101, pp. 16\u201329. Springer, Heidelberg (2010)"},{"key":"1_CR32","unstructured":"Nguyen, Q.: Issues in Software-based Attestation. Kaspersky Lab (2012), http:\/\/www.kaspersky.com\/images\/Quan%20Nguyen.pdf"},{"key":"1_CR33","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/1314354.1314363","volume-title":"Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing","author":"Y. Gasmi","year":"2007","unstructured":"Gasmi, Y., Sadeghi, A.-R., Stewin, P., Unger, M., Asokan, N.: Beyond secure channels. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pp. 30\u201340. ACM, New York (2007)"},{"key":"1_CR34","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1145\/1752046.1752053","volume-title":"Proceedings of the Third European Workshop on System Security","author":"T. M\u00fcller","year":"2010","unstructured":"M\u00fcller, T., Dewald, A., Freiling, F.C.: Aesse: a cold-boot resistant implementation of aes. In: Proceedings of the Third European Workshop on System Security, pp. 42\u201347. ACM, New York (2010)"},{"key":"1_CR35","first-page":"17","volume-title":"Proceedings of the 20th USENIX Conference on Security","author":"T. M\u00fcller","year":"2011","unstructured":"M\u00fcller, T., Freiling, F.C., Dewald, A.: Tresor runs encryption securely outside ram. In: Proceedings of the 20th USENIX Conference on Security, p. 17. USENIX Association, Berkeley (2011)"},{"key":"1_CR36","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1145\/2076732.2076743","volume-title":"Proceedings of the 27th Annual Computer Security Applications Conference","author":"P. Simmons","year":"2011","unstructured":"Simmons, P.: Security through amnesia: a software-based solution to the cold boot attack on disk encryption. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 73\u201382. ACM, New York (2011)"},{"key":"1_CR37","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1145\/2414456.2414484","volume-title":"Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security","author":"A. Vasudevan","year":"2012","unstructured":"Vasudevan, A., McCune, J., Newsome, J., Perrig, A., van Doorn, L.: Carma: a hardware tamper-resistant isolated execution environment on commodity x86 platforms. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 48\u201349. ACM, New York (2012)"},{"key":"1_CR38","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1145\/2420950.2420961","volume-title":"Proceedings of the 28th Annual Computer Security Applications Conference","author":"E. Blass","year":"2012","unstructured":"Blass, E., Robertson, W.: Tresor-hunt: attacking cpu-bound encryption. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 71\u201378. ACM, New York (2012)"},{"key":"1_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1007\/978-3-642-31284-7_5","volume-title":"Applied Cryptography and Network Security","author":"T. M\u00fcller","year":"2012","unstructured":"M\u00fcller, T., Taubmann, B., Freiling, F.C.: Trevisor: Os-independent software-based full disk encryption secure against main memory attacks. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol.\u00a07341, pp. 66\u201383. Springer, Heidelberg (2012)"},{"key":"1_CR40","doi-asserted-by":"crossref","unstructured":"Sang, F.L., Nicomette, V., Deswarte, Y.: I\/O Attacks in Intel-PC Architectures and Countermeasures. SysSec (2011), http:\/\/www.syssec-project.eu\/media\/page-media\/23\/syssec2011-s1.4-sang.pdf","DOI":"10.1109\/SysSec.2011.10"},{"key":"1_CR41","unstructured":"Wicherski, G.: Taming ROP on Sandy Bridge. SyScan (2013), http:\/\/www.syscan.org\/index.php\/download"},{"key":"1_CR42","first-page":"1","volume-title":"Proceedings of the, 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), DSN 2012","author":"Y. Xia","year":"2012","unstructured":"Xia, Y., Liu, Y., Chen, H., Zang, B.: Cfimon: Detecting violation of control flow integrity using performance counters. In: Proceedings of the, 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), DSN 2012, pp. 1\u201312. IEEE Computer Society, Washington, DC (2012)"},{"key":"1_CR43","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1145\/2046582.2046596","volume-title":"Proceedings of the sixth ACM Workshop on Scalable Trusted Computing, STC 2011","author":"C. Malone","year":"2011","unstructured":"Malone, C., Zahran, M., Karri, R.: Are hardware performance counters a cost effective way for integrity checking of programs. In: Proceedings of the sixth ACM Workshop on Scalable Trusted Computing, STC 2011, pp. 71\u201376. ACM, New York (2011)"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-41284-4_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T13:37:56Z","timestamp":1688564276000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-41284-4_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642412837","9783642412844"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-41284-4_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}