{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:43:26Z","timestamp":1742913806199,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":14,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662474006"},{"type":"electronic","value":"9783662474013"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-662-47401-3_22","type":"book-chapter","created":{"date-parts":[[2015,6,19]],"date-time":"2015-06-19T08:27:04Z","timestamp":1434702424000},"page":"166-174","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards Enumeration of NTFS Using USN Journals Under UEFI"],"prefix":"10.1007","author":[{"given":"Zilu","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Jinqiao","family":"Shi","sequence":"additional","affiliation":[]},{"given":"Lanlan","family":"Hu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,6,20]]},"reference":[{"key":"22_CR1","unstructured":"UEFI Specification2.4.1. Avalible: http:\/\/uefi.org\/specifications"},{"key":"22_CR2","unstructured":"UEFI Technology: say hello to the windows 8 bootkit. Avalible: http:\/\/www.saferbytes.it\/2012\/09\/18\/uefi-technology-say-hello-tothe-windows-8-bootkit\/"},{"key":"22_CR3","unstructured":"Heasman J.: Hacking the Extensible Firmware Interface (2007). http:\/\/www.ngssoftware.com\/research\/papers\/BH-DC-07-Heasman.pdf"},{"issue":"2","key":"22_CR4","first-page":"116","volume":"19","author":"L Jinqian","year":"2003","unstructured":"Jinqian, L., Yue, Z.: The main data structure of NTFS file system. J. Comput. Eng. Appl. 19(2), 116\u2013130 (2003)","journal-title":"J. Comput. Eng. Appl."},{"key":"22_CR5","unstructured":"MSDN: Volume Management Control Codes. http:\/\/msdn.microsoft.com\/en-us\/library\/aa365729(v=vs.85).aspx"},{"key":"22_CR6","unstructured":"En., K.Z. Gao., C.Q.: Analysis and implementation of NTFS file In: 2010 Second International Workshop on System Based on Computer Forensics Education Technology and Computer Science (ETCS), Issue Date: 6\u20137 March 2010"},{"key":"22_CR7","volume-title":"A Tale of One Software Bypass of Windows 8 Secure Boot","author":"Y Bulygin","year":"2013","unstructured":"Bulygin, Y., Furtak, A., Bazhaniuk, O.: A Tale of One Software Bypass of Windows 8 Secure Boot. Black Hat, USA (2013)"},{"key":"22_CR8","unstructured":"Sergeev, A., Minchenkov, V., Yakovlev, A.: Too young to be secure: Analysis of UEFI threats and vulnerabilities. In: Proceedings of the 14th Open Innovations Association (FRUCT) (2013)"},{"issue":"13","key":"22_CR9","first-page":"99","volume":"38","author":"T Wen-bin","year":"2012","unstructured":"Wen-bin, T., Yue-fei, Z., Jia-yong, C.: Research on attack method of unified extensible firmware interface. J. Comput. Eng. 38(13), 99\u2013101 (2012)","journal-title":"J. Comput. Eng."},{"key":"22_CR10","unstructured":"Chifflier, P.: UEFI and PCIbootkits. PacSec2013"},{"key":"22_CR11","unstructured":"Tang-Wenbin, C-Xi.: Analysis and Detection of UEFI Bootkit. Computer Science[J], October 2012"},{"issue":"9","key":"22_CR12","first-page":"117","volume":"38","author":"F Si-yuan","year":"2012","unstructured":"Si-yuan, F., Gong-shen, L., Jian-hua, L.: Research of malicious code defense technology based on UEFI firmware. Comput. Eng. 38(9), 117\u2013120 (2012)","journal-title":"Comput. Eng."},{"issue":"32","key":"22_CR13","first-page":"14","volume":"48","author":"J Zhengwei","year":"2012","unstructured":"Zhengwei, J., Xiaozhen, W.: UEFI malicious behavior detection model based on minimal attack tree. Comput. Eng. Appl. 48(32), 14\u201317 (2012)","journal-title":"Comput. Eng. Appl."},{"key":"22_CR14","unstructured":"Everything searching engine. Avalible: http:\/\/www.voidtools.com\/"}],"container-title":["Communications in Computer and Information Science","Trustworthy Computing and Services"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-47401-3_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,15]],"date-time":"2023-02-15T11:26:54Z","timestamp":1676460414000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-662-47401-3_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783662474006","9783662474013"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-47401-3_22","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"20 June 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}