{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:16:03Z","timestamp":1763468163223,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,12,9]],"date-time":"2013-12-09T00:00:00Z","timestamp":1386547200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["257007"],"award-info":[{"award-number":["257007"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1218197"],"award-info":[{"award-number":["1218197"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,12,9]]},"DOI":"10.1145\/2523649.2523661","type":"proceedings-article","created":{"date-parts":[[2014,1,6]],"date-time":"2014-01-06T20:44:07Z","timestamp":1389041047000},"page":"279-288","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":37,"title":["Implementation and implications of a stealth hard-drive backdoor"],"prefix":"10.1145","author":[{"given":"Jonas","family":"Zaddach","sequence":"first","affiliation":[{"name":"EURECOM, Sophia Antipolis, France"}]},{"given":"Anil","family":"Kurmus","sequence":"additional","affiliation":[{"name":"IBM Research - Zurich, Switzerland"}]},{"given":"Davide","family":"Balzarotti","sequence":"additional","affiliation":[{"name":"EURECOM, Sophia Antipolis, France"}]},{"given":"Erik-Oliver","family":"Blass","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, MA"}]},{"given":"Aur\u00e9lien","family":"Francillon","sequence":"additional","affiliation":[{"name":"EURECOM, Sophia Antipolis, France"}]},{"given":"Travis","family":"Goodspeed","sequence":"additional","affiliation":[{"name":"travis@radiantmachines.com"}]},{"given":"Moitrayee","family":"Gupta","sequence":"additional","affiliation":[{"name":"UCSD, La Jolla, CA"}]},{"given":"Ioannis","family":"Koltsidas","sequence":"additional","affiliation":[{"name":"IBM Research - Zurich, R\u00fcschlikon, Switzerland"}]}],"member":"320","published-online":{"date-parts":[[2013,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"HDD Guru Forums 2013. URL http:\/\/forum.hddguru.com\/.  HDD Guru Forums 2013. URL http:\/\/forum.hddguru.com\/."},{"key":"e_1_3_2_1_2_1","volume-title":"URL http:\/\/spritesmods.com\/?art=hddhack. Talk given at OHM","author":"Hacking Jeroen Domburg","year":"2013","unstructured":"Jeroen Domburg (a.k.a. Sprite_tm). HDD Hacking . URL http:\/\/spritesmods.com\/?art=hddhack. Talk given at OHM 2013 . Jeroen Domburg (a.k.a. Sprite_tm). HDD Hacking. URL http:\/\/spritesmods.com\/?art=hddhack. Talk given at OHM 2013."},{"key":"e_1_3_2_1_3_1","volume-title":"Technical Reference Manual","author":"ARM.","year":"2004","unstructured":"ARM. ARM966E-S, Revision : r2p1 , Technical Reference Manual , 2004 . URL http:\/\/infocenter.arm.com. ARM. ARM966E-S, Revision: r2p1, Technical Reference Manual, 2004. URL http:\/\/infocenter.arm.com."},{"volume-title":"HDD Market Share - Rankings in 2Q12","year":"2012","key":"e_1_3_2_1_4_1","unstructured":"backupworks.com. HDD Market Share - Rankings in 2Q12 , 2012 . URL http:\/\/www.backupworks.com\/hdd-market-share-western-digital-seagate.aspx. backupworks.com. HDD Market Share - Rankings in 2Q12, 2012. URL http:\/\/www.backupworks.com\/hdd-market-share-western-digital-seagate.aspx."},{"key":"e_1_3_2_1_5_1","volume-title":"October","author":"Baker F.","year":"2004","unstructured":"F. Baker , B. Foster , and C. Sharp . Cisco Architecture for Lawful Intercept in IP Networks. RFC 3924 (Informational) , October 2004 . URL http:\/\/www.ietf.org\/rfc\/rfc3924.txt. F. Baker, B. Foster, and C. Sharp. Cisco Architecture for Lawful Intercept in IP Networks. RFC 3924 (Informational), October 2004. URL http:\/\/www.ietf.org\/rfc\/rfc3924.txt."},{"key":"e_1_3_2_1_6_1","first-page":"9","volume-title":"Doorn. The Price of Safety: Evaluating IOMMU Performance. In The Ottawa Linux Symposium","author":"Ben-Yehuda M.","year":"2007","unstructured":"M. Ben-Yehuda , J. Xenidis , M. Ostrowski , K. Rister , A. Bruemmer , and L. van Doorn. The Price of Safety: Evaluating IOMMU Performance. In The Ottawa Linux Symposium , pages 9 -- 20 , Ottawa, Canada , 2007 . M. Ben-Yehuda, J. Xenidis, M. Ostrowski, K. Rister, A. Bruemmer, and L. van Doorn. The Price of Safety: Evaluating IOMMU Performance. In The Ottawa Linux Symposium, pages 9--20, Ottawa, Canada, 2007."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420961"},{"key":"e_1_3_2_1_8_1","volume-title":"July","author":"Caldeira Robert A.","year":"1995","unstructured":"Robert A. Caldeira , John C. Fravel , Richard G. Ramsdell , and Romeo N. Nolasco . Hard disk drive architecture , July 1995 . URL http:\/\/www.freepatentsonline.com\/5396384.html. Robert A. Caldeira, John C. Fravel, Richard G. Ramsdell, and Romeo N. Nolasco. Hard disk drive architecture, July 1995. URL http:\/\/www.freepatentsonline.com\/5396384.html."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653711"},{"key":"e_1_3_2_1_10_1","volume-title":"Exploiting Lawful Intercept to Wiretap the Internet. Black Hat","author":"Cross T.","year":"2010","unstructured":"T. Cross . Exploiting Lawful Intercept to Wiretap the Internet. Black Hat , 2010 . URL http:\/\/www.blackhat.com\/. T. Cross. Exploiting Lawful Intercept to Wiretap the Internet. Black Hat, 2010. URL http:\/\/www.blackhat.com\/."},{"key":"e_1_3_2_1_11_1","volume-title":"When Firmware Modifications Attack: A Case Study of Embedded Exploitation. In Network and Distributed System Security Symposium","author":"Cui A.","year":"2013","unstructured":"A. Cui , M. Costello , and S. J. Stolfo . When Firmware Modifications Attack: A Case Study of Embedded Exploitation. In Network and Distributed System Security Symposium , 2013 (to appear). A. Cui, M. Costello, and S. J. Stolfo. When Firmware Modifications Attack: A Case Study of Embedded Exploitation. In Network and Distributed System Security Symposium, 2013 (to appear)."},{"key":"e_1_3_2_1_12_1","unstructured":"Daemon9. Project Loki. Phrack 49. URL http:\/\/www.phrack.org\/issues.html?id=6&issue=49.  Daemon9. Project Loki. Phrack 49. URL http:\/\/www.phrack.org\/issues.html?id=6&issue=49."},{"key":"e_1_3_2_1_13_1","unstructured":"M. Dornseif. Owned by an iPod: Firewire\/1394 Issues. PacSec http:\/\/md.hudora.de\/presentations\/firewire\/PacSec2004.pdf 2004.  M. Dornseif. Owned by an iPod: Firewire\/1394 Issues. PacSec http:\/\/md.hudora.de\/presentations\/firewire\/PacSec2004.pdf 2004."},{"key":"e_1_3_2_1_14_1","first-page":"77","volume-title":"USENIX Security Symposium","author":"Halderman J. A.","year":"2006","unstructured":"J. A. Halderman and E. W. Felten . Lessons from the Sony CD DRM episode . In USENIX Security Symposium , pages 77 -- 92 , 2006 . J. A. Halderman and E. W. Felten. Lessons from the Sony CD DRM episode. In USENIX Security Symposium, pages 77--92, 2006."},{"key":"e_1_3_2_1_15_1","volume-title":"Implementing and Detecting an ACPI BIOS Rootkit. Black Hat","author":"Heasman J.","year":"2006","unstructured":"J. Heasman . Implementing and Detecting an ACPI BIOS Rootkit. Black Hat , 2006 . URL www.blackhat.com\/presentations\/bh-europe-06\/bh-eu-06-Heasman.pdf. J. Heasman. Implementing and Detecting an ACPI BIOS Rootkit. Black Hat, 2006. URL www.blackhat.com\/presentations\/bh-europe-06\/bh-eu-06-Heasman.pdf."},{"key":"e_1_3_2_1_16_1","volume-title":"Implementing and Detecting a PCI Rootkit. Black Hat","author":"Heasman J.","year":"2007","unstructured":"J. Heasman . Implementing and Detecting a PCI Rootkit. Black Hat , 2007 . URL http:\/\/www.blackhat.com\/presentations\/bh-dc-07\/Heasman\/Paper\/bh-dc-07-Heasman-WP.pdf. J. Heasman. Implementing and Detecting a PCI Rootkit. Black Hat, 2007. URL http:\/\/www.blackhat.com\/presentations\/bh-dc-07\/Heasman\/Paper\/bh-dc-07-Heasman-WP.pdf."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950398"},{"key":"e_1_3_2_1_18_1","unstructured":"IOZone. IOZone 2013. URL http:\/\/www.iozone.org\/.  IOZone. IOZone 2013. URL http:\/\/www.iozone.org\/."},{"key":"e_1_3_2_1_19_1","volume-title":"Designing and Implementing Malicious Hardware. In Workshop on Large-scale Exploits and Emergent Threats","author":"King S. T.","year":"2008","unstructured":"S. T. King , J. Tucek , A. Cozzie , C. Grier , W. Jiang , and Y. Zhou . Designing and Implementing Malicious Hardware. In Workshop on Large-scale Exploits and Emergent Threats , San Francisco, USA , 2008 . S. T. King, J. Tucek, A. Cozzie, C. Grier, W. Jiang, and Y. Zhou. Designing and Implementing Malicious Hardware. In Workshop on Large-scale Exploits and Emergent Threats, San Francisco, USA, 2008."},{"volume-title":"Secure USB Flash Drives","year":"2013","key":"e_1_3_2_1_20_1","unstructured":"Kingston. Secure USB Flash Drives , 2013 . URL http:\/\/www.kingston.com\/us\/usb\/encrypted_security. Kingston. Secure USB Flash Drives, 2013. URL http:\/\/www.kingston.com\/us\/usb\/encrypted_security."},{"key":"e_1_3_2_1_21_1","volume-title":"Beyond Autorun: Exploiting vulnerabilities with removable storage. Black Hat","author":"Larimer J.","year":"2011","unstructured":"J. Larimer . Beyond Autorun: Exploiting vulnerabilities with removable storage. Black Hat , 2011 . URL https:\/\/media.blackhat.com\/bh-dc-11\/Larimer\/BlackHat_DC_2011_Larimer_Vulnerabiliters_w-removeable_storage-wp.pdf. J. Larimer. Beyond Autorun: Exploiting vulnerabilities with removable storage. Black Hat, 2011. URL https:\/\/media.blackhat.com\/bh-dc-11\/Larimer\/BlackHat_DC_2011_Larimer_Vulnerabiliters_w-removeable_storage-wp.pdf."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046711"},{"volume-title":"Maxtor Basics Personal Storage 3200 virus","year":"2013","key":"e_1_3_2_1_23_1","unstructured":"Maxtor. Maxtor Basics Personal Storage 3200 virus , 2013 . URL http:\/\/knowledge.seagate.com\/articles\/en_US\/FAQ\/205131en?language=en_GB. Maxtor. Maxtor Basics Personal Storage 3200 virus, 2013. URL http:\/\/knowledge.seagate.com\/articles\/en_US\/FAQ\/205131en?language=en_GB."},{"key":"e_1_3_2_1_24_1","first-page":"17","volume-title":"USENIX Security Symposium","author":"M\u00fcller T.","year":"2011","unstructured":"T. M\u00fcller , F. C. Freiling , and A. Dewald . TRESOR runs encryption securely outside RAM . In USENIX Security Symposium , pages 17 -- 17 , San Francisco, USA , 2011 . URL http:\/\/www.usenix.org\/event\/sec11\/tech\/full_papers\/Muller.pdf. T. M\u00fcller, F. C. Freiling, and A. Dewald. TRESOR runs encryption securely outside RAM. In USENIX Security Symposium, pages 17--17, San Francisco, USA, 2011. URL http:\/\/www.usenix.org\/event\/sec11\/tech\/full_papers\/Muller.pdf."},{"key":"e_1_3_2_1_25_1","volume-title":"USENIX Security Symposium","author":"Petroni N. L.","year":"2004","unstructured":"N. L. Petroni Jr , T. Fraser , J. Molina , and W. A. Arbaugh . Copilot -- a Coprocessor-based Kernel Runtime Integrity Monitor . In USENIX Security Symposium , San Diego, USA , 2004 . URL http:\/\/usenix.org\/publications\/library\/proceedings\/sec04\/tech\/full_papers\/petroni\/petroni.pdf. N. L. Petroni Jr, T. Fraser, J. Molina, and W. A. Arbaugh. Copilot -- a Coprocessor-based Kernel Runtime Integrity Monitor. In USENIX Security Symposium, San Diego, USA, 2004. URL http:\/\/usenix.org\/publications\/library\/proceedings\/sec04\/tech\/full_papers\/petroni\/petroni.pdf."},{"key":"e_1_3_2_1_26_1","unstructured":"RSA. Configuring the RSA II adapter 2013. URL http:\/\/www.scribd.com\/doc\/3507950\/RSAII-Card-Installation.  RSA. Configuring the RSA II adapter 2013. URL http:\/\/www.scribd.com\/doc\/3507950\/RSAII-Card-Installation."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1533057.1533076"},{"key":"e_1_3_2_1_28_1","volume-title":"Nonintrusive Remote Healing Using Backdoors. In Workshop on Algorithms and Architectures for Self-Managing Systems","author":"Sultan F.","year":"2003","unstructured":"F. Sultan and A. Bohra . Nonintrusive Remote Healing Using Backdoors. In Workshop on Algorithms and Architectures for Self-Managing Systems , San Diego, USA , 2003 . URL http:\/\/www.cs.rutgers.edu\/~bohra\/pubs\/sm03.pdf. F. Sultan and A. Bohra. Nonintrusive Remote Healing Using Backdoors. In Workshop on Algorithms and Architectures for Self-Managing Systems, San Diego, USA, 2003. URL http:\/\/www.cs.rutgers.edu\/~bohra\/pubs\/sm03.pdf."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/358198.358210"},{"key":"e_1_3_2_1_30_1","volume-title":"I 0wn the NIC, now I want a Shell! In PacSec Conference","author":"Triulzi A.","year":"2008","unstructured":"A. Triulzi . Project Maux Mk.II , I 0wn the NIC, now I want a Shell! In PacSec Conference , 2008 . URL http:\/\/www.alchemistowl.org\/arrigo\/Papers\/Arrigo-Triulzi-PACSEC08-Project-Maux-II.pdf. A. Triulzi. Project Maux Mk.II, I 0wn the NIC, now I want a Shell! In PacSec Conference, 2008. URL http:\/\/www.alchemistowl.org\/arrigo\/Papers\/Arrigo-Triulzi-PACSEC08-Project-Maux-II.pdf."}],"event":{"name":"ACSAC '13: Annual Computer Security Applications Conference","sponsor":["ACSA Applied Computing Security Assoc"],"location":"New Orleans Louisiana USA","acronym":"ACSAC '13"},"container-title":["Proceedings of the 29th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2523649.2523661","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2523649.2523661","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:34:03Z","timestamp":1750232043000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2523649.2523661"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,12,9]]},"references-count":30,"alternative-id":["10.1145\/2523649.2523661","10.1145\/2523649"],"URL":"https:\/\/doi.org\/10.1145\/2523649.2523661","relation":{},"subject":[],"published":{"date-parts":[[2013,12,9]]},"assertion":[{"value":"2013-12-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}