{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:33:13Z","timestamp":1759091593880,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,4,13]],"date-time":"2014-04-13T00:00:00Z","timestamp":1397347200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["257007 (SysSec)"],"award-info":[{"award-number":["257007 (SysSec)"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,4,13]]},"DOI":"10.1145\/2592791.2592795","type":"proceedings-article","created":{"date-parts":[[2014,4,28]],"date-time":"2014-04-28T14:18:30Z","timestamp":1398694710000},"page":"1-6","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["A practical approach for generic bootkit detection and prevention"],"prefix":"10.1145","author":[{"given":"Bernhard","family":"Grill","sequence":"first","affiliation":[{"name":"Vienna University of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christian","family":"Platzer","sequence":"additional","affiliation":[{"name":"Vienna University of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J\u00fcrgen","family":"Eckel","sequence":"additional","affiliation":[{"name":"IKARUS Security Software GmbH, Vienna, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2014,4,13]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"BIOS Rootkit: Welcome home my Lord! http:\/\/blog.csdn.net\/icelord\/article\/details\/1604884 2007 Last Accessed: 2014-03-11.  BIOS Rootkit: Welcome home my Lord! http:\/\/blog.csdn.net\/icelord\/article\/details\/1604884 2007 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_2_1","unstructured":"Win2k Master Boot Record (MBR) revealed! http:\/\/thestarman.narod.ru\/asm\/mbr\/Win2kmbr.htm 2010 Last Accessed: 2014-03-11.  Win2k Master Boot Record (MBR) revealed! http:\/\/thestarman.narod.ru\/asm\/mbr\/Win2kmbr.htm 2010 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_3_1","unstructured":"Advanced Evasion Techniques by Win32\/Gapz. http:\/\/www.welivesecurity.com\/wp-content\/uploads\/2013\/05\/CARO_2013.pdf 2013 Last Accessed: 2014-03-11.  Advanced Evasion Techniques by Win32\/Gapz. http:\/\/www.welivesecurity.com\/wp-content\/uploads\/2013\/05\/CARO_2013.pdf 2013 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_4_1","unstructured":"krab.rar - leaked Carberp malware source code. https:\/\/mega.co.nz\/#!0YsXWBRD!CMqd9nrm1d0XABKlifI9vmxprpQ6RnfsdhBHeKrDXao 2013 Last Accessed: 2014-03-11.  krab.rar - leaked Carberp malware source code. https:\/\/mega.co.nz\/#!0YsXWBRD!CMqd9nrm1d0XABKlifI9vmxprpQ6RnfsdhBHeKrDXao 2013 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_5_1","unstructured":"GUID Partition Table. https:\/\/wiki.archlinux.org\/index.php\/GUID_Partition_Table 2014 Last Accessed: 2014-03-11.  GUID Partition Table. https:\/\/wiki.archlinux.org\/index.php\/GUID_Partition_Table 2014 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_6_1","first-page":"2014","article-title":"Careto","author":"Unveiling Kaspersky Lab","year":"2014","journal-title":"- The Masked APT. https:\/\/www.securelist.com\/en\/downloads\/vlpdfs\/unveilingthemask_v1.0.pdf"},{"key":"e_1_3_2_1_7_1","unstructured":"System Initialization (x86). http:\/\/wiki.osdev.org\/System_Initialization_%28x86%29 Last Accessed: 2014-03-11.  System Initialization (x86). http:\/\/wiki.osdev.org\/System_Initialization_%28x86%29 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_8_1","unstructured":"x86 real mode. https:\/\/www.princeton.edu\/~achaney\/tmve\/wiki100k\/docs\/Real_mode.html Last Accessed: 2014-03-11.  x86 real mode. https:\/\/www.princeton.edu\/~achaney\/tmve\/wiki100k\/docs\/Real_mode.html Last Accessed: 2014-03-11."},{"volume-title":"15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference","year":"2006","author":"Bayer U.","key":"e_1_3_2_1_9_1"},{"key":"e_1_3_2_1_10_1","unstructured":"H. Blinka. AVG - An Int 13 trick from the new Wapomi sample. http:\/\/blogs.avg.com\/news-threats\/int-13-trick-wapomi-sample 2012 Last Accessed: 2014-03-11.  H. Blinka. AVG - An Int 13 trick from the new Wapomi sample. http:\/\/blogs.avg.com\/news-threats\/int-13-trick-wapomi-sample 2012 Last Accessed: 2014-03-11."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2089125.2089126"},{"volume-title":"Purdue University","year":"2007","author":"Idika N.","key":"e_1_3_2_1_12_1"},{"key":"e_1_3_2_1_13_1","first-page":"351","volume-title":"USENIX Security Symposium","author":"Kolbitsch C.","year":"2009"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSN.2011.19"},{"key":"e_1_3_2_1_15_1","unstructured":"A. Matrosov. ESET - Rovnix bootkit framework updated. http:\/\/www.welivesecurity.com\/2012\/07\/13\/rovnix-bootkit-framework-updated 2012 Last Accessed: 2014-03-11.  A. Matrosov. ESET - Rovnix bootkit framework updated. http:\/\/www.welivesecurity.com\/2012\/07\/13\/rovnix-bootkit-framework-updated 2012 Last Accessed: 2014-03-11."},{"volume-title":"USENIX Security Symposium","year":"2008","author":"Mavrommatis N. P. P.","key":"e_1_3_2_1_16_1"},{"volume-title":"Proceedings of the 2006 Workshop on Binary Instrumentation and Applications (WBIA)","year":"2006","author":"Moseley T.","key":"e_1_3_2_1_17_1"},{"volume-title":"NDSS","year":"2006","author":"Moshchuk A.","key":"e_1_3_2_1_18_1"},{"volume-title":"IEEE Computer Society","year":"2008","author":"Nance K.","key":"e_1_3_2_1_19_1"},{"key":"e_1_3_2_1_20_1","first-page":"1","article-title":"Ghost turns zombie: Exploring the life cycle of web-based malware","volume":"8","author":"Polychronakis M.","year":"2008","journal-title":"LEET"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/2396231.2396233"},{"volume-title":"Black Hat Federal","year":"2006","author":"Rutkowska J.","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","first-page":"171","volume-title":"USENIX Security Symposium","author":"Small S.","year":"2008"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"crossref","first-page":"219","DOI":"10.1007\/978-3-540-74320-0_12","volume-title":"Recent Advances in Intrusion Detection","author":"Wilhelm J.","year":"2007"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.45"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1117\/12.2012668"}],"event":{"name":"EuroSys 2014: Ninth Eurosys Conference 2014","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems"],"location":"Amsterdam The Netherlands","acronym":"EuroSys 2014"},"container-title":["Proceedings of the Seventh European Workshop on System Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2592791.2592795","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2592791.2592795","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:55:58Z","timestamp":1750229758000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2592791.2592795"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,4,13]]},"references-count":26,"alternative-id":["10.1145\/2592791.2592795","10.1145\/2592791"],"URL":"https:\/\/doi.org\/10.1145\/2592791.2592795","relation":{},"subject":[],"published":{"date-parts":[[2014,4,13]]},"assertion":[{"value":"2014-04-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}