{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:08:01Z","timestamp":1750306081657,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":74,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,12,4]],"date-time":"2017-12-04T00:00:00Z","timestamp":1512345600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,12,4]]},"DOI":"10.1145\/3134600.3134622","type":"proceedings-article","created":{"date-parts":[[2017,12,4]],"date-time":"2017-12-04T19:18:32Z","timestamp":1512415112000},"page":"399-411","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Co-processor-based Behavior Monitoring"],"prefix":"10.1145","author":[{"given":"Ronny","family":"Chevalier","sequence":"first","affiliation":[{"name":"HP Labs"}]},{"given":"Maugan","family":"Villatel","sequence":"additional","affiliation":[{"name":"HP Labs"}]},{"given":"David","family":"Plaquin","sequence":"additional","affiliation":[{"name":"HP Labs"}]},{"given":"Guillaume","family":"Hiet","sequence":"additional","affiliation":[{"name":"CentraleSup\u00e9lec"}]}],"member":"320","published-online":{"date-parts":[[2017,12,4]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"volume-title":"BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors. Advanced Micro Devices","author":"AMD.","key":"e_1_3_2_1_2_1","unstructured":"AMD. 2016. BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors. Advanced Micro Devices , Inc . AMD. 2016. BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors. Advanced Micro Devices, Inc."},{"key":"e_1_3_2_1_3_1","volume-title":"AMD Security and Server innovation. (March","author":"AMD TATS BIOS Development Group","year":"2013","unstructured":"AMD TATS BIOS Development Group . 2013. AMD Security and Server innovation. (March 2013 ). UEFI PlugFest . AMD TATS BIOS Development Group. 2013. AMD Security and Server innovation. (March 2013). UEFI PlugFest."},{"key":"e_1_3_2_1_4_1","unstructured":"ARM. 2009. ARM Security Technology: Building a Secure System using TrustZone Technology. ARM.  ARM. 2009. ARM Security Technology: Building a Secure System using TrustZone Technology. ARM."},{"key":"e_1_3_2_1_5_1","unstructured":"ARM. 2016. ARM Cortex-A5 Technical Reference Manual. ARM.  ARM. 2016. ARM Cortex-A5 Technical Reference Manual. ARM."},{"key":"e_1_3_2_1_6_1","volume-title":"Retrieved September 10th","author":"ARM.","year":"2017","unstructured":"ARM. 2017 . AMBA Specifications. (2017) . Retrieved September 10th , 2017 from https:\/\/www.arm.com\/products\/system-ip\/amba-specifications ARM. 2017. AMBA Specifications. (2017). Retrieved September 10th, 2017 from https:\/\/www.arm.com\/products\/system-ip\/amba-specifications"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866313"},{"volume-title":"A new class of vulnerabilities in SMI handlers. (2015). CanSecWest","author":"Bazhaniuk Oleksandr","key":"e_1_3_2_1_8_1","unstructured":"Oleksandr Bazhaniuk , Yuriy Bulygin , Andrew Furtak , Mikhail Gorobets , John Loucaides , Alexander Matrosov , and Mickey Shkatov . 2015. A new class of vulnerabilities in SMI handlers. (2015). CanSecWest , Vancouver, Canada . Oleksandr Bazhaniuk, Yuriy Bulygin, Andrew Furtak, Mikhail Gorobets, John Loucaides, Alexander Matrosov, and Mickey Shkatov. 2015. A new class of vulnerabilities in SMI handlers. (2015). CanSecWest, Vancouver, Canada."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/1247360.1247401"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2024716.2024718"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_12_1","unstructured":"Yuriy Bulygin Oleksandr Bazhaniuk Andrew Furtak John Loucaides and Mikhail Gorobets. 2017. BARing the System: New vulnerabilities in Coreboot & UEFI based systems. (2017). REcon Brussels.  Yuriy Bulygin Oleksandr Bazhaniuk Andrew Furtak John Loucaides and Mikhail Gorobets. 2017. BARing the System: New vulnerabilities in Coreboot & UEFI based systems. (2017). REcon Brussels."},{"key":"e_1_3_2_1_13_1","unstructured":"Yuriy Bulygin and David Samyde. 2008. Chipset based approach to detect virtualization malware. (2008). Black Hat USA.  Yuriy Bulygin and David Samyde. 2008. Chipset based approach to detect virtualization malware. (2008). Black Hat USA."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3054924"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 10th International Symposium on Embedded Multicore\/Many-core Systems-on-Chip (MCSoC). IEEE Computer Society, 201--208","author":"Butko Anastasiia","year":"2016","unstructured":"Anastasiia Butko , Florent Bruguier , Abdoulaye Gamati\u00e9 , Gilles Sassatelli , David Novo , Lionel Torres , and Michel Robert . 2016 . Full-System Simulation of big. LITTLE Multicore Architecture for Performance and Energy Exploration . In Proceedings of the 10th International Symposium on Embedded Multicore\/Many-core Systems-on-Chip (MCSoC). IEEE Computer Society, 201--208 . Anastasiia Butko, Florent Bruguier, Abdoulaye Gamati\u00e9, Gilles Sassatelli, David Novo, Lionel Torres, and Michel Robert. 2016. Full-System Simulation of big. LITTLE Multicore Architecture for Performance and Energy Exploration. In Proceedings of the 10th International Symposium on Embedded Multicore\/Many-core Systems-on-Chip (MCSoC). IEEE Computer Society, 201--208."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the 24th USENIX Security Symposium (SEC'15)","author":"Carlini Nicholas","year":"2015","unstructured":"Nicholas Carlini , Antonio Barresi , Mathias Payer , David Wagner , and Thomas R Gross . 2015 . Control-flow bending: On the effectiveness of control-flow integrity . In Proceedings of the 24th USENIX Security Symposium (SEC'15) . USENIX Association, Washington, D.C., USA, 161--176. Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R Gross. 2015. Control-flow bending: On the effectiveness of control-flow integrity. In Proceedings of the 24th USENIX Security Symposium (SEC'15). USENIX Association, Washington, D.C., USA, 161--176."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897937.2897972"},{"key":"e_1_3_2_1_19_1","first-page":"147","article-title":"BIOS protection guidelines","volume":"800","author":"Cooper David","year":"2011","unstructured":"David Cooper , William Polk , Andrew Regenscheid , and Murugiah Souppaya . 2011 . BIOS protection guidelines . NIST Special Publication 800 (2011), 147 . David Cooper, William Polk, Andrew Regenscheid, and Murugiah Souppaya. 2011. BIOS protection guidelines. NIST Special Publication 800 (2011), 147.","journal-title":"NIST Special Publication"},{"volume-title":"Retrieved","year":"2009","key":"e_1_3_2_1_20_1","unstructured":"core collapse. 2009 . ASUS Eee PC and other series: BIOS SMM privilege escalation vulnerabilities. (Aug. 2009) . Retrieved January 26, 2017 from http:\/\/www.securityfocus.com\/archive\/1\/505590 core collapse. 2009. ASUS Eee PC and other series: BIOS SMM privilege escalation vulnerabilities. (Aug. 2009). Retrieved January 26, 2017 from http:\/\/www.securityfocus.com\/archive\/1\/505590"},{"key":"e_1_3_2_1_21_1","volume-title":"Retrieved","author":"The","year":"2017","unstructured":"The coreboot community. 2017 . coreboot. (2017) . Retrieved February 27, 2017 from https:\/\/www.coreboot.org\/ The coreboot community. 2017. coreboot. (2017). Retrieved February 27, 2017 from https:\/\/www.coreboot.org\/"},{"key":"e_1_3_2_1_22_1","first-page":"2013","volume-title":"Retrieved June 1st","year":"2013","unstructured":"CVE-2013-3582 2013 . CVE-2013-3582. (May 2013) . Retrieved June 1st , 2017 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE- 2013 - 3582 CVE-2013-3582 2013. CVE-2013-3582. (May 2013). Retrieved June 1st, 2017 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-3582"},{"key":"e_1_3_2_1_23_1","first-page":"2016","volume-title":"Retrieved June 1st","year":"2016","unstructured":"CVE-2016-8103 2016 . CVE-2016-8103. (Sept. 2016) . Retrieved June 1st , 2017 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE- 2016 - 8103 CVE-2016-8103 2016. CVE-2016-8103. (Sept. 2016). Retrieved June 1st, 2017 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-8103"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2744847"},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium. USENIX Association","author":"Davi Lucas","year":"2014","unstructured":"Lucas Davi and Fabian Monrose . 2014 . Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection . In Proceedings of the 23rd USENIX Security Symposium. USENIX Association , San Diego, CA, USA, 401--416. Lucas Davi and Fabian Monrose. 2014. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In Proceedings of the 23rd USENIX Security Symposium. USENIX Association, San Diego, CA, USA, 401--416."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/IISWC.2013.6704682"},{"volume-title":"Getting into the SMRAM: SMM Reloaded. (2009). CanSecWest","author":"Duflot Lo\u00efc","key":"e_1_3_2_1_27_1","unstructured":"Lo\u00efc Duflot , Olivier Levillain , Benjamin Morin , and Olivier Grumelard . 2009. Getting into the SMRAM: SMM Reloaded. (2009). CanSecWest , Vancouver, Canada . Lo\u00efc Duflot, Olivier Levillain, Benjamin Morin, and Olivier Grumelard. 2009. Getting into the SMRAM: SMM Reloaded. (2009). CanSecWest, Vancouver, Canada."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.166"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_30_1","unstructured":"UEFI Forum. 2016. UEFI Platform Initialization Specification. Version 1.5.  UEFI Forum. 2016. UEFI Platform Initialization Specification. Version 1.5."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCGrid.2013.43"},{"key":"e_1_3_2_1_33_1","volume-title":"Your USB cable, the spy: Inside the NSA's catalog of surveillance magic. Ars Technica. (31","author":"Gallagher Sean","year":"2013","unstructured":"Sean Gallagher . 2013. Your USB cable, the spy: Inside the NSA's catalog of surveillance magic. Ars Technica. (31 Dec. 2013 ). Retrieved March 1, 2017 from https:\/\/arstechnica.com\/information-technology\/2013\/12\/inside-the-nsas-leaked-catalog-of-surveillance-magic\/ Sean Gallagher. 2013. Your USB cable, the spy: Inside the NSA's catalog of surveillance magic. Ars Technica. (31 Dec. 2013). Retrieved March 1, 2017 from https:\/\/arstechnica.com\/information-technology\/2013\/12\/inside-the-nsas-leaked-catalog-of-surveillance-magic\/"},{"volume-title":"Part 1 Design Principles","author":"Trusted Computing Group","key":"e_1_3_2_1_34_1","unstructured":"Trusted Computing Group . 2011. TPM Main , Part 1 Design Principles . Trusted Computing Group . Trusted Computing Group. 2011. TPM Main, Part 1 Design Principles. Trusted Computing Group."},{"key":"e_1_3_2_1_35_1","unstructured":"Brian Holden Don Anderson Jay Trodden and Maryanne Daves. 2008. Hyper-Transport 3.1 Interconnect Technology. MindShare Press.   Brian Holden Don Anderson Jay Trodden and Maryanne Daves. 2008. Hyper-Transport 3.1 Interconnect Technology. MindShare Press."},{"key":"e_1_3_2_1_39_1","volume-title":"Introduction to the Intel Quickpath Interconnect. (June","author":"Intel Corporation","year":"2009","unstructured":"Intel Corporation . 2009. Introduction to the Intel Quickpath Interconnect. (June 2009 ). Intel Corporation. 2009. Introduction to the Intel Quickpath Interconnect. (June 2009)."},{"key":"e_1_3_2_1_40_1","volume-title":"Retrieved","author":"Intel Corporation","year":"2011","unstructured":"Intel Corporation . 2011 . bits-365. (March 2011) . Retrieved January 26, 2017 from https:\/\/biosbits.org\/news\/bits-365\/ Intel Corporation. 2011. bits-365. (March 2011). Retrieved January 26, 2017 from https:\/\/biosbits.org\/news\/bits-365\/"},{"key":"e_1_3_2_1_41_1","unstructured":"Intel Corporation. 2015. System Management Mode. In Intel\u00ae 64 and IA-32 Architectures Software Developer's Manual. Chapter 34.  Intel Corporation. 2015. System Management Mode. In Intel\u00ae 64 and IA-32 Architectures Software Developer's Manual. Chapter 34."},{"key":"e_1_3_2_1_42_1","volume-title":"Control-flow Enforcement Technology Preview. (June","author":"Intel Corporation","year":"2016","unstructured":"Intel Corporation . 2016. Control-flow Enforcement Technology Preview. (June 2016 ). Intel Corporation. 2016. Control-flow Enforcement Technology Preview. (June 2016)."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660303"},{"key":"e_1_3_2_1_44_1","unstructured":"Corey Kallenberg John Butterworth Xeno Kovah and C Cornwell. 2013. Defeating Signed BIOS Enforcement. (2013). EkoParty Buenos Aires.  Corey Kallenberg John Butterworth Xeno Kovah and C Cornwell. 2013. Defeating Signed BIOS Enforcement. (2013). EkoParty Buenos Aires."},{"key":"e_1_3_2_1_45_1","volume-title":"How Many Million BIOSes Would you Like to Infect?","author":"Kovah Xeno","year":"2015","unstructured":"Xeno Kovah and Corey Kallenberg . 2015. How Many Million BIOSes Would you Like to Infect? ( 2015 ). CanSecWest . Xeno Kovah and Corey Kallenberg. 2015. How Many Million BIOSes Would you Like to Infect? (2015). CanSecWest."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.5555\/977395.977673"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250766"},{"key":"e_1_3_2_1_48_1","volume-title":"Proceedings of the 22th USENIX Security Symposium. USENIX Association, Washington, D.C., USA, 511--526","author":"Lee Hojoon","year":"2013","unstructured":"Hojoon Lee , Hyungon Moon , Daehee Jang , Kihwan Kim , Jihoon Lee , Yunheung Paek , and Brent ByungHoon Kang . 2013 . KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object . In Proceedings of the 22th USENIX Security Symposium. USENIX Association, Washington, D.C., USA, 511--526 . Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, and Brent ByungHoon Kang. 2013. KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object. In Proceedings of the 22th USENIX Security Symposium. USENIX Association, Washington, D.C., USA, 511--526."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2768566.2768569"},{"volume-title":"Retrieved June 1st","year":"2016","key":"e_1_3_2_1_50_1","unstructured":"LEN-4710 2016 . Lenovo Security Advisory: LEN-4710. (Sept. 2016) . Retrieved June 1st , 2017 from https:\/\/support.lenovo.com\/us\/en\/product_security\/len_4710 LEN-4710 2016. Lenovo Security Advisory: LEN-4710. (Sept. 2016). Retrieved June 1st, 2017 from https:\/\/support.lenovo.com\/us\/en\/product_security\/len_4710"},{"volume-title":"Retrieved June 1st","year":"2016","key":"e_1_3_2_1_51_1","unstructured":"LEN-8324 2016 . Lenovo Security Advisory: LEN-8324. (Nov. 2016) . Retrieved June 1st , 2017 from https:\/\/support.lenovo.com\/us\/en\/solutions\/len-8324 LEN-8324 2016. Lenovo Security Advisory: LEN-8324. (Nov. 2016). Retrieved June 1st, 2017 from https:\/\/support.lenovo.com\/us\/en\/solutions\/len-8324"},{"key":"e_1_3_2_1_52_1","volume-title":"Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems. TrendLabs Security Intelligence Blog. (13","author":"Lin Philippe","year":"2013","unstructured":"Philippe Lin . 2013. Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems. TrendLabs Security Intelligence Blog. (13 July 2013 ). Retrieved May 5, 2017 from https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems\/ Philippe Lin. 2013. Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems. TrendLabs Security Intelligence Blog. (13 July 2013). Retrieved May 5, 2017 from https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems\/"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPP.2008.85"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLUSTER.2010.37"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2485922.2485956"},{"key":"e_1_3_2_1_56_1","unstructured":"Tarjei Mandt Mathew Solnik and David Wang. 2016. Demystifying the Secure Enclave Processor. In Black Hat Las Vegas.  Tarjei Mandt Mathew Solnik and David Wang. 2016. Demystifying the Secure Enclave Processor. In Black Hat Las Vegas."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663171.2663188"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382202"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594295"},{"key":"e_1_3_2_1_60_1","volume-title":"Retrieved","author":"Oleksiuk Dmytro","year":"2016","unstructured":"Dmytro Oleksiuk . 2016 . Exploiting AMI Aptio firmware on example of Intel NUC. (October 2016) . Retrieved May 19, 2017 from http:\/\/blog.cr4.sh\/2016\/10\/exploiting-ami-aptio-firmware.html Dmytro Oleksiuk. 2016. Exploiting AMI Aptio firmware on example of Intel NUC. (October 2016). Retrieved May 19, 2017 from http:\/\/blog.cr4.sh\/2016\/10\/exploiting-ami-aptio-firmware.html"},{"key":"e_1_3_2_1_61_1","volume-title":"Retrieved","author":"Oleksiuk Dmytro","year":"2016","unstructured":"Dmytro Oleksiuk . 2016 . Exploring and exploiting Lenovo firmware secrets. (June 2016) . Retrieved January 30, 2017 from http:\/\/blog.cr4.sh\/2016\/06\/exploring-and-exploiting-lenovo.html Dmytro Oleksiuk. 2016. Exploring and exploiting Lenovo firmware secrets. (June 2016). Retrieved January 30, 2017 from http:\/\/blog.cr4.sh\/2016\/06\/exploring-and-exploiting-lenovo.html"},{"key":"e_1_3_2_1_62_1","volume-title":"RAP: RIP ROP. (Oct.","author":"Team X","year":"2015","unstructured":"Pa X Team . 2015 . RAP: RIP ROP. (Oct. 2015). H2HC. PaX Team. 2015. RAP: RIP ROP. (Oct. 2015). H2HC."},{"volume-title":"Proceedings of the 13th USENIX Security Symposium. USENIX Association","author":"Petroni Nick L.","key":"e_1_3_2_1_63_1","unstructured":"Nick L. Petroni , Jr., Timothy Fraser , Jesus Molina , and William A. Arbaugh . 2004. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor . In Proceedings of the 13th USENIX Security Symposium. USENIX Association , San Diego, CA, USA, 179--194. Nick L. Petroni, Jr., Timothy Fraser, Jesus Molina, and William A. Arbaugh. 2004. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor. In Proceedings of the 13th USENIX Security Symposium. USENIX Association, San Diego, CA, USA, 179--194."},{"key":"e_1_3_2_1_64_1","volume-title":"Proceedings of the 15th USENIX Security Symposium. USENIX Association","author":"Petroni Nick L","year":"2006","unstructured":"Nick L Petroni Jr , Timothy Fraser , A Aron Walters , and William A Arbaugh . 2006 . An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data . In Proceedings of the 15th USENIX Security Symposium. USENIX Association , Vancouver, B.C., Canada. Nick L Petroni Jr, Timothy Fraser, AAron Walters, and William A Arbaugh. 2006. An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data. In Proceedings of the 15th USENIX Security Symposium. USENIX Association, Vancouver, B.C., Canada."},{"key":"e_1_3_2_1_65_1","volume-title":"Retrieved","author":"Pujos Bruno","year":"2016","unstructured":"Bruno Pujos . 2016 . SMM unchecked pointer vulnerability. (May 2016) . Retrieved May 19, 2017 from http:\/\/esec-lab.sogeti.com\/posts\/2016\/05\/30\/smm-unchecked-pointer-vulnerability.html Bruno Pujos. 2016. SMM unchecked pointer vulnerability. (May 2016). Retrieved May 19, 2017 from http:\/\/esec-lab.sogeti.com\/posts\/2016\/05\/30\/smm-unchecked-pointer-vulnerability.html"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"},{"key":"e_1_3_2_1_67_1","first-page":"143","article-title":"Boot with Integrity, or Don't Boot. In Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. Apress, Berkeley, CA, USA","volume":"6","author":"Ruan Xiaoyu","year":"2014","unstructured":"Xiaoyu Ruan . 2014 . Boot with Integrity, or Don't Boot. In Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. Apress, Berkeley, CA, USA , Chapter 6 , 143 -- 163 . Xiaoyu Ruan. 2014. Boot with Integrity, or Don't Boot. In Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. Apress, Berkeley, CA, USA, Chapter 6, 143--163.","journal-title":"Chapter"},{"volume-title":"Popcorn Linux: enabling efficient inter-core communication in a Linux-based multikernel operating system. Master's thesis","author":"Shelton Benjamin H","key":"e_1_3_2_1_68_1","unstructured":"Benjamin H Shelton . 2013. Popcorn Linux: enabling efficient inter-core communication in a Linux-based multikernel operating system. Master's thesis . Virginia Polytechnic Institute and State University . Benjamin H Shelton. 2013. Popcorn Linux: enabling efficient inter-core communication in a Linux-based multikernel operating system. Master's thesis. Virginia Polytechnic Institute and State University."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660290"},{"volume-title":"Retrieved","year":"2017","key":"e_1_3_2_1_70_1","unstructured":"Tianocore. 2017 . EDK II. (2017) . Retrieved January 26, 2017 from http:\/\/www.tianocore.org\/edk2\/ Tianocore. 2017. EDK II. (2017). Retrieved January 26, 2017 from http:\/\/www.tianocore.org\/edk2\/"},{"key":"e_1_3_2_1_71_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium. USENIX Association","author":"Tice Caroline","year":"2014","unstructured":"Caroline Tice , Tom Roeder , Peter Collingbourne , Stephen Checkoway , \u00dalfar Erlingsson , Luis Lozano , and Geoff Pike . 2014 . Enforcing forward-edge control-flow integrity in gcc & llvm . In Proceedings of the 23rd USENIX Security Symposium. USENIX Association , San Diego, CA, USA, 941--955. Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, \u00dalfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing forward-edge control-flow integrity in gcc & llvm. In Proceedings of the 23rd USENIX Security Symposium. USENIX Association, San Diego, CA, USA, 941--955."},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.30"},{"key":"e_1_3_2_1_73_1","volume-title":"Retrieved","author":"Wilkins Dick","year":"2015","unstructured":"Dick Wilkins . 2015 . UEFI Firmware -- Securing SMM. (May 2015) . Retrieved January 26, 2017 from http:\/\/www.uefi.org\/sites\/default\/files\/resources\/UEFI_Plugfest_May_2015%20Firmware%20-%20Securing%20SMM.pdf Dick Wilkins. 2015. UEFI Firmware -- Securing SMM. (May 2015). Retrieved January 26, 2017 from http:\/\/www.uefi.org\/sites\/default\/files\/resources\/UEFI_Plugfest_May_2015%20Firmware%20-%20Securing%20SMM.pdf"},{"key":"e_1_3_2_1_74_1","volume-title":"Attacking SMM memory via Intel CPU cache poisoning. (March","author":"Wojtczuk Rafal","year":"2009","unstructured":"Rafal Wojtczuk and Joanna Rutkowska . 2009. Attacking SMM memory via Intel CPU cache poisoning. (March 2009 ). Invisible Things Lab . Rafal Wojtczuk and Joanna Rutkowska. 2009. Attacking SMM memory via Intel CPU cache poisoning. (March 2009). Invisible Things Lab."},{"key":"e_1_3_2_1_75_1","volume-title":"Attacking Intel BIOS. (July","author":"Wojtczuk Rafal","year":"2009","unstructured":"Rafal Wojtczuk and Alexander Tereshkin . 2009. Attacking Intel BIOS. (July 2009 ). Black Hat USA. Rafal Wojtczuk and Alexander Tereshkin. 2009. Attacking Intel BIOS. (July 2009). Black Hat USA."},{"key":"e_1_3_2_1_76_1","volume-title":"Proceedings of the 2012 42Nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN '12)","author":"Xia Yubin","year":"2012","unstructured":"Yubin Xia , Yutao Liu , Haibo Chen , and Binyu Zang . 2012 . CFIMon: Detecting Violation of Control Flow Integrity Using Performance Counters . In Proceedings of the 2012 42Nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN '12) . IEEE Computer Society, Washington, D.C., USA, 1--12. Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. 2012. CFIMon: Detecting Violation of Control Flow Integrity Using Performance Counters. In Proceedings of the 2012 42Nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN '12). IEEE Computer Society, Washington, D.C., USA, 1--12."},{"key":"e_1_3_2_1_80_1","volume-title":"Proceedings of the 22th USENIX Security Symposium. USENIX Association, Washington, D.C., USA, 337--352","author":"Zhang Mingwei","year":"2013","unstructured":"Mingwei Zhang and R Sekar . 2013 . Control Flow Integrity for COTS Binaries . In Proceedings of the 22th USENIX Security Symposium. USENIX Association, Washington, D.C., USA, 337--352 . Mingwei Zhang and R Sekar. 2013. Control Flow Integrity for COTS Binaries. In Proceedings of the 22th USENIX Security Symposium. USENIX Association, Washington, D.C., USA, 337--352."},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133373.1133423"}],"event":{"name":"ACSAC 2017: 2017 Annual Computer Security Applications Conference","acronym":"ACSAC 2017","location":"Orlando FL USA"},"container-title":["Proceedings of the 33rd Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134600.3134622","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3134600.3134622","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:30:11Z","timestamp":1750217411000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134600.3134622"}},"subtitle":["Application to the Detection of Attacks Against the System Management Mode"],"short-title":[],"issued":{"date-parts":[[2017,12,4]]},"references-count":74,"alternative-id":["10.1145\/3134600.3134622","10.1145\/3134600"],"URL":"https:\/\/doi.org\/10.1145\/3134600.3134622","relation":{},"subject":[],"published":{"date-parts":[[2017,12,4]]},"assertion":[{"value":"2017-12-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}