Implementation and implications of a stealth hard-drive backdoor

ACM International Conference Proceeding Series

Volumn , Issue , 2013, Pages 279-288

  Zaddach, Jonas ^a   Kurmus, Anil ^b   Balzarotti, Davide ^a   Blass, Erik Oliver ^c   Francillon, Aurélien ^a   Goodspeed, Travis ^e   Gupta, Moitrayee ^d   Koltsidas, Ioannis ^b  

^a EURECOM   (France)

^b IBM RESEARCH ZURICH   (Switzerland)

^c Northeastern University   (United States)

^d UNIVERSITY OF CALIFORNIA   (United States)

^e NONE

Author keywords

[No Author keywords available]

Indexed keywords

ADDITIONAL EXPERIMENTS; CATASTROPHIC LOSS; COMMERCIAL OFF THE SHELVES; DATA REPLACEMENT; DATA-BASE SERVERS; DATABASE STORAGE; PUBLIC INFORMATION; SENSITIVE DATAS;

FIRMWARE; REVERSE ENGINEERING; SECURITY OF DATA; SECURITY SYSTEMS; VIRTUAL STORAGE;

WORLD WIDE WEB;

EID: 84893250536     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2523649.2523661     Document Type: Conference Paper

References (30)

1. HDD Guru Forums, 2013. URL http://forum.hddguru.com/.
2. Jeroen Domburg (a.k.a. Sprite tm). HDD Hacking. URL http://spritesmods. com/?art=hddhack. Talk given at OHM 2013.
3. ARM. ARM966E-S, Revision: r2p1, Technical Reference Manual, 2004. URL http://infocenter.arm.com.
4. backupworks.com. HDD Market Share - Rankings in 2Q12, 2012. URL http://www.backupworks.com/hdd-market-share-western-digital-seagate.aspx.
5. F. Baker, B. Foster, and C. Sharp. Cisco Architecture for Lawful Intercept in IP Networks. RFC 3924 (Informational), October 2004. URL http://www.ietf.org/rfc/rfc3924.txt.
6. M. Ben-Yehuda, J. Xenidis, M. Ostrowski, K. Rister, A. Bruemmer, and L. van Doorn. The Price of Safety: Evaluating IOMMU Performance. In The Ottawa Linux Symposium, pages 9-20, Ottawa, Canada, 2007.
7. E.-O. Blass and W. Robertson. TRESOR-HUNT: Attacking CPU-Bound Encryption. In Annual Computer Security Applications Conference, pages 71-78, Orlando, USA, 2012. ISBN 978-1-4503-1312-4.
8. Robert A. Caldeira, John C. Fravel, Richard G. Ramsdell, and Romeo N. Nolasco. Hard disk drive architecture, July 1995. URL http://www. freepatentsonline.com/5396384.html.
9. C. Castelluccia, A. Francillon, D. Perito, and C. Soriente. On the difficulty of software-based attestation of embedded devices. In Conference on Computer and Communications Security, pages 400-409, Chicago, USA, 2009. ISBN 978-1-60558-894-0.
10. T. Cross. Exploiting Lawful Intercept to Wiretap the Internet. Black Hat, 2010. URL http://www.blackhat.com/.
11. A. Cui, M. Costello, and S.J. Stolfo. When Firmware Modifications Attack: A Case Study of Embedded Exploitation. In Network and Distributed System Security Symposium, 2013 (to appear).
12. Daemon9. Project Loki. Phrack 49. URL http://www.phrack.org/issues.html? id=6&issue=49.
13. M. Dornseif. Owned by an iPod: Firewire/1394 Issues. PacSec, http://md.hudora.de/presentations/firewire/PacSec2004.pdf, 2004.
14. J.A. Halderman and E.W. Felten. Lessons from the Sony CD DRM episode. In USENIX Security Symposium, pages 77-92, 2006.
15. J. Heasman. Implementing and Detecting an ACPI BIOS Rootkit. Black Hat, 2006. URL www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Heasman.pdf.
16. J. Heasman. Implementing and Detecting a PCI Rootkit. Black Hat, 2007. URL http://www.blackhat.com/presentations/bh-dc-07/Heasman/Paper/bh-dc-07- Heasman-WP.pdf.
17. O.S. Hofmann, A.M. Dunn, S. Kim, I. Roy, and E. Witchel. Ensuring operating system kernel integrity with OSck. In Conference on Architectural Support for Programming Languages and Operating Systems, pages 279-290, Newport Beach, USA, 2011. ISBN 978-1-4503-0266-1.
18. IOZone. IOZone, 2013. URL http://www.iozone.org/.
19. S.T. King, J. Tucek, A. Cozzie, C. Grier, W. Jiang, and Y. Zhou. Designing and Implementing Malicious Hardware. In Workshop on Large-scale Exploits and Emergent Threats, San Francisco, USA, 2008.
20. Kingston. Secure USB Flash Drives, 2013. URL http://www.kingston.com/us/ usb/encrypted-security.
21. J. Larimer. Beyond Autorun: Exploiting vulnerabilities with removable storage. Black Hat, 2011. URL https://media.blackhat.com/bh-dc-11/Larimer/ BlackHat-DC-2011-Larimer-Vulnerabiliters-w-removeable-storage-wp.pdf.
22. Y. Li, J.M. McCune, and A. Perrig. VIPER: Verifying the Integrity of PERipherals' Firmware. In Conference on Computer and Communications Security, pages 3-16, Chicago, USA, 2011. ISBN 978-1-4503-0948-6.
23. Maxtor. Maxtor Basics Personal Storage 3200 virus, 2013. URL http://knowledge.seagate.com/articles/en-US/FAQ/205131en?language=en-GB.
24. T. Müller, F.C. Freiling, and A. Dewald. TRESOR runs encryption securely outside RAM. In USENIX Security Symposium, pages 17-17, San Francisco, USA, 2011. URL http://www.usenix.org/event/sec11/tech/full-papers/Muller.pdf.
25. N.L. Petroni Jr, T. Fraser, J. Molina, and W.A. Arbaugh. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor. In USENIX Security Symposium, San Diego, USA, 2004. URL http://usenix.org/publications/library/ proceedings/sec04/tech/full-papers/petroni/petroni.pdf.
26. RSA. Configuring the RSA II adapter, 2013. URL http://www.scribd.com/doc/ 3507950/RSAII-Card-Installation.
27. S. Sparks, S. Embleton, and C.C. Zou. A Chipset Level Network Backdoor: Bypassing Host-Based Firewall & IDS. In Symposium on Information, Computer, and Communications Security, pages 125-134, Sydney, Australia, 2009. ISBN 978-1-60558-394-5.
28. F. Sultan and A. Bohra. Nonintrusive Remote Healing Using Backdoors. In Workshop on Algorithms and Architectures for Self-Managing Systems, San Diego, USA, 2003. URL http://www.cs.rutgers.edu/~bohra/pubs/sm03.pdf.
29. K. Thompson. Reflections on Trusting Trust. Communications of the ACM, 27(8): 761-763, 1984. ISSN 0001-0782.
30. A. Triulzi. Project Maux Mk.II, I 0wn the NIC, now I want a Shell! In PacSec Conference, 2008. URL http://www.alchemistowl.org/arrigo/Papers/Arrigo- Triulzi-PACSEC08-Project-Maux-II.pdf.