{"id":"https://openalex.org/W1975582382","doi":"https://doi.org/10.1145/1460877.1460892","title":"SMM rootkits","display_name":"SMM rootkits","publication_year":2008,"publication_date":"2008-09-22","ids":{"openalex":"https://openalex.org/W1975582382","doi":"https://doi.org/10.1145/1460877.1460892","mag":"1975582382"},"language":"en","primary_location":{"id":"doi:10.1145/1460877.1460892","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1460877.1460892","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th international conference on Security and privacy in communication netowrks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046063751","display_name":"Shawn Embleton","orcid":null},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shawn Embleton","raw_affiliation_strings":["University of Central Florida","UNIVERSITY OF CENTRAL FLORIDA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida","institution_ids":["https://openalex.org/I106165777"]},{"raw_affiliation_string":"UNIVERSITY OF CENTRAL FLORIDA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047680572","display_name":"Sherri Sparks","orcid":null},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sherri Sparks","raw_affiliation_strings":["University of Central Florida","UNIVERSITY OF CENTRAL FLORIDA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida","institution_ids":["https://openalex.org/I106165777"]},{"raw_affiliation_string":"UNIVERSITY OF CENTRAL FLORIDA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5052179538","display_name":"Cliff C. Zou","orcid":"https://orcid.org/0000-0003-4229-6957"},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cliff Zou","raw_affiliation_strings":["University of Central Florida","UNIVERSITY OF CENTRAL FLORIDA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida","institution_ids":["https://openalex.org/I106165777"]},{"raw_affiliation_string":"UNIVERSITY OF CENTRAL FLORIDA","institution_ids":["https://openalex.org/I106165777"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5046063751"],"corresponding_institution_ids":["https://openalex.org/I106165777"],"apc_list":null,"apc_paid":null,"fwci":12.9725,"has_fulltext":false,"cited_by_count":79,"citation_normalized_percentile":{"value":0.98569164,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.9682169556617737},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7879968881607056},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.7713448405265808},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7174162864685059},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.6176391839981079},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6067897081375122},{"id":"https://openalex.org/keywords/memory-protection","display_name":"Memory protection","score":0.5445977449417114},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.4989621639251709},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.4713800847530365},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.4270809590816498},{"id":"https://openalex.org/keywords/hardware-virtualization","display_name":"Hardware virtualization","score":0.4187198877334595},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.41637223958969116},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.41105222702026367},{"id":"https://openalex.org/keywords/virtual-memory","display_name":"Virtual memory","score":0.3149961829185486},{"id":"https://openalex.org/keywords/memory-management","display_name":"Memory management","score":0.300601601600647},{"id":"https://openalex.org/keywords/full-virtualization","display_name":"Full virtualization","score":0.1804925501346588},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.13395288586616516}],"concepts":[{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.9682169556617737},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7879968881607056},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.7713448405265808},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7174162864685059},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.6176391839981079},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6067897081375122},{"id":"https://openalex.org/C18131444","wikidata":"https://www.wikidata.org/wiki/Q163585","display_name":"Memory protection","level":5,"score":0.5445977449417114},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.4989621639251709},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.4713800847530365},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.4270809590816498},{"id":"https://openalex.org/C68793194","wikidata":"https://www.wikidata.org/wiki/Q1616095","display_name":"Hardware virtualization","level":5,"score":0.4187198877334595},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.41637223958969116},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.41105222702026367},{"id":"https://openalex.org/C76399640","wikidata":"https://www.wikidata.org/wiki/Q189401","display_name":"Virtual memory","level":4,"score":0.3149961829185486},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.300601601600647},{"id":"https://openalex.org/C47878483","wikidata":"https://www.wikidata.org/wiki/Q848333","display_name":"Full virtualization","level":4,"score":0.1804925501346588},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.13395288586616516},{"id":"https://openalex.org/C136085584","wikidata":"https://www.wikidata.org/wiki/Q910289","display_name":"Overlay","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1460877.1460892","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1460877.1460892","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th international conference on Security and privacy in communication netowrks","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W23711711","https://openalex.org/W161166442","https://openalex.org/W1492832459","https://openalex.org/W2111496399","https://openalex.org/W2117882778","https://openalex.org/W2154081981","https://openalex.org/W2313988643"],"related_works":["https://openalex.org/W2354398839","https://openalex.org/W1979897749","https://openalex.org/W2297549974","https://openalex.org/W2171038386","https://openalex.org/W1969105756","https://openalex.org/W2371149587","https://openalex.org/W2057555255","https://openalex.org/W2119691727","https://openalex.org/W268448308","https://openalex.org/W173413620"],"abstract_inverted_index":{"The":[0,44,175],"emergence":[1],"of":[2,11,99,127,130,140,158,223,231],"hardware":[3,66],"virtualization":[4],"technology":[5],"has":[6,69],"led":[7],"to":[8,29,82,105,165,169,185,199,213],"the":[9,17,87,138,162,186,219,224],"development":[10,126],"OS":[12,232],"independent":[13,233],"malware":[14],"such":[15],"as":[16],"Virtual":[18],"Machine":[19],"based":[20,48],"rootkits":[21],"(VMBRs).":[22],"In":[23,120,134],"this":[24,121],"paper,":[25,122],"we":[26,123,136,211],"draw":[27],"attention":[28],"a":[30,56,113,128,149,154,170],"different":[31],"but":[32],"related":[33],"threat":[34],"that":[35],"exists":[36],"on":[37,60],"many":[38],"commodity":[39],"systems":[40],"in":[41],"operation":[42],"today:":[43],"System":[45,51,141],"Management":[46,52,142],"Mode":[47,53,143],"rootkit":[49,176],"(SMBR).":[50],"(SMM)":[54],"is":[55,79,93,103,191],"relatively":[57],"obscure":[58],"mode":[59],"Intel":[61],"processors":[62],"used":[63],"for":[64,117,144],"low-level":[65],"control.":[67],"It":[68,190],"its":[70,178],"own":[71],"private":[72],"memory":[73,106,179],"space":[74],"and":[75,102,153,181,193,221],"execution":[76],"environment":[77],"which":[78],"generally":[80],"invisible":[81],"code":[83,92],"running":[84],"outside":[85],"(e.g.,":[86],"Operating":[88,188],"System).":[89],"Furthermore,":[90],"SMM":[91,132],"completely":[94],"non-preemptible,":[95],"lacks":[96],"any":[97],"concept":[98,131],"privilege":[100],"level,":[101],"immune":[104],"protection":[107],"mechanisms.":[108],"These":[109],"features":[110],"make":[111],"it":[112],"potentially":[114],"attractive":[115],"home":[116],"stealthy":[118],"rootkits.":[119],"present":[124],"our":[125],"proof":[129],"rootkit.":[133],"it,":[135],"explore":[137],"potential":[139],"malicious":[145],"use":[146],"by":[147,227],"implementing":[148],"chipset":[150],"level":[151],"keylogger":[152],"network":[155,163],"backdoor":[156],"capable":[157],"directly":[159],"interacting":[160],"with":[161,195],"card":[164],"send":[166],"logged":[167],"keystrokes":[168],"remote":[171],"machine":[172],"via":[173],"UDP.":[174],"hides":[177],"footprint":[180],"requires":[182],"no":[183],"changes":[184],"existing":[187],"System.":[189],"compared":[192],"contrasted":[194],"VMBRs.":[196],"Finally,":[197],"techniques":[198],"defend":[200],"against":[201],"these":[202],"threats":[203],"are":[204],"explored.":[205],"By":[206],"taking":[207],"an":[208,228],"offensive":[209],"perspective":[210],"hope":[212],"help":[214],"security":[215],"researchers":[216],"better":[217],"understand":[218],"depth":[220],"scope":[222],"problems":[225],"posed":[226],"emerging":[229],"class":[230],"malware.":[234]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":5},{"year":2016,"cited_by_count":6},{"year":2015,"cited_by_count":10},{"year":2014,"cited_by_count":6},{"year":2013,"cited_by_count":9},{"year":2012,"cited_by_count":5}],"updated_date":"2026-03-10T16:38:18.471706","created_date":"2016-06-24T00:00:00"}