Skip to main content
SpringerLink
Log in

On-line Firmware Updating and Fingerprint Generating for Solid State Disks

  • Conference paper
  • First Online:
Data Mining and Big Data (DMBD 2021)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1454))

Included in the following conference series:

  • 945 Accesses

Abstract

Virus and Rootkit may modify hard disk’s firmware to hide itself, while the traditional security software is not able to detect the modification of hard disk’s firmware. This paper relies on a USB analyzer to collect the protocol communication data of the JMUtility tool for a Solid State Disk, then unveils its internal protocol interface to dump the RAM content via the USB-SATA interface, and the firmware code is located in the RAM. By reverse engineering the firmware code, the protocol of writing to the RAM is also inferred to enable the modification of firmware code to change the device identification data. Meanwhile, the tool Firmware Extractor is developed to dump the firmware code for a specific Solid State Disk, and the possibility of on-line updating firmware and generating fingerprint is validated.

Supported by the National Natural Science Foundation of China (No. 62072037) and Zhejiang Lab (No. 2020LE0AB02).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kaspersky: Lab Equation group: questions and answers, Kaspersky Lab. Technical report 2015, pp. 1–44 (2015)

    Google Scholar 

  2. Song, Q., Li, S., Zhu, Y.: Key technologies of flash-based solid state recorder for aerospace applications. Electron. Des. Eng. 23(4), 169–171 (2015)

    Google Scholar 

  3. Cornwell, M.: Anatomy of a solid-state drive. Queue 10(10), 59–63 (2012)

    Article  Google Scholar 

  4. Hu, J.: The research and FPGA implementation of ATA protocol in solid state disk. South China Univ. Technol. 2010, 1–74 (2010)

    Google Scholar 

  5. Srinivasan, A., Wu, J., Santhalingam, P., Zamanski, J.: DeadDrop-in-a-flash: information hiding at SSD NAND flash memory physical layer. SECURWARE 2014, 79 (2014)

    Google Scholar 

  6. Choi, Y., Lee, D., Jeon, W., Won, D.: Password-based single-file encryption and secure data deletion for solid-state drive. In: 2014 Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication, pp. 1–7. ACM (2014)

    Google Scholar 

  7. Zhang, L., Hao, S.G., Zheng, J., Tan, Y.A., Zhang, Q.X., Li, Y.Z.: Descrambling data on solid-state disks by reverse-engineering the firmware. Digit. Invest. 12(3), 77–87 (2015)

    Article  Google Scholar 

  8. Shah, Z., Mahmood, A.N., Slay, J.: Forensic potentials of solid state drives. In: Tian, J., Jing, J., Srivatsa, M. (eds.) SecureComm 2014, Part II. LNICST, vol. 153, pp. 113–126. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23802-9_11

    Chapter  Google Scholar 

  9. Zaddach, J., Bruno, L., Francillo, A., Balzarotti, D.: AVATAR: a framework to support dynamic security analysis of embedded systems’ firmwares. In: NDSS 2014, pp. 1–16 (2014)

    Google Scholar 

  10. Monev, V.: Security of SSD Drives with Full Disk Encryption and Some Attacks (in Bulgarian). It4sec Reports 2014, pp. 1–15 (2014)

    Google Scholar 

  11. Attachment, H.S.S.A.: Serial ATA: High Speed Serialized AT Attachment. SerialATA Workgroup 2003, pp. 1–311 (2003)

    Google Scholar 

  12. Lee, J.Y., Lee, S.J.: A study on hard disk drive ATA passwords. J. Korea Inst. Inf. Secur. Cryptol. 25(5), 1059–1065 (2015)

    Google Scholar 

  13. Haibo, S., Xiaobin, W., Yamei, L.: Design of high-speed storage system based on SATA interface solid state hard disk. J. Telem. Track. Command 35(2), 48–52 (2014)

    Google Scholar 

  14. Zhang, X., Tan, Y.A., Zhang, C., Xue, Y., Li, Y., Zheng, J.: A code protection scheme by process memory relocation for android devices. Multimedia Tools Appl. 7(9), 11137–11157 (2018)

    Article  Google Scholar 

  15. Zhu, R., Zhang, B., Mao, J., Zhang, Q., Tan, Y.: A methodology for determining the image base of ARM-based industrial control system firmware. Int. J. Crit. Infrast. Prot. 16, 26–35 (2017)

    Article  Google Scholar 

  16. Runhua, S.H.I., Ze, S.H.I.: Key management scheme for IoT based on blockchain technology. Netinfo Secur. 20(8), 1–8 (2020)

    Google Scholar 

  17. Chen, L., Sun, Y., Zhang, L., Chen, Y.: A scheme of measurement for terminal equipment based on DICE in IoT. Netinfo Secur. 20(4), 21–30 (2020)

    Google Scholar 

  18. Zaddach, J., Costin, A.: Embedded devices security and firmware reverse engineering. Black-Hat USA (2013)

    Google Scholar 

  19. Tan, Y., Feng, S., Cheng, X., Li, Y., Zheng, J.: An android inline hooking framework for the securing transmitted data. Sensors 20(15), 4201 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Academy of Military Science, Beijing, 100091, China

    Yuan Xue

  2. China Satellite Communications Co., Ltd., Beijing, 100190, China

    Shouxin Wang

  3. Beijing Institute of Technology, Beijing, 100081, China

    Tian Chen, Quanxin Zhang, Lu Liu & Yu-an Tan

Authors
  1. Yuan Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shouxin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tian Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Quanxin Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yu-an Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lu Liu .

Editor information

Editors and Affiliations

  1. Peking University, Beijing, China

    Ying Tan

  2. Southern University of Science and Technology, Shenzhen, China

    Yuhui Shi

  3. The University of Sydney, Sydney, Australia

    Albert Zomaya

  4. Guangzhou University, Guangzhou, China

    Hongyang Yan

  5. Guangdong Polytechnic Normal University, Guangzhou, China

    Jun Cai

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xue, Y., Wang, S., Chen, T., Zhang, Q., Liu, L., Tan, Ya. (2021). On-line Firmware Updating and Fingerprint Generating for Solid State Disks. In: Tan, Y., Shi, Y., Zomaya, A., Yan, H., Cai, J. (eds) Data Mining and Big Data. DMBD 2021. Communications in Computer and Information Science, vol 1454. Springer, Singapore. https://doi.org/10.1007/978-981-16-7502-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-7502-7_3

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-7501-0

  • Online ISBN: 978-981-16-7502-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation