Abstract
Virus and Rootkit may modify hard disk’s firmware to hide itself, while the traditional security software is not able to detect the modification of hard disk’s firmware. This paper relies on a USB analyzer to collect the protocol communication data of the JMUtility tool for a Solid State Disk, then unveils its internal protocol interface to dump the RAM content via the USB-SATA interface, and the firmware code is located in the RAM. By reverse engineering the firmware code, the protocol of writing to the RAM is also inferred to enable the modification of firmware code to change the device identification data. Meanwhile, the tool Firmware Extractor is developed to dump the firmware code for a specific Solid State Disk, and the possibility of on-line updating firmware and generating fingerprint is validated.
Keywords
Supported by the National Natural Science Foundation of China (No. 62072037) and Zhejiang Lab (No. 2020LE0AB02).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kaspersky: Lab Equation group: questions and answers, Kaspersky Lab. Technical report 2015, pp. 1–44 (2015)
Song, Q., Li, S., Zhu, Y.: Key technologies of flash-based solid state recorder for aerospace applications. Electron. Des. Eng. 23(4), 169–171 (2015)
Cornwell, M.: Anatomy of a solid-state drive. Queue 10(10), 59–63 (2012)
Hu, J.: The research and FPGA implementation of ATA protocol in solid state disk. South China Univ. Technol. 2010, 1–74 (2010)
Srinivasan, A., Wu, J., Santhalingam, P., Zamanski, J.: DeadDrop-in-a-flash: information hiding at SSD NAND flash memory physical layer. SECURWARE 2014, 79 (2014)
Choi, Y., Lee, D., Jeon, W., Won, D.: Password-based single-file encryption and secure data deletion for solid-state drive. In: 2014 Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication, pp. 1–7. ACM (2014)
Zhang, L., Hao, S.G., Zheng, J., Tan, Y.A., Zhang, Q.X., Li, Y.Z.: Descrambling data on solid-state disks by reverse-engineering the firmware. Digit. Invest. 12(3), 77–87 (2015)
Shah, Z., Mahmood, A.N., Slay, J.: Forensic potentials of solid state drives. In: Tian, J., Jing, J., Srivatsa, M. (eds.) SecureComm 2014, Part II. LNICST, vol. 153, pp. 113–126. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23802-9_11
Zaddach, J., Bruno, L., Francillo, A., Balzarotti, D.: AVATAR: a framework to support dynamic security analysis of embedded systems’ firmwares. In: NDSS 2014, pp. 1–16 (2014)
Monev, V.: Security of SSD Drives with Full Disk Encryption and Some Attacks (in Bulgarian). It4sec Reports 2014, pp. 1–15 (2014)
Attachment, H.S.S.A.: Serial ATA: High Speed Serialized AT Attachment. SerialATA Workgroup 2003, pp. 1–311 (2003)
Lee, J.Y., Lee, S.J.: A study on hard disk drive ATA passwords. J. Korea Inst. Inf. Secur. Cryptol. 25(5), 1059–1065 (2015)
Haibo, S., Xiaobin, W., Yamei, L.: Design of high-speed storage system based on SATA interface solid state hard disk. J. Telem. Track. Command 35(2), 48–52 (2014)
Zhang, X., Tan, Y.A., Zhang, C., Xue, Y., Li, Y., Zheng, J.: A code protection scheme by process memory relocation for android devices. Multimedia Tools Appl. 7(9), 11137–11157 (2018)
Zhu, R., Zhang, B., Mao, J., Zhang, Q., Tan, Y.: A methodology for determining the image base of ARM-based industrial control system firmware. Int. J. Crit. Infrast. Prot. 16, 26–35 (2017)
Runhua, S.H.I., Ze, S.H.I.: Key management scheme for IoT based on blockchain technology. Netinfo Secur. 20(8), 1–8 (2020)
Chen, L., Sun, Y., Zhang, L., Chen, Y.: A scheme of measurement for terminal equipment based on DICE in IoT. Netinfo Secur. 20(4), 21–30 (2020)
Zaddach, J., Costin, A.: Embedded devices security and firmware reverse engineering. Black-Hat USA (2013)
Tan, Y., Feng, S., Cheng, X., Li, Y., Zheng, J.: An android inline hooking framework for the securing transmitted data. Sensors 20(15), 4201 (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Xue, Y., Wang, S., Chen, T., Zhang, Q., Liu, L., Tan, Ya. (2021). On-line Firmware Updating and Fingerprint Generating for Solid State Disks. In: Tan, Y., Shi, Y., Zomaya, A., Yan, H., Cai, J. (eds) Data Mining and Big Data. DMBD 2021. Communications in Computer and Information Science, vol 1454. Springer, Singapore. https://doi.org/10.1007/978-981-16-7502-7_3
Download citation
DOI: https://doi.org/10.1007/978-981-16-7502-7_3
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-7501-0
Online ISBN: 978-981-16-7502-7
eBook Packages: Computer ScienceComputer Science (R0)