Abstract
Data can be hidden in BIOS chips without hindering computer performance. This feature has been exploited by virus writers and computer game enthusiasts. Unused BIOS storage can also be used by criminals, terrorists and intelligence agents to conceal secrets. However, BIOS chips are largely ignored in digital forensic investigations. Few techniques exist for imaging BIOS chips and no tools are available specifically for analyzing BIOS data. This paper focuses on the Award BIOS chip, which is commonly used in IBM compatible machines. It demonstrates how data may be concealed within BIOS free space and modules in a manner that makes it accessible using operating system commands. Furthermore, forensically sound techniques are described for detecting and recovering concealed data from BIOS chips.
Author supplied keywords
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
Cite
CITATION STYLE
Gershteyn, P., Davis, M., & Shenoi, S. (2006). Forensic analysis of BIOS chips. IFIP International Federation for Information Processing, 222, 301–314. https://doi.org/10.1007/0-387-36891-4_24
Readers' Seniority
Readers' Discipline
