Hacking the Xbox: An Introduction to Reverse Engineering
Hacking the Xbox: An Introduction to Reverse Engineering
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Electronic vote tabulation checks and balances
Electronic vote tabulation checks and balances
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
SubVirt: Implementing malware with virtual machines
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Cryptographic voting protocols: a systems perspective
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Cryptographic support for secure logs on untrusted machines
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
On estimating the size and confidence of a statistical audit
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Machine-assisted election auditing
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
An independent audit framework for software dependent voting systems
Proceedings of the 14th ACM conference on Computer and communications security
Studying the Nedap/Groenendaal ES3B voting computer: a computer security perspective
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Casting votes in the auditorium
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Machine-assisted election auditing
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Are your votes really counted?: testing the security of real-world electronic voting systems
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
In defense of pseudorandom sample selection
EVT'08 Proceedings of the conference on Electronic voting technology
Security evaluation of ES&S voting machines and election management system
EVT'08 Proceedings of the conference on Electronic voting technology
Systemic issues in the hart intercivic and premier voting systems: reflections on project EVEREST
EVT'08 Proceedings of the conference on Electronic voting technology
TPM meets DRE: reducing the trust base for electronic voting using trusted platform modules
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Detecting code alteration by creating a temporary memory bottleneck
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
The New Jersey voting-machine lawsuit and the AVC advantage DRE voting machine
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
Software support for software-independent auditing
EVT/WOTE'09 Proceedings of the 2009 conference on Electronic voting technology/workshop on trustworthy elections
Security analysis of India's electronic voting machines
Proceedings of the 17th ACM conference on Computer and communications security
The road to trustworthy systems
Proceedings of the fifth ACM workshop on Scalable trusted computing
An integrated application of security testing methodologies to e-voting systems
ePart'10 Proceedings of the 2nd IFIP WG 8.5 international conference on Electronic participation
Integrity of electronic voting systems: fallacious use of cryptography
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Ethical issues in e-voting security analysis
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Automated analysis of election audit logs
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
The bug that made me president a browser- and web-security case study on helios voting
VoteID'11 Proceedings of the Third international conference on E-Voting and Identity
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Analysis of an electronic boardroom voting system
Vote-ID'13 Proceedings of the 4th international conference on E-Voting and Identity
Hi-index | 0.00 |
This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities--a voting-machine virus. We have constructed working demonstrations of these attacks in our lab. Mitigating these threats will require changes to the voting machine's hardware and software and the adoption of more rigorous election procedures.