Security analysis of the diebold accuvote-TS voting machine

Ariel J. Feldman, J. Alex Halderman, Edward W. Felten

Research output: Contribution to conferencePaperpeer-review

54 Scopus citations

Abstract

This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities-a voting-machine virus. We have constructed working demonstrations of these attacks in our lab. Mitigating these threats will require changes to the voting machine's hardware and software and the adoption of more rigorous election procedures.

Original languageEnglish (US)
StatePublished - 2007
Event2007 USENIX/ACCURATE Electronic Voting Technology Workshop, EVT 2007, co-located with the 16th USENIX Security Symposium - Boston, United States
Duration: Aug 6 2007Aug 6 2007

Conference

Conference2007 USENIX/ACCURATE Electronic Voting Technology Workshop, EVT 2007, co-located with the 16th USENIX Security Symposium
Country/TerritoryUnited States
CityBoston
Period8/6/078/6/07

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Human-Computer Interaction
  • Electrical and Electronic Engineering
  • Public Administration

Fingerprint

Dive into the research topics of 'Security analysis of the diebold accuvote-TS voting machine'. Together they form a unique fingerprint.

Cite this