{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T04:37:07Z","timestamp":1770352627706,"version":"3.49.0"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030299583","type":"print"},{"value":"9783030299590","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-29959-0_31","type":"book-chapter","created":{"date-parts":[[2019,9,14]],"date-time":"2019-09-14T23:04:10Z","timestamp":1568502250000},"page":"638-657","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":27,"title":["Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic Execution"],"prefix":"10.1007","author":[{"given":"Yao","family":"Yao","sequence":"first","affiliation":[]},{"given":"Wei","family":"Zhou","sequence":"additional","affiliation":[]},{"given":"Yan","family":"Jia","sequence":"additional","affiliation":[]},{"given":"Lipeng","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Yuqing","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,9,15]]},"reference":[{"key":"31_CR1","doi-asserted-by":"crossref","unstructured":"Chen, D.D., Woo, M., Brumley, D., Egele, M.: Towards automated dynamic analysis for linux-based embedded firmware. In: NDSS, pp. 1\u201316 (2016)","DOI":"10.14722\/ndss.2016.23415"},{"key":"31_CR2","doi-asserted-by":"crossref","unstructured":"Chen, J., Diao, W., Zhao, Q., Zuo, C.: IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA (2018)","DOI":"10.14722\/ndss.2018.23159"},{"issue":"7","key":"31_CR3","doi-asserted-by":"publisher","first-page":"2301","DOI":"10.1007\/s11042-014-1922-5","volume":"74","author":"YH Choi","year":"2015","unstructured":"Choi, Y.H., Park, M.W., Eom, J.H., Chung, T.M.: Dynamic binary analyzer for scanning vulnerabilities with taint analysis. Multimedia Tools Appl. 74(7), 2301\u20132320 (2015)","journal-title":"Multimedia Tools Appl."},{"key":"31_CR4","unstructured":"Costin, A., Zaddach, J., Francillon, A., Balzarotti, D.: A large-scale analysis of the security of embedded firmwares. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 95\u2013110 (2014)"},{"key":"31_CR5","doi-asserted-by":"crossref","unstructured":"Costin, A., Zarras, A., Francillon, A.: Automated dynamic firmware analysis at scale: a case study on embedded web interfaces. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 437\u2013448. ACM (2016)","DOI":"10.1145\/2897845.2897900"},{"key":"31_CR6","unstructured":"Ericson: The Ericsson Mobility Report (2019). https:\/\/www.ericsson.com\/en\/mobility-report"},{"key":"31_CR7","doi-asserted-by":"crossref","unstructured":"Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 480\u2013491. ACM (2016)","DOI":"10.1145\/2976749.2978370"},{"key":"31_CR8","doi-asserted-by":"crossref","unstructured":"Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: 2016 IEEE symposium on security and privacy (SP), pp. 636\u2013654. IEEE (2016)","DOI":"10.1109\/SP.2016.44"},{"key":"31_CR9","unstructured":"Fernandes, E., Paupore, J., Rahmati, A., Simionato, D., Conti, M., Prakash, A.: FlowFence: practical data protection for emerging IoT application frameworks. In: Proceedings of Usenix Security Symposium, pp. 531\u2013548 (2016)"},{"key":"31_CR10","doi-asserted-by":"crossref","unstructured":"Fernandes, E., Rahmati, A., Jung, J., Prakash, A.: Decentralized action integrity for trigger-action IoT platforms. In: Proceedings of Network and Distributed Systems Symposium (NDSS), pp. 18\u201321 (2018)","DOI":"10.14722\/ndss.2018.23119"},{"key":"31_CR11","unstructured":"He, W., et al.: Rethinking access control and authentication for the home Internet of Things (IoT). In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 255\u2013272 (2018)"},{"key":"31_CR12","doi-asserted-by":"crossref","unstructured":"Jacobson, E.R., Rosenblum, N.E., Miller, B.P.: Labeling library functions in stripped binaries. In: Proceedings of the 10th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools, pp. 1\u20138. ACM (2011)","DOI":"10.1145\/2024569.2024571"},{"key":"31_CR13","doi-asserted-by":"crossref","unstructured":"Jia, Y.J., et al.: ContexloT: towards providing contextual integrity to appified IoT platforms. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23051"},{"key":"31_CR14","doi-asserted-by":"crossref","unstructured":"Jiang, Y., Xie, W., Tang, Y.: Detecting authentication-bypass flaws in a large scale of IoT embedded web servers. In: Proceedings of the 8th International Conference on Communication and Network Security, pp. 56\u201363. ACM (2018)","DOI":"10.1145\/3290480.3290491"},{"key":"31_CR15","unstructured":"Pro, I.: Fast library identification and recognition technology (2019). https:\/\/www.hex-rays.com\/products\/ida\/tech\/flirt\/in_depth.shtml"},{"issue":"2","key":"31_CR16","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1109\/TSE.2015.2470241","volume":"42","author":"J Qiu","year":"2016","unstructured":"Qiu, J., Su, X., Ma, P.: Using reduced execution flow graph to identify library functions in binary code. IEEE Trans. Softw. Eng. 42(2), 187\u2013202 (2016)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"31_CR17","unstructured":"Rays, H.: Fast library identification and recognition technology (2015). https:\/\/www.hex-rays.com\/products\/ida\/tech\/flirt\/in_depth.shtml"},{"key":"31_CR18","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., Vigna, G.: Firmalice-automatic detection of authentication bypass vulnerabilities in binary firmware. In: NDSS (2015)","DOI":"10.14722\/ndss.2015.23294"},{"key":"31_CR19","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., et al.: SoK: (State of) the art of war: offensive techniques in binary analysis. In: IEEE Symposium on Security and Privacy (2016)","DOI":"10.1109\/SP.2016.17"},{"key":"31_CR20","doi-asserted-by":"crossref","unstructured":"Stephens, N., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: NDSS, pp. 1\u201316, no. 2016 in 16 (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"31_CR21","unstructured":"Tian, Y., et al.: Smartauth: user-centered authorization for the Internet of Things. In: 26th USENIX Security Symposium (USENIX Security 2017), pp. 361\u2013378 (2017)"},{"key":"31_CR22","unstructured":"Wei, Z., et al.: Discovering and understanding the security hazards in the interactions between IoT devices, mobile apps, and clouds on smart home platforms. In: 28th USENIX Security Symposium (USENIX Security 2019). USENIX Association, Santa Clara (2019). https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/zhou"},{"key":"31_CR23","unstructured":"Yaowen, Z., Ali, D., Heng, Y., Chengyu, S., Hongsong, Z., Limin, S.: FIRM-AFL: high-throughput greybox fuzzing of IoT firmware via augmented process emulation. In: 28th USENIX Security Symposium (USENIX Security 2019). USENIX Association, Santa Clara (2019). https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/zheng"},{"key":"31_CR24","doi-asserted-by":"crossref","unstructured":"Yu, H., Lim, J., Kim, K., Lee, S.B.: Pinto: enabling video privacy for commodity IoT cameras. In: CCS, pp. 1089\u20131101. ACM (2018)","DOI":"10.1145\/3243734.3243830"},{"key":"31_CR25","doi-asserted-by":"crossref","unstructured":"Zaddach, J., Bruno, L., Francillon, A., Balzarotti, D., et al.: AVATAR: a framework to support dynamic security analysis of embedded systems\u2019 firmwares. In: 21st Annual Network and Distributed System Security Symposium, NDSS, pp. 1\u201316 (2014)","DOI":"10.14722\/ndss.2014.23229"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-29959-0_31","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,15]],"date-time":"2024-09-15T00:08:13Z","timestamp":1726358893000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-29959-0_31"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030299583","9783030299590"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-29959-0_31","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"15 September 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 September 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/conf.laas.fr\/esorics\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"344","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"67","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"11","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}