{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T06:38:05Z","timestamp":1768545485302,"version":"3.49.0"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030429201","type":"print"},{"value":"9783030429218","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-42921-8_16","type":"book-chapter","created":{"date-parts":[[2020,4,3]],"date-time":"2020-04-03T15:05:45Z","timestamp":1585926345000},"page":"277-290","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["PPIDS: A Pyramid-Like Printer Intrusion Detection System Based on ATT&CK Framework"],"prefix":"10.1007","author":[{"given":"Houhua","family":"He","sequence":"first","affiliation":[]},{"given":"Lei","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Weixia","family":"Cai","sequence":"additional","affiliation":[]},{"given":"Xiaoyu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Xiaorui","family":"Gong","sequence":"additional","affiliation":[]},{"given":"Haoyu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Chen","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,3,13]]},"reference":[{"key":"16_CR1","doi-asserted-by":"crossref","unstructured":"Bojinov, H., Bursztein, E., Boneh, D.: XCS: cross channel scripting and its impact on web applications. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 420\u2013431. ACM (2009)","DOI":"10.1145\/1653662.1653713"},{"key":"16_CR2","unstructured":"Moyer, C.: This teen hacked 150,000 printers to show how the internet of things is shit. \nhttps:\/\/motherboard.vice.com\/en_us\/article\/nzqayz\/this-teen-hacked-150000-printers-to-show-how-the-internet-of-things-is-shit"},{"key":"16_CR3","unstructured":"The MITRE Corporation. MITRE ATT&CK\u2122. \nhttps:\/\/attack.mitre.org\/"},{"key":"16_CR4","unstructured":"Adrian \u201cIrongeek\u201d Crenshaw. Hacking network printers. \nhttp:\/\/www.irongeek.com\/i.php?page=security\/networkprinterhacking"},{"key":"16_CR5","unstructured":"Schriftliche\u00a0Pr\u00fcfungsarbeit f\u00fcr\u00a0die Master-Pr\u00fcfung, IT\u00a0des Studiengangs, Netze und Systeme, Jens M\u00fcller, J\u00f6rg Schwenk, Juraj Somorovsky, and Vladislav Mladenov. Exploiting network printers (2016)"},{"key":"16_CR6","unstructured":"FX and kim0 of Phenoelit. Attacking networked embedded devices. \nhttps:\/\/www.defcon.org\/images\/defcon-10\/dc-10-presentations\/dc10-fx-embeddedsystems.pdf"},{"key":"16_CR7","unstructured":"Gragido, W.: Understanding indicators of compromise (IOC) (2013). \nhttps:\/\/blogs.rsa.com\/understanding-indicators-of-compromiseioc-part-i"},{"key":"16_CR8","unstructured":"Deral (PercX) Heiland and Michael (OMI) Belton. Anatomy of a pass-back-attack: Intercepting authentication credentials stored in multifunction printers. \nhttp:\/\/foofus.net\/goons\/percx\/praeda\/pass-back-attack.pdf"},{"key":"16_CR9","unstructured":"Itkin, E., Balmas, Y.: Faxploit: Sending fax back to the dark ages. \nhttps:\/\/research.checkpoint.com\/sending-fax-back-to-the-dark-ages\/"},{"key":"16_CR10","unstructured":"MITRE. CVE-common vulnerabilities and exposures (CVE). \nhttps:\/\/cve.mitre.org\/\n\n. Accessed 1 Mar 2019"},{"key":"16_CR11","unstructured":"Open Information Security Foundation (OISF). Suricata | Open Source IDS\/IPS\/NSM Engine. \nhttps:\/\/suricata-ids.org\/"},{"key":"16_CR12","unstructured":"HP researchers. HP Jetdirect Print Servers - HP Jetdirect Port Numbers for TCP\/IP (UDP) Connections. \nhttps:\/\/support.hp.com\/us-en\/document\/c02480766"},{"key":"16_CR13","unstructured":"HP researchers. Printer security: The new it imperative. \nhttp:\/\/h20195.www2.hp.com\/v2\/getpdf.aspx\/4AA7-3699ENW.pdf"},{"key":"16_CR14","unstructured":"HP researchers. Why printer security matters in healthcare. \nhttps:\/\/h20195.www2.hp.com\/V2\/getpdf.aspx\/c05837519"},{"key":"16_CR15","unstructured":"Spicework researchers. Spicework. \nhttp:\/\/h20195.www2.hp.com\/v2\/getpdf.aspx\/4AA7-3699ENW.pdf"},{"key":"16_CR16","unstructured":"Roesch, M., et al.: Snort: lightweight intrusion detection for networks. In: LISA, vol. 99, pp. 229\u2013238 (1999)"},{"key":"16_CR17","unstructured":"RUB-NDS. Printer exploitation toolkit - the tool that made dumpster diving obsolete. \nhttps:\/\/github.com\/RUB-NDS\/PRET"},{"key":"16_CR18","unstructured":"Sibert, W.: Malicious data and computer security. In: Proceedings of the 19th National Information Systems Security Conference (1996)"},{"key":"16_CR19","unstructured":"Printer Spamming. Cross site printing. \nhttps:\/\/helpnetsecurity.com\/dl\/articles\/CrossSitePrinting.pdf"},{"key":"16_CR20","unstructured":"Strom, B.E., et al.: Finding cyber threats with ATT&CK\u2122-based analytics. Technical report, MITRE Technical report MTR170202. The MITRE Corporation (2017)"},{"key":"16_CR21","unstructured":"Information technology Promotion Agency of Japan. Research report on the security of MFPs. \nhttps:\/\/www.ipa.go.jp\/security\/jisec\/apdx\/documents\/20130312report_E.pdf"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-42921-8_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,3]],"date-time":"2020-04-03T15:12:15Z","timestamp":1585926735000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-42921-8_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030429201","9783030429218"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-42921-8_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"13 March 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Inscrypt","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nanjing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cisc2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asclab.nuaa.edu.cn\/inscrypt2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}