{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,8]],"date-time":"2026-05-08T04:44:36Z","timestamp":1778215476177,"version":"3.51.4"},"publisher-location":"Cham","reference-count":64,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031255373","type":"print"},{"value":"9783031255380","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-25538-0_40","type":"book-chapter","created":{"date-parts":[[2023,2,3]],"date-time":"2023-02-03T13:03:34Z","timestamp":1675429414000},"page":"770-790","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Breaking Embedded Software Homogeneity with\u00a0Protocol Mutations"],"prefix":"10.1007","author":[{"given":"Tongwei","family":"Ren","sequence":"first","affiliation":[]},{"given":"Ryan","family":"Williams","sequence":"additional","affiliation":[]},{"given":"Sirshendu","family":"Ganguly","sequence":"additional","affiliation":[]},{"given":"Lorenzo","family":"De Carli","sequence":"additional","affiliation":[]},{"given":"Long","family":"Lu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,2,4]]},"reference":[{"key":"40_CR1","unstructured":"Micro Autonomous System Technologies (MAST). http:\/\/www.mast-cta.org\/"},{"key":"40_CR2","unstructured":"trailofbits\/polytracker: An LLVM-based instrumentation tool for universal taint analysis. https:\/\/github.com\/trailofbits\/polytracker"},{"key":"40_CR3","unstructured":"Eclipse Mosquitto (January 2020). https:\/\/mosquitto.org\/"},{"key":"40_CR4","unstructured":"DSVPN (February 2021). https:\/\/github.com\/jedisct1\/dsvpn"},{"key":"40_CR5","unstructured":"GitHub - jtpereyda\/boofuzz (February 2021). https:\/\/github.com\/jtpereyda\/boofuzz"},{"key":"40_CR6","unstructured":"MQTT-C (February 2021). https:\/\/github.com\/LiamBindle\/MQTT-C"},{"key":"40_CR7","unstructured":"OpenDDS (August 2021). https:\/\/opendds.org\/"},{"key":"40_CR8","unstructured":"Shodan (January 2021). https:\/\/www.shodan.io\/"},{"key":"40_CR9","unstructured":"wakaama (February 2021). https:\/\/www.eclipse.org\/wakaama\/"},{"key":"40_CR10","unstructured":"Who\u2019s Using DDS? (January 2021). https:\/\/www.dds-foundation.org\/who-is-using-dds-2\/"},{"key":"40_CR11","unstructured":"CycloneDDS (2022). https:\/\/github.com\/eclipse-cyclonedds\/cyclonedds"},{"key":"40_CR12","unstructured":"OpenIPC (December 2022). https:\/\/openipc.org\/"},{"key":"40_CR13","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E.: Toward network configuration randomization for moving target defense. In: Moving Target Defense (2011)","DOI":"10.1007\/978-1-4614-0977-9_9"},{"key":"40_CR14","unstructured":"Bao, T., Burket, J., Woo, M., Turner, R., Brumley, D.: BYTEWEIGHT: Learning to recognize functions in binary code. In: USENIX Security Symposium (2014)"},{"key":"40_CR15","doi-asserted-by":"crossref","unstructured":"Beurdouche, B., et al.: A messy state of the union: Taming the composite state machines of tls. In: IEEE S &P (2015)","DOI":"10.1109\/SP.2015.39"},{"key":"40_CR16","unstructured":"Brian Krebs: Who Makes the IoT Things Under Attack? \u2014 Krebs on Security (October 2016). https:\/\/krebsonsecurity.com\/2016\/10\/who-makes-the-iot-things-under-attack\/"},{"key":"40_CR17","doi-asserted-by":"crossref","unstructured":"Cabutto, A., Falcarin, P., Abrath, B., Coppens, B., De Sutter, B.: Software protection with code mobility. In: ACM MTD Workshop (2015)","DOI":"10.1145\/2808475.2808481"},{"key":"40_CR18","unstructured":"Cameron, L.: IoT Meets the Military | IEEE Computer Society (March 2017). https:\/\/www.computer.org\/publications\/tech-news\/research\/internet-of-military-battlefield-things-iomt-iobt"},{"key":"40_CR19","unstructured":"Caselli, M., Zambon, E., Sommer, R., Kargl, F., Amann, J.: Specification mining for intrusion detection in networked control systems. In: USENIX Security Symposium (2017)"},{"key":"40_CR20","unstructured":"Chung, T.: OFFensive Swarm-Enabled Tactics. https:\/\/www.darpa.mil\/program\/offensive-swarm-enabled-tactics"},{"key":"40_CR21","unstructured":"Cimpanu, C.: Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices (January 2020). https:\/\/www.zdnet.com\/article\/hacker-leaks-passwords-for-more-than-500000-servers-routers-and-iot-devices\/"},{"issue":"6","key":"40_CR22","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1016\/0167-4048(93)90054-9","volume":"12","author":"FB Cohen","year":"1993","unstructured":"Cohen, F.B.: Operating system protection through program evolution. Comput. Sec. 12(6), 565\u2013584 (1993)","journal-title":"Comput. Sec."},{"key":"40_CR23","doi-asserted-by":"crossref","unstructured":"Cojocar, L., Zaddach, J., Verdult, R., Bos, H., Francillon, A., Balzarotti, D.: Pie: Parser identification in embedded systems. In: ACSAC (2015)","DOI":"10.1145\/2818000.2818035"},{"key":"40_CR24","doi-asserted-by":"crossref","unstructured":"Collberg, C., Martin, S., Myers, J., Nagra, J.: Distributed application tamper detection via continuous software updates. In: ACSAC (2012)","DOI":"10.1145\/2420950.2420997"},{"key":"40_CR25","doi-asserted-by":"crossref","unstructured":"Cui, A., Stolfo, S.: Symbiotes and defensive mutualism: Moving target defense. In: Moving Target Defense, pp. 99\u2013108 (August 2011)","DOI":"10.1007\/978-1-4614-0977-9_5"},{"key":"40_CR26","doi-asserted-by":"crossref","unstructured":"Davi, L.V., Dmitrienko, A., N\u00fcrnberger, S., Sadeghi, A.R.: Gadge me if you can: Secure and efficient ad-hoc instruction-level randomization for x86 and ARM. In: ASIA CCS (2013)","DOI":"10.1145\/2484313.2484351"},{"key":"40_CR27","doi-asserted-by":"crossref","unstructured":"De Carli, L., Mignano, A.: Network security for home iot devices must involve the user: a position paper. In: FPS (2020)","DOI":"10.1007\/978-3-030-70881-8_2"},{"key":"40_CR28","doi-asserted-by":"crossref","unstructured":"De Carli, L., Torres, R., Modelo-Howard, G., Tongaonkar, A., Jha, S.: Botnet protocol inference in the presence of encrypted traffic. In: INFOCOM (2017)","DOI":"10.1109\/INFOCOM.2017.8057064"},{"key":"40_CR29","unstructured":"Eduard Kovacs: Serious Vulnerabilities Found in Schneider Electric Power Meters $$|$$ SecurityWeek.Com (March 2021). https:\/\/www.securityweek.com\/serious-vulnerabilities-found-schneider-electric-power-meters"},{"key":"40_CR30","doi-asserted-by":"crossref","unstructured":"Franz, M.: E unibus pluram: Massive-scale software diversity as a defense mechanism. In: NSPW (2010)","DOI":"10.1145\/1900546.1900550"},{"key":"40_CR31","unstructured":"Goodin, D.: 100,000-strong botnet built on router 0-day could strike at any time (December 2017). https:\/\/arstechnica.com\/information-technology\/2017\/12\/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time\/"},{"key":"40_CR32","doi-asserted-by":"crossref","unstructured":"Hariri, F., Shi, A.: Srciror: A toolset for mutation testing of c source code and llvm intermediate representation. In: ACM\/IEEE ASE (2018)","DOI":"10.1145\/3238147.3240482"},{"key":"40_CR33","doi-asserted-by":"crossref","unstructured":"Higgins, F., Tomlinson, A., Martin, K.M.: Threats to the Swarm: Security Considerations for Swarm Robotics. Int. J. Adv. Sec. 2(2 &3) (2009)","DOI":"10.1109\/ICAS.2009.62"},{"key":"40_CR34","doi-asserted-by":"crossref","unstructured":"Hu, W., et al.: Secure and practical defense against code-injection attacks using software dynamic translation. In: VEE (2006)","DOI":"10.1145\/1134760.1134764"},{"key":"40_CR35","doi-asserted-by":"crossref","unstructured":"Huang, Y., Ghosh, A.: Introducing diversity and uncertainty to create moving attack surfaces for web services. In: Moving Target Defense, pp. 131\u2013151 (August 2011)","DOI":"10.1007\/978-1-4614-0977-9_8"},{"key":"40_CR36","doi-asserted-by":"crossref","unstructured":"Jackson, T., et al.: Compiler-generated software diversity. In: Moving Target Defense, pp. 77\u201398 (August 2011)","DOI":"10.1007\/978-1-4614-0977-9_4"},{"key":"40_CR37","doi-asserted-by":"crossref","unstructured":"Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: Transparent moving target defense using software defined networking. In: HotSDN (2012)","DOI":"10.1145\/2342441.2342467"},{"key":"40_CR38","unstructured":"Kat Hall: Hyperoptic\u2019s ZTE-made 1gbps routers had hyper-hardcoded hyper-root hyper-password (April 2018). https:\/\/www.theregister.co.uk\/2018\/04\/26\/hyperoptics_zte_routers\/"},{"key":"40_CR39","unstructured":"Krebs, B.: Naming & Shaming Web Polluters: Xiongmai - Krebs on Security (October 2018). https:\/\/krebsonsecurity.com\/2018\/10\/naming-shaming-web-polluters-xiongmai\/"},{"key":"40_CR40","doi-asserted-by":"crossref","unstructured":"Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: SoK: Automated Software Diversity. In: IEEE S &P (2014)","DOI":"10.1109\/SP.2014.25"},{"key":"40_CR41","unstructured":"Lewellen, T.: CERT\/CC Vulnerability Note VU#800094 (September 2013). https:\/\/www.kb.cert.org"},{"key":"40_CR42","doi-asserted-by":"crossref","unstructured":"Maruyama, Y., Kato, S., Azumi, T.: Exploring the performance of ros2. In: EMSOFT (2016)","DOI":"10.1145\/2968478.2968502"},{"key":"40_CR43","unstructured":"Merces, F., Remillano II, A., Molina, J.: Mirai Botnet Attack IoT Devices via CVE-2020-5902 (July 2020). https:\/\/www.trendmicro.com\/en_us\/research\/20\/g\/mirai-botnet-attack-iot-devices-via-cve-2020-5902.html"},{"issue":"4","key":"40_CR44","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1109\/MSECP.2003.1219056","volume":"1","author":"D Moore","year":"2003","unstructured":"Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the Slammer worm. IEEE Sec. Privacy 1(4), 33\u201339 (2003)","journal-title":"IEEE Sec. Privacy"},{"key":"40_CR45","doi-asserted-by":"crossref","unstructured":"Moore, D., Shannon, C., claffy, k.: Code-Red: A case study on the spread and victims of an internet worm. In: ACM IMW (2002)","DOI":"10.1145\/637201.637244"},{"key":"40_CR46","unstructured":"Muncaster, P.: A Third of Industrial Control Systems Attacked in H1 2021 (September 2021). https:\/\/www.infosecurity-magazine.com\/news\/third-industrial-control-systems\/"},{"key":"40_CR47","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In: IEEE S &P (2012)","DOI":"10.1109\/SP.2012.41"},{"key":"40_CR48","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.: Practical software diversification using in-place code randomization. In: Moving Target Defense (2013)","DOI":"10.1007\/978-1-4614-5416-8_9"},{"key":"40_CR49","unstructured":"Pascu, L.: Multiple critical security flaws found in nearly 400 IP cameras - Bitdefender BOX Blog (June 2018), https:\/\/www.bitdefender.com\/box\/blog\/ip-cameras-vulnerabilities\/multiple-critical-security-flaws-found-nearly-400-ip-cameras\/"},{"key":"40_CR50","doi-asserted-by":"crossref","unstructured":"Ronen, E., Shamir, A., Weingarten, A., O\u2019Flynn, C.: IoT goes nuclear: creating a zigbee chain reaction. In: IEEE S &P (2017)","DOI":"10.1109\/SP.2017.14"},{"key":"40_CR51","doi-asserted-by":"crossref","unstructured":"Rudd, R., et al.: Address oblivious code reuse: on the effectiveness of leakage-resilient diversity. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23477"},{"issue":"4","key":"40_CR52","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1145\/357401.357402","volume":"2","author":"JH Saltzer","year":"1984","unstructured":"Saltzer, J.H., Reed, D.P., Clark, D.D.: End-to-end arguments in system design. ACM Trans. Comput. Syst. (TOCS) 2(4), 277\u2013288 (1984)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"40_CR53","doi-asserted-by":"crossref","unstructured":"Seibert, J., Okhravi, H., S\u00f6derstr\u00f6m, E.: Information leaks without memory disclosures: Remote side channel attacks on diversified code. In: ACM CCS (2014)","DOI":"10.1145\/2660267.2660309"},{"key":"40_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/BFb0032731","volume-title":"Static Analysis","author":"M Shapiro","year":"1997","unstructured":"Shapiro, M., Horwitz, S.: The effects of the precision of pointer analysis. In: Van Hentenryck, P. (ed.) SAS 1997. LNCS, vol. 1302, pp. 16\u201334. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0032731"},{"key":"40_CR55","unstructured":"Shekari, T., Irvene, C., Beyah, R.: IoT Skimmer: Energy Market Manipulation through High-Wattage IoT Botnets - Black Hat USA 2020 (August 2020), https:\/\/www.blackhat.com\/us-20\/briefings\/schedule\/index.html#iot-skimmer-energy-market-manipulation-through-high-wattage-iot-botnets-20280"},{"key":"40_CR56","doi-asserted-by":"crossref","unstructured":"Simpson, A.K., Roesner, F., Kohno, T.: Securing vulnerable home IoT devices with an in-hub security manager. In: PerCom Workshop (2017)","DOI":"10.1109\/PERCOMW.2017.7917622"},{"key":"40_CR57","unstructured":"Soltan, S., Mittal, P., Poor, H.V.: BlackIoT: IoT botnet of high wattage devices can disrupt the power grid. In: USENIX Security (2018)"},{"key":"40_CR58","doi-asserted-by":"crossref","unstructured":"Sousa, M., Sen, A.: Generation of tlm testbenches using mutation testing. In: CODES+ISSS 2012 (2012)","DOI":"10.1145\/2380445.2380498"},{"key":"40_CR59","doi-asserted-by":"crossref","unstructured":"Wang, N., Schmidt, D.C., van\u2019t Hag, H., Corsaro, A.: Toward an adaptive data distribution service for dynamic large-scale network-centric operation and warfare (ncow) systems. In: MILCOM (2008)","DOI":"10.1109\/MILCOM.2008.4753364"},{"key":"40_CR60","doi-asserted-by":"crossref","unstructured":"Wartell, R., Mohan, V., Hamlen, K.W., Lin, Z.: Binary stirring: Self-randomizing instruction addresses of legacy x86 binary code. In: ACM CCS (2012)","DOI":"10.1145\/2382196.2382216"},{"issue":"1","key":"40_CR61","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1109\/MSP.2009.18","volume":"7","author":"D Williams","year":"2009","unstructured":"Williams, D., Hu, W., Davidson, J.W., Hiser, J.D., Knight, J.C., Nguyen-Tuong, A.: Security through diversity: leveraging virtual machine technology. IEEE Sec. Privacy 7(1), 26\u201333 (2009)","journal-title":"IEEE Sec. Privacy"},{"key":"40_CR62","doi-asserted-by":"crossref","unstructured":"Wu, B., Ma, Y., Fan, L., Qian, F.: Binary software randomization method based on llvm. In: 2018 IEEE International Conference of Safety Produce Informatization (IICSPI), pp. 808\u2013811 (2018)","DOI":"10.1109\/IICSPI.2018.8690342"},{"key":"40_CR63","doi-asserted-by":"publisher","first-page":"75682","DOI":"10.1109\/ACCESS.2018.2883973","volume":"6","author":"X Yin","year":"2018","unstructured":"Yin, X., Liu, S., Liu, L., Xiao, D.: Function recognition in stripped binary of embedded devices. IEEE Access 6, 75682\u201375694 (2018)","journal-title":"IEEE Access"},{"key":"40_CR64","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/s11390-019-1906-z","volume":"34","author":"J Zheng","year":"2019","unstructured":"Zheng, J., Siami Namin, A.: A survey on the moving target defense strategies: An architectural perspective. J. Comput. Sci. Technol. 34, 207\u2013233 (2019)","journal-title":"J. Comput. Sci. Technol."}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-25538-0_40","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,3]],"date-time":"2023-02-03T13:19:55Z","timestamp":1675430395000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-25538-0_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031255373","9783031255380"],"references-count":64,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-25538-0_40","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"4 February 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 October 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 October 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/securecomm.eai-conferences.org\/2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Confy+","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"130","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"43","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}