{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T02:08:43Z","timestamp":1743127723007,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319998275"},{"type":"electronic","value":"9783319998282"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-99828-2_24","type":"book-chapter","created":{"date-parts":[[2018,8,25]],"date-time":"2018-08-25T11:35:10Z","timestamp":1535196910000},"page":"339-354","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Detection and Response to Data Exfiltration from Internet of Things Android Devices"],"prefix":"10.1007","author":[{"given":"Mariem","family":"Graa","sequence":"first","affiliation":[]},{"given":"Ivan Marco","family":"Lobe Kome","sequence":"additional","affiliation":[]},{"given":"Nora","family":"Cuppens-Boulahia","sequence":"additional","affiliation":[]},{"given":"Fr\u00e9d\u00e9ric","family":"Cuppens","sequence":"additional","affiliation":[]},{"given":"Vincent","family":"Frey","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,8,26]]},"reference":[{"issue":"6","key":"24_CR1","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1145\/2666356.2594299","volume":"49","author":"S Arzt","year":"2014","unstructured":"Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. ACM SIGPLAN Not. 49(6), 259\u2013269 (2014)","journal-title":"ACM SIGPLAN Not."},{"key":"24_CR2","unstructured":"Blanchet, B.: Symbolic verification of TLS 1.3 with ProVerif. https:\/\/github.com\/inria-prosecco\/reftls"},{"key":"24_CR3","unstructured":"Cervesato, I.: The Dolev-Yao intruder is the most powerful attacker. In: 16th Annual Symposium on Logic in Computer ScienceLICS, vol. 1. Citeseer (2001)"},{"key":"24_CR4","unstructured":"Dick Hardt, E.: The OAuth 2.0 Authorization Framework. https:\/\/tools.ietf.org\/html\/rfc6749"},{"key":"24_CR5","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1016\/j.cose.2014.10.016","volume":"48","author":"Q Do","year":"2015","unstructured":"Do, Q., Martini, B., Choo, K.K.R.: Exfiltrating data from android devices. Comput. Secur. 48, 74\u201391 (2015)","journal-title":"Comput. Secur."},{"issue":"2","key":"24_CR6","doi-asserted-by":"publisher","first-page":"524","DOI":"10.1109\/JIOT.2016.2569094","volume":"4","author":"CJ DOrazio","year":"2017","unstructured":"DOrazio, C.J., Choo, K.K.R., Yang, L.T.: Data exfiltration from internet of things devices: iOS devices as case studies. IEEE Internet Things J. 4(2), 524\u2013535 (2017)","journal-title":"IEEE Internet Things J."},{"issue":"2","key":"24_CR7","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"24_CR8","unstructured":"Fuchs, A.P., Chaudhuri, A., Foster, J.S.: SCanDroid: automated security certification of android. Technical report (2009)"},{"key":"24_CR9","doi-asserted-by":"crossref","unstructured":"Graa, M., Cuppens-Boulahia, N., Cuppens, F., Lanet, J.L.: Tracking explicit and control flows in Java and native Android apps code. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy, ICISSP 2016, pp. 307\u2013316 (2016)","DOI":"10.5220\/0005686603070316"},{"key":"24_CR10","doi-asserted-by":"crossref","unstructured":"Graa, M., Boulahia, N.C., Cuppens, F., Cavalli, A.: Protection against code obfuscation attacks based on control dependencies in Android systems. In: 2014 IEEE Eighth International Conference on Software Security and Reliability-Companion (SERE-C), pp. 149\u2013157. IEEE (2014)","DOI":"10.1109\/SERE-C.2014.33"},{"key":"24_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-642-35362-8_4","volume-title":"Cyberspace Safety and Security","author":"M Graa","year":"2012","unstructured":"Graa, M., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A.: Detecting control flow in smarphones: combining static and dynamic analyses. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 33\u201347. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-35362-8_4"},{"key":"24_CR12","doi-asserted-by":"publisher","first-page":"S71","DOI":"10.1016\/j.diin.2011.05.009","volume":"8","author":"J Grier","year":"2011","unstructured":"Grier, J.: Detecting data theft using stochastic forensics. Digit. Invest. 8, S71\u2013S77 (2011)","journal-title":"Digit. Invest."},{"issue":"7","key":"24_CR13","doi-asserted-by":"publisher","first-page":"1645","DOI":"10.1016\/j.future.2013.01.010","volume":"29","author":"J Gubbi","year":"2013","unstructured":"Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of things (IoT): a vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645\u20131660 (2013)","journal-title":"Future Gener. Comput. Syst."},{"key":"24_CR14","doi-asserted-by":"crossref","unstructured":"Guri, M., Monitz, M., Elovici, Y.: USBee: air-gap covert-channel via electromagnetic emission from USB. In: 2016 14th Annual Conference on Privacy, Security and Trust (PST), pp. 264\u2013268. IEEE (2016)","DOI":"10.1109\/PST.2016.7906972"},{"key":"24_CR15","doi-asserted-by":"crossref","unstructured":"Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren\u2019t the droids you\u2019re looking for: retrofitting Android to protect data from imperious applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 639\u2013652. ACM (2011)","DOI":"10.1145\/2046707.2046780"},{"key":"24_CR16","doi-asserted-by":"publisher","first-page":"516","DOI":"10.1016\/j.chb.2016.04.023","volume":"62","author":"CL Hsu","year":"2016","unstructured":"Hsu, C.L., Lin, J.C.C.: An empirical examination of consumer adoption of internet of things services: network externalities and concern for information privacy perspectives. Comput. Hum. Behav. 62, 516\u2013527 (2016)","journal-title":"Comput. Hum. Behav."},{"key":"24_CR17","doi-asserted-by":"crossref","unstructured":"Hu, Y., Frank, C., Walden, J., Crawford, E., Kasturiratna, D.: Profiling file repository access patterns for identifying data exfiltration activities. In: 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), pp. 122\u2013128. IEEE (2011)","DOI":"10.1109\/CICYBS.2011.5949404"},{"key":"24_CR18","doi-asserted-by":"crossref","unstructured":"Hwang, S., Lee, S., Kim, Y., Ryu, S.: Bittersweet ADB: attacks and defenses. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 579\u2013584. ACM (2015)","DOI":"10.1145\/2714576.2714638"},{"key":"24_CR19","doi-asserted-by":"crossref","unstructured":"Kobeissi, N., Bhargavan, K., Blanchet, B.: Automated verification for secure messaging protocols and their implementations: a symbolic and computational approach. In: 2nd IEEE European Symposium on Security and Privacy (EuroS&P\u201917), pp. 435\u2013450. IEEE, Paris, April 2017","DOI":"10.1109\/EuroSP.2017.38"},{"key":"24_CR20","unstructured":"Lau, B., Jang, Y., Song, C., Wang, T., Chung, P.H., Royal, P.: Mactans: Injecting malware into iOS devices via malicious chargers. Black Hat USA (2013)"},{"key":"24_CR21","unstructured":"Lindsay, J.: Pyjwt. https:\/\/github.com\/jpadilla\/pyjwt"},{"key":"24_CR22","unstructured":"Liu, F.: Windows malware attempts to infect android devices (2014)"},{"key":"24_CR23","unstructured":"Jones, M., Bradley, J., Sakimura, N.: JSON Web Token (JWT). https:\/\/tools.ietf.org\/html\/rfc7519"},{"key":"24_CR24","unstructured":"Nordrum, A.: Popular Internet of Things Forecast of 50 Billion Devices by 2020 Is Outdated, August 2016. https:\/\/spectrum.ieee.org\/tech-talk\/telecom\/internet\/popular-internet-of-things-forecast-of-50-billion-devices-by-2020-is-outdated"},{"key":"24_CR25","doi-asserted-by":"crossref","unstructured":"Sharma, P., Joshi, A., Finin, T.: Detecting data exfiltration by integrating information across layers. In: 2013 IEEE 14th International Conference on Information Reuse and Integration (IRI), pp. 309\u2013316. IEEE (2013)","DOI":"10.1109\/IRI.2013.6642487"},{"key":"24_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1007\/978-3-319-61204-1_5","volume-title":"Applied Cryptography and Network Security","author":"R Spolaor","year":"2017","unstructured":"Spolaor, R., Abudahi, L., Moonsamy, V., Conti, M., Poovendran, R.: No free charge theorem: a covert channel via\u00a0usb charging cable on mobile devices. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 83\u2013102. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-61204-1_5"},{"key":"24_CR27","doi-asserted-by":"crossref","unstructured":"Tian, D.J., Bates, A., Butler, K.: Defending against malicious USB firmware with GoodUSB. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 261\u2013270. ACM (2015)","DOI":"10.1145\/2818000.2818040"},{"key":"24_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-642-33704-8_2","volume-title":"Computer Network Security","author":"Z Wang","year":"2012","unstructured":"Wang, Z., Johnson, R., Murmuria, R., Stavrou, A.: Exposing security risks for commercial mobile devices. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 3\u201321. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33704-8_2"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-99828-2_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,26]],"date-time":"2022-08-26T00:05:42Z","timestamp":1661472342000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-99828-2_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319998275","9783319998282"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-99828-2_24","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"26 August 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poznan","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 September 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"33","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ifipsec2018.pwr.edu.pl\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"89","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"330% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}