{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T12:41:03Z","timestamp":1780317663890,"version":"3.54.1"},"reference-count":58,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2019,8,22]],"date-time":"2019-08-22T00:00:00Z","timestamp":1566432000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2019,8,22]],"date-time":"2019-08-22T00:00:00Z","timestamp":1566432000000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1563991"],"award-info":[{"award-number":["1563991"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100006502","name":"Defense Sciences Office, DARPA","doi-asserted-by":"publisher","award":["FA8650-16-C-7620"],"award-info":[{"award-number":["FA8650-16-C-7620"]}],"id":[{"id":"10.13039\/100006502","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Hardw Syst Secur"],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1007\/s41635-019-00074-w","type":"journal-article","created":{"date-parts":[[2019,8,22]],"date-time":"2019-08-22T13:02:52Z","timestamp":1566478972000},"page":"305-318","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":55,"title":["Malware Detection in Embedded Systems Using Neural Network Model for Electromagnetic Side-Channel Signals"],"prefix":"10.1007","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2954-2765","authenticated-orcid":false,"given":"Haider Adnan","family":"Khan","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nader","family":"Sehatbakhsh","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Luong N.","family":"Nguyen","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Milos","family":"Prvulovic","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alenka","family":"Zaji\u0107","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2019,8,22]]},"reference":[{"key":"74_CR1","unstructured":"INTEL a guide to the Internet of Things infographic. \nhttps:\/\/www.intel.com\/content\/www\/us\/en\/internet-of-things\/infographics\/guide-to-iot.html\n\n. Accessed: 2018-10-25"},{"key":"74_CR2","doi-asserted-by":"crossref","unstructured":"Abera T, Asokan N, Davi L, Ekberg JE, Nyman T, Paverd A, Sadeghi AR, Tsudik G (2016) C-FLAT: control-flow attestation for embedded systems software. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp 743\u2013754. ACM","DOI":"10.1145\/2976749.2978358"},{"key":"74_CR3","doi-asserted-by":"crossref","unstructured":"Agrawal D, Archambeault B, Rao JR, Rohatgi P (2002) The EM side\u2014channel (s). In: International workshop on cryptographic hardware and embedded systems, pp 29\u201345. Springer","DOI":"10.1007\/3-540-36400-5_4"},{"key":"74_CR4","unstructured":"Alam M, Khan HA, Dey M, Sinha N, Callan R, Zajic A, Prvulovic M (2018) One&Done: a single-decryption EM-based attack on OpenSSL\u2019s constant-time blinded RSA. In: Proceedings of the 27th USENIX conference on security symposium, pp 585\u2013602. USENIX Association"},{"issue":"2","key":"74_CR5","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1109\/TSMCC.2004.843217","volume":"36","author":"V Alarcon-Aquino","year":"2006","unstructured":"Alarcon-Aquino V, Barria JA (2006) Multiresolution fir neural-network-based learning algorithm applied to network traffic prediction. IEEE Trans Syst Man Cybern Part C Appl Rev 36(2):208\u2013220","journal-title":"IEEE Trans Syst Man Cybern Part C Appl Rev"},{"key":"74_CR6","doi-asserted-by":"crossref","unstructured":"Andronio N, Zanero S, Maggi F (2015) Heldroid: dissecting and detecting mobile ransomware. In: International workshop on recent advances in intrusion detection, pp 382\u2013404. Springer","DOI":"10.1007\/978-3-319-26362-5_18"},{"key":"74_CR7","doi-asserted-by":"crossref","unstructured":"Bottou L (2010) Large-scale machine learning with stochastic gradient descent. In: Proceedings of COMPSTAT\u20192010, pp 177\u2013186. Springer","DOI":"10.1007\/978-3-7908-2604-3_16"},{"issue":"9","key":"74_CR8","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1016\/S1353-4858(16)30086-1","volume":"2016","author":"R Brewer","year":"2016","unstructured":"Brewer R (2016) Ransomware attacks: detection, prevention and cure. Netw Secur 2016(9):5\u20139","journal-title":"Netw Secur"},{"key":"74_CR9","doi-asserted-by":"crossref","unstructured":"Buennemeyer TK, Nelson TM, Clagett LM, Dunning JP, Marchany R, Tront JG (2008) Mobile device profiling and intrusion detection using smart batteries. In: Proceedings of the 41st annual Hawaii international conference on system sciences, pp 296\u2013296. IEEE","DOI":"10.1109\/HICSS.2008.319"},{"key":"74_CR10","doi-asserted-by":"crossref","unstructured":"Callan R, Behrang F, Zajic A, Prvulovic M, Orso A (2016) Zero-overhead profiling via EM emanations. In: Proceedings of the 25th international symposium on software testing and analysis, pp 401\u2013412. ACM","DOI":"10.1145\/2931037.2931065"},{"key":"74_CR11","doi-asserted-by":"crossref","unstructured":"Callan R, Zaji\u0107 A, Prvulovic M (2014) A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In: Proceedings of the 47th annual IEEE\/ACM international symposium on microarchitecture, pp 242\u2013254. IEEE Computer Society","DOI":"10.1109\/MICRO.2014.39"},{"key":"74_CR12","doi-asserted-by":"crossref","unstructured":"Callan R, Zaji\u0107 A, Prvulovic M (2015) FASE: finding amplitude-modulated side-channel emanations. In: 2015 ACM\/IEEE 42nd annual international symposium on computer architecture (ISCA), pp 592\u2013603. IEEE","DOI":"10.1145\/2749469.2750394"},{"key":"74_CR13","doi-asserted-by":"crossref","unstructured":"C\u00e1rdenas A.A., Amin S, Lin ZS, Huang YL, Huang CY, Sastry S (2011) Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM symposium on information, computer and communications security, pp 355\u2013366. ACM","DOI":"10.1145\/1966913.1966959"},{"key":"74_CR14","unstructured":"Chien E (2010) Stuxnet: a breakthrough. Symantec Com 12"},{"key":"74_CR15","unstructured":"Clark SS, Ransford B, Rahmati A, Guineau S, Sorber J, Xu W, Fu K (2013) Wattsupdoc: power side channels to nonintrusively discover untargeted malware on embedded medical devices. In: HealthTech"},{"key":"74_CR16","doi-asserted-by":"crossref","unstructured":"Colbert E (2017) Security of cyber-physical systems\u2014 CSIAc. J Cyber Secur Inf Syst 5(1)","DOI":"10.1007\/978-3-319-51328-7_2"},{"key":"74_CR17","doi-asserted-by":"crossref","unstructured":"Collobert R, Weston J (2008) A unified architecture for natural language processing: deep neural networks with multitask learning. In: Proceedings of the 25th international conference on Machine learning, pp 160\u2013167. ACM","DOI":"10.1145\/1390156.1390177"},{"issue":"3\u20134","key":"74_CR18","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1561\/2000000039","volume":"7","author":"L Deng","year":"2014","unstructured":"Deng L, Yu D, et al. (2014) Deep learning: methods and applications. Foundations and Trends\u00ae in Signal Processing 7(3\u20134):197\u2013387","journal-title":"Foundations and Trends\u00ae in Signal Processing"},{"key":"74_CR19","unstructured":"Falliere N, Murchu LO, Chien E (2011) W32. stuxnet dossier. White paper, Symantec Corp., Security Response 5(6)"},{"issue":"1","key":"74_CR20","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1080\/00396338.2011.555586","volume":"53","author":"JP Farwell","year":"2011","unstructured":"Farwell JP, Rohozinski R (2011) Stuxnet and the future of cyber war. Survival 53(1):23\u201340","journal-title":"Survival"},{"key":"74_CR21","doi-asserted-by":"crossref","unstructured":"Genkin D, Pachmanov L, Pipman I, Tromer E (2015) Stealing keys from PCs using a radio: cheap electromagnetic attacks on windowed exponentiation. In: International workshop on cryptographic hardware and embedded systems, pp 207\u2013228. Springer","DOI":"10.1007\/978-3-662-48324-4_11"},{"issue":"2-3","key":"74_CR22","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1007\/s10470-011-9777-4","volume":"69","author":"CRA Gonz\u00e1lez","year":"2011","unstructured":"Gonz\u00e1lez CRA, Reed JH (2011) Power fingerprinting in sdr integrity assessment for security and regulatory compliance. Analog Integr Circ Sig Process 69(2-3):307","journal-title":"Analog Integr Circ Sig Process"},{"key":"74_CR23","doi-asserted-by":"crossref","unstructured":"Graves A, Mohamed AR, Hinton G (2013) Speech recognition with deep recurrent neural networks. In: 2013 IEEE international conference on Acoustics, speech and signal processing (icassp), pp 6645\u20136649. IEEE","DOI":"10.1109\/ICASSP.2013.6638947"},{"key":"74_CR24","unstructured":"Guthaus MR, Ringenberg JS, Ernst D, Austin TM, Mudge T, Brown RB (2001) Mibench: A free, commercially representative embedded benchmark suite. In: Proceedings of the 4th annual IEEE international workshop on workload characterization. WWC-4 (Cat. No. 01EX538), pp 3\u201314. IEEE"},{"key":"74_CR25","doi-asserted-by":"crossref","unstructured":"Han Y, Etigowni S, Liu H, Zonouz S, Petropulu A (2017) Watch me, but don\u2019t touch me! contactless control flow monitoring via electromagnetic emanations. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 1095\u20131108. ACM","DOI":"10.1145\/3133956.3134081"},{"issue":"3","key":"74_CR26","doi-asserted-by":"publisher","first-page":"555","DOI":"10.1109\/TEMC.2012.2222890","volume":"55","author":"YI Hayashi","year":"2013","unstructured":"Hayashi YI, Homma N, Mizuki T, Shimada H, Aoki T, Sone H, Sauvage L, Danger JL (2013) Efficient evaluation of em radiation associated with information leakage from cryptographic devices. IEEE Trans Electromagn Compat 55(3):555\u2013563","journal-title":"IEEE Trans Electromagn Compat"},{"key":"74_CR27","unstructured":"Herzberg B, Bekerman D, Zeifman I (2016) Breaking down mirai: an IoT DDoS botnet analysis. Incapsula Blog, Bots and DDoS, Security"},{"issue":"02","key":"74_CR28","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1142\/S0218488598000094","volume":"6","author":"S Hochreiter","year":"1998","unstructured":"Hochreiter S (1998) The vanishing gradient problem during learning recurrent neural nets and problem solutions. International Journal of Uncertainty. Fuzziness and Knowledge-Based Systems 6(02):107\u2013116","journal-title":"Fuzziness and Knowledge-Based Systems"},{"key":"74_CR29","unstructured":"Jacoby GA, Marchany R, Davis N (2004) Battery-based intrusion detection a first line of defense. In: Proceedings from the 5th annual IEEE SMC information assurance workshop, 2004, pp 272\u2013279. IEEE"},{"issue":"12","key":"74_CR30","doi-asserted-by":"publisher","first-page":"6751","DOI":"10.1109\/TAP.2018.2870370","volume":"66","author":"Prateek Juyal","year":"2018","unstructured":"Juyal P, Adibelli S, Sehatbakhsh N, Zajic A (2018) A directive antenna based on conducting discs for detecting unintentional em emissions at large distances. IEEE Transactions on Antennas and Propagation pp 1\u20131. \nhttps:\/\/doi.org\/10.1109\/TAP.2018.2870370","journal-title":"IEEE Transactions on Antennas and Propagation"},{"issue":"4","key":"74_CR31","first-page":"111","volume":"1","author":"B Karlik","year":"2011","unstructured":"Karlik B, Olgac AV (2011) Performance analysis of various activation functions in generalized MLP architectures of neural networks. International Journal of Artificial Intelligence and Expert Systems 1(4):111\u2013122","journal-title":"International Journal of Artificial Intelligence and Expert Systems"},{"key":"74_CR32","unstructured":"Khan HA, Alam M, Zajic A, Prvulovic M (2018) Detailed tracking of program control flow using analog side-channel signals: a promise for IoT malware detection and a threat for many cryptographic implementations. In: Cyber Sensing 2018, vol. 10630, p. 1063005. International Society for Optics and Photonics"},{"issue":"1","key":"74_CR33","doi-asserted-by":"publisher","first-page":"479","DOI":"10.1016\/j.eswa.2009.05.044","volume":"37","author":"M Khashei","year":"2010","unstructured":"Khashei M, Bijari M (2010) An artificial neural network (p, d, q) model for timeseries forecasting. Expert Systems with applications 37(1):479\u2013489","journal-title":"Expert Systems with applications"},{"key":"74_CR34","doi-asserted-by":"crossref","unstructured":"Kim H, Smith J, Shin KG (2008) Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th international conference on mobile systems, applications, and services, pp 239\u2013252. ACM","DOI":"10.1145\/1378600.1378627"},{"key":"74_CR35","unstructured":"Krizhevsky A, Sutskever I, Hinton G (2012) Imagenet classification with deep convolutional neural networks. In: Advances in neural information processing systems, pp 1097\u20131105"},{"issue":"3","key":"74_CR36","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MSP.2011.67","volume":"9","author":"R Langner","year":"2011","unstructured":"Langner R (2011) Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur Priv 9(3):49\u201351","journal-title":"IEEE Secur Priv"},{"issue":"7553","key":"74_CR37","doi-asserted-by":"publisher","first-page":"436","DOI":"10.1038\/nature14539","volume":"521","author":"Y LeCun","year":"2015","unstructured":"LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521(7553):436","journal-title":"Nature"},{"key":"74_CR38","doi-asserted-by":"crossref","unstructured":"Lee I, Sokolsky O (2010) Medical cyber physical systems. In: 2010 47th ACM\/IEEE design automation conference (DAC), pp 743\u2013748. IEEE","DOI":"10.1145\/1837274.1837463"},{"key":"74_CR39","doi-asserted-by":"crossref","unstructured":"Liu L, Yan G, Zhang X, Chen S (2009) Virusmeter: preventing your cellphone from spies. In: International workshop on recent advances in intrusion detection, pp 244\u2013264. Springer","DOI":"10.1007\/978-3-642-04342-0_13"},{"key":"74_CR40","doi-asserted-by":"crossref","unstructured":"Liu Y, Wei L, Zhou Z, Zhang K, Xu W, Xu Q (2016) On code execution tracking via power side-channel. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp 1019\u20131031. ACM","DOI":"10.1145\/2976749.2978299"},{"key":"74_CR41","unstructured":"Malhotra P, Vig L, Shroff G, Agarwal P (2015) Long short term memory networks for anomaly detection in time series. In: Proceedings, p. 89. Presses universitaires de Louvain"},{"key":"74_CR42","unstructured":"McMillan R (2010) Siemens: stuxnet worm hit industrial systems. Computerworld, 14"},{"key":"74_CR43","unstructured":"Nair V, Hinton G (2010) Rectified linear units improve restricted Boltzmann machines. In: Proceedings of the 27th international conference on machine learning (ICML-10), pp 807\u2013814"},{"key":"74_CR44","unstructured":"Nakashima E, Mufson S (2008) Hackers have attacked foreign utilities, CIA analyst says. Washington Post"},{"key":"74_CR45","doi-asserted-by":"crossref","unstructured":"Nazari A, Sehatbakhsh N, Alam M, Zajic A, Prvulovic M (2017) Eddie: Em-based detection of deviations in program execution. In: 2017 ACM\/IEEE 44th annual international symposium on computer architecture (ISCA), pp 333\u2013346. IEEE","DOI":"10.1145\/3079856.3080223"},{"key":"74_CR46","unstructured":"Newsome J, Song DX (2005) Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software"},{"issue":"11","key":"74_CR47","doi-asserted-by":"publisher","first-page":"3332","DOI":"10.1109\/TC.2016.2540634","volume":"65","author":"M Ozsoy","year":"2016","unstructured":"Ozsoy M, Khasawneh KN, Donovick C, Gorelik I, Abu-Ghazaleh NB, Ponomarev D (2016) Hardware-based malware detection using low-level architectural features. IEEE Trans Comput 65(11):3332\u20133344","journal-title":"IEEE Trans Comput"},{"key":"74_CR48","unstructured":"Richards R (2016) High-assurance cyber military systems (HACMS). DARPA, mil"},{"key":"74_CR49","unstructured":"Rothermel G, Elbaum S, Kinneer A, Do H (2006) Software-artifact infrastructure repository. URL \nhttp:\/\/sir.unl.edu\/portal"},{"issue":"6088","key":"74_CR50","doi-asserted-by":"publisher","first-page":"533","DOI":"10.1038\/323533a0","volume":"323","author":"DE Rumelhart","year":"1986","unstructured":"Rumelhart DE, Hinton G, Williams RJ (1986) Learning representations by back-propagating errors. Nature 323(6088):533","journal-title":"Nature"},{"issue":"4","key":"74_CR51","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1145\/2667218","volume":"58","author":"J Sametinger","year":"2015","unstructured":"Sametinger J, Rozenblit J, Lysecky R, Ott P (2015) Security challenges for medical devices. Commun ACM 58(4):74\u201382","journal-title":"Commun ACM"},{"key":"74_CR52","doi-asserted-by":"publisher","unstructured":"Sehatbakhsh N, Alam M, Nazari A, Zajic A, Prvulovic M (2018) Syndrome: spectral analysis for anomaly detection on medical IoT and embedded devices. In: 2018 IEEE international symposium on hardware oriented security and trust (HOST), pp 1\u20138. \nhttps:\/\/doi.org\/10.1109\/HST.2018.8383884","DOI":"10.1109\/HST.2018.8383884"},{"key":"74_CR53","doi-asserted-by":"crossref","unstructured":"Sehatbakhsh N, Nazari A, Zajic A, Prvulovic M (2016) Spectral profiling: observer-effect-free profiling by monitoring EM emanations. In: The 49th annual IEEE\/ACM international symposium on microarchitecture, p. 59. IEEE Press","DOI":"10.1109\/MICRO.2016.7783762"},{"issue":"14","key":"74_CR54","doi-asserted-by":"publisher","first-page":"5501","DOI":"10.1016\/j.eswa.2013.04.013","volume":"40","author":"JL Ticknor","year":"2013","unstructured":"Ticknor JL (2013) A Bayesian regularized artificial neural network for stock market forecasting. Expert Systems with Applications 40(14):5501\u20135506","journal-title":"Expert Systems with Applications"},{"key":"74_CR55","doi-asserted-by":"crossref","unstructured":"Wang X, Zhou Q, Harer J, Brown G, Qiu S, Dou Z, Wang J, Hinton A, Gonzalez CA, Chin P (2018) Deep learning-based classification and anomaly detection of side-channel signals. In: Cyber Sensing 2018, vol 10630, pp 1063006. International Society for Optics and Photonics","DOI":"10.1117\/12.2311329"},{"issue":"9","key":"74_CR56","doi-asserted-by":"publisher","first-page":"e107216","DOI":"10.1371\/journal.pone.0107216","volume":"9","author":"Bas Wijnen","year":"2014","unstructured":"Wijnen B, Hunt EJ, Anzalone GC, Pearce JM (2014) Open-source syringe pump library, vol 9, p e107216","journal-title":"PLoS ONE"},{"issue":"4","key":"74_CR57","doi-asserted-by":"publisher","first-page":"885","DOI":"10.1109\/TEMC.2014.2300139","volume":"56","author":"A Zajic","year":"2014","unstructured":"Zajic A, Prvulovic M (2014) Experimental demonstration of electromagnetic information leakage from modern processor-memory systems. IEEE Trans Electromagn Compat 56(4):885\u2013893","journal-title":"IEEE Trans Electromagn Compat"},{"key":"74_CR58","doi-asserted-by":"crossref","unstructured":"Zeiler MD, Ranzato M, Monga R, Mao M, Yang K, Le QV, Nguyen P, Senior A, Vanhoucke V, Dean J et al (2013) On rectified linear units for speech processing. In: 2013 IEEE international conference on acoustics, speech and signal processing (ICASSP), pp 3517\u20133521. IEEE","DOI":"10.1109\/ICASSP.2013.6638312"}],"container-title":["Journal of Hardware and Systems Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s41635-019-00074-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s41635-019-00074-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s41635-019-00074-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,8,20]],"date-time":"2020-08-20T23:22:15Z","timestamp":1597965735000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s41635-019-00074-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,8,22]]},"references-count":58,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,12]]}},"alternative-id":["74"],"URL":"https:\/\/doi.org\/10.1007\/s41635-019-00074-w","relation":{},"ISSN":["2509-3428","2509-3436"],"issn-type":[{"value":"2509-3428","type":"print"},{"value":"2509-3436","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,8,22]]},"assertion":[{"value":"28 February 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 July 2019","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 August 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}