{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T21:58:36Z","timestamp":1773957516806,"version":"3.50.1"},"reference-count":49,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T00:00:00Z","timestamp":1661990400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computer Communications"],"published-print":{"date-parts":[[2022,9]]},"DOI":"10.1016\/j.comcom.2022.06.033","type":"journal-article","created":{"date-parts":[[2022,6,29]],"date-time":"2022-06-29T21:51:53Z","timestamp":1656539513000},"page":"38-46","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":17,"special_numbering":"C","title":["Securing Internet of Things devices against code tampering attacks using Return Oriented Programming"],"prefix":"10.1016","volume":"193","author":[{"given":"Rajesh Kumar","family":"Shrivastava","sequence":"first","affiliation":[]},{"given":"Simar Preet","family":"Singh","sequence":"additional","affiliation":[]},{"given":"Mohammad Kamrul","family":"Hasan","sequence":"additional","affiliation":[]},{"family":"Gagandeep","sequence":"additional","affiliation":[]},{"given":"Shayla","family":"Islam","sequence":"additional","affiliation":[]},{"given":"Salwani","family":"Abdullah","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7337-6736","authenticated-orcid":false,"given":"Azana Hafizah Mohd","family":"Aman","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"issue":"15","key":"10.1016\/j.comcom.2022.06.033_b1","doi-asserted-by":"crossref","first-page":"2787","DOI":"10.1016\/j.comnet.2010.05.010","article-title":"The internet of things: A survey","volume":"54","author":"Luigi","year":"2010","journal-title":"Comput. Netw."},{"key":"10.1016\/j.comcom.2022.06.033_b2","doi-asserted-by":"crossref","first-page":"14446","DOI":"10.1109\/ACCESS.2021.3052368","article-title":"An improved dynamic thermal current rating model for PMU-based wide area measurement framework for reliability analysis utilizing sensor cloud system","volume":"9","author":"Hasan","year":"2021","journal-title":"IEEE Access"},{"issue":"6","key":"10.1016\/j.comcom.2022.06.033_b3","doi-asserted-by":"crossref","first-page":"2087","DOI":"10.3390\/s22062087","article-title":"Applications of wireless sensor networks and internet of things frameworks in the industry revolution 4.0: A systematic literature review","volume":"22","author":"Majid","year":"2022","journal-title":"Sensors"},{"key":"10.1016\/j.comcom.2022.06.033_b4","series-title":"The 2018 Sans Industrial Iot Security Survey: Shaping Iiot Security Concerns","year":"2018"},{"key":"10.1016\/j.comcom.2022.06.033_b5","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1016\/j.jnca.2014.10.009","article-title":"Man-at-the-end attacks: Analysis, taxonomy, human aspects, motivation and future directions","volume":"48","author":"Akhunzada","year":"2015","journal-title":"J. Netw. Comput. Appl."},{"key":"10.1016\/j.comcom.2022.06.033_b6","series-title":"Proceedings of the 28th Annual Computer Security Applications Conference","first-page":"319","article-title":"Distributed application tamper detection via continuous software updates","author":"Christian","year":"2012"},{"key":"10.1016\/j.comcom.2022.06.033_b7","first-page":"175","article-title":"Routing algorithm in MANET","author":"Singh","year":"2014","journal-title":"International Journal of Engineering and Innovative Technology (IJEIT)"},{"key":"10.1016\/j.comcom.2022.06.033_b8","series-title":"International Conference on Network and System Security","first-page":"112","article-title":"Disarm: mitigating buffer overflow attacks on embedded devices","author":"Javid","year":"2015"},{"key":"10.1016\/j.comcom.2022.06.033_b9","series-title":"Services (SERVICES), 2015 IEEE World Congress on","first-page":"21","article-title":"Towards an analysis of security issues, challenges, and open problems in the internet of things","author":"Mahmud","year":"2015"},{"key":"10.1016\/j.comcom.2022.06.033_b10","series-title":"Emerging Research in Computing, Information, Communication and Applications","article-title":"Proposed protocol to enhance the performance of AOMDV routing protocol under flooding attack in different propagation models","author":"Waraich","year":"2016"},{"issue":"1","key":"10.1016\/j.comcom.2022.06.033_b11","first-page":"4","article-title":"Control-flow integrity principles, implementations, and applications","volume":"13","author":"Martin","year":"2009","journal-title":"ACM Trans. Inf. Syst. Secur."},{"issue":"7","key":"10.1016\/j.comcom.2022.06.033_b12","first-page":"1358","article-title":"Control flow integrity based on lightweight encryption architecture","volume":"37","author":"Pengfei","year":"2017","journal-title":"IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst."},{"key":"10.1016\/j.comcom.2022.06.033_b13","series-title":"ITASEC","article-title":"Towards the hypervision of hardware-based control flow integrity for arm platforms","author":"Giulia","year":"2019"},{"key":"10.1016\/j.comcom.2022.06.033_b14","series-title":"Concurrency and Computation: Practice and Experience","first-page":"e5913","article-title":"Leveraging energy-efficient load balancing algorithms in fog computing","author":"Singh","year":"2020"},{"key":"10.1016\/j.comcom.2022.06.033_b15","series-title":"International Conference on Information Systems Security","first-page":"156","article-title":"Valueguard: Protection of native applications against data-only buffer overflows","author":"Acker","year":"2010"},{"key":"10.1016\/j.comcom.2022.06.033_b16","series-title":"2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC)","first-page":"2617","article-title":"A control flow integrity checking technique based on hardware support","author":"Yang","year":"2018"},{"key":"10.1016\/j.comcom.2022.06.033_b17","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1016\/j.comcom.2020.09.005","article-title":"Designing of fog based FBCMI2E model using machine learning approaches for intelligent communication systems","volume":"163","author":"Singh","year":"2020","journal-title":"Comput. Commun."},{"key":"10.1016\/j.comcom.2022.06.033_b18","series-title":"Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security","first-page":"299","article-title":"Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and arm","author":"Vincenzo","year":"2013"},{"key":"10.1016\/j.comcom.2022.06.033_b19","series-title":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","first-page":"368","article-title":"Prefetch side-channel attacks: Bypassing smap and kernel aslr","author":"Daniel","year":"2016"},{"key":"10.1016\/j.comcom.2022.06.033_b20","series-title":"2013 IEEE Symposium on Security and Privacy","first-page":"191","article-title":"Practical timing side channel attacks against kernel space aslr","author":"Ralf","year":"2013"},{"key":"10.1016\/j.comcom.2022.06.033_b21","doi-asserted-by":"crossref","first-page":"47731","DOI":"10.1109\/ACCESS.2021.3061710","article-title":"Lightweight encryption technique to enhance medical image security on internet of medical things applications","volume":"9","author":"Hasan","year":"2021","journal-title":"IEEE Access"},{"key":"10.1016\/j.comcom.2022.06.033_b22","doi-asserted-by":"crossref","first-page":"27","DOI":"10.2306\/scienceasia1513-1874.2017.43S.027","article-title":"Novel multihoming-based flow mobility scheme for proxy NEMO environment: A numerical approach to analyse handoff performance","volume":"43","author":"Islam","year":"2017","journal-title":"ScienceAsia"},{"key":"10.1016\/j.comcom.2022.06.033_b23","series-title":"Return-Oriented Programming Without Returns on Arm","author":"Lucas","year":"2010"},{"key":"10.1016\/j.comcom.2022.06.033_b24","series-title":"2017 IEEE Trustcom\/BigDataSE\/ICESS","first-page":"823","article-title":"Return-oriented programming on a cortex-m processor","author":"Weidler","year":"2017"},{"key":"10.1016\/j.comcom.2022.06.033_b25","unstructured":"Baumgartner Kurt, The rop pack, in: Proceedings of the 20th Virus Bulletin International Conference (VB), 2010."},{"issue":"1","key":"10.1016\/j.comcom.2022.06.033_b26","first-page":"2","article-title":"Understanding integer overflow in c\/c++","volume":"25","author":"Will","year":"2015","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"key":"10.1016\/j.comcom.2022.06.033_b27","series-title":"2017 5th International Conference on Information and Communication Technology (ICoIC7)","first-page":"1","article-title":"Protection against code exploitation using rop and check-summing in iot environment","author":"Rajesh","year":"2017"},{"issue":"2","key":"10.1016\/j.comcom.2022.06.033_b28","doi-asserted-by":"crossref","first-page":"67","DOI":"10.5755\/j01.eie.25.2.23209","article-title":"Phase offset analysis of asymmetric communications infrastructure in smart grid","volume":"25","author":"Hasan","year":"2019","journal-title":"Elektron. Elektrotech."},{"key":"10.1016\/j.comcom.2022.06.033_b29","series-title":"Proceedings of the 27th Annual Computer Security Applications Conference","first-page":"41","article-title":"Ripe: runtime intrusion prevention evaluator","author":"John","year":"2011"},{"key":"10.1016\/j.comcom.2022.06.033_b30","series-title":"2019 25th Asia-Pacific Conference on Communications (APCC)","first-page":"238","article-title":"Code tamper-proofing using dynamic canaries","author":"Kumar","year":"2019"},{"key":"10.1016\/j.comcom.2022.06.033_b31","series-title":"2014 IEEE Symposium on Security and Privacy","first-page":"227","article-title":"Hacking blind","author":"Andrea","year":"2014"},{"key":"10.1016\/j.comcom.2022.06.033_b32","series-title":"2015 45th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks","first-page":"125","article-title":"Parallax: Implicit code integrity verification using return-oriented programming","author":"Dennis","year":"2015"},{"key":"10.1016\/j.comcom.2022.06.033_b33","series-title":"2014 IEEE Symposium on Security and Privacy","first-page":"292","article-title":"Kcofi: Complete control-flow integrity for commodity operating system kernels","author":"John","year":"2014"},{"key":"10.1016\/j.comcom.2022.06.033_b34","doi-asserted-by":"crossref","unstructured":"J.E. Moreira, D. Chatterjee, K. Ekanadham, A. Flores, Return-oriented programming protection in the IBM POWER10, in: Proceedings of the 19th ACM International Conference on Computing Frontiers, 2022, pp. 173\u2013176.","DOI":"10.1145\/3528416.3530245"},{"key":"10.1016\/j.comcom.2022.06.033_b35","series-title":"31st Euromicro Conference on Real-Time Systems (ECRTS 2019)","article-title":"Control-flow integrity for real-time embedded systems","author":"Walls","year":"2019"},{"key":"10.1016\/j.comcom.2022.06.033_b36","series-title":"2019 IEEE Conference on Dependable and Secure Computing (DSC)","first-page":"1","article-title":"Microguard: Securing bare-metal microcontrollers against code-reuse attacks","author":"Majid","year":"2019"},{"key":"10.1016\/j.comcom.2022.06.033_b37","doi-asserted-by":"crossref","first-page":"186517","DOI":"10.1109\/ACCESS.2019.2961416","article-title":"Actimon: Unified jop and rop detection with active function lists on an soc fpga","volume":"7","author":"Hyunyoung","year":"2019","journal-title":"IEEE Access"},{"issue":"3","key":"10.1016\/j.comcom.2022.06.033_b38","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3448614","article-title":"Sustainable security for the internet of things using artificial intelligence architectures","volume":"21","author":"Iwendi","year":"2021","journal-title":"ACM Trans. Internet Technol. (TOIT)"},{"key":"10.1016\/j.comcom.2022.06.033_b39","series-title":"24th {USENIX} Security Symposium ({USENIX} Security 15)","first-page":"161","article-title":"Control-flow bending: On the effectiveness of control-flow integrity","author":"Nicholas","year":"2015"},{"key":"10.1016\/j.comcom.2022.06.033_b40","article-title":"Profile-guided code identification and hardening using return oriented programming","volume":"48","author":"Kumar","year":"2019","journal-title":"J. Inf. Secur. Appl."},{"key":"10.1016\/j.comcom.2022.06.033_b41","series-title":"Proceedings of the 27th Annual Computer Security Applications Conference","first-page":"353","article-title":"Mitigating code-reuse attacks with control-flow locking","author":"Tyler","year":"2011"},{"key":"10.1016\/j.comcom.2022.06.033_b42","series-title":"2010 IEEE Symposium on Security and Privacy","first-page":"380","article-title":"Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity","author":"Zhi","year":"2010"},{"key":"10.1016\/j.comcom.2022.06.033_b43","series-title":"2013 IEEE Symposium on Security and Privacy","first-page":"559","article-title":"Practical control flow integrity and randomization for binary executables","author":"Chao","year":"2013"},{"key":"10.1016\/j.comcom.2022.06.033_b44","series-title":"International Conference on Secure Knowledge Management in Artificial Intelligence Era","first-page":"3","article-title":"Undertracker: Binary hardening through execution flow verification","author":"Rajesh","year":"2019"},{"key":"10.1016\/j.comcom.2022.06.033_b45","doi-asserted-by":"crossref","unstructured":"Bletsch Tyler, Xuxian Jiang, Vince\u00a0W. Freeh, Zhenkai Liang, Jump-oriented programming: a new class of code-reuse attack, in: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011, pp. 30\u201340.","DOI":"10.1145\/1966913.1966919"},{"key":"10.1016\/j.comcom.2022.06.033_b46","series-title":"Security and Privacy, 2005 IEEE Symposium on","first-page":"127","article-title":"A generic attack on checksumming-based software tamper resistance","author":"Glenn","year":"2005"},{"key":"10.1016\/j.comcom.2022.06.033_b47","series-title":"NDSS","article-title":"Sanctuary: Arming trustzone with user-space enclaves","author":"Ferdinand","year":"2019"},{"key":"10.1016\/j.comcom.2022.06.033_b48","doi-asserted-by":"crossref","unstructured":"Callaghan Guillermo, Cosmin Gorgovan, Mikel Luj\u00e1n, Optimising dynamic binary modification across 64-bit arm microarchitectures, in: Proceedings of the 16th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments, 2020, pp. 185\u2013197.","DOI":"10.1145\/3381052.3381322"},{"key":"10.1016\/j.comcom.2022.06.033_b49","unstructured":"Keniston Jim, Ananth Mavinakayanahalli, Prasanna Panchamukhi, Vara Prasad, Ptrace, utrace, uprobes: Lightweight, dynamic tracing of user apps, in: Proceedings of the 2007 Linux symposium, 2007, pp. 215\u2013224."}],"container-title":["Computer Communications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0140366422002353?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0140366422002353?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T23:37:33Z","timestamp":1758843453000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0140366422002353"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,9]]},"references-count":49,"alternative-id":["S0140366422002353"],"URL":"https:\/\/doi.org\/10.1016\/j.comcom.2022.06.033","relation":{},"ISSN":["0140-3664"],"issn-type":[{"value":"0140-3664","type":"print"}],"subject":[],"published":{"date-parts":[[2022,9]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Securing Internet of Things devices against code tampering attacks using Return Oriented Programming","name":"articletitle","label":"Article Title"},{"value":"Computer Communications","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.comcom.2022.06.033","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2022 Elsevier B.V. All rights reserved.","name":"copyright","label":"Copyright"}]}}