{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T08:10:13Z","timestamp":1772007013286,"version":"3.50.1"},"reference-count":45,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1942793,CNS-2211576"],"award-info":[{"award-number":["CNS-1942793,CNS-2211576"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,12,8]]},"DOI":"10.1109\/acsac67867.2025.00072","type":"proceedings-article","created":{"date-parts":[[2026,2,24]],"date-time":"2026-02-24T20:54:58Z","timestamp":1771966498000},"page":"845-857","source":"Crossref","is-referenced-by-count":0,"title":["Zeus-IoT: Comprehensive Code Signing to Prevent IoT Device Weaponization"],"prefix":"10.1109","author":[{"given":"Alireza","family":"Roshandel","sequence":"first","affiliation":[{"name":"Boston University,Boston,USA"}]},{"given":"Manuel","family":"Egele","sequence":"additional","affiliation":[{"name":"Boston University,Boston,USA"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Statista","volume-title":"IoT connections worldwide"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.5555\/3241189.3241275"},{"key":"ref3","volume-title":"Krebsonsecurity hit with record ddos","author":"Krebs"},{"key":"ref4","volume-title":"Ddos attack that disrupted the internet was largest of its kind in history","author":"Hern"},{"key":"ref5","volume-title":"You had me at hi - mirai-based noabot makes an appearance","author":"Akami"},{"key":"ref6","volume-title":"Miner Documentation","author":"XMRig"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329847"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329857"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2013.13"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/1127345.1127348"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.54"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.3233\/jcs-980109"},{"key":"ref15","article-title":"Automating mimicry attacks using static binary analysis","volume-title":"In Proceedings of the USENIX Security Symposium, 2005","author":"Kruegel"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-011-0157-5"},{"key":"ref17","article-title":"Cyberogism","volume-title":"Top iot programming languages for your iot project"},{"key":"ref18","volume-title":"The programming language lua","author":"DeepSeaDev"},{"key":"ref19","volume-title":"Mitre att&ck t1055.008 process injection: Ptrace system calls","author":"Security"},{"key":"ref20","volume-title":"Ld_preload: How to run code at load time","author":"Ideas"},{"key":"ref21","volume-title":"Linux based inter-process code injection without ptrace(2)","author":"Labs"},{"key":"ref22","volume-title":"The definitive guide to linux process injection","author":"David"},{"key":"ref23","volume-title":"Process injection","author":"ATT&CK"},{"key":"ref24","volume-title":"musl libc"},{"key":"ref25","volume-title":"Gnu c library"},{"key":"ref26","volume-title":"Openwrt project"},{"key":"ref27","volume-title":"The restricted shell"},{"key":"ref28","article-title":"arget13","volume-title":"DDexec"},{"key":"ref29","article-title":"SEKTOR7","volume-title":"Pure In-Memory (Shell)Code Injection in Linux User-land"},{"key":"ref30","article-title":"The circle of life: A Large-Scale study of the IoT malware lifecycle","volume-title":"In Proceedings of the USENIX Security Symposium, 2021","author":"Alrawi"},{"key":"ref31","volume-title":"Malwarebazaar","author":"Abuse"},{"key":"ref32","volume-title":"ab - apache http server benchmarking tool","author":"Foundation"},{"key":"ref33","article-title":"Imperva","volume-title":"What is LOIC - Low Orbit Ion Cannon I DDoS Tools |Imperva"},{"key":"ref34","article-title":"Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks","volume-title":"Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7","author":"Cowan"},{"key":"ref35","article-title":"Design and implementation of a tcg-based integrity measurement architecture","volume-title":"Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13","author":"Sailer"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030125"},{"key":"ref37","volume-title":"Integrity measurement architecture(ima)","author":"Zohar","year":"2018"},{"key":"ref38","volume-title":"An overview of the linux integrity subsystem","author":"Zohar","year":"2010"},{"key":"ref39","volume-title":"How to use the linux kernel\u2019s integrity measurement architecture","author":"Sidhpurwala","year":"2020"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407058"},{"key":"ref41","volume-title":"Code signing services","author":"Inc"},{"key":"ref42","article-title":"Microsoft","volume-title":"Microsoft defender smartscreen overview"},{"key":"ref43","article-title":"Microsoft Corporation","volume-title":"Driver signing policy - windows drivers"},{"key":"ref44","volume-title":"Kernel module signing facility","author":"Kernel Organization"},{"key":"ref45","doi-asserted-by":"crossref","DOI":"10.1145\/3054977.3054999","article-title":"Learning execution contexts from system call distribution for anomaly detection in smart embedded system","volume-title":"Proceedings of the Second International Conference on Internet-of- Things Design and Implementation","author":"Yoon"}],"event":{"name":"2025 IEEE Annual Computer Security Applications Conference (ACSAC)","location":"Honolulu, HI, USA","start":{"date-parts":[[2025,12,8]]},"end":{"date-parts":[[2025,12,12]]}},"container-title":["2025 IEEE Annual Computer Security Applications Conference (ACSAC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11391636\/11391706\/11391869.pdf?arnumber=11391869","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T07:19:22Z","timestamp":1772003962000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11391869\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,8]]},"references-count":45,"URL":"https:\/\/doi.org\/10.1109\/acsac67867.2025.00072","relation":{},"subject":[],"published":{"date-parts":[[2025,12,8]]}}}