{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T22:59:18Z","timestamp":1773874758257,"version":"3.50.1"},"reference-count":31,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,5]]},"DOI":"10.1109\/cns.2018.8433203","type":"proceedings-article","created":{"date-parts":[[2018,8,13]],"date-time":"2018-08-13T22:09:06Z","timestamp":1534198146000},"page":"1-9","source":"Crossref","is-referenced-by-count":58,"title":["Efficient Signature Generation for Classifying Cross-Architecture IoT Malware"],"prefix":"10.1109","author":[{"given":"Mohannad","family":"Alhanahnah","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qicheng","family":"Lin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qiben","family":"Yan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ning","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhenxiang","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref31","first-page":"144","article-title":"Firma: Malware clustering and network signature generation with mixed network behaviors","author":"rafique","year":"2013","journal-title":"Proc of RAID"},{"key":"ref30","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-319-58469-0_16","article-title":"Towards Automated Classification of Firmware Images and Identification of Embedded Devices","author":"costin","year":"2017","journal-title":"32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC)"},{"key":"ref10","year":"0","journal-title":"Bindiff manual"},{"key":"ref11","article-title":"IoTPOT: Analysing the rise of IoT compromises","author":"pa pa","year":"2015","journal-title":"9th USENIX Workshop on Offensive Technologies (WOOT 15)"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.49"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/2950290.2950350"},{"key":"ref14","year":"2014","journal-title":"Google's VirusTotal puts Linux malware under the spotlight"},{"key":"ref15","year":"0","journal-title":"IDA"},{"key":"ref16","author":"jain","year":"1988","journal-title":"Algorithms for clustering data"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2430553.2430557"},{"key":"ref18","author":"segaran","year":"2007","journal-title":"Programming collective intelligence"},{"key":"ref19","year":"0","journal-title":"Welcome to YARA&#x2019;s documentation"},{"key":"ref28","first-page":"187","article-title":"Mutantx-s: Scalable malware clustering based on static features","author":"hu","year":"2013","journal-title":"USENIX Annual Technical Conference"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2014.11.008"},{"key":"ref27","first-page":"35","article-title":"Idea: Opcode-sequence-based malware detection","author":"santos","year":"2010","journal-title":"Engineering Secure Software and Systems Second International Symposium ESSoS 2010"},{"key":"ref3","author":"herzberg","year":"2017","journal-title":"Breaking Down Mirai An IoT DDoS Botnet Analysis"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2487575.2488219"},{"key":"ref5","first-page":"21","article-title":"discovRE: Efficient Cross-Architecture Identification of Bugs in Binary Code","author":"eschweiler","year":"2016","journal-title":"Proc of NDSS"},{"key":"ref8","article-title":"Structural comparison of executable objects","author":"flake","year":"2004","journal-title":"DIMVA 2004"},{"key":"ref7","first-page":"95","article-title":"A large-scale analysis of the security of embedded firmwares","author":"costin","year":"2014","journal-title":"Proc of USENIX Security"},{"key":"ref2","year":"2017","journal-title":"Amount of malware targeting smart devices more than doubled in 2017"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653736"},{"key":"ref1","year":"2017","journal-title":"Gartner Says 8 4 Billion Connected'Things' Will Be in Use in 2017 Up 31 Percent From 2016"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1186\/2190-8532-1-1"},{"key":"ref22","article-title":"Behavioral clustering of http-based malware and signature generation using malicious network traces","author":"perdisci","year":"2010","journal-title":"Proc of NSDI"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2016.04.013"},{"key":"ref24","year":"0","journal-title":"QEMU-the FAST! Processor Emulator"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2014.10.031"},{"key":"ref26","first-page":"303","article-title":"Blanket execution: Dynamic similarity testing for program binaries and components","author":"egele","year":"2014","journal-title":"Proc of USENIX Security"},{"key":"ref25","first-page":"21","article-title":"Towards fully automated dynamic analysis for embedded firmware","author":"chen","year":"2016","journal-title":"Proc of NDSS"}],"event":{"name":"2018 IEEE Conference on Communications and Network Security (CNS)","location":"Beijing","start":{"date-parts":[[2018,5,30]]},"end":{"date-parts":[[2018,6,1]]}},"container-title":["2018 IEEE Conference on Communications and Network Security (CNS)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8410986\/8433121\/08433203.pdf?arnumber=8433203","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,26]],"date-time":"2022-01-26T13:16:38Z","timestamp":1643202998000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8433203\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,5]]},"references-count":31,"URL":"https:\/\/doi.org\/10.1109\/cns.2018.8433203","relation":{},"subject":[],"published":{"date-parts":[[2018,5]]}}}