{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,21]],"date-time":"2026-05-21T09:55:31Z","timestamp":1779357331313,"version":"3.51.4"},"reference-count":262,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"4","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Commun. Surv. Tutorials"],"published-print":{"date-parts":[[2018]]},"DOI":"10.1109\/comst.2018.2855563","type":"journal-article","created":{"date-parts":[[2018,7,12]],"date-time":"2018-07-12T18:50:32Z","timestamp":1531421432000},"page":"3453-3495","source":"Crossref","is-referenced-by-count":379,"title":["A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services"],"prefix":"10.1109","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7142-129X","authenticated-orcid":false,"given":"Ioannis","family":"Stellios","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8771-9020","authenticated-orcid":false,"given":"Panayiotis","family":"Kotzanikolaou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5359-619X","authenticated-orcid":false,"given":"Mihalis","family":"Psarakis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0545-3191","authenticated-orcid":false,"given":"Cristina","family":"Alcaraz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8066-9991","authenticated-orcid":false,"given":"Javier","family":"Lopez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref170","first-page":"929","article-title":"Lock it and still lose it—On the (in) security of automotive remote keyless entry systems","author":"garcia","year":"2016","journal-title":"Proc 25th Usenix Security Symp"},{"key":"ref172","first-page":"277","article-title":"Security analysis of urban railway systems: The need for a cyber-physical perspective","author":"chen","year":"2015","journal-title":"Proc Int Conf Comput Safety Rel Security"},{"key":"ref171","article-title":"The great train cyber robbery","author":"gordaychik","year":"0"},{"key":"ref174","first-page":"1","article-title":"Aircraft hacking: Practical aero series","author":"teso","year":"2013","journal-title":"Hack in the Box"},{"key":"ref173","first-page":"1","article-title":"Ghost is in the air (traffic)","author":"costin","year":"2012","journal-title":"Proc Black Hat USA"},{"key":"ref176","author":"santamarta","year":"2016","journal-title":"In Flight Hacking System (IOActive Research Labs)"},{"key":"ref175","doi-asserted-by":"publisher","DOI":"10.1109\/ICNSURV.2015.7121290"},{"key":"ref178","author":"ballano","year":"2017","journal-title":"AmosConnect Maritime Communications Security Has Its Flaws"},{"key":"ref177","first-page":"1","article-title":"Hey captain, where’s your ship? Attacking vessel tracking systems for fun and profit","author":"balduzzi","year":"2013","journal-title":"Proc Hack Box Security Conf Asia (HITB)"},{"key":"ref168","author":"reem","year":"2015","journal-title":"Chrysler Recalls 1 4 Million Cars After Remote Hacking of Jeep (CNBC)"},{"key":"ref169","author":"yadron","year":"2016","journal-title":"Tesla driver dies in first fatal crash while using autopilot mode"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/TETC.2016.2606384"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2459691"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2747942"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2014.08.001"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2388550"},{"key":"ref30","author":"stouffer","year":"2014","journal-title":"Guide to Industrial Control Systems (ICS) Security Revision 1"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2009.11.008"},{"key":"ref36","first-page":"58","article-title":"A survey: DDoS attack on Internet of Things","volume":"10","author":"sonar","year":"2014","journal-title":"Int J Eng Research & Development"},{"key":"ref35","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1016\/j.jnca.2016.03.006","article-title":"Secure routing for Internet of Things: A survey","volume":"66","author":"airehrour","year":"2016","journal-title":"J Netw Comput Appl"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/PERVASIVE.2015.7087034"},{"key":"ref181","author":"zetter","year":"2012","journal-title":"Hackers Breached Railway Network Disrupted Service (The Wired)"},{"key":"ref180","volume":"11","author":"leyden","year":"2008","journal-title":"Polish Teen Derails Tram after Hacking Train Network"},{"key":"ref185","author":"yunusov","year":"2015","journal-title":"Critical Vulnerabilities in 3G\/4G Modems or How to Build Big Brother"},{"key":"ref184","author":"kovaks","year":"2015","journal-title":"Trains Vulnerable to Hacker Attacks (Securityweek)"},{"key":"ref183","author":"chris","year":"2017","journal-title":"Cyber Attack Hits German Train Stations As Hackers Target Deutsche Bahn (The Telegraph)"},{"key":"ref182","author":"andrew","year":"2016","journal-title":"Hackers Are Holding San Francisco’s Light-Rail System for Ransom (The Verge)"},{"key":"ref189","author":"torbati","year":"2012","journal-title":"Iran’s Top Cargo Shipping Line Says Sanctions Damage Mounting (The Reuters)"},{"key":"ref188","author":"robinson","year":"2017","journal-title":"Terror Fears Over Hundreds of ‘Ghost Ships’ Turning Off Their Tracking Devices (The Dailymail)"},{"key":"ref187","author":"szary","year":"2015","journal-title":"Polish Airline Hit by Cyber Attack Says All Carriers Are At Risk (The Reuters)"},{"key":"ref186","author":"leyden","year":"2013","journal-title":"Airports’ Passport Controls SHUT DOWN by ‘Malware’ (The Register)"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.12.018"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2012.12.001"},{"key":"ref179","article-title":"Cyber-risks in maritime container ports: An analysis of threats and simulation of impacts","author":"beaumont","year":"2017"},{"key":"ref29","first-page":"1","article-title":"A survey of remote automotive attack surfaces","author":"miller","year":"2014","journal-title":"Proc Black Hat USA"},{"key":"ref20","author":"greene","year":"2016","journal-title":"How the Dyn DDoS Attack Unfolded"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.13"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1504\/IJCIS.2013.051606"},{"key":"ref24","first-page":"1","article-title":"Wireless sensor networks and the Internet of Things: Do we need a complete integration?","author":"alcaraz","year":"2010","journal-title":"Proceedings of the 1st International Workshop on the Security of the Internet of Things (SECIOT 2010)"},{"key":"ref23","first-page":"420","article-title":"Proposed security model and threat taxonomy for the Internet of Things (IoT)","author":"babar","year":"2010","journal-title":"Proc Int Conf Netw Secur Appl"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2380790.2380805"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2011.291"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2014.2320093"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1049\/iet-cps.2016.0019"},{"key":"ref154","author":"maurer","year":"2016","journal-title":"Autonomous Driving"},{"key":"ref153","doi-asserted-by":"publisher","DOI":"10.1109\/MCI.2016.2601758"},{"key":"ref156","doi-asserted-by":"publisher","DOI":"10.1109\/MVT.2009.934665"},{"key":"ref155","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2013.02.036"},{"key":"ref150","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2017.1600257"},{"key":"ref152","doi-asserted-by":"publisher","DOI":"10.1109\/ICTON.2016.7550335"},{"key":"ref151","year":"2017","journal-title":"CANdo Can Bus Analyzer"},{"key":"ref146","author":"munro","year":"2016","journal-title":"Hacking the Mitsubishi Outlander PHEV Hybrid"},{"key":"ref147","author":"mearian","year":"2015","journal-title":"With 15 Dollars in Radio Shack Parts 14-Year-Old Hacks a Car"},{"key":"ref148","doi-asserted-by":"publisher","DOI":"10.1109\/MVT.2009.935537"},{"key":"ref149","doi-asserted-by":"publisher","DOI":"10.1109\/2.976923"},{"key":"ref59","article-title":"Adventures in automotive networks and control units","author":"miller","year":"2014"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2747946"},{"key":"ref57","article-title":"Securing hospitals: A research study and blueprint","year":"2016"},{"key":"ref56","first-page":"1","article-title":"Remote exploitation of an unaltered passenger vehicle","author":"miller","year":"2015","journal-title":"Proc Black Hat USA"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-011-0385-5"},{"key":"ref54","doi-asserted-by":"crossref","first-page":"137","DOI":"10.4018\/978-1-5225-1829-7.ch008","article-title":"Secure interoperability in cyber-physical systems","author":"alcaraz","year":"2017","journal-title":"Security Solutions and Applied Cryptography in Smart Grid Communications"},{"key":"ref53","article-title":"Cyber security and resilience of intelligent public transport: Good practices and recommendations","author":"levy-bencheton","year":"2015"},{"key":"ref52","article-title":"Guidelines for smart grid cybersecurity volume 1—Smart grid cybersecurity strategy, architecture, and high-level requirements, revision 1","year":"2014"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/MWC.2017.1600421"},{"key":"ref167","author":"greenberg","year":"2015","journal-title":"Hackers remotely kill a jeep on the highway—with me in it"},{"key":"ref166","first-page":"77","article-title":"Comprehensive experimental analyses of automotive attack surfaces","author":"checkoway","year":"2011","journal-title":"Proc Usenix Security Symp"},{"key":"ref165","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.34"},{"key":"ref164","first-page":"7","article-title":"Green lights forever: Analyzing the security of traffic infrastructure","volume":"14","author":"ghena","year":"2014","journal-title":"Proc WOOT"},{"key":"ref163","article-title":"Hacking U.S. traffic control systems","author":"cerrudo","year":"0"},{"key":"ref162","doi-asserted-by":"publisher","DOI":"10.1017\/S0373463304002668"},{"key":"ref161","first-page":"149","article-title":"Electronic chart display and information systems (ECDIS): State-of-the-art in nautical charting","author":"ward","year":"2000","journal-title":"Marine and Coastal Geographical Information Systems"},{"key":"ref160","doi-asserted-by":"publisher","DOI":"10.1109\/5.871302"},{"key":"ref4","author":"lewis","year":"2014","journal-title":"Critical Infrastructure protection In Homeland Security Defending a Networked Nation"},{"key":"ref3","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1016\/j.ijcip.2014.12.002","article-title":"Critical infrastructure protection: Requirements and challenges for the 21st century","volume":"8","author":"alcaraz","year":"2015","journal-title":"Critical Infrastructure Protection IV"},{"key":"ref6","year":"2017","journal-title":"European European Union Agency for Network and Information Security"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2013.69"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/JSYST.2015.2487684"},{"key":"ref159","article-title":"Secure aircraft communications addressing and reporting system (ACARS)","author":"roy","year":"2004"},{"key":"ref7","year":"2017","journal-title":"Industrial Control Systems Cyber Emergency Response Team"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.12720\/jcm.8.8.473-479"},{"key":"ref157","doi-asserted-by":"publisher","DOI":"10.1109\/MCAS.2010.936782"},{"key":"ref9","author":"lee","year":"2016","journal-title":"Analysis of the Cyber Attack on the Ukrainian Power Grid"},{"key":"ref158","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2014.6815901"},{"key":"ref46","first-page":"1","author":"nixon","year":"2012","journal-title":"A Comparison of WirelessHART and ISA100 11a"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/1460412.1460462"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2012.010912.00035"},{"key":"ref47","volume":"43","author":"shelby","year":"2011","journal-title":"6LoWPAN The Wireless Embedded Internet"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2012.29"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2017.09.003"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2011.01.009"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.17487\/rfc4919"},{"key":"ref73","author":"boyer","year":"2009","journal-title":"SCADA Supervisory Control and Data Acquisition"},{"key":"ref72","article-title":"Rogue robots: Testing the limits of an industrial robot’s security","author":"maggi","year":"2017"},{"key":"ref71","article-title":"The hunt for IoT: The rise of thingbots","author":"boddy","year":"2017"},{"key":"ref70","first-page":"1","article-title":"Hacking medical devices for fun and insulin: Breaking the human SCADA system","author":"radcliffe","year":"2011","journal-title":"Proc Black Hat Conf"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2009.10.001"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2006.03.001"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1109\/iThings\/CPSCom.2011.34"},{"key":"ref75","first-page":"1","article-title":"Survey of SCADA security challenges and potential attack vectors","author":"johnson","year":"2010","journal-title":"Proc Int Conf Internet Technol Secured Trans (ICITST)"},{"key":"ref78","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1007\/978-3-642-28920-0_7","article-title":"Security aspects of SCADA and DCS environments","author":"alcaraz","year":"2012","journal-title":"Critical Infrastructure Protection"},{"key":"ref79","first-page":"160","article-title":"SCADA systems: Vulnerabilities and remediation","volume":"20","author":"fernandez","year":"2005","journal-title":"J Comput Sci Colleges"},{"key":"ref60","author":"eden","year":"2016","journal-title":"The Absolute Horror of WiFi Light Switches"},{"key":"ref62","author":"formby","year":"2017","journal-title":"Out of Control Ransomware for Industrial Control Systems"},{"key":"ref61","first-page":"1","article-title":"PLC-blaster: A worm living solely in the PLC","author":"spenneberg","year":"2016","journal-title":"Proc Black Hat Asia Marina Bay Sands Singapore"},{"key":"ref63","author":"fisher","year":"2016","journal-title":"What’s on TV Tonight? Ransomware"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.3403\/9780580821653"},{"key":"ref65","article-title":"ISO\/IEC 27005:2011 Information technology—Security techniques—Information security risk management","year":"2005"},{"key":"ref66","author":"ross","year":"2012","journal-title":"Guide for Conducting Risk Assessments"},{"key":"ref67","author":"bowen","year":"2007","journal-title":"Information Security Handbook A Guide for Managers"},{"key":"ref68","year":"2004"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2010.02.003"},{"key":"ref197","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991094"},{"key":"ref198","author":"fox-brewster","year":"2017","journal-title":"Medical Devices Hit by Ransomware for the First Time in U S Hospitals (Forbes)"},{"key":"ref199","article-title":"Security evaluation of the implantable cardiac device ecosystem architecture and implementation interdependencies","author":"billy","year":"2017"},{"key":"ref193","doi-asserted-by":"publisher","DOI":"10.1109\/MMM.2015.2394021"},{"key":"ref194","doi-asserted-by":"publisher","DOI":"10.1155\/2014\/981295"},{"key":"ref195","doi-asserted-by":"publisher","DOI":"10.1111\/j.1540-8159.2004.00524.x"},{"key":"ref196","doi-asserted-by":"publisher","DOI":"10.1111\/dom.12663"},{"key":"ref95","author":"keyhani","year":"2012","journal-title":"Smart Power Grids"},{"key":"ref94","first-page":"342","article-title":"DDoS tools: Classification, analysis and comparison","author":"nagpal","year":"2015","journal-title":"Proc IEEE 2nd Int Conf Comput Sustain Glob Develop (INDIACom)"},{"key":"ref190","doi-asserted-by":"publisher","DOI":"10.1109\/IISA.2015.7388071"},{"key":"ref93","author":"kyle","year":"2015","journal-title":"The GasPot Experiment Unexamined Perils in Using Gas-Tank-Monitoring Systems"},{"key":"ref191","author":"munro","year":"2017","journal-title":"OSINT From Ship Satcoms"},{"key":"ref92","author":"beyah","year":"2017","journal-title":"Simulated Attack Shows ICS Weakness (A New Form of Ransomware to Take Over Control of a Simulated Water Treatment Plant)"},{"key":"ref192","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2015.2437951"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.20"},{"key":"ref90","author":"jon","year":"2015","journal-title":"The Internet of Gas Station Tank Gauges"},{"key":"ref98","first-page":"6","article-title":"Advanced metering infrastructure","volume":"3","author":"wenpeng","year":"2009","journal-title":"South Power Syst Technol"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2011.2166794"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1002\/9781118156117"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1109\/MPE.2009.934876"},{"key":"ref82","author":"falliere","year":"2011","journal-title":"W32 stuxnet Dossier"},{"key":"ref81","first-page":"1","article-title":"Unraveling SCADA protocols: Using Sulley fuzzer","author":"devarajan","year":"2007","journal-title":"Proc Defon 15 Hacking Conf"},{"key":"ref84","first-page":"54","article-title":"Targeted cyberattacks: A superset of advanced persistent threats","volume":"11","author":"sood","year":"2013","journal-title":"IEEE Security Privacy"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1109\/MSPEC.2013.6471059"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1109\/HSI.2010.5514494"},{"key":"ref89","author":"moore","year":"2015","journal-title":"The Internet of Gas Station Tank Gauges"},{"key":"ref85","author":"wilhoit","year":"2013","journal-title":"The SCADA That Didn't Cry Wolf"},{"key":"ref86","author":"wichers","year":"2013","journal-title":"OWASP Top-10 2013"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRD.2008.2002942"},{"key":"ref88","author":"matherly","year":"2017","journal-title":"Complete Guide to Shodan"},{"key":"ref200","year":"2017","journal-title":"Firmware Update to Address Cybersecurity Vulnerabilities Identified in Abbott’s (Formerly St Jude Medical’s) Implantable Cardiac Pacemakers"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2016.2518628"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1016\/j.rser.2014.03.031"},{"key":"ref209","author":"gayle","year":"2017","journal-title":"NHS Seeks to Recover From Global Cyber-Attack as Security Concerns Resurface"},{"key":"ref203","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2015.82"},{"key":"ref204","author":"zetter","year":"2015","journal-title":"Hecker Can Send Fatal Dose to Hospital Drug Pumps"},{"key":"ref201","doi-asserted-by":"publisher","DOI":"10.1145\/2043164.2018438"},{"key":"ref202","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-1674-6_8"},{"key":"ref207","first-page":"129","article-title":"Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses","author":"halperin","year":"2008","journal-title":"Proc IEEE Symp Security and Privacy (S & P)"},{"key":"ref208","article-title":"Anatomy of attack: MEDJACK.2—Hospitals under siege","year":"2016"},{"key":"ref205","doi-asserted-by":"publisher","DOI":"10.1177\/1932296816677576"},{"key":"ref206","author":"kirk","year":"2012","journal-title":"Pacemaker Hack Can Deliver Deadly 830-Volt Jolt"},{"key":"ref211","author":"huang","year":"2011","journal-title":"PACS and Imaging Informatics Basic Principles and Applications"},{"key":"ref210","author":"kelly","year":"2016","journal-title":"Major Cyberattacks on Healthcare Grew 63% in 2016"},{"key":"ref212","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948190"},{"key":"ref213","doi-asserted-by":"publisher","DOI":"10.1097\/NCQ.0b013e3181e4e6dd"},{"key":"ref214","doi-asserted-by":"publisher","DOI":"10.1109\/ISGT-Asia.2014.6873860"},{"key":"ref215","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2010.5473869"},{"key":"ref216","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2016.08.008"},{"key":"ref217","doi-asserted-by":"publisher","DOI":"10.17487\/rfc4944"},{"key":"ref218","doi-asserted-by":"publisher","DOI":"10.1109\/MWC.2013.6590043"},{"key":"ref219","author":"colin","year":"2016","journal-title":"A lightbulb worm? Details of the Philips Hue smart lighting design"},{"key":"ref220","author":"barcena","year":"2015","journal-title":"Insecurity in the Internet of Things"},{"key":"ref222","first-page":"1","article-title":"Honey, I’m home!! Hacking Z-wave home automation systems","author":"fouladi","year":"2013","journal-title":"Black Hat"},{"key":"ref221","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2011.5720580"},{"key":"ref229","year":"2017","journal-title":"Vault 7 CIA Hacking Tools Revealed—CIA Malware Targets iPhone Android Smart TVS"},{"key":"ref228","first-page":"1","article-title":"Smart nest thermostat: A smart spy in your home","author":"hernandez","year":"2014","journal-title":"Proc Black Hat USA"},{"key":"ref227","author":"garrett","year":"2016","journal-title":"I Stayed in a Hotel With Android Lightswitches and It Was Just As Bad As You’d Imagine"},{"key":"ref226","author":"goodin","year":"2017","journal-title":"Leak of >1 700 Valid Passwords Could Make the IoT Mess Much Worse (Ars Technica)"},{"key":"ref225","first-page":"1313","article-title":"Key reinstallation attacks: Forcing nonce reuse in WPA2","author":"mathy","year":"2017","journal-title":"Proc ACM SIGSAC Conf Comput Commun Security"},{"key":"ref224","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.04.004"},{"key":"ref223","author":"lomas","year":"2015","journal-title":"Critical flaw ided in zigbee smart home devices"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2012.6194398"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSACW.2012.34"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/ISGT.2015.7131855"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2015.7417255"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2016.2569589"},{"key":"ref128","doi-asserted-by":"crossref","first-page":"1630","DOI":"10.1109\/TSG.2015.2495133","article-title":"A review of false data injection attacks against modern power systems","volume":"8","author":"liang","year":"2017","journal-title":"IEEE Trans Smart Grid"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1109\/CPRE.2011.6035612"},{"key":"ref133","author":"anton","year":"2017","journal-title":"Industroyer Biggest Threat to Industrial Control Systems Since Stuxnet"},{"key":"ref134","year":"2017","journal-title":"CrashOverride Analysis of the threat to electric grid operations"},{"key":"ref131","author":"greenberg","year":"2017","journal-title":"Hack Brief Hackers Targeted a Us Nuclear Plant (But Don’t Panic Yet)"},{"key":"ref132","author":"robert","year":"2016","journal-title":"BlackEnergy trojan strikes again Attacks Ukrainian electric power industry"},{"key":"ref232","author":"scheel","year":"2017","journal-title":"Smart TV Hacking (Oneconsult Talk At EBU Media Cyber Security Seminar)"},{"key":"ref233","article-title":"All your bulbs are belong to us: Investigating the current state of security in connected lighting systems","author":"morgner","year":"2016","journal-title":"arXiv preprint arXiv 1608 03732"},{"key":"ref230","first-page":"1","article-title":"Breaking BHAD: Abusing Belkin home automation devices","author":"tenaglia","year":"2016","journal-title":"Proc Black Hat Europe"},{"key":"ref231","author":"dhanjani","year":"2015","journal-title":"Abusing the Internet of Things Blackouts Freakouts and Stakeouts"},{"key":"ref239","first-page":"1","article-title":"On the security of the ZigBee light link touchlink commissioning procedure","author":"m\u00fcller","year":"2016","journal-title":"Proc Sicherheit"},{"key":"ref238","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48405-1_25"},{"key":"ref235","author":"nixon","year":"2016","journal-title":"An After-Action Analysis of the Mirai Botnet Attacks on Dyn"},{"key":"ref234","year":"2014","journal-title":"More than 750 000 phishing and spam emails launched from “thingbots” including televisions fridge"},{"key":"ref237","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-011-0006-y"},{"key":"ref236","doi-asserted-by":"publisher","DOI":"10.1109\/ICINIS.2011.18"},{"key":"ref136","year":"2012","journal-title":"FBI Smart Meter Hacks Likely to Spread"},{"key":"ref135","author":"anton","year":"2017","journal-title":"WIN32\/INDUSTROYER A new threat for industrial control systems"},{"key":"ref138","author":"thomas","year":"2015","journal-title":"Hundreds of Wind Turbines and Solar Systems Wide Open to Easy Exploits (Forbes)"},{"key":"ref137","author":"spring","year":"2016","journal-title":"Solar Power Firm Patches Meters Vulnerable to Command Injection Attacks"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.40"},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920277"},{"key":"ref141","article-title":"A risk-based optimization model for electric vehicle infrastructure response to cyber attacks","author":"mousavian","year":"0","journal-title":"IEEE Trans Smart Grid"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.1109\/MWC.2013.6704476"},{"key":"ref143","first-page":"1","article-title":"Remote attacks on automated vehicles sensors: Experiments on camera and LiDAR","volume":"11","author":"petit","year":"2015","journal-title":"Proc Black Hat Europe"},{"key":"ref2","doi-asserted-by":"crossref","first-page":"2233","DOI":"10.1109\/TII.2014.2300753","article-title":"Internet of Things in industries: A survey","volume":"10","author":"da xu","year":"2014","journal-title":"IEEE Trans Ind Informat"},{"key":"ref144","first-page":"1","article-title":"Can you trust autonomous vehicles: Contactless attacks against sensors of self-driving vehicle","author":"yan","year":"2016","journal-title":"Proceedings of the DEFCON"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2444095"},{"key":"ref145","author":"vallance","year":"2015","journal-title":"Car Hack Uses Digital-Radio Broadcasts to Seize Control"},{"key":"ref241","author":"cesar","year":"2017","journal-title":"Hacking Robots Before Skynet” IOActive"},{"key":"ref242","author":"owens","year":"2016","journal-title":"Stranger Hacks Family’s Baby Monitor and Talks to Child At Night"},{"key":"ref243","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2015.05.003"},{"key":"ref244","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-10-3770-2_31"},{"key":"ref240","author":"candid","year":"2015","journal-title":"How My TV Got Infected With Ransomware and What You Can Learn From It"},{"key":"ref248","doi-asserted-by":"publisher","DOI":"10.2200\/S00622ED1V01Y201412SPT012"},{"key":"ref247","doi-asserted-by":"publisher","DOI":"10.23919\/ICACT.2017.7890132"},{"key":"ref246","doi-asserted-by":"publisher","DOI":"10.1109\/HPCC-SmartCity-DSS.2016.0198"},{"key":"ref245","first-page":"274","article-title":"A survey on MANET security challenges, attacks and its countermeasures","volume":"3","author":"ponsam","year":"2014","journal-title":"Int J Emerg Trends Sci Technol"},{"key":"ref249","doi-asserted-by":"publisher","DOI":"10.1109\/PATMOS.2016.7833683"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2680463"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2016.2532347"},{"key":"ref107","doi-asserted-by":"crossref","first-page":"50","DOI":"10.4018\/978-1-5225-1829-7.ch003","article-title":"Denial of service attack on protocols for smart grid communications","author":"roy","year":"2017","journal-title":"Security Solutions and Applied Cryptography in Smart Grid Communications"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2016.319"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1109\/MWC.2016.1600039WC"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2017.2709784"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2016.2526615"},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRS.2016.2561296"},{"key":"ref111","article-title":"False data injection attacks in electricity markets by limited adversaries: Stochastic robustness","author":"tajer","year":"0","journal-title":"IEEE Trans Smart Grid"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781107239029"},{"key":"ref110","first-page":"4","article-title":"All your solar panels are belong to me","author":"fred","year":"0"},{"key":"ref250","author":"zimmer","year":"2015","journal-title":"Embedded Firmware Solutions Development Best Practices for the Internet of Things"},{"key":"ref251","doi-asserted-by":"publisher","DOI":"10.1145\/3125502.3125541"},{"key":"ref254","first-page":"265","article-title":"SMA: A system-level mutual authentication for protecting electronic hardware and firmware","volume":"14","author":"guin","year":"2017","journal-title":"IEEE Trans Depend Secure Comput"},{"key":"ref255","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2016.03.014"},{"key":"ref252","first-page":"217","article-title":"Strong and efficient cache side-channel protection using hardware transactional memory","author":"gruss","year":"2017","journal-title":"Proc Usenix Security Symp"},{"key":"ref253","first-page":"95","article-title":"An efficient side-channel protected AES implementation with arbitrary protection order","author":"gross","year":"2017","journal-title":"Proc The Cryptographer s Track at RSA Conf"},{"key":"ref257","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/j.comcom.2016.03.015","article-title":"A gap analysis of Internet-of-Things platforms","volume":"89","author":"mineraud","year":"2016","journal-title":"Comput Commun"},{"key":"ref256","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4842-2143-3_16"},{"key":"ref10","author":"goodin","year":"2017","journal-title":"Hackers Trigger Yet Another Power Outage in Ukraine"},{"key":"ref259","article-title":"S.1691—Internet of Things (IoT) cybersecurity improvement act of 2017","author":"warner","year":"2017","journal-title":"Proc U S Congr"},{"key":"ref11","author":"bateman","year":"2013","journal-title":"Police Warning After Drug Traffickers’ Cyber-Attack (The BBC)"},{"key":"ref258","doi-asserted-by":"publisher","DOI":"10.1109\/AQTR.2014.6857843"},{"key":"ref12","author":"cobb","year":"2016","journal-title":"10 things to know about the October 21 IoT DDoS attacks"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ICED.2016.7804660"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.44"},{"key":"ref15","article-title":"IoT goes nuclear: Creating a ZigBee chain reaction","author":"ronen","year":"2016"},{"key":"ref16","author":"chapman","year":"2014","journal-title":"Hacking into internet connected light bulbs"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.13"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2703172"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2016.2521339"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/MWC.2010.5601957"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2017.2669647"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2014.6883456"},{"key":"ref114","first-page":"1","article-title":"Economic impact of data integrity attacks on distributed DC optimal power flow algorithm","author":"duan","year":"2015","journal-title":"Proc North Amer Power Symp (NAPS)"},{"key":"ref113","first-page":"1","article-title":"The Fog computing paradigm: Scenarios and security issues","author":"stojmenovic","year":"2014","journal-title":"Proc Federated Conf Comput Sci Inf Syst (FedCSIS)"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2015.2426418"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1145\/2790298"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2015.04.015"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2012.2232318"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2014.2298195"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1109\/ISGT.2014.6816508"},{"key":"ref260","year":"2015","journal-title":"Internet of Things Automatic Security Testbed"},{"key":"ref261","doi-asserted-by":"publisher","DOI":"10.1109\/CySWater.2016.7469060"},{"key":"ref262","first-page":"25","article-title":"SCADA laboratory and test-bed as a service for critical infrastructure protection","author":"arag\u00f3","year":"2014","journal-title":"Proc 2nd Int Symp ICS SCADA Cyber Security Res (ICS SCADA)"}],"container-title":["IEEE Communications Surveys & Tutorials"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9739\/8540503\/08410404.pdf?arnumber=8410404","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T16:02:22Z","timestamp":1643299342000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8410404\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"references-count":262,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1109\/comst.2018.2855563","relation":{},"ISSN":["1553-877X","2373-745X"],"issn-type":[{"value":"1553-877X","type":"electronic"},{"value":"2373-745X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]}}}