{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T03:39:06Z","timestamp":1782877146062,"version":"3.54.5"},"reference-count":66,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000180","name":"U.S. Department of Homeland Security","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000180","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5,1]]},"DOI":"10.1109\/host55118.2023.10132957","type":"proceedings-article","created":{"date-parts":[[2023,5,25]],"date-time":"2023-05-25T17:29:36Z","timestamp":1685035776000},"page":"215-226","source":"Crossref","is-referenced-by-count":10,"title":["Gadgets of Gadgets in Industrial Control Systems: Return Oriented Programming Attacks on PLCs"],"prefix":"10.1109","author":[{"given":"Adeen","family":"Ayub","sequence":"first","affiliation":[{"name":"Virginia Commonwealth University,Department of Computer Science,USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nauman","family":"Zubair","sequence":"additional","affiliation":[{"name":"University of New Orleans,Department of Computer Science,USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Hyunguk","family":"Yoo","sequence":"additional","affiliation":[{"name":"University of New Orleans,Department of Computer Science,USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Wooyeon","family":"Jo","sequence":"additional","affiliation":[{"name":"Virginia Commonwealth University,Department of Computer Science,USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Irfan","family":"Ahmed","sequence":"additional","affiliation":[{"name":"Virginia Commonwealth University,Department of Computer Science,USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23313"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/2746266.2746268"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2017.06.012"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/ICIInfS.2013.6731959"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382244"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1145\/3450267.3450545"},{"key":"ref14","first-page":"110","article-title":"On ladder logic bombs in industrial control systems","author":"govil","year":"2017","journal-title":"Computer Security"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-30215-3_20"},{"key":"ref53","first-page":"723","article-title":"Exploiting siemens simatic s7 plcs","volume":"16","author":"beresford","year":"2011","journal-title":"Black Hat USA"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/PRDC.2017.34"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3018981.3018984"},{"key":"ref55","first-page":"1","article-title":"Plc-blaster: A worm living solely in the plc","volume":"16","author":"spenneberg","year":"2016","journal-title":"Black Hat Asia"},{"key":"ref10","first-page":"29","article-title":"W32.stuxnet dossier","volume":"5","author":"falliere","year":"2011","journal-title":"White Paper Symantec Corp Security Response"},{"key":"ref54","first-page":"22","article-title":"Internet-facing PLCs-a new back orifice","author":"klick","year":"2015","journal-title":"BlackHat USA"},{"key":"ref17","first-page":"1","article-title":"Ghost in the plc designing an undetectable programmable logic controller rootkit via pin control attack","volume":"2016","author":"abbasi","year":"2016","journal-title":"Black Hat Europe'06"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22312-0_3"},{"key":"ref19","first-page":"109","article-title":"Overshadow Plc to Detect Remote Control-Logic Injection Attacks","author":"yoo","year":"2019","journal-title":"Detection of Intrusions and Malware and Vulnerability Assessment"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2019.23074"},{"key":"ref51","article-title":"On Dynamic Malware Payloads Aimed at Pro-grammable Logic Controllers","author":"mclaughlin","year":"2011","journal-title":"HOTSEC"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423356"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2022.301339"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2021.301196"},{"key":"ref48","first-page":"3","author":"krotofil","year":"2019","journal-title":"Securing Industrial Control Systems"},{"key":"ref47","article-title":"Renesas GNU Tools","year":"2021"},{"key":"ref42","article-title":"M221 Hardware guide","year":"2017"},{"key":"ref41","article-title":"RX Renesas Manual","year":"2021"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2023.301513"},{"key":"ref43","article-title":"M221 programming guide","year":"2020"},{"key":"ref49","first-page":"480495","article-title":"Constrained Concealment Attacks against Reconstruction-Based Anomaly Detectors in Industrial Control Sys-tems","author":"erba","year":"2020","journal-title":"Annual Computer Security Applications Conference ser AC-SAC '20"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2023.301510"},{"key":"ref7","article-title":"Understanding and mitigating russian state-sponsored cyber threats to u.s. critical infrastructure","author":"cybersecurity","year":"2022"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.addma.2021.102200"},{"key":"ref4","article-title":"Havex Malware","year":"2022"},{"key":"ref3","article-title":"CrashOverride Malware","year":"2022"},{"key":"ref6","article-title":"Evolution of ics attacks and the prospects for future disrup-tive events","author":"slowik","year":"2022"},{"key":"ref5","article-title":"HatMan Malware","year":"2022"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/TNS.2015.2513384"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/SPW53761.2021.00058"},{"key":"ref34","article-title":"Blockbuster Worm Aimed for Infrastructure, But No Proof Iran Nukes Were Target","year":"2010"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/1376804.1376814"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/WCICSS.2016.7882935"},{"key":"ref31","article-title":"Attacking the IEC-61131 Logic Engine in Programmable Logic Controllers in Industrial Control Systems","author":"qasim","year":"2021","journal-title":"Critical Infrastructure Protection XV J Staggs and S"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2022.301336"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/ISDFS52919.2021.9486331"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2925838"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2017.4251102"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2012.325"},{"key":"ref39","first-page":"1219","article-title":"Silhouette: Efficient protected shadow stacks for embedded systems","author":"zhou","year":"2020","journal-title":"29th USENIX Security Symposium (USENIX Security 20)"},{"key":"ref38","article-title":"The Concept of Stack and Its Usage in Microprocessors","year":"2023"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.icte.2018.04.003"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_5"},{"key":"ref26","first-page":"385","article-title":"ROP is still dangerous: Breaking modern defenses","author":"carlini","year":"2014","journal-title":"23rd USENIX Security Symposium (USENIX Security 14)"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/SmartGridComm.2014.7007754"},{"key":"ref64","article-title":"Overview of DNP3 Security Version 6","year":"2022"},{"key":"ref63","first-page":"64","article-title":"Microgadgets: Size does matter in turing-complete return-oriented programming","volume":"12","author":"homescu","year":"2012","journal-title":"WOOT"},{"key":"ref22","doi-asserted-by":"crossref","first-page":"177","DOI":"10.1145\/3450267.3450545","article-title":"Spatiotemporal g-code modeling for secure fdm-based 3d printing","author":"rais","year":"2021","journal-title":"Proceedings of the ACM\/IEEE 12thInternational Conference on Cyber-Physical Systems"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"ref21","article-title":"Low-magnitude infill structure manipulation attacks on fff-based 3d printersa","author":"rais","year":"2022","journal-title":"Proceedings of the a16th IFIP Working Group 11 10 International Conference on Critical Infrastructure Protection"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"ref28","article-title":"Attackers deploy new ics attack framework triton and cause operational disruption to critical infrastructure","author":"johnson","year":"2021"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/j.suscom.2018.10.002"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3176258.3176319"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2020.301013"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384738"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/CSR54599.2022.9850326"}],"event":{"name":"2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","location":"San Jose, CA, USA","start":{"date-parts":[[2023,5,1]]},"end":{"date-parts":[[2023,5,4]]}},"container-title":["2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10132842\/10132914\/10132957.pdf?arnumber=10132957","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,12]],"date-time":"2023-06-12T17:56:08Z","timestamp":1686592568000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10132957\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,1]]},"references-count":66,"URL":"https:\/\/doi.org\/10.1109\/host55118.2023.10132957","relation":{},"subject":[],"published":{"date-parts":[[2023,5,1]]}}}