{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,4]],"date-time":"2026-03-04T16:53:52Z","timestamp":1772643232664,"version":"3.50.1"},"reference-count":78,"publisher":"IEEE","license":[{"start":{"date-parts":[[2024,5,6]],"date-time":"2024-05-06T00:00:00Z","timestamp":1714953600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,5,6]],"date-time":"2024-05-06T00:00:00Z","timestamp":1714953600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000181","name":"U.S. Department of Homeland Security","doi-asserted-by":"publisher","award":["17STCIN00001-05-00"],"award-info":[{"award-number":["17STCIN00001-05-00"]}],"id":[{"id":"10.13039\/100000181","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,5,6]]},"DOI":"10.1109\/host55342.2024.10545392","type":"proceedings-article","created":{"date-parts":[[2024,6,6]],"date-time":"2024-06-06T17:21:52Z","timestamp":1717694512000},"page":"182-193","source":"Crossref","is-referenced-by-count":4,"title":["Charlie, Charlie, Charlie on Industrial Control Systems: PLC Control Logic Attacks by Design, Not by Chance"],"prefix":"10.1109","author":[{"given":"Adeen","family":"Ayub","sequence":"first","affiliation":[{"name":"Virginia Commonwealth University,Department of Computer Science,Richmond,VA"}]},{"given":"Wooyeon","family":"Jo","sequence":"additional","affiliation":[{"name":"Virginia Commonwealth University,Department of Computer Science,Richmond,VA"}]},{"given":"Irfan","family":"Ahmed","sequence":"additional","affiliation":[{"name":"Virginia Commonwealth University,Department of Computer Science,Richmond,VA"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Havex Malware","year":"2022"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.67"},{"key":"ref3","volume-title":"CrashOverride Malware","year":"2022"},{"key":"ref4","author":"Dudley","year":"2021","journal-title":"The colonial pipeline ransomware hackers had a secret weapon: self-promoting cybersecurity firms"},{"key":"ref5","volume-title":"Attackers deploy new ics attack framework \u201ctriton\u201d and cause operational disruption to critical infrastructure","author":"Johnson","year":"2021"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-93511-5_4"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/CSR54599.2022.9850326"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2023.3271273"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SPW53761.2021.00058"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/HOST55118.2023.10132957"},{"key":"ref11","author":"Qasim","year":"2023","journal-title":"vplc: A scalable plc testbed for iiot security research"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_6"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2021.301196"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2022.301336"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2022.3200363"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-017-0017-y"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/RWEEK.2016.7573309"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2020.301013"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-30215-3_20"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22312-0_3"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.14722\/bar.2019.23074"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-12330-7_1"},{"key":"ref23","first-page":"178","article-title":"A Rising Tide: Design Exploits in Industrial Control Systems","volume-title":"Proceedings of the 10th USENIX Conference on Offensive Technologies, ser. WOOT16","author":"Bolshev","year":"2016"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427660"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423356"},{"key":"ref26","article-title":"On Dynamic Malware Payloads Aimed at Programmable Logic Controllers","author":"McLaughlin","year":"2011","journal-title":"HotSec"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382244"},{"key":"ref28","first-page":"1","article-title":"Ghost in the plc designing an undetectable programmable logic controller rootkit via pin control attack","volume":"2016","author":"Abbasi","year":"2016","journal-title":"Black Hat Europe"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23313"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/PRDC.2017.34"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/SmartGridComm.2014.7007754"},{"issue":"2","key":"ref32","first-page":"723","article-title":"Exploiting siemens simatic s7 plcs","volume":"16","author":"Beresford","year":"2011","journal-title":"Black Hat USA"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346865"},{"key":"ref34","first-page":"1","article-title":"Plc-blaster: A worm living solely in the plc","volume":"16","author":"Spenneberg","year":"2016","journal-title":"Black Hat Asia"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/GLOBECOM38437.2019.9013863"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ICOSST60641.2023.10414205"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP57164.2023.00071"},{"key":"ref38","first-page":"301510","article-title":"Fromepp: Digital forensic readiness framework for material extrusion based 3d printing process","volume":"44","author":"Rais","year":"2023","journal-title":"Forensic Science International: Digital Investigation"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-20137-0_8"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/DCHPC55044.2022.9732117"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-72817-9_8"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/3176258.3176319"},{"key":"ref43","first-page":"144","article-title":"Patch now and attack later-exploiting s7 plesby time-of-day block","author":"Alsabbagh","year":"2021","journal-title":"IEEE"},{"key":"ref44","article-title":"Understanding and nutigating russian state-sponsored cyber threats to u.s. critical infrastruc-ture","volume-title":"Cybersecurity and I. S. A. (CISA)","year":"2022"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2023.301565"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2008.11.011"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/IWIA.2006.18"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_12"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1088\/1742-6596\/1087\/2\/022022"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23271"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2022.3200127"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-80825-9_7"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.113"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2009.80"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/COMAPP.2018.8460287"},{"key":"ref56","article-title":"Plc code vulnerabilities through scada systems","volume-title":"University of South Carolina","author":"Valentine","year":"2013"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2021.100470"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/ICS2018.8"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2014.01.004"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/ICIT.2005.1600609"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-022-00626-2"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1016\/j.compind.2022.103613"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23043"},{"key":"ref64","first-page":"241","article-title":"Polymorphic blending attacks","volume-title":"USENIX security symposium","author":"Fogla","year":"2006"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/ICIT46573.2021.9453483"},{"key":"ref66","first-page":"1","article-title":"A control injection attack against s7 plcs-manipulating the decompiled code","year":"2021","journal-title":"IEEE"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30143-1_11"},{"key":"ref68","author":"Stolcke","year":"2000","journal-title":"Entropy-based pruning of backoff language models"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1145\/362686.362692"},{"key":"ref70","article-title":"self-organizing maps, volume 30 of springer series in information sciences. spring-verlag","author":"Kohonen","year":"1997","journal-title":"Berlin"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1093\/bioinformatics\/btw771"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/PCCC.2016.7820655"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2019.08.238"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2011.020111.00055"},{"issue":"1","key":"ref76","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1016\/j.cose.2009.07.008","article-title":"Reducing false positives in intrusion detection systems","volume":"29","author":"Spathoulas","year":"2010","journal-title":"Computers & Security"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.3103\/S0146411615070159"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134618"}],"event":{"name":"2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","location":"Tysons Corner, VA, USA","start":{"date-parts":[[2024,5,6]]},"end":{"date-parts":[[2024,5,9]]}},"container-title":["2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10545333\/10545347\/10545392.pdf?arnumber=10545392","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,6,9]],"date-time":"2024-06-09T04:12:29Z","timestamp":1717906349000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10545392\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,6]]},"references-count":78,"URL":"https:\/\/doi.org\/10.1109\/host55342.2024.10545392","relation":{},"subject":[],"published":{"date-parts":[[2024,5,6]]}}}