{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,9]],"date-time":"2026-05-09T16:48:43Z","timestamp":1778345323223,"version":"3.51.4"},"reference-count":68,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"12","license":[{"start":{"date-parts":[[2022,6,15]],"date-time":"2022-06-15T00:00:00Z","timestamp":1655251200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,6,15]],"date-time":"2022-06-15T00:00:00Z","timestamp":1655251200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,6,15]],"date-time":"2022-06-15T00:00:00Z","timestamp":1655251200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"H2020 ECSEL project Arrowhead Tools","award":["8A19010, 826452"],"award-info":[{"award-number":["8A19010, 826452"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Internet Things J."],"published-print":{"date-parts":[[2022,6,15]]},"DOI":"10.1109\/jiot.2021.3135789","type":"journal-article","created":{"date-parts":[[2021,12,15]],"date-time":"2021-12-15T20:45:05Z","timestamp":1639601105000},"page":"9640-9658","source":"Crossref","is-referenced-by-count":24,"title":["HADES-IoT: A Practical and Effective Host-Based Anomaly Detection System for IoT Devices (Extended Version)"],"prefix":"10.1109","volume":"9","author":[{"given":"Dominik","family":"Breitenbacher","sequence":"first","affiliation":[{"name":"Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0790-0875","authenticated-orcid":false,"given":"Ivan","family":"Homoliak","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7640-2821","authenticated-orcid":false,"given":"Yan Lin","family":"Aung","sequence":"additional","affiliation":[{"name":"Singapore University of Technology and Design, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9641-128X","authenticated-orcid":false,"given":"Yuval","family":"Elovici","sequence":"additional","affiliation":[{"name":"Ben-Gurion University of the Negev, Beer-Sheva, Israel"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8424-2602","authenticated-orcid":false,"given":"Nils Ole","family":"Tippenhauer","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbrucken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/2435227.2435262"},{"key":"ref2","volume-title":"Embedded System Security Much More Dangerous, Costly than Traditional Software Vulnerabilities.","author":"Hulme","year":"2012"},{"key":"ref3","volume-title":"The Biggest Security Threats Facing Embedded Designers.","author":"Newell","year":"2016"},{"key":"ref4","volume-title":"You Can Now Rent a Mirai Botnet of 400,000 Bots.","author":"Cimpanu","year":"2016"},{"key":"ref5","volume-title":"New IoT Botnet Offers DDoses of Once-Unimaginable Sizes for $20.","author":"Gooding","year":"2018"},{"key":"ref6","volume-title":"The Cost of Renting an IoT Botnet.","year":"2017"},{"key":"ref7","volume-title":"Crypto-Jacking Epidemic Spreads to 30K Routers Across India.","author":"Canellis","year":"2018"},{"key":"ref8","volume-title":"Miner Malware Targets IoT, Offered in the Underground.","author":"Merces","year":"2018"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.47"},{"key":"ref10","article-title":"Your Smart TV May Be Prey for Hackers and Collecting More Info Than You Realize, \u2019Consumer Reports\u2019 Warns","author":"Graham","year":"2018"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.23919\/ICACT.2018.8323686"},{"key":"ref12","volume-title":"Your Cheap IP Camera May Be Leaking Video.","author":"Wyatt","year":"2019"},{"key":"ref13","volume-title":"Your Cheap IP Camera May Be Leaking Video.","author":"Fleishman","year":"2015"},{"key":"ref14","first-page":"1093","article-title":"Understanding the mirai botnet","volume-title":"Proc. 26th USENIX Security Symp. (USENIX Security)","author":"Antonakakis"},{"key":"ref15","volume-title":"Owasp IoT Top 10.","year":"2018"},{"key":"ref16","volume-title":"VPNFilter-Affected Devices Still Riddled with 19 Bugs.","year":"2018"},{"key":"ref17","volume-title":"Cisco: SNORT.","year":"2019"},{"key":"ref18","volume-title":"Suricata.","year":"2019"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2007.03.025"},{"key":"ref20","article-title":"Intrusion detection in network traffic","author":"Homoliak","year":"2016"},{"key":"ref21","first-page":"241","article-title":"Polymorphic blending attacks","volume-title":"Proc. 15th USENIX Security Symp.","author":"Fogla"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030088"},{"key":"ref23","article-title":"New methods and combinatorics for bypassing intrusion prevention technologies","author":"Boltz","year":"2010"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.4108\/eai.10-1-2019.156245"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/s1389-1286(98)00017-6"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329847"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/3054977.3054999"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/HASE.2014.12"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3054977.3057312"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2017.8323956"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2018.10315"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329857"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/8838571"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1186\/s13677-020-00206-6"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/TNSE.2021.3059881"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2021.3119778"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3450268.3453533"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3086398"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3468691.3468714"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.5220\/0010441500580069"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3075694"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384727"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3344382"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/3214304"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3001768"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.03.022"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.24.522"},{"key":"ref48","volume-title":"2020 IoT Developer Survey Key Findings.","year":"2020"},{"key":"ref49","volume-title":"IoT Developer Survey 2019 Results.","year":"2019"},{"key":"ref50","volume-title":"Understanding the IoT Hacker\u2014A Conversation with Owari\/Sora IoT Botnet Author.","author":"Anubhav","year":"2018"},{"key":"ref51","volume-title":"System Call Definition.","year":"2006"},{"key":"ref52","volume-title":"Linux Programmer\u2019s Manual","author":"Michael","year":"2017"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.7551\/mitpress\/12236.003.0022"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-34805-0_21"},{"key":"ref55","article-title":"Constructing digital signatures from a one-way function","author":"Lamport","year":"1979"},{"key":"ref56","volume-title":"Unix Load Average, Part 1.","author":"Gunther","year":"2010"},{"key":"ref57","volume-title":"BIOS & FIRMWARE for Asus RT-N10E.","year":"2017"},{"key":"ref58","volume-title":"BIOS & FIRMWARE for ASUS RT-N10.","year":"2017"},{"key":"ref59","volume-title":"BIOS & FIRMWARE for ASUS RT-N56U.","year":"2017"},{"key":"ref60","volume-title":"BIOS & FIRMWARE for ASUS RT-N66U.","year":"2020"},{"key":"ref61","volume-title":"BIOS & FIRMWARE for ASUS RT-AC66U.","year":"2021"},{"key":"ref62","volume-title":"Firmware Downloads.","year":"2021"},{"key":"ref63","volume-title":"Firmware for NC200 V1.","year":"2020"},{"key":"ref64","volume-title":"Firmware for TL-WR1043ND V1.","year":"2014"},{"key":"ref65","volume-title":"Firmware for Archer C2300 V1","year":"2019"},{"key":"ref66","volume-title":"Firmware for Archer D7 V1.","year":"2015"},{"key":"ref67","volume-title":"Firmware for Deco M5 V1","year":"2021"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"}],"container-title":["IEEE Internet of Things Journal"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6488907\/9789736\/09651994.pdf?arnumber=9651994","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T00:31:28Z","timestamp":1704846688000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9651994\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,15]]},"references-count":68,"journal-issue":{"issue":"12"},"URL":"https:\/\/doi.org\/10.1109\/jiot.2021.3135789","relation":{},"ISSN":["2327-4662","2372-2541"],"issn-type":[{"value":"2327-4662","type":"electronic"},{"value":"2372-2541","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,6,15]]}}}