{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:22:26Z","timestamp":1780586546438,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,11,3]],"date-time":"2017-11-03T00:00:00Z","timestamp":1509667200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,11,3]]},"DOI":"10.1145\/3140241.3140252","type":"proceedings-article","created":{"date-parts":[[2017,10,31]],"date-time":"2017-10-31T14:58:58Z","timestamp":1509461938000},"page":"37-48","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":27,"title":["Jumping the Air Gap"],"prefix":"10.1145","author":[{"given":"Ioannis","family":"Agadakos","sequence":"first","affiliation":[{"name":"Stevens Institute of Technology, Hoboken, NJ & SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chien-Ying","family":"Chen","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign, Campaign, IL & SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Matteo","family":"Campanelli","sequence":"additional","affiliation":[{"name":"The City College of New York, New York, NY & SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Prashant","family":"Anantharaman","sequence":"additional","affiliation":[{"name":"Dartmouth College, Hanover, NH & SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Monowar","family":"Hasan","sequence":"additional","affiliation":[{"name":"University of Illinois, Champaign, IL at Urbana-Champaign & SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Bogdan","family":"Copos","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tancr\u00e8de","family":"Lepoint","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Michael","family":"Locasto","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Gabriela F.","family":"Ciocarlie","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ulf","family":"Lindqvist","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2017,11,3]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2015.7405513"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.advengsoft.2012.12.004"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.794"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2010.335"},{"key":"e_1_3_2_1_5_1","volume-title":"40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). 1292--1297","author":"Geneiatakis D.","year":"2017","unstructured":"D. Geneiatakis , I. Kounelis , R. Neisse , I. Nai-Fovino , G. Steri , and G. Baldini . 2017. Security and privacy issues for an IoT based smart home . In 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). 1292--1297 . https:\/\/doi.org\/10.23919\/MIPRO. 2017 .7973622 10.23919\/MIPRO.2017.7973622 D. Geneiatakis, I. Kounelis, R. Neisse, I. Nai-Fovino, G. Steri, and G. Baldini. 2017. Security and privacy issues for an IoT based smart home. In 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). 1292--1297. https:\/\/doi.org\/10.23919\/MIPRO.2017.7973622"},{"key":"e_1_3_2_1_6_1","unstructured":"D'Arcy Gue. 2017. IoT Devices Top a Long List of 2017 Security Threats. http:\/\/www.medsphere.com\/blog\/iot-devices-top-a-long-list-of-2017-security-threats. Medsphere (2017).  D'Arcy Gue. 2017. IoT Devices Top a Long List of 2017 Security Threats. http:\/\/www.medsphere.com\/blog\/iot-devices-top-a-long-list-of-2017-security-threats. Medsphere (2017)."},{"key":"e_1_3_2_1_7_1","volume-title":"International Conference on Intelligent Environments. 17--24","author":"Guilly T. L.","year":"2015","unstructured":"T. L. Guilly , J. H. Smedeg\u00e5rd , T. Pedersen , and A. Skou . 2015. To Do and Not to Do: Constrained Scenarios for Safe Smart House . In International Conference on Intelligent Environments. 17--24 . https:\/\/doi.org\/10.1109\/IE. 2015 .11 10.1109\/IE.2015.11 T. L. Guilly, J. H. Smedeg\u00e5rd, T. Pedersen, and A. Skou. 2015. To Do and Not to Do: Constrained Scenarios for Safe Smart House. In International Conference on Intelligent Environments. 17--24. https:\/\/doi.org\/10.1109\/IE.2015.11"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/54289.871709"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/505145.505149"},{"key":"e_1_3_2_1_10_1","volume-title":"5th International Conference on the Internet of Things (IOT). 54--61","author":"Kovatsch M.","year":"2015","unstructured":"M. Kovatsch , Y. N. Hassan , and S. Mayer . 2015. Practical semantics for the Internet of Things: Physical states, device mashups, and open questions . In 5th International Conference on the Internet of Things (IOT). 54--61 . https:\/\/doi.org\/10.1109\/IOT. 2015 .7356548 10.1109\/IOT.2015.7356548 M. Kovatsch, Y. N. Hassan, and S. Mayer. 2015. Practical semantics for the Internet of Things: Physical states, device mashups, and open questions. In 5th International Conference on the Internet of Things (IOT). 54--61. https:\/\/doi.org\/10.1109\/IOT.2015.7356548"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3029589"},{"key":"e_1_3_2_1_12_1","volume-title":"Massachusetts October","author":"Lippmann Richard P.","year":"2005","unstructured":"Richard P. Lippmann , Kyle W. Ingols , Chris Scott , Keith Piwowarski , Kendra Kratkiewicz , Michael Artz , and Robert Cunningham . 2005. Evaluating and strengthening enterprise network security using attack graphs. Lexington , Massachusetts October ( 2005 ). Richard P. Lippmann, Kyle W. Ingols, Chris Scott, Keith Piwowarski, Kendra Kratkiewicz, Michael Artz, and Robert Cunningham. 2005. Evaluating and strengthening enterprise network security using attack graphs. Lexington, Massachusetts October (2005)."},{"key":"e_1_3_2_1_13_1","volume-title":"IEEE 15th International Conference on Software Engineering Research, Management and Applications (SERA). 395--400","author":"Mavropoulos O.","year":"2017","unstructured":"O. Mavropoulos , H. Mouratidis , A. Fish , and E. Panaousis . 2017. ASTo: A tool for security analysis of IoT systems . In IEEE 15th International Conference on Software Engineering Research, Management and Applications (SERA). 395--400 . https:\/\/doi.org\/10.1109\/SERA. 2017 .7965757 10.1109\/SERA.2017.7965757 O. Mavropoulos, H. Mouratidis, A. Fish, and E. Panaousis. 2017. ASTo: A tool for security analysis of IoT systems. In IEEE 15th International Conference on Software Engineering Research, Management and Applications (SERA). 395--400. https:\/\/doi.org\/10.1109\/SERA.2017.7965757"},{"key":"e_1_3_2_1_14_1","volume-title":"IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In IEEE 37th International Conference on Distributed Computing Systems (ICDCS). 2177--2184","author":"Miettinen M.","year":"2017","unstructured":"M. Miettinen , S. Marchal , I. Hafeez , N. Asokan , A. R. Sadeghi , and S. Tarkoma . 2017 . IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In IEEE 37th International Conference on Distributed Computing Systems (ICDCS). 2177--2184 . https:\/\/doi.org\/10.1109\/ICDCS. 2017 .283 10.1109\/ICDCS.2017.283 M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. R. Sadeghi, and S. Tarkoma. 2017. IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In IEEE 37th International Conference on Distributed Computing Systems (ICDCS). 2177--2184. https:\/\/doi.org\/10.1109\/ICDCS.2017.283"},{"key":"e_1_3_2_1_15_1","volume-title":"IEEE Conference on Communications and Network Security (CNS). 180--188","author":"Mohsin M.","year":"2016","unstructured":"M. Mohsin , Z. Anwar , G. Husari , E. Al-Shaer , and M. A. Rahman . 2016. IoTSAT: A formal framework for security analysis of the internet of things (IoT) . In IEEE Conference on Communications and Network Security (CNS). 180--188 . https:\/\/doi.org\/10.1109\/CNS. 2016 .7860484 10.1109\/CNS.2016.7860484 M. Mohsin, Z. Anwar, G. Husari, E. Al-Shaer, and M. A. Rahman. 2016. IoTSAT: A formal framework for security analysis of the internet of things (IoT). In IEEE Conference on Communications and Network Security (CNS). 180--188. https:\/\/doi.org\/10.1109\/CNS.2016.7860484"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10922-008-9109-x"},{"key":"e_1_3_2_1_17_1","volume-title":"Security Requirements Analysis for the IoT. In 2017 International Conference on Platform Technology and Service (PlatCon). 1--6. https:\/\/doi.org\/10","author":"Oh S. R.","year":"2017","unstructured":"S. R. Oh and Y. G. Kim . 2017 . Security Requirements Analysis for the IoT. In 2017 International Conference on Platform Technology and Service (PlatCon). 1--6. https:\/\/doi.org\/10 .1109\/PlatCon. 2017 .7883727 10.1109\/PlatCon.2017.7883727 S. R. Oh and Y. G. Kim. 2017. Security Requirements Analysis for the IoT. In 2017 International Conference on Platform Technology and Service (PlatCon). 1--6. https:\/\/doi.org\/10.1109\/PlatCon.2017.7883727"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180446"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3054977.3055001"},{"key":"e_1_3_2_1_20_1","first-page":"21","article-title":"Attack trees","volume":"24","author":"Schneier Bruce","year":"1999","unstructured":"Bruce Schneier . 1999 . Attack trees . Dr. Dobb's journal 24 , 12 (1999), 21 -- 29 . Bruce Schneier. 1999. Attack trees. Dr. Dobb's journal 24, 12 (1999), 21--29.","journal-title":"Dr. Dobb's journal"},{"key":"e_1_3_2_1_21_1","volume-title":"IEEE Symposium on Security and Privacy. 273--284","author":"Sheyner O.","year":"2002","unstructured":"O. Sheyner , J. Haines , S. Jha , R. Lippmann , and J. M. Wing . 2002. Automated generation and analysis of attack graphs . In IEEE Symposium on Security and Privacy. 273--284 . https:\/\/doi.org\/10.1109\/SECPRI. 2002 .1004377 10.1109\/SECPRI.2002.1004377 O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing. 2002. Automated generation and analysis of attack graphs. In IEEE Symposium on Security and Privacy. 273--284. https:\/\/doi.org\/10.1109\/SECPRI.2002.1004377"},{"key":"e_1_3_2_1_22_1","volume-title":"IEEE 13th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). 343--348","author":"Tekeoglu A.","year":"2016","unstructured":"A. Tekeoglu and A. Tosun . 2016. A Testbed for Security and Privacy Analysis of IoT Devices . In IEEE 13th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). 343--348 . https:\/\/doi.org\/10.1109\/MASS. 2016 .051 10.1109\/MASS.2016.051 A. Tekeoglu and A. Tosun. 2016. A Testbed for Security and Privacy Analysis of IoT Devices. In IEEE 13th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). 343--348. https:\/\/doi.org\/10.1109\/MASS.2016.051"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31424-7_56"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2006.04.001"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2009.11.008"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3140241.3140252","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3140241.3140252","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:20Z","timestamp":1750212680000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3140241.3140252"}},"subtitle":["Modeling Cyber-Physical Attack Paths in the Internet-of-Things"],"short-title":[],"issued":{"date-parts":[[2017,11,3]]},"references-count":25,"alternative-id":["10.1145\/3140241.3140252","10.1145\/3140241"],"URL":"https:\/\/doi.org\/10.1145\/3140241.3140252","relation":{},"subject":[],"published":{"date-parts":[[2017,11,3]]},"assertion":[{"value":"2017-11-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}