{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T03:31:17Z","timestamp":1770348677418,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,11,2]],"date-time":"2018-11-02T00:00:00Z","timestamp":1541116800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,11,2]]},"DOI":"10.1145\/3290480.3290491","type":"proceedings-article","created":{"date-parts":[[2018,12,6]],"date-time":"2018-12-06T13:37:41Z","timestamp":1544103461000},"page":"56-63","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Detecting Authentication-Bypass Flaws in a Large Scale of IoT Embedded Web Servers"],"prefix":"10.1145","author":[{"given":"Yikun","family":"Jiang","sequence":"first","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wei","family":"Xie","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yong","family":"Tang","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,11,2]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"https:\/\/en.wikipedia.org\/wiki\/2016_Dyn_cyberattack  https:\/\/en.wikipedia.org\/wiki\/2016_Dyn_cyberattack"},{"key":"e_1_3_2_1_2_1","unstructured":"https:\/\/techcrunch.com\/2017\/04\/25\/brickerbot-is-a-vigilante-worm-that-destroys-insecure-iot-devices\/  https:\/\/techcrunch.com\/2017\/04\/25\/brickerbot-is-a-vigilante-worm-that-destroys-insecure-iot-devices\/"},{"key":"e_1_3_2_1_3_1","unstructured":"https:\/\/www.theregister.co.uk\/2017\/04\/08\/brickerbot_malware_kills_iot_devices\/  https:\/\/www.theregister.co.uk\/2017\/04\/08\/brickerbot_malware_kills_iot_devices\/"},{"key":"e_1_3_2_1_4_1","unstructured":"http:\/\/www.zdnet.com\/article\/iot-devices-will-outnumber-the-worlds-population-this-year-for-the-first-time\/  http:\/\/www.zdnet.com\/article\/iot-devices-will-outnumber-the-worlds-population-this-year-for-the-first-time\/"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-46298-1"},{"key":"e_1_3_2_1_6_1","volume-title":"Embedded Management Interfaces: Emerging Massive Insecurity.\" Black Hat Usa","author":"Bojinov Hristo","year":"2009","unstructured":"Bojinov , Hristo , et al. \" Embedded Management Interfaces: Emerging Massive Insecurity.\" Black Hat Usa ( 2009 ). Bojinov, Hristo, et al. \"Embedded Management Interfaces: Emerging Massive Insecurity.\" Black Hat Usa (2009)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920276"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/JISIC.2014.43"},{"key":"e_1_3_2_1_9_1","unstructured":"https:\/\/www.shodan.io\/  https:\/\/www.shodan.io\/"},{"key":"e_1_3_2_1_10_1","first-page":"463","volume":"2013","author":"Davidson Drew","unstructured":"Davidson , Drew , et al. \"FIE on firmware: finding vulnerabilities in embedded systems using symbolic execution.\" Usenix Conference on Security USENIX Association , 2013 : 463 -- 478 . Davidson, Drew, et al. \"FIE on firmware: finding vulnerabilities in embedded systems using symbolic execution.\" Usenix Conference on Security USENIX Association, 2013:463--478.","journal-title":"Usenix Conference on Security USENIX Association"},{"key":"e_1_3_2_1_11_1","volume-title":"Trondheim, Norway, August 30 - September DBLP","author":"Michel Sebastian","year":"2005","unstructured":"Michel , Sebastian , P. Triantafillou , and G. Weikum . \" KLEE: a framework for distributed top-k query algorithms.\" International Conference on Very Large Data Bases , Trondheim, Norway, August 30 - September DBLP , 2005 :637--648. Michel, Sebastian, P. Triantafillou, and G. Weikum. \"KLEE: a framework for distributed top-k query algorithms.\" International Conference on Very Large Data Bases, Trondheim, Norway, August 30 - September DBLP, 2005:637--648."},{"key":"e_1_3_2_1_12_1","volume-title":"AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmware.\" Network and Distributed System Security Symposium","author":"Zaddach Jonas","year":"2014","unstructured":"Zaddach , Jonas , et al. \" AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmware.\" Network and Distributed System Security Symposium 2014 . Zaddach, Jonas, et al. \"AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmware.\" Network and Distributed System Security Symposium 2014."},{"key":"e_1_3_2_1_13_1","volume-title":"Network and Distributed System Security Symposium","author":"Yan Shoshitaishvili","year":"2015","unstructured":"Yan , Shoshitaishvili , et al. \"Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware .\" Network and Distributed System Security Symposium 2015 . Yan, Shoshitaishvili, et al. \"Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware.\" Network and Distributed System Security Symposium 2015."},{"key":"e_1_3_2_1_14_1","unstructured":"https:\/\/github.com\/angr\/angr  https:\/\/github.com\/angr\/angr"},{"key":"e_1_3_2_1_15_1","volume-title":"A large-scale analysis of the security of embedded firmware.\" Usenix Conference on Security Symposium USENIX Association","author":"Costin Andrei","year":"2014","unstructured":"Costin , Andrei , J. Zaddach , and D. Balzarotti . \" A large-scale analysis of the security of embedded firmware.\" Usenix Conference on Security Symposium USENIX Association , 2014 : 95--110. Costin, Andrei, J. Zaddach, and D. Balzarotti. \"A large-scale analysis of the security of embedded firmware.\" Usenix Conference on Security Symposium USENIX Association, 2014:95--110."},{"key":"e_1_3_2_1_16_1","unstructured":"https:\/\/github.com\/misterch0c\/firminator_backend  https:\/\/github.com\/misterch0c\/firminator_backend"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897900"},{"key":"e_1_3_2_1_18_1","unstructured":"Zhonghua Dai et al. \"Research on the localization of firmware vulnerability based on stain tracking.\" JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE))51.09(2016):41--46.  Zhonghua Dai et al. \"Research on the localization of firmware vulnerability based on stain tracking.\" JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE))51.09(2016):41--46."},{"key":"e_1_3_2_1_19_1","volume-title":"1st IoTSec workshop.","author":"Wei","unstructured":"Wei Xie et al. \"Vulnerability Detection in IoT Firmware: A Survey.\" International Conference on Parallel and Distributed Systems 2017 , 1st IoTSec workshop. Wei Xie et al. \"Vulnerability Detection in IoT Firmware: A Survey.\" International Conference on Parallel and Distributed Systems 2017, 1st IoTSec workshop."},{"key":"e_1_3_2_1_20_1","unstructured":"http:\/\/rips-scanner.sourceforge.net\/  http:\/\/rips-scanner.sourceforge.net\/"},{"key":"e_1_3_2_1_21_1","unstructured":"http:\/\/lcamtuf.coredump.cx\/afl\/  http:\/\/lcamtuf.coredump.cx\/afl\/"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2110356.2110358"},{"key":"e_1_3_2_1_23_1","unstructured":"https:\/\/scrapy.org\/  https:\/\/scrapy.org\/"},{"key":"e_1_3_2_1_24_1","unstructured":"https:\/\/github.com\/ReFirmLabs\/binwalk  https:\/\/github.com\/ReFirmLabs\/binwalk"},{"key":"e_1_3_2_1_25_1","unstructured":"F. B. et al. QEMU - Quick EMUlator. http:\/\/www.qemu.org.  F. B. et al. QEMU - Quick EMUlator. http:\/\/www.qemu.org."},{"key":"e_1_3_2_1_26_1","unstructured":"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-5521  http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-5521"},{"key":"e_1_3_2_1_27_1","unstructured":"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-13071  http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-13071"}],"event":{"name":"ICCNS 2018: 2018 the 8th International Conference on Communication and Network Security","location":"Qingdao China","acronym":"ICCNS 2018"},"container-title":["Proceedings of the 8th International Conference on Communication and Network Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3290480.3290491","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3290480.3290491","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:44:17Z","timestamp":1750207457000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3290480.3290491"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11,2]]},"references-count":27,"alternative-id":["10.1145\/3290480.3290491","10.1145\/3290480"],"URL":"https:\/\/doi.org\/10.1145\/3290480.3290491","relation":{},"subject":[],"published":{"date-parts":[[2018,11,2]]},"assertion":[{"value":"2018-11-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}