{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:53:09Z","timestamp":1772041989427,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,7,2]],"date-time":"2019-07-02T00:00:00Z","timestamp":1562025600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,7,2]]},"DOI":"10.1145\/3321705.3329857","type":"proceedings-article","created":{"date-parts":[[2019,7,9]],"date-time":"2019-07-09T12:53:20Z","timestamp":1562676800000},"page":"493-500","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":35,"title":["E-Spion"],"prefix":"10.1145","author":[{"given":"Anand","family":"Mudgerikar","sequence":"first","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Puneet","family":"Sharma","sequence":"additional","affiliation":[{"name":"HPE, Palo Alto, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,7,2]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Trustworthy Whole-System Provenance for the Linux Kernel. In USENIX Security Symposium. 319--334","author":"Bates Adam M","year":"2015"},{"key":"e_1_3_2_1_2_1","unstructured":"Vincent Bernat. 2011. SSL\/TLS & perfect forward secrecy. ht tp:\/\/vincent. bernat. im\/en\/blog\/2011-ssl-perfect-forward-secrecy. html (2011).  Vincent Bernat. 2011. SSL\/TLS & perfect forward secrecy. ht tp:\/\/vincent. bernat. im\/en\/blog\/2011-ssl-perfect-forward-secrecy. html (2011)."},{"key":"e_1_3_2_1_3_1","volume-title":"LinuxWorld Conference and Expo","author":"Chavez Timothy R","year":"2006"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/11535218_26"},{"key":"e_1_3_2_1_5_1","volume-title":"Understanding Linux Malware. In IEEE Symposium on Security & Privacy .","author":"Cozzi Emanuele","year":"2018"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2013.13"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2592791.2592797"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33704-8_21"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/PRDC.2017.28"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/GRID.2010.5697969"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.45"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/2442626.2442634"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2704093"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/1298081.1298084"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134045"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2512494"},{"key":"e_1_3_2_1_17_1","unstructured":"Steven L Kinney. 2006. Trusted platform module basics: using TPM in embedded systems. Elsevier.   Steven L Kinney. 2006. Trusted platform module basics: using TPM in embedded systems. Elsevier."},{"key":"e_1_3_2_1_18_1","unstructured":"Shiqing Ma Xiangyu Zhang and Dongyan Xu. 2016. ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting. In NDSS.  Shiqing Ma Xiangyu Zhang and Dongyan Xu. 2016. ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting. In NDSS."},{"key":"e_1_3_2_1_19_1","unstructured":"Open Malware. {n. d.}. http:\/\/openmalware.org  Open Malware. {n. d.}. http:\/\/openmalware.org"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2017.104"},{"key":"e_1_3_2_1_21_1","volume-title":"USENIX Annual Technical Conference, General Track. 43--56","author":"Muniswamy-Reddy Kiran-Kumar","year":"2006"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.3390\/s141224188"},{"key":"e_1_3_2_1_23_1","first-page":"1","article-title":"IoTPOT: analysing the rise of IoT compromises","volume":"9","author":"Pa Pa Yin Minn","year":"2015","journal-title":"EMU"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2007.1003"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420989"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5120\/21565-4589"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCNC.2016.7444797"},{"key":"e_1_3_2_1_28_1","unstructured":"VirusTotal. {n. d.}. https:\/\/www.virustotal.com  VirusTotal. {n. d.}. https:\/\/www.virustotal.com"},{"key":"e_1_3_2_1_29_1","unstructured":"Miao Wang Cheng Zhang and Jingjing Yu. 2006. Native API based windows anomaly intrusion detection method using SVM. In null. IEEE 514--519.   Miao Wang Cheng Zhang and Jingjing Yu. 2006. Native API based windows anomaly intrusion detection method using SVM. In null. IEEE 514--519."}],"event":{"name":"Asia CCS '19: ACM Asia Conference on Computer and Communications Security","location":"Auckland New Zealand","acronym":"Asia CCS '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3321705.3329857","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3321705.3329857","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:54:39Z","timestamp":1750204479000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3321705.3329857"}},"subtitle":["A System-Level Intrusion Detection System for IoT Devices"],"short-title":[],"issued":{"date-parts":[[2019,7,2]]},"references-count":29,"alternative-id":["10.1145\/3321705.3329857","10.1145\/3321705"],"URL":"https:\/\/doi.org\/10.1145\/3321705.3329857","relation":{},"subject":[],"published":{"date-parts":[[2019,7,2]]},"assertion":[{"value":"2019-07-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}