{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,20]],"date-time":"2026-02-20T18:47:17Z","timestamp":1771613237805,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T00:00:00Z","timestamp":1666742400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"French Agence Nationale de la Recherche (ANR) under reference ANR-18-CE39-0001 (AHMA)","award":["ANR-18-CE39-0001"],"award-info":[{"award-number":["ANR-18-CE39-0001"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,26]]},"DOI":"10.1145\/3545948.3545962","type":"proceedings-article","created":{"date-parts":[[2022,10,17]],"date-time":"2022-10-17T11:21:49Z","timestamp":1666005709000},"page":"232-251","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["ULTRA: Ultimate Rootkit Detection over the Air"],"prefix":"10.1145","author":[{"given":"Duy-Phuc","family":"Pham","sequence":"first","affiliation":[{"name":"Univ Rennes, Inria, CNRS, IRISA, France and Trellix, USA"}]},{"given":"Damien","family":"Marion","sequence":"additional","affiliation":[{"name":"Univ Rennes, Inria, CNRS, IRISA, France"}]},{"given":"Annelie","family":"Heuser","sequence":"additional","affiliation":[{"name":"Univ Rennes, Inria, CNRS, IRISA, France"}]}],"member":"320","published-online":{"date-parts":[[2022,10,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2021. GNU Radio. https:\/\/www.gnuradio.org\/about\/. Accessed: 2022-01-01.  2021. GNU Radio. https:\/\/www.gnuradio.org\/about\/. Accessed: 2022-01-01."},{"key":"e_1_3_2_1_2_1","unstructured":"2021. GREAT SCOTT GADGETS HackRF One. https:\/\/greatscottgadgets.com\/hackrf\/one\/. Accessed: 2022-01-01.  2021. GREAT SCOTT GADGETS HackRF One. https:\/\/greatscottgadgets.com\/hackrf\/one\/. Accessed: 2022-01-01."},{"key":"e_1_3_2_1_3_1","unstructured":"2021. Rootkits: evolution and detection methods. https:\/\/www.ptsecurity.com\/ww-en\/analytics\/rootkits-evolution-and-detection-methods\/. Accessed: 2022-01-10.  2021. Rootkits: evolution and detection methods. https:\/\/www.ptsecurity.com\/ww-en\/analytics\/rootkits-evolution-and-detection-methods\/. Accessed: 2022-01-10."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-017-0345-9"},{"key":"e_1_3_2_1_5_1","volume-title":"Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware. https:\/\/media.defense.gov\/2020\/Aug\/13\/2002476465\/-1\/-1\/0\/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF. Accessed: 2022-01-01","author":"National\u00a0Security Agency and Federal\u00a0Bureau of Investigation. 2021.","unstructured":"National\u00a0Security Agency and Federal\u00a0Bureau of Investigation. 2021. Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware. https:\/\/media.defense.gov\/2020\/Aug\/13\/2002476465\/-1\/-1\/0\/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF. Accessed: 2022-01-01 . National\u00a0Security Agency and Federal\u00a0Bureau of Investigation. 2021. Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware. https:\/\/media.defense.gov\/2020\/Aug\/13\/2002476465\/-1\/-1\/0\/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF. Accessed: 2022-01-01."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2010.38"},{"key":"e_1_3_2_1_7_1","volume-title":"NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage. In International Symposium on Electromagnetic Compatibility (EMC \u201914 \/ Tokyo)","author":"Bhasin Shivam","year":"2014","unstructured":"Shivam Bhasin , Jean-Luc Danger , Sylvain Guilley , and Zakaria Najm . 2014 . NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage. In International Symposium on Electromagnetic Compatibility (EMC \u201914 \/ Tokyo) . IEEE. eprint version: https:\/\/eprint.iacr.org\/2013\/717.pdf. Shivam Bhasin, Jean-Luc Danger, Sylvain Guilley, and Zakaria Najm. 2014. NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage. In International Symposium on Electromagnetic Compatibility (EMC \u201914 \/ Tokyo). IEEE. eprint version: https:\/\/eprint.iacr.org\/2013\/717.pdf."},{"key":"e_1_3_2_1_8_1","unstructured":"Michael Boelen and John Horne. 2012. The rootkit hunter project. Online]. http:\/\/rkhunter.sourceforge.net(2012).  Michael Boelen and John Horne. 2012. The rootkit hunter project. Online]. http:\/\/rkhunter.sourceforge.net(2012)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1900546.1900554"},{"key":"e_1_3_2_1_10_1","unstructured":"Rory Bray Daniel Cid and Andrew Hay. 2008. OSSEC host-based intrusion detection guide. Syngress.  Rory Bray Daniel Cid and Andrew Hay. 2008. OSSEC host-based intrusion detection guide. Syngress."},{"key":"e_1_3_2_1_11_1","volume-title":"Security And Privacy In Computing And Communications\/12th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE)","author":"Bridges Robert","unstructured":"Robert Bridges , Jarilyn\u00a0Hern\u00e1ndez Jim\u00e9nez , Jeffrey Nichols , Katerina Goseva-Popstojanova , and Stacy Prowell . 2018. Towards malware detection via cpu power consumption: Data collection design and analytics. In 2018 17th IEEE International Conference On Trust , Security And Privacy In Computing And Communications\/12th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE) . IEEE , 1680\u20131684. Robert Bridges, Jarilyn\u00a0Hern\u00e1ndez Jim\u00e9nez, Jeffrey Nichols, Katerina Goseva-Popstojanova, and Stacy Prowell. 2018. Towards malware detection via cpu power consumption: Data collection design and analytics. In 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications\/12th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE). IEEE, 1680\u20131684."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-50011-9_29"},{"key":"e_1_3_2_1_13_1","volume-title":"16th Annual First Conference on Computer Security Incident Handling","author":"Bunten Andreas","year":"2004","unstructured":"Andreas Bunten . 2004 . Unix and linux based rootkits techniques and countermeasures . In 16th Annual First Conference on Computer Security Incident Handling , Budapest. Andreas Bunten. 2004. Unix and linux based rootkits techniques and countermeasures. In 16th Annual First Conference on Computer Security Incident Handling, Budapest."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833767"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243802"},{"key":"e_1_3_2_1_16_1","volume-title":"2013 USENIX Workshop on Health Information Technologies (HealthTech 13)","author":"Clark S.","year":"2013","unstructured":"Shane\u00a0 S. Clark , Benjamin Ransford , Amir Rahmati , Shane Guineau , Jacob Sorber , Wenyuan Xu , and Kevin Fu . 2013 . WattsUpDoc: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices . In 2013 USENIX Workshop on Health Information Technologies (HealthTech 13) . USENIX Association, Washington, D.C.https:\/\/www.usenix.org\/conference\/healthtech13\/workshop-program\/presentation\/clark Shane\u00a0S. Clark, Benjamin Ransford, Amir Rahmati, Shane Guineau, Jacob Sorber, Wenyuan Xu, and Kevin Fu. 2013. WattsUpDoc: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices. In 2013 USENIX Workshop on Health Information Technologies (HealthTech 13). USENIX Association, Washington, D.C.https:\/\/www.usenix.org\/conference\/healthtech13\/workshop-program\/presentation\/clark"},{"key":"e_1_3_2_1_17_1","volume-title":"39th IEEE Symposium on Security and Privacy","author":"Cozzi Emanuele","year":"2018","unstructured":"Emanuele Cozzi , Mariano Graziano , Yanick Fratantonio , and Davide Balzarotti . 2018 . Understanding Linux malware. In S&P 2018 , 39th IEEE Symposium on Security and Privacy , May 21-23, 2018, San Francisco, CA, USA, IEEE (Ed.). San Francisco. 2018 IEEE. Personal use of this material is permitted. However, permission to reprint\/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.. Emanuele Cozzi, Mariano Graziano, Yanick Fratantonio, and Davide Balzarotti. 2018. Understanding Linux malware. In S&P 2018, 39th IEEE Symposium on Security and Privacy, May 21-23, 2018, San Francisco, CA, USA, IEEE (Ed.). San Francisco. 2018 IEEE. Personal use of this material is permitted. However, permission to reprint\/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00021"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384727"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.166"},{"key":"e_1_3_2_1_21_1","first-page":"29","article-title":"W32. stuxnet dossier. White paper, Symantec Corp","volume":"5","author":"Falliere Nicolas","year":"2011","unstructured":"Nicolas Falliere , Liam\u00a0 O Murchu , and Eric Chien . 2011 . W32. stuxnet dossier. White paper, Symantec Corp ., Security Response 5 , 6 (2011), 29 . Nicolas Falliere, Liam\u00a0O Murchu, and Eric Chien. 2011. W32. stuxnet dossier. White paper, Symantec Corp., Security Response 5, 6 (2011), 29.","journal-title":"Security Response"},{"key":"e_1_3_2_1_22_1","volume-title":"Southern Africa Telecommunication Networks and Applications Conference (SATNAC). 228\u2013235","author":"Frieslaar Ibraheem","year":"2017","unstructured":"Ibraheem Frieslaar and Barry Irwin . 2017 . Recovering AES-128 encryption keys from a Raspberry Pi . In Southern Africa Telecommunication Networks and Applications Conference (SATNAC). 228\u2013235 . Ibraheem Frieslaar and Barry Irwin. 2017. Recovering AES-128 encryption keys from a Raspberry Pi. In Southern Africa Telecommunication Networks and Applications Conference (SATNAC). 228\u2013235."},{"key":"e_1_3_2_1_23_1","volume-title":"Southern Africa Telecommunication Networks and Applications Conference (SATNAC). 228\u2013235","author":"Frieslaar Ibraheem","year":"2017","unstructured":"Ibraheem Frieslaar and Barry Irwin . 2017 . Recovering AES-128 encryption keys from a Raspberry Pi . In Southern Africa Telecommunication Networks and Applications Conference (SATNAC). 228\u2013235 . Ibraheem Frieslaar and Barry Irwin. 2017. Recovering AES-128 encryption keys from a Raspberry Pi. In Southern Africa Telecommunication Networks and Applications Conference (SATNAC). 228\u2013235."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.23919\/SAIEE.2018.8531950"},{"key":"e_1_3_2_1_25_1","volume-title":"8th International Workshop","author":"Gierlichs Benedikt","year":"2006","unstructured":"Benedikt Gierlichs , Kerstin Lemke-Rust , and Christof Paar . 2006 . Templates vs. Stochastic Methods. In Cryptographic Hardware and Embedded Systems - CHES 2006 , 8th International Workshop , Yokohama, Japan , October 10-13, 2006, Proceedings(Lecture Notes in Computer Science, Vol.\u00a04249), Louis Goubin and Mitsuru Matsui (Eds.). Springer, 15\u201329. https:\/\/doi.org\/10.1007\/11894063_2 10.1007\/11894063_2 Benedikt Gierlichs, Kerstin Lemke-Rust, and Christof Paar. 2006. Templates vs. Stochastic Methods. In Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings(Lecture Notes in Computer Science, Vol.\u00a04249), Louis Goubin and Mitsuru Matsui (Eds.). Springer, 15\u201329. https:\/\/doi.org\/10.1007\/11894063_2"},{"key":"e_1_3_2_1_26_1","volume-title":"Vol.\u00a01","author":"Guri Mordechai","unstructured":"Mordechai Guri , Yuri Poliak , Bracha Shapira , and Yuval Elovici . 2015. JoKER: Trusted detection of kernel rootkits in android devices via JTAG interface. In 2015 IEEE Trustcom\/BigDataSE\/ISPA , Vol.\u00a01 . IEEE , 65\u201373. Mordechai Guri, Yuri Poliak, Bracha Shapira, and Yuval Elovici. 2015. JoKER: Trusted detection of kernel rootkits in android devices via JTAG interface. In 2015 IEEE Trustcom\/BigDataSE\/ISPA, Vol.\u00a01. IEEE, 65\u201373."},{"key":"e_1_3_2_1_27_1","unstructured":"Seunghun Han. 2020. Adore-NG v2.5. https:\/\/github.com\/kkamagui\/adore-ng Accessed: 2022-02-10.  Seunghun Han. 2020. Adore-NG v2.5. https:\/\/github.com\/kkamagui\/adore-ng Accessed: 2022-02-10."},{"key":"e_1_3_2_1_28_1","volume-title":"Shadow-box v2: The practical and omnipotent sandbox for arm","author":"Han Seunghun","year":"2018","unstructured":"Seunghun Han and JH Park . 2018. Shadow-box v2: The practical and omnipotent sandbox for arm . 2018 , slideshow at Blackhat Asia( 2018). Seunghun Han and JH Park. 2018. Shadow-box v2: The practical and omnipotent sandbox for arm. 2018, slideshow at Blackhat Asia(2018)."},{"key":"e_1_3_2_1_29_1","unstructured":"David Harley and Andrew Lee. 2007. The root of all evil?-rootkits revealed.  David Harley and Andrew Lee. 2007. The root of all evil?-rootkits revealed."},{"key":"e_1_3_2_1_30_1","volume-title":"Constructive Side-Channel Analysis and Secure Design - Third International Workshop, COSADE","author":"Heuser Annelie","year":"2012","unstructured":"Annelie Heuser and Michael Zohner . 2012. Intelligent Machine Homicide - Breaking Cryptographic Devices Using Support Vector Machines . In Constructive Side-Channel Analysis and Secure Design - Third International Workshop, COSADE 2012 , Darmstadt, Germany, May 3-4, 2012. Proceedings(Lecture Notes in Computer Science, Vol.\u00a07275), Werner Schindler and Sorin\u00a0A. Huss (Eds.). Springer , 249\u2013264. https:\/\/doi.org\/10.1007\/978-3-642-29912-4_18 10.1007\/978-3-642-29912-4_18 Annelie Heuser and Michael Zohner. 2012. Intelligent Machine Homicide - Breaking Cryptographic Devices Using Support Vector Machines. In Constructive Side-Channel Analysis and Secure Design - Third International Workshop, COSADE 2012, Darmstadt, Germany, May 3-4, 2012. Proceedings(Lecture Notes in Computer Science, Vol.\u00a07275), Werner Schindler and Sorin\u00a0A. Huss (Eds.). Springer, 249\u2013264. https:\/\/doi.org\/10.1007\/978-3-642-29912-4_18"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2757667.2757673"},{"key":"e_1_3_2_1_32_1","unstructured":"Arun\u00a0Prakash Jana. 2021. spy v1.8. https:\/\/github.com\/jarun\/spy Accessed: 2022-02-10.  Arun\u00a0Prakash Jana. 2021. spy v1.8. https:\/\/github.com\/jarun\/spy Accessed: 2022-02-10."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3386263.3406939"},{"key":"e_1_3_2_1_34_1","first-page":"50023","volume-title":"Proceedings of the Eleventh International Conference","author":"John H.","year":"1994","unstructured":"George\u00a0 H. John , Ron Kohavi , and Karl Pfleger . 1994 . Irrelevant Features and the Subset Selection Problem. In Machine Learning , Proceedings of the Eleventh International Conference , Rutgers University, New Brunswick, NJ, USA , July 10-13, 1994, William\u00a0W. Cohenand Haym Hirsh (Eds.). Morgan Kaufmann, 121\u2013129. https:\/\/doi.org\/10.1016\/b978-1-55860-335-6. 50023 - 50024 10.1016\/b978-1-55860-335-6.50023-4 George\u00a0H. John, Ron Kohavi, and Karl Pfleger. 1994. Irrelevant Features and the Subset Selection Problem. In Machine Learning, Proceedings of the Eleventh International Conference, Rutgers University, New Brunswick, NJ, USA, July 10-13, 1994, William\u00a0W. Cohenand Haym Hirsh (Eds.). Morgan Kaufmann, 121\u2013129. https:\/\/doi.org\/10.1016\/b978-1-55860-335-6.50023-4"},{"key":"e_1_3_2_1_35_1","unstructured":"Juho Junnila. 2020. Effectiveness of Linux Rootkit Detection Tools. (2020).  Juho Junnila. 2020. Effectiveness of Linux Rootkit Detection Tools. (2020)."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-019-00074-w"},{"key":"e_1_3_2_1_37_1","volume-title":"World Congress on Internet Security (WorldCIS-2012)","author":"Kyte Iain","year":"2012","unstructured":"Iain Kyte , Pavol Zavarsky , Dale Lindskog , and Ron Ruhl . 2012 . Enhanced side-channel analysis method to detect hardware virtualization based rootkits . In World Congress on Internet Security (WorldCIS-2012) . 192\u2013201. Iain Kyte, Pavol Zavarsky, Dale Lindskog, and Ron Ruhl. 2012. Enhanced side-channel analysis method to detect hardware virtualization based rootkits. In World Congress on Internet Security (WorldCIS-2012). 192\u2013201."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWIA.2004.1288042"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-171060"},{"key":"e_1_3_2_1_40_1","unstructured":"m0hamed. 2015. lkm-rootkit: A rootkit implemented as a linux kernel module. https:\/\/github.com\/m0hamed\/lkm-rootkit Accessed: 2022-02-10.  m0hamed. 2015. lkm-rootkit: A rootkit implemented as a linux kernel module. https:\/\/github.com\/m0hamed\/lkm-rootkit Accessed: 2022-02-10."},{"key":"e_1_3_2_1_41_1","unstructured":"m0nad. 2021. Diamorphine: a LKM rootkit. https:\/\/github.com\/m0nad\/Diamorphine Accessed: 2022-02-10.  m0nad. 2021. Diamorphine: a LKM rootkit. https:\/\/github.com\/m0nad\/Diamorphine Accessed: 2022-02-10."},{"key":"e_1_3_2_1_42_1","volume-title":"Power analysis attacks - revealing the secrets of smart cards","author":"Mangard Stefan","unstructured":"Stefan Mangard , Elisabeth Oswald , and Thomas Popp . 2007. Power analysis attacks - revealing the secrets of smart cards . Springer . Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2007. Power analysis attacks - revealing the secrets of smart cards. Springer."},{"key":"e_1_3_2_1_43_1","unstructured":"Ciar\u00e1n McNally. 2015. maK_it-Linux-Rootkit. https:\/\/web.archive.org\/web\/20190119045332\/https:\/\/r00tkit.me\/ Accessed: 2022-02-10.  Ciar\u00e1n McNally. 2015. maK_it-Linux-Rootkit. https:\/\/web.archive.org\/web\/20190119045332\/https:\/\/r00tkit.me\/ Accessed: 2022-02-10."},{"key":"e_1_3_2_1_44_1","unstructured":"mempodippy. 2019. vlany: a Linux LD_PRELOAD rootkit. https:\/\/github.com\/mempodippy\/vlany Accessed: 2022-02-10.  mempodippy. 2019. vlany: a Linux LD_PRELOAD rootkit. https:\/\/github.com\/mempodippy\/vlany Accessed: 2022-02-10."},{"key":"e_1_3_2_1_45_1","unstructured":"Nelson Murilo and Klaus Steding-Jessen. 2001. M\u00e9todos para detec\u00e7\u00e3o local de rootkits e m\u00f3dulos de kernel maliciosos em sistemas UNIX. In Anais do III Simp\u00f3sio sobre Seguran\u00e7a em Inform\u00e1tica (SSI\u20192001). 133\u2013139.  Nelson Murilo and Klaus Steding-Jessen. 2001. M\u00e9todos para detec\u00e7\u00e3o local de rootkits e m\u00f3dulos de kernel maliciosos em sistemas UNIX. In Anais do III Simp\u00f3sio sobre Seguran\u00e7a em Inform\u00e1tica (SSI\u20192001). 133\u2013139."},{"key":"e_1_3_2_1_46_1","volume-title":"2017 ACM\/IEEE 44th Annual International Symposium on Computer Architecture (ISCA). 333\u2013346","author":"Nazari A.","unstructured":"A. Nazari , N. Sehatbakhsh , M. Alam , A. Zajic , and M. Prvulovic . 2017. EDDIE: EM-based detection of deviations in program execution . In 2017 ACM\/IEEE 44th Annual International Symposium on Computer Architecture (ISCA). 333\u2013346 . https:\/\/doi.org\/10.1145\/3079856.3080223 10.1145\/3079856.3080223 A. Nazari, N. Sehatbakhsh, M. Alam, A. Zajic, and M. Prvulovic. 2017. EDDIE: EM-based detection of deviations in program execution. In 2017 ACM\/IEEE 44th Annual International Symposium on Computer Architecture (ISCA). 333\u2013346. https:\/\/doi.org\/10.1145\/3079856.3080223"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2021.i4.676-707"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_11"},{"key":"e_1_3_2_1_49_1","first-page":"179","article-title":"Copilot-a Coprocessor-based Kernel Runtime Integrity Monitor.. In USENIX security symposium","author":"Petroni\u00a0Jr L","year":"2004","unstructured":"Nick\u00a0 L Petroni\u00a0Jr , Timothy Fraser , Jesus Molina , and William\u00a0 A Arbaugh . 2004 . Copilot-a Coprocessor-based Kernel Runtime Integrity Monitor.. In USENIX security symposium . San Diego, USA , 179 \u2013 194 . Nick\u00a0L Petroni\u00a0Jr, Timothy Fraser, Jesus Molina, and William\u00a0A Arbaugh. 2004. Copilot-a Coprocessor-based Kernel Runtime Integrity Monitor.. In USENIX security symposium. San Diego, USA, 179\u2013194.","journal-title":"San Diego, USA"},{"key":"e_1_3_2_1_50_1","volume-title":"Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification. In Annual Computer Security Applications Conference.","author":"Pham Duy-Phuc","year":"2021","unstructured":"Duy-Phuc Pham , Damien Marion , Mathieu Mastio , and Annelie Heuser . 2021 . Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification. In Annual Computer Security Applications Conference. Duy-Phuc Pham, Damien Marion, Mathieu Mastio, and Annelie Heuser. 2021. Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification. In Annual Computer Security Applications Conference."},{"key":"e_1_3_2_1_51_1","volume-title":"Federated Learning for Malware Detection in IoT Devices. 204","author":"Rey Valerian","year":"2021","unstructured":"Valerian Rey , Pedro\u00a0Miguel S\u00e1nchez\u00a0S\u00e1nchez , Alberto Huertas\u00a0Celdr\u00e1n , and G\u00e9r\u00f4me Bovet . 2021. Federated Learning for Malware Detection in IoT Devices. 204 ( 2021 ), 108693. https:\/\/doi.org\/10.1016\/j.comnet.2021.108693 10.1016\/j.comnet.2021.108693 Valerian Rey, Pedro\u00a0Miguel S\u00e1nchez\u00a0S\u00e1nchez, Alberto Huertas\u00a0Celdr\u00e1n, and G\u00e9r\u00f4me Bovet. 2021. Federated Learning for Malware Detection in IoT Devices. 204 (2021), 108693. https:\/\/doi.org\/10.1016\/j.comnet.2021.108693"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2020.102633"},{"key":"e_1_3_2_1_53_1","volume-title":"Introducing blue pill. The official blog of the invisiblethings. org 22","author":"Rutkowska Joanna","year":"2006","unstructured":"Joanna Rutkowska . 2006. Introducing blue pill. The official blog of the invisiblethings. org 22 ( 2006 ), 23. Joanna Rutkowska. 2006. Introducing blue pill. The official blog of the invisiblethings. org 22 (2006), 23."},{"key":"e_1_3_2_1_54_1","volume-title":"Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices. Digital Investigation 29 (July","author":"Sayakkara Asanka","year":"2019","unstructured":"Asanka Sayakkara , Nhien-An Le-Khac , and Mark Scanlon . 2019. Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices. Digital Investigation 29 (July 2019 ), S94\u2013S103. https:\/\/doi.org\/10.1016\/j.diin.2019.04.012 10.1016\/j.diin.2019.04.012 Asanka Sayakkara, Nhien-An Le-Khac, and Mark Scanlon. 2019. Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices. Digital Investigation 29 (July 2019), S94\u2013S103. https:\/\/doi.org\/10.1016\/j.diin.2019.04.012"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-016-0120-y"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2019.2945767"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3052999"},{"key":"e_1_3_2_1_58_1","unstructured":"Unix-Thrust. 2017. Unix-Thrust\/Beurk: Beurk Experimental unix rootkit. https:\/\/github.com\/unix-thrust\/beurk Accessed: 2022-02-10.  Unix-Thrust. 2017. Unix-Thrust\/Beurk: Beurk Experimental unix rootkit. https:\/\/github.com\/unix-thrust\/beurk Accessed: 2022-02-10."},{"key":"e_1_3_2_1_59_1","volume-title":"Open source software-defined radio: A survey on gnuradio and its applications. Forschungszentrum Telekommunikation Wien","author":"Valerio Danilo","year":"2008","unstructured":"Danilo Valerio . 2008. Open source software-defined radio: A survey on gnuradio and its applications. Forschungszentrum Telekommunikation Wien , Vienna, Technical Report FTW-TR- 2008 -002 (2008). Danilo Valerio. 2008. Open source software-defined radio: A survey on gnuradio and its applications. Forschungszentrum Telekommunikation Wien, Vienna, Technical Report FTW-TR-2008-002 (2008)."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/2463209.2488831"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1117\/12.2311329"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653728"},{"key":"e_1_3_2_1_63_1","volume-title":"CONFidence Conference.","author":"Zabrocki Adam","year":"2018","unstructured":"Adam Zabrocki . 2018 . Linux Kernel Runtime Guard (LKRG) under the Hood . In CONFidence Conference. Adam Zabrocki. 2018. Linux Kernel Runtime Guard (LKRG) under the Hood. In CONFidence Conference."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196515"}],"event":{"name":"RAID 2022: 25th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Limassol Cyprus","acronym":"RAID 2022"},"container-title":["Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545962","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3545948.3545962","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:27Z","timestamp":1750188627000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545962"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,26]]},"references-count":64,"alternative-id":["10.1145\/3545948.3545962","10.1145\/3545948"],"URL":"https:\/\/doi.org\/10.1145\/3545948.3545962","relation":{},"subject":[],"published":{"date-parts":[[2022,10,26]]},"assertion":[{"value":"2022-10-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}