{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:08:42Z","timestamp":1750219722256,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":43,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,6,16]],"date-time":"2023-06-16T00:00:00Z","timestamp":1686873600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,6,16]]},"DOI":"10.1145\/3605801.3605808","type":"proceedings-article","created":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T22:58:51Z","timestamp":1691621931000},"page":"35-41","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["A comprehensive survey of vulnerability detection method towards Linux-based IoT devices"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8309-8001","authenticated-orcid":false,"given":"Xixing","family":"Li","sequence":"first","affiliation":[{"name":"Information Engineering University, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0288-0086","authenticated-orcid":false,"given":"Qiang","family":"Wei","sequence":"additional","affiliation":[{"name":"Information Engineering University, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5176-4620","authenticated-orcid":false,"given":"Zehui","family":"Wu","sequence":"additional","affiliation":[{"name":"Information Engineering University, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-2650-8398","authenticated-orcid":false,"given":"Wei","family":"Guo","sequence":"additional","affiliation":[{"name":"Information Engineering University, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,8,9]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00013"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134500"},{"key":"e_1_3_2_1_3_1","volume-title":"27th USENIX security symposium, USENIX security","author":"Celik Berkay","year":"2018","unstructured":"Z.\u00a0Berkay Celik, Leonardo Babun, Amit\u00a0Kumar Sikder, Hidayet Aksu, Gang Tan, Patrick\u00a0D. McDaniel, and A.\u00a0Selcuk Uluagac. 2018. Sensitive information tracking in commodity IoT. In 27th USENIX security symposium, USENIX security 2018, baltimore, MD, USA, august 15-17, 2018(USENIX\u201918), William Enck and Adrienne\u00a0Porter Felt (Eds.). USENIX Association, 1687\u20131704. https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity18\/sec18-celik.pdf tex.bibsource: dblp computer science bibliography, https:\/\/dblp.org tex.biburl: https:\/\/dblp.org\/rec\/conf\/uss\/CelikBSATMU18.bib tex.timestamp: Mon, 01 Feb 2021 08:43:20 +0100."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23415"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23159"},{"key":"e_1_3_2_1_6_1","unstructured":"Libo Chen Yanhao Wang Quanpu Cai Yunfan Zhan Hong Hu Jiaqi Linghu Qinsheng Hou Chao Zhang Haixin Duan and Zhi Xue. 2021. Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems(Security 21). 303\u2013319. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/chen-libo"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/PCCC.2017.8280478"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00052"},{"key":"e_1_3_2_1_9_1","volume-title":"Finding Taint-Style Vulnerabilities in Linux-based Embedded Firmware with SSE-based Alias Analysis. ArXiv","author":"Cheng Kai","year":"2022","unstructured":"Kai Cheng, Tao Liu, Le Guan, Peng Liu, Hong Li, Hongsong Zhu, and Limin Sun. 2022. Finding Taint-Style Vulnerabilities in Linux-based Embedded Firmware with SSE-based Alias Analysis. ArXiv (2022)."},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the 23rd USENIX security symposium, san diego, CA, USA, august 20-22","author":"Costin Andrei","year":"2014","unstructured":"Andrei Costin, Jonas Zaddach, Aur\u00e9lien Francillon, and Davide Balzarotti. 2014. A large-scale analysis of the security of embedded firmwares. In Proceedings of the 23rd USENIX security symposium, san diego, CA, USA, august 20-22, 2014(Security 14), Kevin Fu and Jaeyeon Jung (Eds.). USENIX Association, 95\u2013110. https:\/\/www.usenix.org\/conference\/usenixsecurity14\/technical-sessions\/presentation\/costin tex.bibsource: dblp computer science bibliography, https:\/\/dblp.org tex.biburl: https:\/\/dblp.org\/rec\/conf\/uss\/CostinZFB14.bib tex.timestamp: Mon, 01 Feb 2021 08:43:17 +0100."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897900"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3177157"},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the 22th USENIX security symposium, washington, DC, USA, august 14-16","author":"Davidson Drew","year":"2013","unstructured":"Drew Davidson, Benjamin Moench, Thomas Ristenpart, and Somesh Jha. 2013. FIE on firmware: Finding vulnerabilities in embedded systems using symbolic execution. In Proceedings of the 22th USENIX security symposium, washington, DC, USA, august 14-16, 2013, Samuel\u00a0T. King (Ed.). USENIX Association, 463\u2013478. https:\/\/www.usenix.org\/conference\/usenixsecurity13\/technical-sessions\/paper\/davidson tex.bibsource: dblp computer science bibliography, https:\/\/dblp.org tex.biburl: https:\/\/dblp.org\/rec\/conf\/uss\/DavidsonMRJ13.bib tex.timestamp: Mon, 01 Feb 2021 08:43:12 +0100."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23185"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-61638-0_14"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484543"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/JAS.2022.105860"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3240480"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2019.2947432"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.5756"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2973043"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3446371"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427294"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23166"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2022.100552"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00066"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/sp40000.2020.00036"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23294"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338507.3358616"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","unstructured":"Sam\u00a0L. Thomas Tom Chothia and Flavio\u00a0D. Garcia. 2017. Stringer: Measuring the Importance of Static Data Comparisons to Detect Backdoors and Undocumented Functionality. In Computer Security - ESORICS 2017 - 22nd European Symposium on Research in Computer Security Oslo Norway September 11-15 2017 Proceedings Part II(Lecture Notes in Computer Science Vol.\u00a010493) Simon\u00a0N. Foley Dieter Gollmann and Einar Snekkenes (Eds.). Springer 513\u2013531. https:\/\/doi.org\/10.1007\/978-3-319-66399-9_28","DOI":"10.1007\/978-3-319-66399-9_28"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_13"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","unstructured":"Dong Wang Xiaosong Zhang Ting Chen and Jingwei Li. 2019. Discovering Vulnerabilities in COTS IoT Devices through Blackbox Fuzzing Web Management Interface. In Innovative Mobile and Internet Services in Ubiquitous Computing Prosanta Gope (Ed.). Vol.\u00a02019. Hindawi 5076324. https:\/\/doi.org\/10.1155\/2019\/5076324 ISSN: 1939-0114.","DOI":"10.1155\/2019"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.3837\/tiis.2013.08.014"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-50399-4_25"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3457913.3457934"},{"key":"e_1_3_2_1_38_1","unstructured":"Li Zhang Jiongyi Chen Wenrui Diao Shanqing Guo Jian Weng and Kehuan Zhang. 2019. CryptoREX: Large-scale Analysis of Cryptographic Misuse in IoT Devices. 151\u2013164. https:\/\/www.usenix.org\/conference\/raid2019\/presentation\/zhang-li"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359826"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534366"},{"key":"e_1_3_2_1_41_1","volume-title":"28th USENIX Security Symposium. 1099\u20131114","author":"Zheng Yaowen","year":"2019","unstructured":"Yaowen Zheng, Ali Davanian, Heng Yin, Chengyu Song, Hongsong Zhu, and Limin Sun. 2019. FIRM-AFL: high-throughput greybox fuzzing of iot firmware via augmented process emulation. In 28th USENIX Security Symposium. 1099\u20131114."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534414"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","unstructured":"Yaowen Zheng Zhanwei Song Yuyan Sun Kai Cheng Hongsong Zhu and Limin Sun. 2019. An Efficient Greybox Fuzzing Scheme for Linux-based IoT Programs Through Binary Static Analysis. In 2019 IEEE 38th International Performance Computing and Communications Conference (IPCCC). 1\u20138. https:\/\/doi.org\/10.1109\/IPCCC47392.2019.8958740 ISSN: 2374-9628.","DOI":"10.1109\/IPCCC47392.2019.8958740"}],"event":{"name":"CNCIT 2023: 2023 2nd International Conference on Networks, Communications and Information Technology","acronym":"CNCIT 2023","location":"Qinghai China"},"container-title":["Proceedings of the 2023 2nd International Conference on Networks, Communications and Information Technology"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605801.3605808","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3605801.3605808","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:36:19Z","timestamp":1750178179000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605801.3605808"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,16]]},"references-count":43,"alternative-id":["10.1145\/3605801.3605808","10.1145\/3605801"],"URL":"https:\/\/doi.org\/10.1145\/3605801.3605808","relation":{},"subject":[],"published":{"date-parts":[[2023,6,16]]},"assertion":[{"value":"2023-08-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}