{"id":"https://openalex.org/W4391769281","doi":"https://doi.org/10.1109/ccwc60891.2024.10427780","title":"Should Smart Homes Be Afraid of Evil Maids? : Identifying Vulnerabilities in IoT Device Firmware","display_name":"Should Smart Homes Be Afraid of Evil Maids? : Identifying Vulnerabilities in IoT Device Firmware","publication_year":2024,"publication_date":"2024-01-08","ids":{"openalex":"https://openalex.org/W4391769281","doi":"https://doi.org/10.1109/ccwc60891.2024.10427780"},"language":"en","primary_location":{"id":"doi:10.1109/ccwc60891.2024.10427780","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ccwc60891.2024.10427780","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 14th Annual Computing and Communication Workshop and Conference (CCWC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093917819","display_name":"Austen Knapp","orcid":null},"institutions":[{"id":"https://openalex.org/I888729015","display_name":"University of Colorado Colorado Springs","ror":"https://ror.org/054spjc55","country_code":"US","type":"education","lineage":["https://openalex.org/I888729015"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Austen Knapp","raw_affiliation_strings":["University of Colorado,Colorado Springs","University of Colorado, Colorado Springs"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Colorado,Colorado Springs","institution_ids":["https://openalex.org/I888729015"]},{"raw_affiliation_string":"University of Colorado, Colorado Springs","institution_ids":["https://openalex.org/I888729015"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093917820","display_name":"Emmanuel Wamuo","orcid":null},"institutions":[{"id":"https://openalex.org/I888729015","display_name":"University of Colorado Colorado Springs","ror":"https://ror.org/054spjc55","country_code":"US","type":"education","lineage":["https://openalex.org/I888729015"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Emmanuel Wamuo","raw_affiliation_strings":["University of Colorado,Colorado Springs","University of Colorado, Colorado Springs"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Colorado,Colorado Springs","institution_ids":["https://openalex.org/I888729015"]},{"raw_affiliation_string":"University of Colorado, Colorado Springs","institution_ids":["https://openalex.org/I888729015"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093917810","display_name":"Minhajul Alam Rahat","orcid":"https://orcid.org/0009-0002-6831-2927"},"institutions":[{"id":"https://openalex.org/I888729015","display_name":"University of Colorado Colorado Springs","ror":"https://ror.org/054spjc55","country_code":"US","type":"education","lineage":["https://openalex.org/I888729015"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Minhajul Alam Rahat","raw_affiliation_strings":["University of Colorado,Colorado Springs","University of Colorado, Colorado Springs"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Colorado,Colorado Springs","institution_ids":["https://openalex.org/I888729015"]},{"raw_affiliation_string":"University of Colorado, Colorado Springs","institution_ids":["https://openalex.org/I888729015"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025546105","display_name":"Santiago Torres-Arias","orcid":"https://orcid.org/0000-0002-9283-3557"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Santiago Torres-Arias","raw_affiliation_strings":["Purdue University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Purdue University","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055170166","display_name":"Gedare Bloom","orcid":"https://orcid.org/0000-0002-5677-7092"},"institutions":[{"id":"https://openalex.org/I888729015","display_name":"University of Colorado Colorado Springs","ror":"https://ror.org/054spjc55","country_code":"US","type":"education","lineage":["https://openalex.org/I888729015"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gedare Bloom","raw_affiliation_strings":["University of Colorado,Colorado Springs","University of Colorado, Colorado Springs"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Colorado,Colorado Springs","institution_ids":["https://openalex.org/I888729015"]},{"raw_affiliation_string":"University of Colorado, Colorado Springs","institution_ids":["https://openalex.org/I888729015"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072959708","display_name":"Yanyan Zhuang","orcid":"https://orcid.org/0000-0002-8407-0801"},"institutions":[{"id":"https://openalex.org/I888729015","display_name":"University of Colorado Colorado Springs","ror":"https://ror.org/054spjc55","country_code":"US","type":"education","lineage":["https://openalex.org/I888729015"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yanyan Zhuang","raw_affiliation_strings":["University of Colorado,Colorado Springs","University of Colorado, Colorado Springs"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Colorado,Colorado Springs","institution_ids":["https://openalex.org/I888729015"]},{"raw_affiliation_string":"University of Colorado, Colorado Springs","institution_ids":["https://openalex.org/I888729015"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5093917819"],"corresponding_institution_ids":["https://openalex.org/I888729015"],"apc_list":null,"apc_paid":null,"fwci":0.9832,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.71404291,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"0467","last_page":"0473"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9744935035705566},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.762024998664856},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7421046495437622},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.6747274994850159},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6315663456916809},{"id":"https://openalex.org/keywords/microcode","display_name":"Microcode","score":0.5244336724281311},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.41907206177711487},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17467311024665833}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9744935035705566},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.762024998664856},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7421046495437622},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6747274994850159},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6315663456916809},{"id":"https://openalex.org/C22174128","wikidata":"https://www.wikidata.org/wiki/Q175869","display_name":"Microcode","level":2,"score":0.5244336724281311},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.41907206177711487},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17467311024665833}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ccwc60891.2024.10427780","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ccwc60891.2024.10427780","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 14th Annual Computing and Communication Workshop and Conference (CCWC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/5","score":0.44999998807907104,"display_name":"Gender equality"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W1454791451","https://openalex.org/W2092039689","https://openalex.org/W2094313385","https://openalex.org/W2160914149","https://openalex.org/W2175377689","https://openalex.org/W2563849074","https://openalex.org/W2785644016","https://openalex.org/W2890305055","https://openalex.org/W2890541097","https://openalex.org/W2897801222","https://openalex.org/W3009479568","https://openalex.org/W3027626123","https://openalex.org/W3036521249","https://openalex.org/W3082134657","https://openalex.org/W3175239812","https://openalex.org/W4287511941","https://openalex.org/W4308219259","https://openalex.org/W4361997648"],"related_works":["https://openalex.org/W1966431236","https://openalex.org/W608147619","https://openalex.org/W1984676852","https://openalex.org/W2068967940","https://openalex.org/W270731569","https://openalex.org/W4252104358","https://openalex.org/W2062160093","https://openalex.org/W2025981307","https://openalex.org/W1998626163","https://openalex.org/W2056006243"],"abstract_inverted_index":{"The":[0],"Internet":[1],"of":[2,38,47,59,66,82,90,103,112,138],"Things":[3],"(IoT)":[4],"revolution":[5],"has":[6],"transformed":[7],"everyday":[8],"consumer":[9],"objects":[10],"into":[11],"interconnected,":[12],"intelligent":[13],"devices.":[14,163],"Due":[15],"to":[16,25,33,129,180],"historically":[17],"weak":[18],"security":[19,42,146,173,185],"designs,":[20],"these":[21,144],"devices":[22,105,124],"are":[23],"susceptible":[24],"compromises":[26],"with":[27],"far-reaching":[28],"consequences.":[29],"This":[30],"paper":[31,166],"aims":[32],"evaluate":[34],"the":[35,45,83,171],"current":[36],"state":[37],"IoT":[39,61,162,183],"device":[40,184],"firmware":[41,67,139],"and":[43,133,157,175,186],"assess":[44],"effectiveness":[46,74],"existing":[48],"methods":[49],"in":[50,72,161],"safeguarding":[51],"sensitive":[52,130],"data.":[53],"We":[54],"conducted":[55],"a":[56,64,151],"manual":[57],"analysis":[58,178],"16":[60,84,104],"devices,":[62,85],"revealing":[63],"range":[65],"management":[68],"techniques,":[69],"each":[70],"varying":[71],"their":[73],"against":[75],"an":[76],"evil":[77],"maid":[78],"attack":[79],"scenario.":[80],"Out":[81],"only":[86],"2":[87],"showed":[88],"evidence":[89],"encrypting":[91],"data":[92,131,188],"at":[93,136],"rest,":[94],"despite":[95],"10":[96],"having":[97],"crypto-enabled":[98],"hardware.":[99],"Additionally,":[100],"9":[101],"out":[102],"possessed":[106],"secure":[107,120,158],"boot-enabled":[108],"hardware,":[109],"but":[110],"4":[111],"them":[113],"did":[114],"not":[115],"properly":[116],"utilize":[117],"or":[118],"implement":[119],"boot.":[121],"Consequently,":[122],"13":[123],"were":[125,135],"identified":[126],"as":[127],"vulnerable":[128],"compromise,":[132],"11":[134],"risk":[137],"modification":[140],"attacks.":[141],"To":[142],"address":[143],"critical":[145],"gaps,":[147],"this":[148,165],"study":[149],"proposes":[150],"method":[152],"for":[153],"analyzing":[154],"data-at-rest":[155],"encryption":[156],"boot":[159],"status":[160],"In":[164],"we":[167],"shed":[168],"light":[169],"on":[170],"prevailing":[172],"shortcomings":[174],"provide":[176],"practical":[177],"techniques":[179],"foster":[181],"improved":[182],"user":[187],"protection.":[189]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-05-01T08:36:08.643496","created_date":"2025-10-10T00:00:00"}