{"id":"https://openalex.org/W4409495356","doi":"https://doi.org/10.1109/icstw64639.2025.10962511","title":"Structural Backdoor Attack on IoT Malware Detectors via Graph Explainability","display_name":"Structural Backdoor Attack on IoT Malware Detectors via Graph Explainability","publication_year":2025,"publication_date":"2025-03-31","ids":{"openalex":"https://openalex.org/W4409495356","doi":"https://doi.org/10.1109/icstw64639.2025.10962511"},"language":"en","primary_location":{"id":"doi:10.1109/icstw64639.2025.10962511","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icstw64639.2025.10962511","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056180066","display_name":"Yu\u2010Cheng Chiu","orcid":"https://orcid.org/0000-0003-4812-5681"},"institutions":[{"id":"https://openalex.org/I154864474","display_name":"National Taiwan University of Science and Technology","ror":"https://ror.org/00q09pe49","country_code":"TW","type":"education","lineage":["https://openalex.org/I154864474"]}],"countries":["TW"],"is_corresponding":true,"raw_author_name":"Yu-Cheng Chiu","raw_affiliation_strings":["National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan"],"affiliations":[{"raw_affiliation_string":"National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan","institution_ids":["https://openalex.org/I154864474"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001198564","display_name":"Maina Bernard Mwangi","orcid":"https://orcid.org/0000-0002-7576-692X"},"institutions":[{"id":"https://openalex.org/I154864474","display_name":"National Taiwan University of Science and Technology","ror":"https://ror.org/00q09pe49","country_code":"TW","type":"education","lineage":["https://openalex.org/I154864474"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Maina Bernard Mwangi","raw_affiliation_strings":["National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan"],"affiliations":[{"raw_affiliation_string":"National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan","institution_ids":["https://openalex.org/I154864474"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040420733","display_name":"Shin\u2010Ming Cheng","orcid":"https://orcid.org/0000-0002-9796-0643"},"institutions":[{"id":"https://openalex.org/I154864474","display_name":"National Taiwan University of Science and Technology","ror":"https://ror.org/00q09pe49","country_code":"TW","type":"education","lineage":["https://openalex.org/I154864474"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Shin-Ming Cheng","raw_affiliation_strings":["National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan"],"affiliations":[{"raw_affiliation_string":"National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan","institution_ids":["https://openalex.org/I154864474"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044294037","display_name":"Hahn-Ming Lee","orcid":null},"institutions":[{"id":"https://openalex.org/I154864474","display_name":"National Taiwan University of Science and Technology","ror":"https://ror.org/00q09pe49","country_code":"TW","type":"education","lineage":["https://openalex.org/I154864474"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Hahn-Ming Lee","raw_affiliation_strings":["National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan"],"affiliations":[{"raw_affiliation_string":"National Taiwan University of Science and Technology,Department of Computer Science and Information Engineering,Taipei,Taiwan","institution_ids":["https://openalex.org/I154864474"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5056180066"],"corresponding_institution_ids":["https://openalex.org/I154864474"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.10221984,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"400","last_page":"409"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.9523664712905884},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7080915570259094},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6802226305007935},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5522143244743347},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.46919724345207214}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.9523664712905884},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7080915570259094},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6802226305007935},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5522143244743347},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.46919724345207214}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icstw64639.2025.10962511","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icstw64639.2025.10962511","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W1981221397","https://openalex.org/W2056107175","https://openalex.org/W2132022337","https://openalex.org/W2514974017","https://openalex.org/W2749008552","https://openalex.org/W2889717770","https://openalex.org/W2945316254","https://openalex.org/W2961099251","https://openalex.org/W2962802821","https://openalex.org/W2969904462","https://openalex.org/W2990612420","https://openalex.org/W3024340288","https://openalex.org/W3095718454","https://openalex.org/W3131954256","https://openalex.org/W3167334189","https://openalex.org/W3174621618","https://openalex.org/W3174908416","https://openalex.org/W3180545700","https://openalex.org/W4200117421","https://openalex.org/W4213214906","https://openalex.org/W4255756278","https://openalex.org/W4281902577","https://openalex.org/W4285602113","https://openalex.org/W4287849792","https://openalex.org/W4297099979","https://openalex.org/W4312056312","https://openalex.org/W4322730960","https://openalex.org/W4378189129","https://openalex.org/W4384948718","https://openalex.org/W4391974622","https://openalex.org/W4394586040","https://openalex.org/W4398151115","https://openalex.org/W4399377805","https://openalex.org/W4400858567","https://openalex.org/W4401070022","https://openalex.org/W4403511133","https://openalex.org/W4405179916","https://openalex.org/W6636510571","https://openalex.org/W6745899033","https://openalex.org/W6750318962","https://openalex.org/W6767288045","https://openalex.org/W6786048916","https://openalex.org/W6787959460","https://openalex.org/W6790580958"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4320031223","https://openalex.org/W4200629851","https://openalex.org/W4281902577","https://openalex.org/W4309417370","https://openalex.org/W4292107232","https://openalex.org/W3009072493","https://openalex.org/W4401407399"],"abstract_inverted_index":{"In":[0],"AI-based":[1,66,128],"malware":[2,31,56,77,130,143,187,215],"detection,":[3],"structural":[4,127,147,213],"features":[5,54],"such":[6,43],"as":[7,44,165],"function":[8],"call":[9],"graphs":[10,15],"(FCGs)":[11],"and":[12,28,58,71,94,167,221],"control":[13],"flow":[14,27],"(CFGs)":[16],"are":[17,90],"widely":[18],"used":[19],"for":[20,126,225],"their":[21,124,195],"ability":[22],"to":[23,73,75,92,163,193,209],"encapsulate":[24],"program":[25],"execution":[26],"facilitate":[29],"cross-architectural":[30],"detection":[32,57,131],"in":[33,101,121,173],"IoT":[34,129,142,214],"environments.":[35],"When":[36],"combined":[37],"with":[38],"deep":[39],"learning":[40],"(DL)":[41],"models,":[42],"graph":[45],"neural":[46],"networks":[47],"(GNNs)":[48],"that":[49,109,183],"capture":[50],"node":[51],"interdependencies,":[52],"these":[53],"enhance":[55],"enable":[59],"the":[60,154,174,223],"identification":[61],"of":[62,207],"novel":[63,138],"threats.":[64],"However,":[65],"detectors":[67,144],"require":[68],"frequent":[69],"updates":[70],"retraining":[72],"adapt":[74],"evolving":[76],"strains,":[78],"often":[79],"relying":[80],"on":[81,118,146,197],"datasets":[82],"from":[83,158],"online":[84],"crowdsourced":[85],"threat":[86],"intelligence":[87],"platforms,":[88],"which":[89],"vulnerable":[91],"poisoning":[93],"backdoor":[95,119,139,229],"attacks.":[96,230],"Backdoor":[97],"attacks":[98,120],"implant":[99],"triggers":[100,185],"training":[102,175],"samples,":[103,160],"embedding":[104],"vulnerabilities":[105,220],"into":[106,170,186],"ML":[107],"models":[108],"can":[110],"later":[111],"be":[112],"exploited.":[113],"While":[114],"extensive":[115],"research":[116],"exists":[117],"other":[122],"domains,":[123],"implications":[125],"remain":[132],"unexplored.":[133],"This":[134],"study":[135],"proposes":[136],"a":[137,180],"attack":[140,204],"targeting":[141],"trained":[145],"features.":[148],"By":[149],"leveraging":[150],"CFGExplainer,":[151],"we":[152,178,201],"identify":[153],"most":[155],"influential":[156],"subgraphs":[157],"benign":[159],"extract":[161],"them":[162,169],"serve":[164],"triggers,":[166],"inject":[168],"malicious":[171,191],"samples":[172],"dataset.":[176],"Additionally,":[177],"introduce":[179],"partition-trigger":[181],"strategy":[182],"injects":[184],"while":[188],"splitting":[189],"critical":[190,218],"nodes":[192],"reduce":[194],"influence":[196],"label":[198],"prediction.":[199],"Ultimately,":[200],"achieve":[202],"high":[203],"success":[205],"rates":[206],"up":[208],"100%":[210],"against":[211,228],"state-of-the-art":[212],"detectors,":[216],"underscoring":[217],"security":[219],"emphasizing":[222],"need":[224],"advanced":[226],"countermeasures":[227]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}