{"id":"https://openalex.org/W4389076566","doi":"https://doi.org/10.1109/jiot.2023.3335279","title":"Cascading Threat Analysis of IoT Devices in Trigger-Action Platforms","display_name":"Cascading Threat Analysis of IoT Devices in Trigger-Action Platforms","publication_year":2023,"publication_date":"2023-11-28","ids":{"openalex":"https://openalex.org/W4389076566","doi":"https://doi.org/10.1109/jiot.2023.3335279"},"language":"en","primary_location":{"id":"doi:10.1109/jiot.2023.3335279","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2023.3335279","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058356764","display_name":"\u514b\u5df1 \u8db3\u7acb","orcid":"https://orcid.org/0009-0001-2539-4531"},"institutions":[{"id":"https://openalex.org/I4210118629","display_name":"NARI Group (China)","ror":"https://ror.org/02egn3136","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210118629"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Ke Li","raw_affiliation_strings":["Information Security Research Center, Nanjing NARI Information and Communication Technology Company Ltd., Nanjing, China"],"raw_orcid":"https://orcid.org/0009-0001-2539-4531","affiliations":[{"raw_affiliation_string":"Information Security Research Center, Nanjing NARI Information and Communication Technology Company Ltd., Nanjing, China","institution_ids":["https://openalex.org/I4210118629"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100664241","display_name":"Haining Wang","orcid":"https://orcid.org/0000-0002-9665-7511"},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haining Wang","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA, USA","institution_ids":["https://openalex.org/I859038795"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103036125","display_name":"Ming Zhou","orcid":"https://orcid.org/0009-0005-6873-5710"},"institutions":[{"id":"https://openalex.org/I36399199","display_name":"Nanjing University of Science and Technology","ror":"https://ror.org/00xp9wg62","country_code":"CN","type":"education","lineage":["https://openalex.org/I36399199"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ming Zhou","raw_affiliation_strings":["School of Cyber Science and Engineering, Nanjing University of Science and Technology, Nanjing, China"],"raw_orcid":"https://orcid.org/0009-0005-6873-5710","affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Nanjing University of Science and Technology, Nanjing, China","institution_ids":["https://openalex.org/I36399199"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087012171","display_name":"Hongsong Zhu","orcid":"https://orcid.org/0000-0003-3720-7403"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hongsong Zhu","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-3720-7403","affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061643975","display_name":"Limin Sun","orcid":"https://orcid.org/0000-0003-2745-7521"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Limin Sun","raw_affiliation_strings":["School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-2745-7521","affiliations":[{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5058356764"],"corresponding_institution_ids":["https://openalex.org/I4210118629"],"apc_list":null,"apc_paid":null,"fwci":0.9595,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.76267409,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":"11","issue":"7","first_page":"12240","last_page":"12251"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8157452344894409},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.7552475929260254},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.5494061708450317},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.4971180260181427},{"id":"https://openalex.org/keywords/action","display_name":"Action (physics)","score":0.46343570947647095},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.4458004832267761},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4257262349128723},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.42372649908065796},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.36606618762016296},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.23905867338180542},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.0807710587978363}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8157452344894409},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.7552475929260254},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.5494061708450317},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.4971180260181427},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.46343570947647095},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.4458004832267761},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4257262349128723},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.42372649908065796},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.36606618762016296},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.23905867338180542},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0807710587978363},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jiot.2023.3335279","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2023.3335279","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5400000214576721,"display_name":"Climate action","id":"https://metadata.un.org/sdg/13"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W2345243445","https://openalex.org/W2399248522","https://openalex.org/W2508433864","https://openalex.org/W2519460064","https://openalex.org/W2605367183","https://openalex.org/W2686848947","https://openalex.org/W2729585734","https://openalex.org/W2777564027","https://openalex.org/W2791018263","https://openalex.org/W2791710451","https://openalex.org/W2801040906","https://openalex.org/W2889851986","https://openalex.org/W2890188242","https://openalex.org/W2896143299","https://openalex.org/W2898785612","https://openalex.org/W2947175569","https://openalex.org/W2983277367","https://openalex.org/W3136780060","https://openalex.org/W4221152368","https://openalex.org/W6704601335","https://openalex.org/W6721194330","https://openalex.org/W6740182456","https://openalex.org/W6744196339","https://openalex.org/W6764964240"],"related_works":["https://openalex.org/W2591273803","https://openalex.org/W3081645608","https://openalex.org/W4390187619","https://openalex.org/W4312119938","https://openalex.org/W2995862995","https://openalex.org/W4389076566","https://openalex.org/W4390018122","https://openalex.org/W3158967187","https://openalex.org/W3155916161","https://openalex.org/W4312559172"],"abstract_inverted_index":{"Internet":[0],"of":[1,39,110,126,134,144],"Things":[2],"(IoT)":[3],"platforms":[4],"have":[5],"become":[6],"widely":[7],"used":[8],"recently.":[9],"Facilitated":[10],"by":[11,87,98,165],"these":[12],"IoT":[13,159],"platforms,":[14],"users":[15],"can":[16,162],"easily":[17],"use":[18],"programming":[19],"paradigm":[20],"to":[21,60,105,119],"develop":[22],"customized":[23],"rules,":[24],"connect":[25],"their":[26],"devices":[27],"with":[28,49,102],"online":[29],"services,":[30],"and":[31,123],"realize":[32],"system":[33],"automation.":[34],"However,":[35],"the":[36,45,62,70,80,84,107,121,131,138,148],"attack":[37,132,167],"surface":[38,133,168],"each":[40],"device":[41,46,67,111],"is":[42],"expanded":[43],"as":[44],"interactions":[47,68],"increase":[48],"multiple":[50],"rules":[51,82,101],"enabled.":[52],"In":[53],"this":[54],"work,":[55],"we":[56,93,114],"present":[57],"a":[58,95,116,141],"framework":[59],"analyze":[61],"cascading":[63,128,155],"threat":[64],"based":[65],"on":[66,140],"in":[69,158],"IFTTT":[71,149],"(IF":[72],"This":[73],"Then":[74],"That)":[75],"platform.":[76,150],"We":[77,136],"first":[78],"extract":[79],"trigger-action":[81,100],"from":[83,147],"description":[85],"text":[86],"using":[88],"an":[89],"NLP-based":[90],"method.":[91],"Then,":[92],"create":[94],"graph-based":[96],"model":[97],"combining":[99],"three":[103],"components,":[104],"describe":[106],"flow":[108],"information":[109],"interactions.":[112],"Finally,":[113],"propose":[115],"graph-searching-based":[117],"method":[118],"discover":[120],"paths":[122],"starting":[124],"points":[125],"application-level":[127],"attacks,":[129],"uncovering":[130],"devices.":[135],"conduct":[137],"evaluation":[139],"data":[142],"set":[143],"305534":[145],"applets":[146],"The":[151],"results":[152],"evidence":[153],"that":[154],"attacks":[156],"exist":[157],"deployments":[160],"but":[161],"be":[163],"captured":[164],"our":[166],"analysis.":[169]},"counts_by_year":[{"year":2025,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}