{"id":"https://openalex.org/W2972103753","doi":"https://doi.org/10.1145/3333501","title":"Program Analysis of Commodity IoT Applications for Security and Privacy","display_name":"Program Analysis of Commodity IoT Applications for Security and Privacy","publication_year":2019,"publication_date":"2019-08-30","ids":{"openalex":"https://openalex.org/W2972103753","doi":"https://doi.org/10.1145/3333501","mag":"2972103753"},"language":"en","primary_location":{"id":"doi:10.1145/3333501","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3333501","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3333501","source":{"id":"https://openalex.org/S157921468","display_name":"ACM Computing Surveys","issn_l":"0360-0300","issn":["0360-0300","1557-7341"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Computing Surveys","raw_type":"journal-article"},"type":"review","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3333501","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005376753","display_name":"Z. Berkay Celik","orcid":"https://orcid.org/0000-0001-7362-8905"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Z. Berkay Celik","raw_affiliation_strings":["Penn State University"],"affiliations":[{"raw_affiliation_string":"Penn State University","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060924315","display_name":"Earlence Fernandes","orcid":"https://orcid.org/0000-0001-8593-2840"},"institutions":[{"id":"https://openalex.org/I201448701","display_name":"University of Washington","ror":"https://ror.org/00cvxb145","country_code":"US","type":"education","lineage":["https://openalex.org/I201448701"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Earlence Fernandes","raw_affiliation_strings":["University of Washington"],"affiliations":[{"raw_affiliation_string":"University of Washington","institution_ids":["https://openalex.org/I201448701"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023371126","display_name":"Eric Pauley","orcid":"https://orcid.org/0000-0002-2197-9137"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Eric Pauley","raw_affiliation_strings":["Penn State University, PA"],"affiliations":[{"raw_affiliation_string":"Penn State University, PA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010830558","display_name":"Gang Tan","orcid":"https://orcid.org/0000-0001-6109-6091"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gang Tan","raw_affiliation_strings":["Penn State University, PA"],"affiliations":[{"raw_affiliation_string":"Penn State University, PA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5055368149","display_name":"Patrick McDaniel","orcid":"https://orcid.org/0000-0003-2091-7484"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Patrick McDaniel","raw_affiliation_strings":["Penn State University, PA"],"affiliations":[{"raw_affiliation_string":"Penn State University, PA","institution_ids":["https://openalex.org/I130769515"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5005376753"],"corresponding_institution_ids":["https://openalex.org/I130769515"],"apc_list":null,"apc_paid":null,"fwci":14.3609,"has_fulltext":true,"cited_by_count":116,"citation_normalized_percentile":{"value":0.99427945,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"52","issue":"4","first_page":"1","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8380219340324402},{"id":"https://openalex.org/keywords/scope","display_name":"Scope (computer science)","score":0.6610724925994873},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6401851773262024},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.6201286315917969},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6178635358810425},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5641444325447083},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.495190292596817},{"id":"https://openalex.org/keywords/program-analysis","display_name":"Program analysis","score":0.4419100880622864},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.4209921956062317},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.40162891149520874},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.17909535765647888}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8380219340324402},{"id":"https://openalex.org/C2778012447","wikidata":"https://www.wikidata.org/wiki/Q1034415","display_name":"Scope (computer science)","level":2,"score":0.6610724925994873},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6401851773262024},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.6201286315917969},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6178635358810425},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5641444325447083},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.495190292596817},{"id":"https://openalex.org/C98183937","wikidata":"https://www.wikidata.org/wiki/Q2112188","display_name":"Program analysis","level":2,"score":0.4419100880622864},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.4209921956062317},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.40162891149520874},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.17909535765647888},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3333501","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3333501","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3333501","source":{"id":"https://openalex.org/S157921468","display_name":"ACM Computing Surveys","issn_l":"0360-0300","issn":["0360-0300","1557-7341"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Computing Surveys","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3333501","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3333501","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3333501","source":{"id":"https://openalex.org/S157921468","display_name":"ACM Computing Surveys","issn_l":"0360-0300","issn":["0360-0300","1557-7341"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Computing Surveys","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.46000000834465027,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[{"id":"https://openalex.org/G2043895709","display_name":null,"funder_award_id":"W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G3693556586","display_name":null,"funder_award_id":"2-004","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3702312556","display_name":"TWC: Medium: Collaborative: Scaling and Prioritizing Market-Sized Application Analysis","funder_award_id":"1564105","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3732666562","display_name":null,"funder_award_id":"W911NF-13","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G3868219444","display_name":null,"funder_award_id":"CNS-1564105","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4307486606","display_name":null,"funder_award_id":"W911NF-13-2-0045 (ARL Cyber Security CRA)","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G5259331294","display_name":null,"funder_award_id":"W911NF","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G8727049869","display_name":null,"funder_award_id":"W911NF-13","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8763038417","display_name":null,"funder_award_id":"Cooperative Agreement Number W911NF-13-2-0045","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306142","display_name":"John D. and Catherine T. MacArthur Foundation","ror":"https://ror.org/00dxczh48"},{"id":"https://openalex.org/F4320310094","display_name":"University of Washington","ror":"https://ror.org/00cvxb145"},{"id":"https://openalex.org/F4320315784","display_name":"U.S. Army Combat Capabilities Development Command Soldier Center","ror":"https://ror.org/02rdkx920"},{"id":"https://openalex.org/F4320338295","display_name":"Army Research Laboratory","ror":"https://ror.org/011hc8f90"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2972103753.pdf","grobid_xml":"https://content.openalex.org/works/W2972103753.grobid-xml"},"referenced_works_count":58,"referenced_works":["https://openalex.org/W14846176","https://openalex.org/W172676560","https://openalex.org/W1491178396","https://openalex.org/W1553894716","https://openalex.org/W1857045448","https://openalex.org/W1937037155","https://openalex.org/W1991195371","https://openalex.org/W2002251314","https://openalex.org/W2003544295","https://openalex.org/W2029758586","https://openalex.org/W2038244154","https://openalex.org/W2058401212","https://openalex.org/W2060692877","https://openalex.org/W2068201078","https://openalex.org/W2071072485","https://openalex.org/W2081840025","https://openalex.org/W2089745089","https://openalex.org/W2097444001","https://openalex.org/W2102460407","https://openalex.org/W2105285801","https://openalex.org/W2109872150","https://openalex.org/W2138788987","https://openalex.org/W2142503704","https://openalex.org/W2164539435","https://openalex.org/W2166743230","https://openalex.org/W2182112800","https://openalex.org/W2202090419","https://openalex.org/W2293605433","https://openalex.org/W2402775047","https://openalex.org/W2408302068","https://openalex.org/W2419121699","https://openalex.org/W2463553622","https://openalex.org/W2508433864","https://openalex.org/W2535386169","https://openalex.org/W2590373591","https://openalex.org/W2591728639","https://openalex.org/W2596973417","https://openalex.org/W2605367183","https://openalex.org/W2613352518","https://openalex.org/W2619642597","https://openalex.org/W2620370356","https://openalex.org/W2686848947","https://openalex.org/W2791018263","https://openalex.org/W2791710451","https://openalex.org/W2792078641","https://openalex.org/W2889851986","https://openalex.org/W2890188242","https://openalex.org/W2891721044","https://openalex.org/W2896143299","https://openalex.org/W2913256667","https://openalex.org/W2945957437","https://openalex.org/W2947175569","https://openalex.org/W2963723316","https://openalex.org/W3098804373","https://openalex.org/W3106127861","https://openalex.org/W4232603068","https://openalex.org/W4244726870","https://openalex.org/W4298112463"],"related_works":["https://openalex.org/W2120447654","https://openalex.org/W2977179488","https://openalex.org/W2144453115","https://openalex.org/W2744553356","https://openalex.org/W2079146453","https://openalex.org/W2941677765","https://openalex.org/W2521930763","https://openalex.org/W4318037433","https://openalex.org/W2058305829","https://openalex.org/W2295858576"],"abstract_inverted_index":{"Recent":[0],"advances":[1],"in":[2,29,64,76,94,133,174,179],"Internet":[3],"of":[4,39,55,73,118,145],"Things":[5],"(IoT)":[6],"have":[7],"enabled":[8],"myriad":[9],"domains":[10],"such":[11],"as":[12],"smart":[13],"homes,":[14],"personal":[15],"monitoring":[16],"devices,":[17],"and":[18,42,53,71,91,109,138,141,150,161,172],"enhanced":[19],"manufacturing.":[20],"IoT":[21,45,77,95,120,158,181],"is":[22,62],"now":[23],"pervasive\u2014new":[24],"applications":[25],"are":[26],"being":[27],"used":[28],"nearly":[30],"every":[31],"conceivable":[32],"environment,":[33],"which":[34,180],"leads":[35],"to":[36,148],"the":[37,51,69,82,125,135,143,177],"adoption":[38],"device-based":[40],"interaction":[41],"automation.":[43],"However,":[44],"has":[46],"also":[47],"raised":[48],"issues":[49,93],"about":[50],"security":[52,92,139,149],"privacy":[54,90,151],"these":[56,107,166],"digitally":[57],"augmented":[58],"spaces.":[59],"Program":[60],"analysis":[61,75,137,159],"crucial":[63],"identifying":[65],"those":[66],"issues,":[67],"yet":[68],"application":[70],"scope":[72],"program":[74,136],"remains":[78],"largely":[79],"unexplored":[80],"by":[81,155],"technical":[83],"community.":[84],"In":[85],"this":[86],"article,":[87],"we":[88,123,168],"study":[89,117],"that":[96,128],"require":[97],"program-analysis":[98,146],"techniques":[99,147],"with":[100],"an":[101],"emphasis":[102],"on":[103,115],"identified":[104],"attacks":[105],"against":[106],"systems":[108,160,182],"defenses":[110],"implemented":[111],"so":[112],"far.":[113],"Based":[114],"a":[116],"five":[119],"programming":[121],"platforms,":[122],"identify":[124],"key":[126,170],"insights":[127],"result":[129],"from":[130],"research":[131],"efforts":[132],"both":[134],"communities":[140],"relate":[142],"efficacy":[144],"issues.":[152],"We":[153],"conclude":[154],"studying":[156],"recent":[157],"exploring":[162],"their":[163],"implementations.":[164],"Through":[165],"explorations,":[167],"highlight":[169],"challenges":[171],"opportunities":[173],"calibrating":[175],"for":[176],"environments":[178],"will":[183],"be":[184],"used.":[185]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":13},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":23},{"year":2021,"cited_by_count":27},{"year":2020,"cited_by_count":31},{"year":2019,"cited_by_count":5}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}