{"id":"https://openalex.org/W4288103030","doi":"https://doi.org/10.1145/3357767.3357774","title":"Ethical hacking for boosting IoT vulnerability management","display_name":"Ethical hacking for boosting IoT vulnerability management","publication_year":2019,"publication_date":"2019-09-12","ids":{"openalex":"https://openalex.org/W4288103030","doi":"https://doi.org/10.1145/3357767.3357774"},"language":"en","primary_location":{"id":"doi:10.1145/3357767.3357774","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3357767.3357774","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Eighth International Conference on Telecommunications and Remote Sensing","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1909.11166","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063593427","display_name":"Aaron Yi Ding","orcid":"https://orcid.org/0000-0003-4173-031X"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Aaron Yi Ding","raw_affiliation_strings":["TU Delft, Delft, The Netherlands"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Delft, Delft, The Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031592535","display_name":"Gianluca Limon De Jesus","orcid":null},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Gianluca Limon De Jesus","raw_affiliation_strings":["TU Delft, Delft, The Netherlands"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Delft, Delft, The Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062073470","display_name":"Marijn Janssen","orcid":"https://orcid.org/0000-0001-6211-8790"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Marijn Janssen","raw_affiliation_strings":["TU Delft, Delft, The Netherlands"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Delft, Delft, The Netherlands","institution_ids":["https://openalex.org/I98358874"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.0014,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.77947532,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"49","last_page":"55"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.7660431861877441},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.7189257740974426},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6683619022369385},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.65632164478302},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6345096826553345},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6134954690933228},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.504965603351593},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3985445201396942},{"id":"https://openalex.org/keywords/psychological-intervention","display_name":"Psychological intervention","score":0.13057053089141846}],"concepts":[{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.7660431861877441},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.7189257740974426},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6683619022369385},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.65632164478302},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6345096826553345},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6134954690933228},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.504965603351593},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3985445201396942},{"id":"https://openalex.org/C27415008","wikidata":"https://www.wikidata.org/wiki/Q7256382","display_name":"Psychological intervention","level":2,"score":0.13057053089141846},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C118552586","wikidata":"https://www.wikidata.org/wiki/Q7867","display_name":"Psychiatry","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3357767.3357774","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3357767.3357774","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Eighth International Conference on Telecommunications and Remote Sensing","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:1909.11166","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1909.11166","pdf_url":"https://arxiv.org/pdf/1909.11166","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1909.11166","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1909.11166","pdf_url":"https://arxiv.org/pdf/1909.11166","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5699999928474426,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1427242644","https://openalex.org/W1556808170","https://openalex.org/W1971673042","https://openalex.org/W2184923175","https://openalex.org/W2520816865","https://openalex.org/W2557469050","https://openalex.org/W2586432806","https://openalex.org/W2605157567","https://openalex.org/W2763697061","https://openalex.org/W2889557246","https://openalex.org/W2905203220","https://openalex.org/W2970434416","https://openalex.org/W4299360380"],"related_works":["https://openalex.org/W2393340519","https://openalex.org/W4298219515","https://openalex.org/W3118510577","https://openalex.org/W2021298062","https://openalex.org/W2185499427","https://openalex.org/W1883246888","https://openalex.org/W2371301679","https://openalex.org/W2527966616","https://openalex.org/W2188018701","https://openalex.org/W1526913711"],"abstract_inverted_index":{"The":[0],"security":[1,19,25,177],"of":[2,5,17,37,83,138],"the":[3,14,35,81,136],"Internet":[4],"Things":[6],"(IoT)":[7],"has":[8],"attracted":[9],"much":[10],"attention":[11],"due":[12],"to":[13,50,107,128,170,182],"growing":[15],"number":[16],"IoT-oriented":[18],"incidents.":[20],"IoT":[21,52,78,90,145,158,186],"hardware":[22],"and":[23,32,55,63,100,125,132,143,150,173],"software":[24],"vulnerabilities":[26,38,146],"are":[27],"exploited":[28],"affecting":[29],"many":[30],"companies":[31],"persons.":[33],"Since":[34],"causes":[36],"go":[39],"beyond":[40],"pure":[41],"technical":[42],"measures,":[43],"there":[44],"is":[45],"a":[46,118,166],"pressing":[47],"demand":[48],"nowadays":[49],"demystify":[51],"\"security":[53],"complex\"":[54],"develop":[56],"practical":[57],"guidelines":[58,156],"for":[59,88,112,157],"both":[60],"companies,":[61],"consumers,":[62],"regulators.":[64],"In":[65],"this":[66],"paper,":[67],"we":[68],"present":[69],"an":[70,74,148],"initial":[71],"study":[72,161],"targeting":[73],"unexplored":[75],"sphere":[76],"in":[77,110,147],"by":[79,122],"illuminating":[80],"potential":[82],"crowdsource":[84],"ethical":[85],"hacking":[86],"approaches":[87],"enhancing":[89],"vulnerability":[91,109],"management.":[92],"We":[93,115],"focus":[94],"on":[95,165],"Bug":[96],"Bounty":[97],"Programs":[98],"(BBP)":[99],"Responsible":[101],"Disclosure":[102],"(RD),":[103],"which":[104],"stimulate":[105],"hackers":[106],"report":[108],"exchange":[111],"monetary":[113],"rewards.":[114],"carried":[116],"out":[117],"qualitative":[119],"investigation":[120],"supported":[121],"literature":[123],"survey":[124],"expert":[126],"interviews":[127],"explore":[129],"how":[130],"BBP":[131,172],"RD":[133,174],"can":[134],"facilitate":[135],"practice":[137],"identifying,":[139],"classifying,":[140],"prioritizing,":[141],"remediating,":[142],"mitigating":[144],"effective":[149],"cost-efficient":[151],"manner.":[152],"Besides":[153],"deriving":[154],"tangible":[155],"stakeholders,":[159],"our":[160],"also":[162],"sheds":[163],"light":[164],"systematic":[167],"integration":[168],"path":[169],"combine":[171],"with":[175],"existing":[176],"practices":[178],"(e.g.,":[179],"penetration":[180],"test)":[181],"further":[183],"boost":[184],"overall":[185],"security.":[187]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2022-07-28T00:00:00"}