{"id":"https://openalex.org/W4389279179","doi":"https://doi.org/10.1145/3627106.3627133","title":"Unleashing IoT Security: Assessing the Effectiveness of Best Practices in Protecting Against Threats","display_name":"Unleashing IoT Security: Assessing the Effectiveness of Best Practices in Protecting Against Threats","publication_year":2023,"publication_date":"2023-12-02","ids":{"openalex":"https://openalex.org/W4389279179","doi":"https://doi.org/10.1145/3627106.3627133"},"language":"en","primary_location":{"id":"doi:10.1145/3627106.3627133","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3627106.3627133","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092691970","display_name":"Philipp P\u00fctz","orcid":null},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technische Universit\u00e4t Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Philipp P\u00fctz","raw_affiliation_strings":["Technical University of Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Technical University of Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037579663","display_name":"Richard Mitev","orcid":"https://orcid.org/0009-0004-7741-3679"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technische Universit\u00e4t Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Richard Mitev","raw_affiliation_strings":["Technical University of Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Technical University of Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000013428","display_name":"Markus Miettinen","orcid":"https://orcid.org/0000-0002-5861-8829"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technische Universit\u00e4t Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Markus Miettinen","raw_affiliation_strings":["Technical University of Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Technical University of Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079497016","display_name":"Ahmad\u2010Reza Sadeghi","orcid":"https://orcid.org/0000-0001-6833-3598"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technische Universit\u00e4t Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Ahmad-Reza Sadeghi","raw_affiliation_strings":["Technical University of Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Technical University of Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5092691970"],"corresponding_institution_ids":["https://openalex.org/I31512782"],"apc_list":null,"apc_paid":null,"fwci":0.1369,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.5125,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"190","last_page":"204"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7448902130126953},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6819621920585632},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6805160641670227},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5556294918060303},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.4764980673789978},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.4732392728328705},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.4666369557380676},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.46089285612106323},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4492902159690857},{"id":"https://openalex.org/keywords/best-practice","display_name":"Best practice","score":0.42979252338409424},{"id":"https://openalex.org/keywords/ranking","display_name":"Ranking (information retrieval)","score":0.42507049441337585},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.39369821548461914},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.35345131158828735},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.34142208099365234},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.24429383873939514},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.16347190737724304}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7448902130126953},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6819621920585632},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6805160641670227},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5556294918060303},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.4764980673789978},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.4732392728328705},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.4666369557380676},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.46089285612106323},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4492902159690857},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.42979252338409424},{"id":"https://openalex.org/C189430467","wikidata":"https://www.wikidata.org/wiki/Q7293293","display_name":"Ranking (information retrieval)","level":2,"score":0.42507049441337585},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.39369821548461914},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.35345131158828735},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.34142208099365234},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.24429383873939514},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.16347190737724304},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3627106.3627133","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3627106.3627133","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:tubiblio.ulb.tu-darmstadt.de:140520","is_oa":false,"landing_page_url":"https://www.openconf.org/acsac2023/modules/request.php?module=oc_program&action=summary.php&id=322","pdf_url":null,"source":{"id":"https://openalex.org/S4377196390","display_name":"TUbilio (Technical University of Darmstadt)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I31512782","host_organization_name":"Technische Universit\u00e4t Darmstadt","host_organization_lineage":["https://openalex.org/I31512782"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Konferenzver\u00f6ffentlichung"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W1615704268","https://openalex.org/W1970818505","https://openalex.org/W1989440310","https://openalex.org/W2039471999","https://openalex.org/W2132228477","https://openalex.org/W2576128456","https://openalex.org/W2742333150","https://openalex.org/W2766295581","https://openalex.org/W2806069482","https://openalex.org/W2886320151","https://openalex.org/W2921822590","https://openalex.org/W3017694776","https://openalex.org/W3036881766","https://openalex.org/W3135773993","https://openalex.org/W3142742079","https://openalex.org/W3211097470","https://openalex.org/W4212962367","https://openalex.org/W6743493502"],"related_works":["https://openalex.org/W2345270111","https://openalex.org/W2336014427","https://openalex.org/W2165898552","https://openalex.org/W2299494954","https://openalex.org/W2164920192","https://openalex.org/W2062411488","https://openalex.org/W2008985775","https://openalex.org/W2030343105","https://openalex.org/W2055319964","https://openalex.org/W2495229164"],"abstract_inverted_index":{"The":[0,18],"Internet":[1],"of":[2,21,50,81,95,129,178,192],"Things":[3],"(IoT)":[4],"market":[5],"is":[6,10,86],"rapidly":[7],"growing":[8],"and":[9,35,48,65,132,199,211],"expected":[11],"to":[12,16,42,74,101,158,162,173],"double":[13],"from":[14],"2020":[15],"2025.":[17],"increasing":[19],"use":[20],"IoT":[22,38,61,69,130,160,181,197],"devices,":[23],"particularly":[24],"in":[25,77,105,139,166],"smart":[26],"homes,":[27],"raises":[28],"crucial":[29],"concerns":[30],"as":[31],"inadequate":[32],"security":[33,49,70,80,127,142,176,204,209,214],"designs":[34],"implementations":[36],"by":[37,55],"vendors":[39],"can":[40,155,201],"lead":[41],"significant":[43],"vulnerabilities":[44],"endangering":[45],"the":[46,79,93,126,175,189],"privacy":[47],"sensitive":[51],"user":[52],"information":[53],"handled":[54],"these":[56,60],"devices.":[57],"To":[58],"address":[59],"device":[62,195],"vulnerabilities,":[63],"institutions":[64],"organizations":[66],"have":[67],"published":[68],"best":[71],"practices":[72],"(BPs)":[73],"guide":[75],"manufacturers":[76,102],"ensuring":[78],"their":[82,137,164,203],"products.":[83],"However,":[84],"there":[85],"currently":[87],"no":[88],"standardized":[89],"approach":[90,145],"for":[91,124],"evaluating":[92,125],"effectiveness":[94,138,165],"individual":[96],"BP":[97],"recommendations.":[98],"This":[99],"leads":[100],"investing":[103],"effort":[104],"implementing":[106],"less":[107],"effective":[108],"BPs":[109,131,149,193],"while":[110],"potentially":[111],"neglecting":[112],"measures":[113],"with":[114],"greater":[115],"impact.":[116],"In":[117],"this":[118,171],"paper,":[119],"we":[120],"propose":[121],"a":[122],"methodology":[123,172],"impact":[128,177,191],"ranking":[133],"them":[134],"based":[135],"on":[136,194],"protecting":[140],"against":[141],"threats.":[143],"Our":[144],"involves":[146],"translating":[147],"identified":[148],"into":[150],"concrete":[151],"test":[152],"cases":[153],"that":[154],"be":[156],"applied":[157,170],"real-world":[159],"devices":[161],"assess":[163],"mitigating":[167],"vulnerabilities.":[168,185],"We":[169],"evaluate":[174],"nine":[179],"commodity":[180],"products,":[182],"discovering":[183],"18":[184],"By":[186],"empirically":[187],"assessing":[188],"actual":[190],"security,":[196],"designers":[198],"implementers":[200],"prioritize":[202],"investments":[205],"more":[206],"effectively,":[207],"improving":[208],"outcomes":[210],"optimizing":[212],"limited":[213],"budgets.":[215]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}