{"id":"https://openalex.org/W4405182814","doi":"https://doi.org/10.1145/3658644.3670275","title":"Accurate and Efficient Recurring Vulnerability Detection for IoT Firmware","display_name":"Accurate and Efficient Recurring Vulnerability Detection for IoT Firmware","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405182814","doi":"https://doi.org/10.1145/3658644.3670275"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3670275","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670275","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670275","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670275","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111353499","display_name":"Haoyu Xiao","orcid":"https://orcid.org/0009-0000-9342-1055"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Haoyu Xiao","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017552210","display_name":"Yuan Zhang","orcid":"https://orcid.org/0000-0003-0726-9996"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuan Zhang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090520213","display_name":"Minghang Shen","orcid":"https://orcid.org/0000-0001-7649-3719"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Minghang Shen","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Chaoyang Lin","orcid":"https://orcid.org/0009-0004-5963-2886"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chaoyang Lin","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014817650","display_name":"Can Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Can Zhang","raw_affiliation_strings":["State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101899977","display_name":"Shengli Liu","orcid":"https://orcid.org/0000-0001-5725-6160"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shengli Liu","raw_affiliation_strings":["State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5052437722","display_name":"Min Yang","orcid":"https://orcid.org/0000-0001-9714-5545"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Min Yang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5111353499"],"corresponding_institution_ids":["https://openalex.org/I24943067"],"apc_list":null,"apc_paid":null,"fwci":1.7015,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.8591109,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"3317","last_page":"3331"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9930999875068665,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9887797832489014},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.775689423084259},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7609623670578003},{"id":"https://openalex.org/keywords/microcode","display_name":"Microcode","score":0.6434953212738037},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6020995378494263},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5436162352561951},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5217781662940979},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.46742886304855347},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4439111649990082},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.20580658316612244},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.18715140223503113},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.16734832525253296},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.07737624645233154},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.04655247926712036}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9887797832489014},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.775689423084259},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7609623670578003},{"id":"https://openalex.org/C22174128","wikidata":"https://www.wikidata.org/wiki/Q175869","display_name":"Microcode","level":2,"score":0.6434953212738037},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6020995378494263},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5436162352561951},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5217781662940979},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.46742886304855347},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4439111649990082},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.20580658316612244},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.18715140223503113},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.16734832525253296},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.07737624645233154},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.04655247926712036},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3658644.3670275","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670275","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670275","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3658644.3670275","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670275","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670275","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1231421488","display_name":null,"funder_award_id":"under","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1831355347","display_name":null,"funder_award_id":"21TQ1400100 (21TQ012)","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2208995090","display_name":null,"funder_award_id":"62172105,62172104,62102091, 62102093","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G3062299927","display_name":null,"funder_award_id":"21QA1400700","funder_id":"https://openalex.org/F4320327803","funder_display_name":"Shanghai Rising-Star Program"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5939423041","display_name":null,"funder_award_id":"Technology","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6002904008","display_name":null,"funder_award_id":"62102091","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7071978877","display_name":null,"funder_award_id":"62102093","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7607136314","display_name":null,"funder_award_id":"62172104","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8721740294","display_name":null,"funder_award_id":"TC220H079","funder_id":"https://openalex.org/F4320323970","funder_display_name":"Ministry of Industry and Information Technology of the People's Republic of China"},{"id":"https://openalex.org/G8864147625","display_name":null,"funder_award_id":"21TQ1400100","funder_id":"https://openalex.org/F4320321851","funder_display_name":"Fudan University"},{"id":"https://openalex.org/G8928773622","display_name":null,"funder_award_id":"62172105","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321851","display_name":"Fudan University","ror":"https://ror.org/013q1eq08"},{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"},{"id":"https://openalex.org/F4320323970","display_name":"Ministry of Industry and Information Technology of the People's Republic of China","ror":"https://ror.org/0385nmy68"},{"id":"https://openalex.org/F4320327803","display_name":"Shanghai Rising-Star Program","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4405182814.pdf","grobid_xml":"https://content.openalex.org/works/W4405182814.grobid-xml"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W200653874","https://openalex.org/W1942295288","https://openalex.org/W1983118588","https://openalex.org/W1990762361","https://openalex.org/W2012604743","https://openalex.org/W2043118292","https://openalex.org/W2104301886","https://openalex.org/W2514974017","https://openalex.org/W2532962075","https://openalex.org/W2577142429","https://openalex.org/W2749008552","https://openalex.org/W2792247670","https://openalex.org/W2888698761","https://openalex.org/W2963934162","https://openalex.org/W3043519510","https://openalex.org/W3105926539","https://openalex.org/W3162328397","https://openalex.org/W3212565000","https://openalex.org/W4205752629","https://openalex.org/W4285490487","https://openalex.org/W4285586654","https://openalex.org/W4308462374","https://openalex.org/W4308644396","https://openalex.org/W4384155568","https://openalex.org/W4402288717"],"related_works":["https://openalex.org/W1966431236","https://openalex.org/W608147619","https://openalex.org/W1984676852","https://openalex.org/W2068967940","https://openalex.org/W270731569","https://openalex.org/W4252104358","https://openalex.org/W2062160093","https://openalex.org/W2025981307","https://openalex.org/W1998626163","https://openalex.org/W2056006243"],"abstract_inverted_index":{"IoT":[0,24],"firmware":[1,38,54],"faces":[2],"severe":[3],"threats":[4],"to":[5,12],"security":[6,51],"vulnerabilities.":[7],"As":[8],"an":[9],"important":[10],"method":[11],"detect":[13],"vulnerabilities,":[14],"recurring":[15],"vulnerability":[16],"detection":[17,68],"has":[18],"not":[19],"been":[20],"systematically":[21],"studied":[22],"in":[23,43],"firmware.":[25],"In":[26],"fact,":[27],"existing":[28],"methods":[29],"would":[30],"meet":[31],"significant":[32],"challenges":[33],"from":[34],"two":[35],"aspects.":[36],"First,":[37],"vulnerabilities":[39,65,71],"are":[40,56],"usually":[41],"reported":[42],"texts":[44],"without":[45],"too":[46],"much":[47],"code-level":[48],"information,":[49],"e.g.,":[50],"patches.":[52],"Second,":[53],"images":[55],"released":[57],"as":[58],"binaries,":[59],"making":[60],"the":[61,67],"analysis":[62],"of":[63,69],"known":[64],"and":[66],"unknown":[70],"quite":[72],"difficult.":[73]},"counts_by_year":[{"year":2025,"cited_by_count":5}],"updated_date":"2026-04-13T07:58:08.660418","created_date":"2025-10-10T00:00:00"}