{"id":"https://openalex.org/W4387321725","doi":"https://doi.org/10.1145/3607199.3607241","title":"Bin there, target that: Analyzing the target selection of IoT vulnerabilities in malware binaries","display_name":"Bin there, target that: Analyzing the target selection of IoT vulnerabilities in malware binaries","publication_year":2023,"publication_date":"2023-10-03","ids":{"openalex":"https://openalex.org/W4387321725","doi":"https://doi.org/10.1145/3607199.3607241"},"language":"en","primary_location":{"id":"doi:10.1145/3607199.3607241","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3607199.3607241","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3607199.3607241","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3607199.3607241","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5053415847","display_name":"Arwa Abdulkarim Al Alsadi","orcid":"https://orcid.org/0000-0002-5280-6853"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Arwa Abdulkarim Al Alsadi","raw_affiliation_strings":["Delft University of Technology, Netherlands"],"raw_orcid":"https://orcid.org/0000-0002-5280-6853","affiliations":[{"raw_affiliation_string":"Delft University of Technology, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052855062","display_name":"Kaichi Sameshima","orcid":"https://orcid.org/0009-0006-1706-7529"},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kaichi Sameshima","raw_affiliation_strings":["Yokohama National University, Japan"],"raw_orcid":"https://orcid.org/0009-0006-1706-7529","affiliations":[{"raw_affiliation_string":"Yokohama National University, Japan","institution_ids":["https://openalex.org/I180203408"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028367744","display_name":"Katsunari Yoshioka","orcid":"https://orcid.org/0000-0003-0964-8631"},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Katsunari Yoshioka","raw_affiliation_strings":["Yokohama National University, Japan"],"raw_orcid":"https://orcid.org/0000-0003-0964-8631","affiliations":[{"raw_affiliation_string":"Yokohama National University, Japan","institution_ids":["https://openalex.org/I180203408"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012946294","display_name":"Michel van Eeten","orcid":"https://orcid.org/0000-0002-0338-2812"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Michel Van Eeten","raw_affiliation_strings":["Delft University of Technology, Netherlands"],"raw_orcid":"https://orcid.org/0000-0002-0338-2812","affiliations":[{"raw_affiliation_string":"Delft University of Technology, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048211807","display_name":"Carlos Ga\u00f1\u00e1n","orcid":"https://orcid.org/0000-0002-4699-3007"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Carlos Hernandez Ga\u00f1\u00e1n","raw_affiliation_strings":["Delft University of Technology, Netherlands"],"raw_orcid":"https://orcid.org/0000-0002-4699-3007","affiliations":[{"raw_affiliation_string":"Delft University of Technology, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5053415847"],"corresponding_institution_ids":["https://openalex.org/I98358874"],"apc_list":null,"apc_paid":null,"fwci":0.787,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.73984149,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"513","last_page":"526"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9284459352493286},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7914084196090698},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.787894606590271},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6961615085601807},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6832919120788574},{"id":"https://openalex.org/keywords/cybercrime","display_name":"Cybercrime","score":0.5557639598846436},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.5029293894767761},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.48715850710868835},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.450437992811203},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.440653532743454},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.42399877309799194},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.11108684539794922},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.10833126306533813}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9284459352493286},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7914084196090698},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.787894606590271},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6961615085601807},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6832919120788574},{"id":"https://openalex.org/C2779390178","wikidata":"https://www.wikidata.org/wiki/Q29137","display_name":"Cybercrime","level":3,"score":0.5557639598846436},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.5029293894767761},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.48715850710868835},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.450437992811203},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.440653532743454},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.42399877309799194},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.11108684539794922},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.10833126306533813}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3607199.3607241","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3607199.3607241","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3607199.3607241","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},{"id":"pmh:oai:tudelft.nl:uuid:60cc5ad3-b8c2-4cbf-8d37-4501ba9baefa","is_oa":true,"landing_page_url":"http://resolver.tudelft.nl/uuid:60cc5ad3-b8c2-4cbf-8d37-4501ba9baefa","pdf_url":null,"source":{"id":"https://openalex.org/S4306400906","display_name":"Research Repository (Delft University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I98358874","host_organization_name":"Delft University of Technology","host_organization_lineage":["https://openalex.org/I98358874"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"conference paper"}],"best_oa_location":{"id":"doi:10.1145/3607199.3607241","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3607199.3607241","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3607199.3607241","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6700000166893005,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G1185133503","display_name":null,"funder_award_id":"CS.007","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G3723536152","display_name":null,"funder_award_id":"JPJ000254","funder_id":"https://openalex.org/F4320325628","funder_display_name":"Ministry of Internal Affairs and Communications"},{"id":"https://openalex.org/G547025805","display_name":null,"funder_award_id":"05201","funder_id":"https://openalex.org/F4320335839","funder_display_name":"National Institute of Information and Communications Technology"},{"id":"https://openalex.org/G6343804092","display_name":"Refinement of Cyberattack Generation Process Model by Using Machine Learning and Domain Knowledge","funder_award_id":"21KK0178","funder_id":"https://openalex.org/F4320334764","funder_display_name":"Japan Society for the Promotion of Science"}],"funders":[{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320322997","display_name":"King Abdulaziz City for Science and Technology","ror":"https://ror.org/05tdz6m39"},{"id":"https://openalex.org/F4320324891","display_name":"Iran Telecommunication Research Center","ror":"https://ror.org/01a3g2z22"},{"id":"https://openalex.org/F4320325628","display_name":"Ministry of Internal Affairs and Communications","ror":"https://ror.org/00vs1pz50"},{"id":"https://openalex.org/F4320334764","display_name":"Japan Society for the Promotion of Science","ror":"https://ror.org/00hhkn466"},{"id":"https://openalex.org/F4320335839","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4387321725.pdf","grobid_xml":"https://content.openalex.org/works/W4387321725.grobid-xml"},"referenced_works_count":18,"referenced_works":["https://openalex.org/W150078352","https://openalex.org/W199832099","https://openalex.org/W1490011260","https://openalex.org/W1827212170","https://openalex.org/W1971733255","https://openalex.org/W2123258673","https://openalex.org/W2124628099","https://openalex.org/W2164321713","https://openalex.org/W2342715256","https://openalex.org/W2487770199","https://openalex.org/W2626625034","https://openalex.org/W2805724970","https://openalex.org/W2947608454","https://openalex.org/W2959089217","https://openalex.org/W3122267592","https://openalex.org/W3128124346","https://openalex.org/W3160463124","https://openalex.org/W4281386688"],"related_works":["https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964","https://openalex.org/W2538622067","https://openalex.org/W2181494682","https://openalex.org/W4245250093","https://openalex.org/W3114159050","https://openalex.org/W2484248966","https://openalex.org/W4244354662","https://openalex.org/W4200054778"],"abstract_inverted_index":{"For":[0],"years,":[1],"attackers":[2,44,222],"have":[3],"exploited":[4,147],"vulnerabilities":[5,79,143,153],"in":[6,18,33,55,96],"Internet":[7,84],"of":[8,52,70,94,113,152,168,181,187,202],"Things":[9],"(IoT)":[10],"devices.":[11],"Previous":[12],"research":[13],"has":[14,22],"examined":[15],"target":[16,31,77],"selection":[17,32],"cybercrime,":[19],"but":[20,80],"there":[21],"been":[23],"little":[24],"investigation":[25],"into":[26],"the":[27,50,83,92,97,111,158,166,179,185],"factors":[28],"that":[29,60,68,132,178,191],"influence":[30],"attacks":[34],"on":[35],"IoT.":[36],"This":[37],"study":[38],"aims":[39],"to":[40,109,126,136,211,220],"better":[41],"understand":[42,91],"how":[43],"choose":[45],"their":[46],"targets":[47],"by":[48,214],"analyzing":[49],"frequency":[51,159,186],"specific":[53],"exploits":[54,95],"11,893":[56],"IoT":[57,78],"malware":[58],"binaries":[59],"were":[61],"distributed":[62],"between":[63],"2018\u20132021.":[64],"Our":[65],"findings":[66],"indicate":[67],"78%":[69],"these":[71,128],"binary":[72],"files":[73],"did":[74],"not":[75,155],"specifically":[76],"rather":[81],"scanned":[82],"for":[85],"devices":[86],"with":[87,160,197,218],"weak":[88],"authentication.":[89],"To":[90],"usage":[93],"remaining":[98],"2,629":[99],"binaries,":[100],"we":[101],"develop":[102],"a":[103,137,182],"theoretical":[104],"model":[105],"from":[106,223],"relevant":[107],"literature":[108],"examine":[110],"impact":[112],"four":[114],"latent":[115],"variables,":[116],"i.e.":[117],"exposure,":[118,203],"vulnerability,":[119],"exploitability,":[120],"and":[121,130],"patchability.":[122],"We":[123,175,216],"collect":[124],"indicators":[125],"measure":[127],"variables":[129],"find":[131],"they":[133,162],"can":[134],"explain":[135],"significant":[138],"extent":[139],"(R2=0.38)":[140],"why":[141],"some":[142],"are":[144,163,195,208],"more":[145,192,204,209],"frequently":[146],"than":[148],"others.":[149],"The":[150],"severity":[151],"does":[154,172],"significantly":[156],"increase":[157,173],"which":[161],"targeted,":[164,189],"while":[165],"presence":[167],"Proof-of-Concept":[169],"exploit":[170],"code":[171],"it.":[174],"also":[176],"observe":[177],"availability":[180],"patch":[183],"reduces":[184],"being":[188],"yet":[190],"complex":[193],"patches":[194],"associated":[196],"higher":[198],"frequency.":[199],"In":[200],"terms":[201],"widespread":[205],"device":[206],"models":[207],"likely":[210],"be":[212],"targeted":[213],"exploits.":[215],"end":[217],"recommendations":[219],"disincentivize":[221],"targeting":[224],"vulnerabilities.":[225]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}