- 2016, IEEE S&P, Security Analysis of Emerging Smart Home Applications
- 2017, IoT S&P, Smart solution, poor protection: An empirical study of security and privacy issues in developing and deploying smart home devices
- 2019, Usenix Security,Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms
- 2020, IEEE S&P, Burglars' iot paradise: Understanding and mitigating security risks of general messaging protocols on iot clouds
- 2021,ACM,Who's In Control? On Security Risks of Disjointed IoT Device Management Channels
- 2020, Usenix Security,Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation
- 2022,AsiaCCS,Missed Opportunities: Measuring the Untapped TLS Support in the Industrial Internet of Things
- 2010, IEEE S&P, Experimental security analysis of a modern automobile.
- 2013, IJINS, Analysis of HTTP protocol implementation in smart card embedded web server.
- 2014, HPCS, Analysis of embedded applications by evolutionary fuzzing.
- 2015, AINA, Fuzzing can packets into automobiles.
- 2016, ACM, A. Automated dynamic firmware analysis at scale: A case study on embedded web interfaces
- 2018, NDSS, IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing
- 2019, ACM Workshop, FirmFuzz: Automated IoT Firmware Introspection and Analysis
- 2019, USENIX Security, FIRM-AFL: high-throughput greybox fuzzing of iot firmware via augmented process emulation
- 2022, EuroS&P, Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers
- 2020, IEEE S&P, KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware.
- 2021,USENIX Security, Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems
- 2021,ACSAC, argXtract: Deriving IoT Security Configurations via Automated Static Analysis of Stripped ARM Cortex-M Binaries
- 2022, WWW, Game of Hide-and-Seek: Exposing Hidden Interfaces in Embedded Web Applications of IoT Devices
- 2014, NDSS, AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems’ Firmwares
- 2014, ACM, Prospect: peripheral proxying supported embedded code testing.
- 2015, WOOT, SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems
- 2016, NDSS, Towards Automated Dynamic Analysis for Linux-based Embedded Firmware.
- 2018, NDSS Workshop, Avatar 2: A Multi-target Orchestration Platform.
- 2020, ACSAC ,FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
- 2021, USENIX Security, Automatic Firmware Emulation through Invalidity-guided Knowledge Inference
- 2021, NDSS, HERA: Hotpatching of Embedded Real-time Applications
- 2022, USENIX Security, RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices
- 2016, USENIX Security, FlowFence: Practical Data Protection for Emerging IoT Application Frameworks
- 2018, USENIX Security, Sensitive Information Tracking in Commodity IoT
- 2017, IEEE S&P, Security Implications of Permission Models in Smart-Home Application Frameworks
- 2017, NDSS, ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms
- 2017, USENIX Security, SmartAuth: User-Centered Authorization for the Internet of Things
- 2017, Access Control Models, FACT: Functionality-centric Access Control System for IoT Programming Frameworks
- 2018, USENIX Security, Rethinking Access Control and Authentication for the Home Internet of Things (IoT)
- 2018, IEEE SecDev, Tyche: Risk-Based Permissions for Smart Home Platforms
- 2019, NDSS, IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT
- 2017, arXiv, Spying on the Smart Home Privacy Attacks and Defenses on Encrypted IoT Traffic
- 2017, arXiv, Detecting Spies in IoT Systems using Cyber-Physical Correlation
- 2018, arXiv, Peek-a-Boo: I see your smart home activities even encrypted
- 2018, arXiv, Closing the Blinds: Four Strategies for Protecting Smart Home Privacy from Network Observers
- 2018, arXiv, A Developer-Friendly Library for Smart Home IoT Privacy Preserving Traffic Obfuscation
- 2022, USENIX Security,Lumos: Identifying and Localizing Diverse Hidden IoT Devices in an Unfamiliar Environment
- 2017, arXiv, A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security
- 2017, arXiv, Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be
- 2017, IEEE S&P Magazine, Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges
- 2018, BlackHat, IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
- 2018, arXiv, A Survey on Sensor-based Threats to Internet-of-Things (IoT) Devices and Applications
- 2018,信息安全学术,IoT 智能设备安全威胁及防护技术综述
- 2018, arXiv, IoT Security: An End-to-End View and Case Study
- 2019, arXiv, Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities
- 2019, IEEE S&P, SoK: Security Evaluation of Home-Based IoT Deployments
- 2019, USENIX Security,Looking from the mirror: evaluating IoT device security through mobile companion apps
- 2020, MDPI, A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices
- Researchers exploit ZigBee security flaws that compromise security of smart homes
- KCon 2018 议题解读:智能家居安全——身份劫持
list:
解密人脸解锁
IoT 固件安全的设计和攻防
僵尸网络 Hajime 的攻防逻辑
IoT 被遗忘的攻击面
特斯拉安全研究:从一次到两次的背后
小米 IoT 安全之路
IoT与隐私保护
list:
小米 IoT 安全思考与实践
小米IoT隐私数据合规实践
IoT + AI + 安全 =?
IoT 安全战地笔记
智能门锁,让居住更安全
IoT Reverse Engineering
大安全下的 IoT 安全威胁演变与应对