参考文献
[1]Knud L. State of the IoT 2018: Number of IoT devicesmarket accelerating[EBOL]. (20180808) [20210908]. https:iotanalytics.comstateoftheiotupdateq1q22018numberofiotdevicesnow7b [2]李阳, 郭晓萧, 张延强. 智慧城市网络安全保障研究进展[J]. 信息安全研究, 2021, 7(11): 10841089[3]Kumar D, Shen K, Case B, et al. All things considered: An analysis of IoT devices on home networks[C] Proc of the 28th USENIX Conf on Security Symp. New York: ACM, 2019: 11691185[4]Wind River Systems, Inc. VxWorks[EBOL]. 2021 [20210908]. https:www.windriver.comproductsvxworks[5]Amazon Web Services. FreeRTOS[EBOL]. 2021 [20210908]. https:www.freertos.org[6]Langner R. Stuxnet: Dissecting a cyberwarfare weapon[J]. IEEE Security & Privacy, 2011, 9(3): 4951[7]TeleSUR. Venezuela denounces US participation in electric sabotage[EBOL]. (20190308) [20210908]. https:www.telesurenglish.netnewsVenezuelaDenouncesUSParticipationinElectricSabotage201903080021.html[8]Joe T. Colonial hack: How did cyberattackers shut off pipeline[EBOL]. (20210510) [20210908]. https:www.bbc.comnewstechnology57063636 [9]Eric R. JBS cyberattack: From gas to meat, hackers are hitting the nation, and consumers, where it hurts[EBOL]. (20210602) [20210908]. https:www.cnbc.com20210602fromgastoburgershackershitconsumerswhereithurts.html[10]Ponemon Institute. The Internet of things (IoT): A new era of ThirdParty risk[EBOL]. (20170717) [20210908]. https:www.ponemon.orgresearchponemonlibrarysecuritytheinternetofthingsiotaneweraofthirdpartyrisk.html [11]JSOF Research Lab. OverviewRipple20[EBOL]. (20200417) [20210908]. https:www.jsoftech.comripple20 [12]苏盛, 汪干, 刘亮, 等. 电力物联网终端安全防护研究综述[JOL]. 高电压技术: 113 [20210908]. https:doi.org10.13336j.10036520.hve.20210150[13]CNCERT. Internet network security situation of China in 2020[EBOL]. (20210721) [20210908]. https:www.cert.org.cnpublishmain820212021072113094450452577220210721130944504525772.html[14]Xu Jun, Ning Peng, Kil C, et al. Automatic diagnosis and response to memory corruption vulnerabilities[C] Proc of the 12th ACM Conf on Computer and Communications Security. New York: ACM, 2005: 223234[15]国家计算机网络应急技术处理协调中心. CNVD202162181[DBOL]. (20210816) [20210908]. https:www.cnvd.org.cnflawshowCNVD202162181 [16]国家计算机网络应急技术处理协调中心. CNVD202121479[DBOL]. (20210323) [20210908]. https:www.cnvd.org.cnflawshowCNVD202121479[17]国家计算机网络应急技术处理协调中心. CNVD202134351[DBOL]. (20210513) [20210908]. https:www.cnvd.org.cnflawshowCNVD202134351[18]Basnight Z, Butts J, Lopez Jr J, et al. Firmware modification attacks on programmable logic controllers[J]. International Journal of Critical Infrastructure Protection, 2013, 6(2): 7684[19]Chen D D, Woo M, Brumley D, et al. Towards automated dynamic analysis for Linuxbased embedded firmware[C]Proc of the Network and Distributed System Security Symp. San Diego, CA: NDSS, 2016: 18[20]Costin A, Zaddach J, Francillon A, et al.A largescale analysis of the security of embedded firmwares[C] Proc of the 23rd USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2014: 95110[21]Zhou Wei, Jia Yan, Yao Yao, et al. Discovering and understanding the security hazards in the interactions between iot devices, mobile apps, and clouds on smart home platforms[C] Proc of the 28th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2019: 11331150[22]朱瑞瑾, 张宝峰, 毛军捷, 等. 一种基于匹配字符串地址判定ARM固件装载基址的方法[J]. 电子学报, 2017, 45(6): 14751482[23]Cheng Kai, Li Qiang, Wang Lei, et al. DTaint: Detecting the taintstyle vulnerability in embedded device firmware[C] Proc of the 48th Annual IEEEIFIP Int Conf on Dependable Systems and Networks (DSN). Piscataway, NJ: IEEE, 2018: 430441[24]Chen Jiongyi, Diao Wenrui, Zhao Qingchuan, et al. IoT fuzzer: Discovering memory corruptions in IoT through appbased fuzzing[C] Proc of Network and Distributed System Security Symp. San Diego, CA: NDSS, 2018: 115[25]杨毅宇, 周威, 赵尚儒, 等. 物联网安全研究综述:威胁、检测与防御[J]. 通信学报, 2021, 42(8): 188205[26]Li Yuping, Sundaramurthy S C, Bardas A G, et al. Experimental study of fuzzy hashing in malware clustering analysis[C] Proc of the 8th Workshop on Cyber Security Experimentation and Test. Berkeley, CA: USENIX Association, 2015: 18[27]Godefroid P. Random testing for security: Blackbox vs whitebox fuzzing[C] Proc of the 2nd Int Workshop on Random Testing: CoLocated with the 22nd IEEEACM Int Conf on Automated Software Engineering (ASE 2007). New York: ACM, 2007: 11[28]Baldoni R, Coppa E, D’elia D C, et al. A survey of symbolic execution techniques[J]. ACM Computing Surveys, 2018, 51(3): 139[29]Miller B P, Fredriksen L, So B. An empirical study of the reliability of Unix utilities[J]. Communications of the ACM, 1990, 33(12): 3244[30]樊期光, 彭华熹, 齐文杰, 等. IoT智能硬件安全威胁分析与应对方法[J]. 信息安全研究, 2018, 4(8): 722727 |