└── README.md


/README.md:
--------------------------------------------------------------------------------
  1 | This page includes a collection of papers we recommend reading for those interested in studying Internet of Things security and privacy.
  2 | ====
  3 |  # **Conference**
  4 |  ## Top Conference
  5 |   1: **`ACES: Automatic Compartments for Embedded Systems`**, *Usenix Security, 2018*
  6 |   
  7 |   2: **`C-FLAT: Control-Flow Attestation for Embedded Systems Software`**, *CCS, 2016*
  8 |   
  9 |   3: **`SEDA: Scalable Embedded Device Attestation`**, *CCS, 2015*
 10 |   
 11 |   4: **`Lock It and Still Lose It – On the (In)Security of Automotive Remote Keyless Entry Systems`**, *Usenix Security, 2016*
 12 |   
 13 |   5: **`Hidden Voice Commands`**, *Usenix Security, 2016*
 14 |   
 15 |   6: **`Fingerprinting Electronic Control Units for Vehicle Intrusion Detection`**, *Usenix Security, 2016*
 16 |   
 17 |   7: **`Virtual U: Defeating Face Liveness Detection by Building Virtual Models from Your Public Photos`**, *Usenix Security, 2016*
 18 |   
 19 |   8: **`SmartAuth: User-Centered Authorization for the Internet of Things`**, *Usenix Security, 2016*
 20 |   
 21 |   9: **`6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices`**, *Usenix Security, 2017*
 22 |  
 23 |   10: **`AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings`**, *Usenix Security, 2017*
 24 |   
 25 |   11: **`Rethinking Access Control and Authentication for the Home Internet of Things (IoT)`**, *Usenix Security, 2018*
 26 |   
 27 |   12: **`BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid`**, *Usenix Security, 2018*
 28 |   
 29 |   13: **`Sensitive Information Tracking in Commodity IoT`**, *Usenix Security, 2018*
 30 |   
 31 |   14: **`Acquisitional Rule-based Engine for Discovering Internet-of-Thing Devices`**, *Usenix Security, 2018*
 32 |   
 33 |   15: **`Scalable Error Isolation for Distributed Systems`**, *NSDI, 2015*
 34 |   
 35 |   16: **`FarmBeats: An IoT Platform for Data-Driven Agriculture`**, *NSDI, 2017*
 36 |   
 37 |   17: **`Bringing IoT to Sorts Analytics`**, *NSDI, 2017*
 38 |   
 39 |   18: **`Opaque: An Oblivious and Encrypted Distributed Analytics Platform`**, *NSDI, 2017*
 40 |   
 41 |   19: **`Towards Automated Dynamic Analysis for Linux-based Embedded Firmware`**, *NDSS, 2016*
 42 |   
 43 |   20: **`discovRE: Efficient Cross-Architecture Identification of Bugs in Binary Code`**, *NDSS, 2015*
 44 |   
 45 |   21: **`Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding`**, *NDSS, 2015*
 46 |   
 47 |   22: **`Who’s in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems`**, *NDSS, 2016*
 48 |   
 49 |   23: **`Leakage-Resilient Layout Randomization for Mobile Devices`**, *NDSS, 2016*
 50 |   
 51 |   24: **`Decentralized Action Integrity for Trigger-Action IoT Platforms`**, *NDSS, 2018*
 52 |   
 53 |   25: **`What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices`**, *NDSS, 2018*
 54 |   
 55 |   26: **`Fear and Logging in the Internet of Things`**, *NDSS, 2018*
 56 |   
 57 |   27: **`IOTFUZZER: Discovering Memory Corruptions in IoT Through App-based Fuzzing`**, *NDSS, 2018*
 58 |   
 59 |   28: **`Perplexed Messengers from the Cloud: Automated Security Analysis of Push-Messaging Integrations`**, *CCS, 2015*
 60 |   
 61 |   29: **`From System Services Freezing to System Server Shutdown in Android: All You Need Is a Loop in an App`**, *CCS, 2015*
 62 |   
 63 |   30: **`When Good Becomes Evil: Keystroke Inference with Smartwatch`**, *CCS, 2015*
 64 |   
 65 |   31: **`Security Analysis of Emerging Smart Home Applications`**, *SP, 2016*
 66 |   
 67 |   32: **`Heimdall: A Privacy-Respecting Implicit Preference Collection Framework`**, *MobiSys, 2017*
 68 |   
 69 |   33: **`FlowFence: Practical Data Protection for Emerging IoT Application Frameworks`**, *Usenix Security, 2016*
 70 |   
 71 |   34: **`ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms`**, *NDSS, 2017*
 72 |   
 73 |   35: **`IoT Goes Nuclear: Creating a ZigBee Chain Reaction`**, *SP, 2017*
 74 |   
 75 |   36: **`Augur: Internet-Wide Detection of Connectivity Disruptions`**, *SP, 2017*
 76 |   
 77 |   37: **`Situational Access Control in the Internet of Things`**, *CCS, 2018*
 78 |   
 79 |   38: **`HoMonit: Monitoring Smart Home Apps from Encrypted Traffic`**, *CCS, 2018*
 80 |   
 81 |   39: **`Pinto: Enabling Video Privacy for Commodity IoT Cameras`**, *CCS, 2018*
 82 |   
 83 |   40: **`If This Then What? Controlling Flows in IoT Apps`**, *CCS, 2018*
 84 |   
 85 |   41: **`SANA: Secure and Scalable Aggregate Network Attestation`**, *CCS, 2016*
 86 |   
 87 |   42: **`Protecting Bare-metal Embedded Systems with Privilege Overlays`**, *SP, 2017*
 88 |   
 89 |   43: **`Do You Feel What I Hear? Enabling Autonomous IoT Device Pairing using Different Sensor Types`**, *SP, 2018*
 90 |   
 91 |   44: **`Do You Hear What I Hear? Fingerprinting Smart Devices Through Embedded Acoustic Components`**, *CCS, 2014*
 92 |   
 93 |   45: **`Firmalice – Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware`**, *NDSS, 2015*
 94 |   
 95 |   46: **`Inception: System-Wide Security Testing of Real-World Embedded Systems Software`**, *Usenix Security, 2018*
 96 |   
 97 |   47: **`Prio: Private, Robust, and Scalable Computation of Aggregate Statistics`**, *NSDI, 2017*
 98 |   
 99 |   48: **`Things, Trouble, Trust: On Building Trust in IoT Systems`**, *DAC, 2016*
100 |   
101 |   49: **`Can IoT be Secured: Emerging Challenges in Connecting the Unconnected`**, *DAC, 2016*
102 |   
103 |   50: **`MUTE: Bringing IoT to Noise Cancellation`**, *Sigcomm, 2018*
104 |   
105 |   50: **`PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary`**, *NDSS, 2019*
106 |   
107 |   51: **`IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT`**, *NDSS, 2019*
108 |   
109 |   52: **`Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai`**, *NDSS, 2019*
110 |   
111 |   53: **`Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet`**, *NDSS, 2019*
112 |   
113 |   54: **`Soteria: Automated IoT Safety and Security Analysis`**, *ATC, 2018*
114 |   
115 |   55: **`On the Safety of IoT Device Physical Interaction Control`**, *CCS, 2018*
116 |   
117 |   56: **`FirmUp: Precise Static Detection of Common Vulnerabilities in Firmware`**, *ASPLOS, 2018*
118 |   
119 |   57: **`Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks`**, *CCS, 2018*
120 |     
121 |   58: **`Understanding Linux Malware`**, *SP, 2018*
122 |   
123 |   59: **`Detecting and Identifying Faulty IoT Devices in Smart Home with Context Extraction`**, *DSN, 2018*
124 |   
125 |   60: **`Smart Locks: Lessons for Securing Commodity Internet of Things Devices`**, *CCS, 2016*
126 |   
127 |   61: **`FirmUp: Precise Static Detection of Common Vulnerabilities in Firmware`**, *ASPLOS, 2018*
128 |   
129 |   62: **`Razzer: Finding Kernel Race Bugs through Fuzzing`**, *SP, 2019*
130 |   
131 |   63: **`Fuzzing File Systems via Two-Dimensional Input Space Exploration`**, *SP, 2019*
132 |  
133 |   64: **`Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems`**, *SP, 2019*
134 |   
135 |   65: **`HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows`**, *SP, 2019*
136 |   
137 |   66: **`Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization`**, *SP, 2019*
138 |   
139 |   67: **`SoK: Security Evaluation of Home-Based IoT Deployments`**, *SP, 2019*
140 |   
141 |   68: **`SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security`**, *SP, 2019*
142 |   
143 |   69: **`Tap 'n Ghost: A Compilation of Novel Attack Techniques against Smartphone Touchscreens Towards Automated Safety Vetting of PLC Code in Real-World Plants`**, *SP, 2019*
144 |   
145 |   70: **`IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT`**, *NDSS, 2019*
146 |   
147 |   71: **`Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet`**, *NDSS, 2019*
148 |   
149 |   72: **`Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai`**, *NDSS, 2019*
150 |   
151 |   73: **`Digital Healthcare-Associated Infection Analysis of a Major Multi-Campus Hospital System`**, *NDSS, 2019*
152 |   
153 |   .........................................................
154 | 
155 | 
156 |   ## Workshop on Internet of Things Security and Privacy, *CCS, 2017*
157 |    1: **`Systematically Evaluating Security and Privacy for Consumer IoT Devices`**
158 |    
159 |    2: **`Plaintext Data Transmission in Consumer IoT Medical Devices`**
160 |    
161 |    3: **`Smart Solution, Poor Protection: An Empirical Study of Security and Privacy Issues in Developing and Deploying Smart Home devices`**
162 |    
163 |    4: **`Security & Privacy of Smart Toys`**
164 |    
165 |    5: **`How to Practice Safe IoT: Sexual Intimacy in the Age of Smart Devices`**
166 |    
167 |    6: **`Understanding Security Threats in Consumer Drones Through the Lens of the Discovery Quadcopter Family`**
168 |    
169 |    7: **`A Secure Event Logging System for Smart Home`**
170 |    
171 |    8: **`Toward Usable Network Traffic Policies for IoT Devices in Consumer Networks`**
172 |    
173 |    9: **`Enabling Multi-user Controls in Smart Home Devices`**
174 |    
175 |   ## Workshop on Decentralized IoT Security and Standards, *NDSS, 2018*
176 |    1: **`SOFIE Secure Open Federation for Internet Everywhere`**
177 |    
178 |    2: **`CIoTA: Collaborative IoT Anomaly Detection via Blockchain`**
179 |    
180 |    3: **`Standardizing IoT Network Security Policy Enforcement`**
181 |    
182 |    4: **`Unifying Lightweight Blockchain Client Implementations`**
183 |    
184 |    5: **`Avoiding Gaps in Authorization Solutions for the Internet of Things`**
185 |    
186 |    6: **`Reliable Collective Cosigning to Scale Blockchain with Strong Consistency`**
187 |    
188 |    7: **`Exploring Security Economics in IoT Standardization Efforts`**
189 |    
190 |    8: **`User-Centered Attestation for Layered and Decentralized Systems`**
191 |    
192 |    9: **`Distributed Security Risks and Opportunities in the W3C Web of Things`**
193 |    
194 |    10: **`A Lightweight Authentication and Key Exchange Protocol for IoT`**
195 |    
196 |    11: **`Practical Runtime Attestation for Tiny IoT Devices`**
197 |    
198 |    12: **`SPOC: Secure Payments for Outsourced Computations`**
199 |    
200 |   ## ACM SIGCOMM 2018 Workshop on IoT Security and Privacy (IoT S&P)
201 |   
202 |   1: **`Combining MUD Policies with SDN for IoT Intrusion Detection`**
203 |   
204 |   2: **`Clear as MUD: Generating, Validating and Applying IoT Behaviorial Profiles`**
205 |   
206 |   3: **`Towards a Resilient Smart Home (DNP)`**
207 |   
208 |   4: **`Traversing the Quagmire that is Privacy in Your Smart-Home`**
209 |   
210 |   5: **`Web-based Attacks to Discover and Control Local IoT Devices`**
211 |   
212 |   6: **`IP-Based IoT Device Detection`**
213 |   
214 |   7: **`A Developer-Friendly Library for Smart Home IoT Privacy-Preserving Traffic Obfuscation`**
215 |   
216 |   8: **`Towards Secure, Distributed Trust Management on a Global Scale`**
217 | 
218 | # **Journal**
219 | ## **Journal Paper**
220 | 1: **`Hardware-Based Trusted Computing Architectures for Isolation and Attestation`**, *TOC, 2018*
221 | 
222 |   ........................................................
223 | ## **Survey**
224 |   1: **`A survey of intrusion detection in Internet of Things`**
225 |   
226 |   2: **`IoT Middleware: A Survey on Issues and Enabling Technologies`**
227 |   
228 |   3: **`Data Collection and Wireless Communication in Internet of Things (IoT) Using Economic Analysis and Pricing Models: A Survey`**
229 |   
230 |   4: **`A survey on emerging SDN and NFV security mechanisms for IoT systems`**
231 |   
232 |   5: **`A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security`**
233 |   
234 |   6: **`A review of Internet of Things for smart home: Challenges and solutions`**
235 |   
236 |   7: **`Internet of Things: A survey on the security of IoT frameworks`**
237 |   
238 |   8: **`SoK: Security Evaluation of Home-Based IoT Deployments`**, *SP, 2019*
239 |   
240 |   9: **`Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges`**, *SP Magazine, 2019*
241 |   
242 |   10: **`Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities`**, *arXiv*
243 |   
244 |   11: **`IoT Security: An End-to-End View and Case Study`**, *arXiv*
245 |   
246 |   12: **`A Survey on Sensor-based Threats to Internet-of-Things (IoT) Devices and Applications`**, *arXiv*
247 |   
248 |   ........................................................
249 | 
250 | 
251 | 
252 | 
253 | 


--------------------------------------------------------------------------------