乐胖代购免代理版

{"id":"https://openalex.org/W4221118516","doi":"https://doi.org/10.1016/j.fsidi.2022.301339","title":"Memory forensic analysis of a programmable logic controller in industrial control systems","display_name":"Memory forensic analysis of a programmable logic controller in industrial control systems","publication_year":2022,"publication_date":"2022-03-24","ids":{"openalex":"https://openalex.org/W4221118516","doi":"https://doi.org/10.1016/j.fsidi.2022.301339"},"language":"en","primary_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.fsidi.2022.301339","pdf_url":null,"source":{"id":"https://openalex.org/S4210178067","display_name":"Forensic Science International Digital Investigation","issn_l":"2666-2817","issn":["2666-2817","2666-2825"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true},"type":"article","type_crossref":"journal-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1016/j.fsidi.2022.301339","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007440779","display_name":"Muhammad H. Rais","orcid":"https://orcid.org/0000-0002-9944-1142"},"institutions":[{"id":"https://openalex.org/I184840846","display_name":"Virginia Commonwealth University","ror":"https://ror.org/02nkdxk79","country_code":"US","type":"education","lineage":["https://openalex.org/I184840846"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Muhammad Haris Rais","raw_affiliation_strings":["Virginia Commonwealth University, Richmond, VA, 23\u2009284, USA"],"affiliations":[{"raw_affiliation_string":"Virginia Commonwealth University, Richmond, VA, 23\u2009284, USA","institution_ids":["https://openalex.org/I184840846"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054475455","display_name":"Rima Asmar Awad","orcid":"https://orcid.org/0000-0002-3340-7742"},"institutions":[{"id":"https://openalex.org/I1289243028","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56","country_code":"US","type":"facility","lineage":["https://openalex.org/I1289243028","https://openalex.org/I1330989302","https://openalex.org/I39565521","https://openalex.org/I4210159294"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rima Asmar Awad","raw_affiliation_strings":["Oak Ridge National Laboratory, Oak Ridge, TN, 37\u2009830, USA"],"affiliations":[{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN, 37\u2009830, USA","institution_ids":["https://openalex.org/I1289243028"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101896115","display_name":"Juan Lopez","orcid":"https://orcid.org/0000-0001-5083-8627"},"institutions":[{"id":"https://openalex.org/I1289243028","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56","country_code":"US","type":"facility","lineage":["https://openalex.org/I1289243028","https://openalex.org/I1330989302","https://openalex.org/I39565521","https://openalex.org/I4210159294"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Juan Lopez","raw_affiliation_strings":["Oak Ridge National Laboratory, Oak Ridge, TN, 37\u2009830, USA"],"affiliations":[{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN, 37\u2009830, USA","institution_ids":["https://openalex.org/I1289243028"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063509441","display_name":"Irfan Ahmed","orcid":"https://orcid.org/0000-0001-5648-388X"},"institutions":[{"id":"https://openalex.org/I184840846","display_name":"Virginia Commonwealth University","ror":"https://ror.org/02nkdxk79","country_code":"US","type":"education","lineage":["https://openalex.org/I184840846"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Irfan Ahmed","raw_affiliation_strings":["Virginia Commonwealth University, Richmond, VA, 23\u2009284, USA"],"affiliations":[{"raw_affiliation_string":"Virginia Commonwealth University, Richmond, VA, 23\u2009284, USA","institution_ids":["https://openalex.org/I184840846"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5007440779"],"corresponding_institution_ids":["https://openalex.org/I184840846"],"apc_list":{"value":2950,"currency":"USD","value_usd":2950,"provenance":"doaj"},"apc_paid":{"value":2950,"currency":"USD","value_usd":2950,"provenance":"doaj"},"fwci":5.082,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.91831,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":93,"max":94},"biblio":{"volume":"40","issue":null,"first_page":"301339","last_page":"301339"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9984,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9984,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9925,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12495","display_name":"Electrostatic Discharge in Electronics","score":0.9909,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9377304},{"id":"https://openalex.org/keywords/control-logic","display_name":"Control logic","score":0.50991905},{"id":"https://openalex.org/keywords/microcode","display_name":"Microcode","score":0.4590804},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.45166045}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9377304},{"id":"https://openalex.org/C37374048","wikidata":"https://www.wikidata.org/wiki/Q188674","display_name":"Programmable logic controller","level":2,"score":0.70238316},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.68585145},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.6404277},{"id":"https://openalex.org/C2776350369","wikidata":"https://www.wikidata.org/wiki/Q843479","display_name":"Control logic","level":2,"score":0.50991905},{"id":"https://openalex.org/C22174128","wikidata":"https://www.wikidata.org/wiki/Q175869","display_name":"Microcode","level":2,"score":0.4590804},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.45166045},{"id":"https://openalex.org/C153247305","wikidata":"https://www.wikidata.org/wiki/Q835713","display_name":"Memory address","level":3,"score":0.450218},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.44777226},{"id":"https://openalex.org/C203479927","wikidata":"https://www.wikidata.org/wiki/Q5165939","display_name":"Controller (irrigation)","level":2,"score":0.43452573},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.43446553},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.3420354},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.28700674},{"id":"https://openalex.org/C98986596","wikidata":"https://www.wikidata.org/wiki/Q1143031","display_name":"Semiconductor memory","level":2,"score":0.25518304},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.22505668},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.12246314},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C6557445","wikidata":"https://www.wikidata.org/wiki/Q173113","display_name":"Agronomy","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.fsidi.2022.301339","pdf_url":null,"source":{"id":"https://openalex.org/S4210178067","display_name":"Forensic Science International Digital Investigation","issn_l":"2666-2817","issn":["2666-2817","2666-2825"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true},{"is_oa":true,"landing_page_url":"https://www.osti.gov/biblio/1878709","pdf_url":null,"source":{"id":"https://openalex.org/S4306402487","display_name":"OSTI OAI (U.S. Department of Energy Office of Scientific and Technical Information)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I139351228","host_organization_name":"Office of Scientific and Technical Information","host_organization_lineage":["https://openalex.org/I139351228"],"host_organization_lineage_names":["Office of Scientific and Technical Information"],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.fsidi.2022.301339","pdf_url":null,"source":{"id":"https://openalex.org/S4210178067","display_name":"Forensic Science International Digital Investigation","issn_l":"2666-2817","issn":["2666-2817","2666-2825"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true},"sustainable_development_goals":[],"grants":[],"datasets":[],"versions":[],"referenced_works_count":14,"referenced_works":["https://openalex.org/W2041078517","https://openalex.org/W2043118292","https://openalex.org/W2077699686","https://openalex.org/W2285923621","https://openalex.org/W2569220913","https://openalex.org/W2613412685","https://openalex.org/W2744632709","https://openalex.org/W2768270002","https://openalex.org/W2891527827","https://openalex.org/W3036981874","https://openalex.org/W3186896525","https://openalex.org/W3217362056","https://openalex.org/W4205496345","https://openalex.org/W4287105923"],"related_works":["https://openalex.org/W608147619","https://openalex.org/W4252104358","https://openalex.org/W2062160093","https://openalex.org/W2056006243","https://openalex.org/W2026551898","https://openalex.org/W2025981307","https://openalex.org/W2005884193","https://openalex.org/W1998626163","https://openalex.org/W1984676852","https://openalex.org/W1966431236"],"abstract_inverted_index":{"In":[0],"industrial":[1],"control":[2,60,89,207,233],"systems":[3],"(ICS),":[4],"programmable":[5],"logic":[6,61],"controllers":[7],"(PLCs)":[8],"are":[9,24,217],"used":[10],"to":[11,27,94,121,134,139,153,209,219,238,286,314],"automate":[12],"physical":[13],"processes":[14],"such":[15,50],"as":[16,51,248,300],"nuclear":[17],"plants":[18],"and":[19,23,68,75,88,117,146,241,249,282,304,337],"power":[20],"grid":[21],"stations,":[22],"often":[25],"subject":[26],"cyber":[28],"attacks.":[29],"As":[30,128],"in":[31,162,190,221,291,330],"conventional":[32,78,280],"IT":[33,79],"domain,":[34,80],"the":[35,39,48,52,66,111,118,141,172,181,185,200,205,222,239,242,268,275,307,320],"memory":[36,101,142,201,224,243,296,332,343],"analysis":[37,297,344],"of":[38,54,58,70,107,143,175,178,213,261,267,334],"PLCs":[40,81,176],"can":[41,245,309],"help":[42,310,328],"answer":[43],"important":[44,214],"forensic":[45,108,187,312,317],"questions":[46],"about":[47],"attack,":[49],"presence":[53],"malicious":[55],"firmware,":[56,182],"injection":[57],"modified":[59],"(the":[62],"program":[63],"running":[64],"on":[65,171,271],"PLC),":[67],"manipulation":[69],"I/O":[71],"devices":[72],"(e.g.,":[73],"sensors":[74],"actuators).":[76],"Unlike":[77],"have":[82],"heterogeneous":[83],"hardware":[84],"architecture,":[85],"proprietary":[86],"firmware":[87,112],"software,":[90],"making":[91],"it":[92],"challenging":[93],"employ":[95,279],"a":[96,114,129,131,149,159,167,191,211,229,301,311,340],"unified":[97],"framework":[98,151],"for":[99,124],"their":[100],"forensics.":[102],"For":[103],"merely":[104],"extracting":[105],"artifacts":[106,188,215,318],"importance,":[109],"reverse-engineering":[110],"is":[113,138,158,236],"tedious":[115],"task,":[116],"effort":[119],"needs":[120],"be":[122,246],"repeated":[123],"every":[125],"PLC":[126,206,223,232,342],"model.":[127],"community,":[130,308],"step-wise":[132],"approach":[133,227,326],"tackle":[135],"this":[136,163,292],"challenge":[137],"analyze":[140,184,204],"specific":[144],"PLCs,":[145,336],"subsequently":[147],"find":[148],"generic":[150,341],"applicable":[152],"all":[154],"PLCs.":[155],"Our":[156],"work":[157],"step":[160],"forward":[161],"direction.":[164],"By":[165],"following":[166],"methodology":[168],"that":[169,216,256],"focuses":[170],"functional":[173],"layer":[174],"instead":[177],"reverse":[179],"engineering":[180],"we":[183,203,278],"digital":[186],"available":[189],"common":[192],"PLC,":[193,240],"Allen-Bradley":[194],"ControlLogix":[195],"1756-L61.":[196],"Before":[197],"diving":[198],"into":[199],"dump,":[202],"software":[208,234],"create":[210,253],"list":[212],"sure":[218],"exist":[220],"dump.":[225],"The":[226,295,324],"employs":[228],"setup":[230],"where":[231],"RSLogix-5000":[235],"connected":[237],"dump":[244],"obtained":[247],"when":[250],"needed.":[251],"We":[252],"test":[254],"cases":[255],"sequentially":[257],"highlight":[258],"each":[259],"category":[260],"artifacts,":[262,277],"followed":[263],"by":[264],"an":[265],"examination":[266],"resultant":[269],"impact":[270],"memory.":[272,294],"After":[273],"attaining":[274],"listed":[276],"string":[281],"known":[283],"data":[284],"searches":[285],"extract":[287,316],"interesting":[288],"information":[289],"present":[290],"PLC's":[293],"profile,":[298],"presented":[299],"Python":[302],"library":[303],"shared":[305],"with":[306],"investigator":[313],"readily":[315],"from":[319],"same":[321],"model's":[322],"controller.":[323],"adopted":[325],"may":[327],"researchers":[329],"creating":[331],"profile":[333],"other":[335],"ultimately":[338],"formulating":[339],"framework.":[345]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4221118516","counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":4}],"updated_date":"2025-01-15T21:34:33.552175","created_date":"2022-04-03"}