{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T08:45:01Z","timestamp":1725785101390},"publisher-location":"New York, NY, USA","reference-count":72,"publisher":"ACM","funder":[{"name":"NWO","award":["NWA.1162.18.301"]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,12,5]]},"DOI":"10.1145\/3564625.3564644","type":"proceedings-article","created":{"date-parts":[[2022,12,2]],"date-time":"2022-12-02T20:01:29Z","timestamp":1670011289000},"page":"467-480","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behavior profiles"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0000-0003-0771-7699","authenticated-orcid":false,"given":"Luca","family":"Morgese Zangrandi","sequence":"first","affiliation":[{"name":"TNO, Netherlands and University of Twente, Netherlands"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-3865-6390","authenticated-orcid":false,"given":"Thijs","family":"Van Ede","sequence":"additional","affiliation":[{"name":"University of Twente, Netherlands"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-5170-4815","authenticated-orcid":false,"given":"Tim","family":"Booij","sequence":"additional","affiliation":[{"name":"TNO, Netherlands"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-0974-3639","authenticated-orcid":false,"given":"Savio","family":"Sciancalepore","sequence":"additional","affiliation":[{"name":"Eindhoven University of Technology, Netherlands"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-1600-0868","authenticated-orcid":false,"given":"Luca","family":"Allodi","sequence":"additional","affiliation":[{"name":"Eindhoven University of Technology, Netherlands"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-0329-1830","authenticated-orcid":false,"given":"Andrea","family":"Continella","sequence":"additional","affiliation":[{"name":"University of Twente, Netherlands"}]}],"member":"320","published-online":{"date-parts":[[2022,12,5]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_3_2_1_1_1","DOI":"10.1109\/NOMS47738.2020.9110329"},{"volume-title":"26th USENIX security symposium (USENIX Security 17). 1093\u20131110.","author":"Antonakakis Manos","unstructured":"Manos Antonakakis , Tim April , Michael Bailey , Matt Bernhard , Elie Bursztein , Jaime Cochran , Zakir Durumeric , J\u00a0Alex Halderman , Luca Invernizzi , Michalis Kallitsis , 2017. Understanding the mirai botnet . In 26th USENIX security symposium (USENIX Security 17). 1093\u20131110. Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J\u00a0Alex Halderman, Luca Invernizzi, Michalis Kallitsis, 2017. Understanding the mirai botnet. In 26th USENIX security symposium (USENIX Security 17). 1093\u20131110.","key":"e_1_3_2_1_2_1"},{"unstructured":"AT&T. n.d. AlienVault Open Source SIEM (OSSIM). https:\/\/cybersecurity.att.com\/products\/ossim AT&T. n.d. AlienVault Open Source SIEM (OSSIM). https:\/\/cybersecurity.att.com\/products\/ossim","key":"e_1_3_2_1_3_1"},{"volume-title":"Proceedings of the USENIX Security Symposium.","year":"2020","author":"Bouwman Xander","unstructured":"Xander Bouwman , Harm Griffioen , Jelle Egbers , Christian Doerr , Bram Klievink , and Michel van Eeten . 2020 . A different cup of TI? The added value of commercial threat intelligence . In Proceedings of the USENIX Security Symposium. Xander Bouwman, Harm Griffioen, Jelle Egbers, Christian Doerr, Bram Klievink, and Michel van Eeten. 2020. A different cup of TI? The added value of commercial threat intelligence. In Proceedings of the USENIX Security Symposium.","key":"e_1_3_2_1_4_1"},{"unstructured":"[\n 5\n ] Censys.n.d. https:\/\/censys.io [5] Censys.n.d. https:\/\/censys.io","key":"e_1_3_2_1_5_1"},{"unstructured":"CISCO. 2011. NetFlow version 9 Flow-Record Format. https:\/\/www.cisco.com\/en\/US\/technologies\/tk648\/tk362\/technologies_white_paper09186a00800a3db9.html CISCO. 2011. NetFlow version 9 Flow-Record Format. https:\/\/www.cisco.com\/en\/US\/technologies\/tk648\/tk362\/technologies_white_paper09186a00800a3db9.html","key":"e_1_3_2_1_6_1"},{"unstructured":"CISCO. n.d. Software-Defined Networking. https:\/\/www.cisco.com\/c\/en\/us\/solutions\/software-defined-networking\/overview.html CISCO. n.d. Software-Defined Networking. https:\/\/www.cisco.com\/c\/en\/us\/solutions\/software-defined-networking\/overview.html","key":"e_1_3_2_1_7_1"},{"unstructured":"Andrei Costin and Jonas Zaddach. 2018. IoT Malware : Comprehensive Survey Analysis Framework and Case Studies. In BlackHat USA. https:\/\/i.blackhat.com\/us-18\/Thu-August-9\/us-18-Costin-Zaddach-IoT-Malware-Comprehensive-Survey-Analysis-Framework-and-Case-Studies-wp.pdf Andrei Costin and Jonas Zaddach. 2018. IoT Malware : Comprehensive Survey Analysis Framework and Case Studies. In BlackHat USA. https:\/\/i.blackhat.com\/us-18\/Thu-August-9\/us-18-Costin-Zaddach-IoT-Malware-Comprehensive-Survey-Analysis-Framework-and-Case-Studies-wp.pdf","key":"e_1_3_2_1_8_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_9_1","DOI":"10.6028\/NIST.SP.1800-15"},{"unstructured":"ENISA. 2021. Internet of Things (IoT) \u2014 ENISA. https:\/\/www.enisa.europa.eu\/topics\/iot-and-smart-infrastructures\/iot ENISA. 2021. Internet of Things (IoT) \u2014 ENISA. https:\/\/www.enisa.europa.eu\/topics\/iot-and-smart-infrastructures\/iot","key":"e_1_3_2_1_10_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_11_1","DOI":"10.1145\/3378679.3394528"},{"unstructured":"Javier Franco Ahmet Aris Berk Canberk and A.\u00a0Selcuk Uluagac. 2021-08-04. A Survey of Honeypots and Honeynets for Internet of Things Industrial Internet of Things and Cyber-Physical Systems. arXiv:2108.02287 [cs](2021-08-04). arxiv:2108.02287http:\/\/arxiv.org\/abs\/2108.02287 Javier Franco Ahmet Aris Berk Canberk and A.\u00a0Selcuk Uluagac. 2021-08-04. A Survey of Honeypots and Honeynets for Internet of Things Industrial Internet of Things and Cyber-Physical Systems. arXiv:2108.02287 [cs](2021-08-04). arxiv:2108.02287http:\/\/arxiv.org\/abs\/2108.02287","key":"e_1_3_2_1_12_1"},{"doi-asserted-by":"crossref","unstructured":"Oscar Garcia-Morchon Sandeep Kumar and Mohit Sethi. 2019-04. RFC 8576 - Internet of Things (IoT) Security: State of the Art and Challenges. https:\/\/tools.ietf.org\/html\/rfc8576 Oscar Garcia-Morchon Sandeep Kumar and Mohit Sethi. 2019-04. RFC 8576 - Internet of Things (IoT) Security: State of the Art and Challenges. https:\/\/tools.ietf.org\/html\/rfc8576","key":"e_1_3_2_1_13_1","DOI":"10.17487\/RFC8576"},{"unstructured":"Google. 2017. Definition of Federated Learning. https:\/\/ai.googleblog.com\/2017\/04\/federated-learning-collaborative.html Google. 2017. Definition of Federated Learning. https:\/\/ai.googleblog.com\/2017\/04\/federated-learning-collaborative.html","key":"e_1_3_2_1_14_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_15_1","DOI":"10.1007\/978-3-030-57878-7_14"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_16_1","DOI":"10.1145\/3372297.3417277"},{"volume-title":"Scanners: Discovery of distributed slow scanners in telescope data.","year":"2018","author":"Griffioen J.","unstructured":"H.\u00a0 J. Griffioen . 2018 . Scanners: Discovery of distributed slow scanners in telescope data. (2018). https:\/\/repository.tudelft.nl\/islandora\/object\/uuid%3Adcb1669d-d81e-4aa3-bbd1-65049c3209c5 H.\u00a0J. Griffioen. 2018. Scanners: Discovery of distributed slow scanners in telescope data. (2018). https:\/\/repository.tudelft.nl\/islandora\/object\/uuid%3Adcb1669d-d81e-4aa3-bbd1-65049c3209c5","key":"e_1_3_2_1_17_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_18_1","DOI":"10.1109\/IMCEC51613.2021.9482304"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1145\/3314148.3314352"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_20_1","DOI":"10.1145\/3229565.3229571"},{"unstructured":"Ayyoob Hamza Dinesha Ranathunga Hassan\u00a0Habibi Gharakheili Theophilus Benson Matthew Roughan and Vijay Sivaraman. 2019. Verifying and Monitoring IoTs Network Behavior using MUD Profiles. CoRR abs\/1902.02484(2019). arXiv:1902.02484http:\/\/arxiv.org\/abs\/1902.02484 Ayyoob Hamza Dinesha Ranathunga Hassan\u00a0Habibi Gharakheili Theophilus Benson Matthew Roughan and Vijay Sivaraman. 2019. Verifying and Monitoring IoTs Network Behavior using MUD Profiles. CoRR abs\/1902.02484(2019). arXiv:1902.02484http:\/\/arxiv.org\/abs\/1902.02484","key":"e_1_3_2_1_21_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_22_1","DOI":"10.1145\/3229565.3229566"},{"unstructured":"Arne Holst. 2021. IoT connected devices worldwide 2019-2030. https:\/\/www.statista.com\/statistics\/1183457\/iot-connected-devices-worldwide\/ Arne Holst. 2021. IoT connected devices worldwide 2019-2030. https:\/\/www.statista.com\/statistics\/1183457\/iot-connected-devices-worldwide\/","key":"e_1_3_2_1_23_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.1145\/3230833.3230837"},{"unstructured":"IETF. n.d. Internet Engineering Task Force. https:\/\/www.ietf.org\/ IETF. n.d. Internet Engineering Task Force. https:\/\/www.ietf.org\/","key":"e_1_3_2_1_25_1"},{"unstructured":"Internet-Storm-Center. n.d. DShield Honeypot. https:\/\/isc.sans.edu\/honeypot.html Internet-Storm-Center. n.d. DShield Honeypot. https:\/\/isc.sans.edu\/honeypot.html","key":"e_1_3_2_1_26_1"},{"volume-title":"Honeytrack: Persistent honeypot for the Internet of Things.","year":"2018","author":"Kamoen Sille","unstructured":"Sille Kamoen . 2018 . Honeytrack: Persistent honeypot for the Internet of Things. (2018). https:\/\/repository.tudelft.nl\/islandora\/object\/uuid%3A344bd7aa-0a17-47dc-92fd-bd6f7e7b08c8 Sille Kamoen. 2018. Honeytrack: Persistent honeypot for the Internet of Things. (2018). https:\/\/repository.tudelft.nl\/islandora\/object\/uuid%3A344bd7aa-0a17-47dc-92fd-bd6f7e7b08c8","key":"e_1_3_2_1_27_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_28_1","DOI":"10.21227\/q70p-q449"},{"volume-title":"Assessing cyber security consumer support from technology retailers. Computer Fraud & Security","year":"2022","author":"Koshnaw Biar","unstructured":"Biar Koshnaw and Steven Furnell . 2022. Assessing cyber security consumer support from technology retailers. Computer Fraud & Security 2022 , 3 (2022). Biar Koshnaw and Steven Furnell. 2022. Assessing cyber security consumer support from technology retailers. Computer Fraud & Security 2022, 3 (2022).","key":"e_1_3_2_1_29_1"},{"doi-asserted-by":"crossref","unstructured":"Eliot Lear Dan Romascanu and Ralph Droms. 2019-03. IETF RFC 8520 - Manufacturer Usage Description (MUD) Specification. https:\/\/tools.ietf.org\/html\/rfc8520 Eliot Lear Dan Romascanu and Ralph Droms. 2019-03. IETF RFC 8520 - Manufacturer Usage Description (MUD) Specification. https:\/\/tools.ietf.org\/html\/rfc8520","key":"e_1_3_2_1_30_1","DOI":"10.17487\/RFC8520"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_31_1","DOI":"10.1145\/3394504"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_32_1","DOI":"10.3390\/app9214576"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_33_1","DOI":"10.1109\/ACCESS.2019.2947157"},{"unstructured":"Leland McInnes and Steven Horn. 2017-11-10. How HDBSCAN Works \u2014 hdbscan 0.8.1 documentation. https:\/\/hdbscan.readthedocs.io\/en\/latest\/how_hdbscan_works.html Leland McInnes and Steven Horn. 2017-11-10. How HDBSCAN Works \u2014 hdbscan 0.8.1 documentation. https:\/\/hdbscan.readthedocs.io\/en\/latest\/how_hdbscan_works.html","key":"e_1_3_2_1_34_1"},{"unstructured":"Leland McInnes and Marek Suppa. 2018-12-31. Benchmarking Performance and Scaling of Python Clustering Algorithms \u2014 hdbscan 0.8.1 documentation. https:\/\/hdbscan.readthedocs.io\/en\/latest\/performance_and_scalability.html Leland McInnes and Marek Suppa. 2018-12-31. Benchmarking Performance and Scaling of Python Clustering Algorithms \u2014 hdbscan 0.8.1 documentation. https:\/\/hdbscan.readthedocs.io\/en\/latest\/performance_and_scalability.html","key":"e_1_3_2_1_35_1"},{"unstructured":"Dave McMillen. 2021. Internet of Threats: IoT Botnets Drive Surge in Network Attacks. https:\/\/securityintelligence.com\/posts\/internet-of-threats-iot-botnets-network-attacks\/ Dave McMillen. 2021. Internet of Threats: IoT Botnets Drive Surge in Network Attacks. https:\/\/securityintelligence.com\/posts\/internet-of-threats-iot-botnets-network-attacks\/","key":"e_1_3_2_1_36_1"},{"volume-title":"Federated Lab (FedLab): An Open-source Distributed Platform for Internet of Things (IoT) Research and Experimentation","author":"Meijer Max","unstructured":"Max Meijer , Giacomo\u00a0Tommaso Petrucci , Matthjis Schotsman , Luca Morgese\u00a0Zangrandi , Thjis van Ede , Andrea Continella , Ganduulga Gankhuyag , Luca Allodi , and Savio Sciancalepore . 2022. Federated Lab (FedLab): An Open-source Distributed Platform for Internet of Things (IoT) Research and Experimentation . In IEEE World Forum on IoT. Max Meijer, Giacomo\u00a0Tommaso Petrucci, Matthjis Schotsman, Luca Morgese\u00a0Zangrandi, Thjis van Ede, Andrea Continella, Ganduulga Gankhuyag, Luca Allodi, and Savio Sciancalepore. 2022. Federated Lab (FedLab): An Open-source Distributed Platform for Internet of Things (IoT) Research and Experimentation. In IEEE World Forum on IoT.","key":"e_1_3_2_1_37_1"},{"unstructured":"MITRE. n.d. ATT&CK Framework. https:\/\/attack.mitre.org\/ MITRE. n.d. ATT&CK Framework. https:\/\/attack.mitre.org\/","key":"e_1_3_2_1_38_1"},{"volume-title":"Proceedings of the 17th Conference on Systems Administration (LISA 2003","year":"2003","author":"Moore David","unstructured":"David Moore . 2003 . Network Telescopes: Tracking Denial-of-Service Attacks and Internet Worms Around the Globe . In Proceedings of the 17th Conference on Systems Administration (LISA 2003 ), San Diego, California, USA , October 26-31, 2003, \u00c6leen Frisch (Ed.). USENIX. David Moore. 2003. Network Telescopes: Tracking Denial-of-Service Attacks and Internet Worms Around the Globe. In Proceedings of the 17th Conference on Systems Administration (LISA 2003), San Diego, California, USA, October 26-31, 2003, \u00c6leen Frisch (Ed.). USENIX.","key":"e_1_3_2_1_39_1"},{"unstructured":"Luca Morgese\u00a0Zangrandi and Thijs van Ede. 2022. MUDscope tool. https:\/\/github.com\/lucamrgs\/MUDscope Luca Morgese\u00a0Zangrandi and Thijs van Ede. 2022. MUDscope tool. https:\/\/github.com\/lucamrgs\/MUDscope","key":"e_1_3_2_1_40_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_41_1","DOI":"10.5281\/zenodo.7182597"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_42_1","DOI":"10.1109\/COMST.2019.2910750"},{"doi-asserted-by":"crossref","unstructured":"NETSCOUT. 2021. Cyber Security & Threat Intelligence Report | NETSCOUT. https:\/\/www.netscout.com\/threatreport\/ NETSCOUT. 2021. Cyber Security & Threat Intelligence Report | NETSCOUT. https:\/\/www.netscout.com\/threatreport\/","key":"e_1_3_2_1_43_1","DOI":"10.1016\/S1361-3723(21)00071-3"},{"unstructured":"NIST. n.d. MUD Related Resources. https:\/\/www.nccoe.nist.gov\/mud-related-resources NIST. n.d. MUD Related Resources. https:\/\/www.nccoe.nist.gov\/mud-related-resources","key":"e_1_3_2_1_44_1"},{"unstructured":"[\n 45\n ] Numpy.n.d. https:\/\/numpy.org\/ [45] Numpy.n.d. https:\/\/numpy.org\/","key":"e_1_3_2_1_45_1"},{"unstructured":"Open Networking Foundation. 2012-09-06. OpenFlow Switch Specification (1.3.1). https:\/\/opennetworking.org\/wp-content\/uploads\/2013\/04\/openflow-spec-v1.3.1.pdf Open Networking Foundation. 2012-09-06. OpenFlow Switch Specification (1.3.1). https:\/\/opennetworking.org\/wp-content\/uploads\/2013\/04\/openflow-spec-v1.3.1.pdf","key":"e_1_3_2_1_46_1"},{"volume-title":"Proceedings of the USENIX Workshop on Offensive Technologies (WOOT).","year":"2015","author":"Minn\u00a0Pa Pa Yin","unstructured":"Yin Minn\u00a0Pa Pa , Shogo Suzuki , Katsunari Yoshioka , Tsutomu Matsumoto , Takahiro Kasama , and Christian Rossow . 2015 . IoTPOT: Analysing the Rise of IoT Compromises . In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT). Yin Minn\u00a0Pa Pa, Shogo Suzuki, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, and Christian Rossow. 2015. IoTPOT: Analysing the Rise of IoT Compromises. In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT).","key":"e_1_3_2_1_47_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_48_1","DOI":"10.1145\/1028788.1028794"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_49_1","DOI":"10.1016\/j.diin.2019.01.014"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_50_1","DOI":"10.1109\/DSN48987.2021.00059"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_51_1","DOI":"10.1145\/3355369.3355595"},{"volume-title":"Proceedings of the 2007 joint conference on empirical methods in natural language processing and computational natural language learning (EMNLP-CoNLL). 410\u2013420","year":"2007","author":"Rosenberg Andrew","unstructured":"Andrew Rosenberg and Julia Hirschberg . 2007 . V-measure: A conditional entropy-based external cluster evaluation measure . In Proceedings of the 2007 joint conference on empirical methods in natural language processing and computational natural language learning (EMNLP-CoNLL). 410\u2013420 . Andrew Rosenberg and Julia Hirschberg. 2007. V-measure: A conditional entropy-based external cluster evaluation measure. In Proceedings of the 2007 joint conference on empirical methods in natural language processing and computational natural language learning (EMNLP-CoNLL). 410\u2013420.","key":"e_1_3_2_1_52_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_53_1","DOI":"10.1016\/j.cose.2019.101707"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_54_1","DOI":"10.1109\/ACCESS.2020.3022272"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_55_1","DOI":"10.1145\/3231053.3231103"},{"unstructured":"[\n 56\n ] Scapy.n.d. https:\/\/scapy.net\/ [56] Scapy.n.d. https:\/\/scapy.net\/","key":"e_1_3_2_1_56_1"},{"unstructured":"C.\u00a0J. T.\u00a0M. Schutijser. 2018-08-30. Towards automated DDoS abuse protection using MUD device profiles. (2018-08-30). http:\/\/essay.utwente.nl\/76207\/ C.\u00a0J. T.\u00a0M. Schutijser. 2018-08-30. Towards automated DDoS abuse protection using MUD device profiles. (2018-08-30). http:\/\/essay.utwente.nl\/76207\/","key":"e_1_3_2_1_57_1"},{"unstructured":"[\n 58\n ] Scikit-learn.n.d. https:\/\/scikit-learn.org\/stable\/ [58] Scikit-learn.n.d. https:\/\/scikit-learn.org\/stable\/","key":"e_1_3_2_1_58_1"},{"unstructured":"Tara Seals. 2021-09-06. IoT Attacks Skyrocket Doubling in 6 Months. https:\/\/threatpost.com\/iot-attacks-doubling\/169224\/ Tara Seals. 2021-09-06. IoT Attacks Skyrocket Doubling in 6 Months. https:\/\/threatpost.com\/iot-attacks-doubling\/169224\/","key":"e_1_3_2_1_59_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_60_1","DOI":"10.1109\/MCOM.2018.1700685"},{"unstructured":"[\n 61\n ] Shodan.n.d. https:\/\/www.shodan.io [61] Shodan.n.d. https:\/\/www.shodan.io","key":"e_1_3_2_1_61_1"},{"unstructured":"Armin\u00a0Ziaie Tabari and Xinming Ou. 2020. A First Step Towards Understanding Real-world Attacks on IoT Devices. CoRR abs\/2003.01218(2020). arXiv:2003.01218https:\/\/arxiv.org\/abs\/2003.01218 Armin\u00a0Ziaie Tabari and Xinming Ou. 2020. A First Step Towards Understanding Real-world Attacks on IoT Devices. CoRR abs\/2003.01218(2020). arXiv:2003.01218https:\/\/arxiv.org\/abs\/2003.01218","key":"e_1_3_2_1_62_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_63_1","DOI":"10.1145\/3102304.3102319"},{"unstructured":"[\n 64\n ] tcpdump.n.d. https:\/\/www.tcpdump.org\/ [64] tcpdump.n.d. https:\/\/www.tcpdump.org\/","key":"e_1_3_2_1_64_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_65_1","DOI":"10.1109\/DSN.2018.00064"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_66_1","DOI":"10.1007\/s11227-021-03825-1"},{"unstructured":"Ubuntu. 2019. nfdump manual. https:\/\/manpages.ubuntu.com\/manpages\/xenial\/man1\/nfdump.1.html Ubuntu. 2019. nfdump manual. https:\/\/manpages.ubuntu.com\/manpages\/xenial\/man1\/nfdump.1.html","key":"e_1_3_2_1_67_1"},{"unstructured":"M. van Staalduinen and Y. Joshi. 2019. The IoT security landscape: adoption and harmonisation of security solutions for the internet of things. Technical Report. TNO. https:\/\/repository.tno.nl\/islandora\/object\/uuid%3A989e7450-206f-4f7c-93aa-5587e4674781 M. van Staalduinen and Y. Joshi. 2019. The IoT security landscape: adoption and harmonisation of security solutions for the internet of things. Technical Report. TNO. https:\/\/repository.tno.nl\/islandora\/object\/uuid%3A989e7450-206f-4f7c-93aa-5587e4674781","key":"e_1_3_2_1_68_1"},{"volume-title":"Proceedings of the USENIX Workshop on Offensive Technologies (WOOT).","year":"2018","author":"Vetterl Alexander","unstructured":"Alexander Vetterl and Richard Clayton . 2018 . Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale . In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT). Alexander Vetterl and Richard Clayton. 2018. Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale. In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT).","key":"e_1_3_2_1_69_1"},{"unstructured":"Nguyen\u00a0Xuan Vinh Julien Epps and James Bailey. 2010. Information theoretic measures for clusterings comparison: Variants properties normalization and correction for chance. The Journal of Machine Learning Research(2010). Nguyen\u00a0Xuan Vinh Julien Epps and James Bailey. 2010. Information theoretic measures for clusterings comparison: Variants properties normalization and correction for chance. The Journal of Machine Learning Research(2010).","key":"e_1_3_2_1_70_1"},{"unstructured":"[\n 71\n ] Wireshark.n.d. https:\/\/www.wireshark.org\/ [71] Wireshark.n.d. https:\/\/www.wireshark.org\/","key":"e_1_3_2_1_71_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_72_1","DOI":"10.2197\/ipsjjip.28.481"}],"event":{"acronym":"ACSAC","name":"ACSAC: Annual Computer Security Applications Conference","location":"Austin TX USA"},"container-title":["Proceedings of the 38th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3564625.3564644","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,12,5]],"date-time":"2023-12-05T06:26:57Z","timestamp":1701757617000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564644"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,5]]},"references-count":72,"alternative-id":["10.1145\/3564625.3564644","10.1145\/3564625"],"URL":"https:\/\/doi.org\/10.1145\/3564625.3564644","relation":{},"subject":[],"published":{"date-parts":[[2022,12,5]]},"assertion":[{"value":"2022-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}