{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T02:10:03Z","timestamp":1769307003662,"version":"3.49.0"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030578770","type":"print"},{"value":"9783030578787","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-57878-7_12","type":"book-chapter","created":{"date-parts":[[2020,8,28]],"date-time":"2020-08-28T14:03:04Z","timestamp":1598623384000},"page":"233-253","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Watching the Weak Link into Your Home: An Inspection and Monitoring Toolkit for TR-069"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2084-8095","authenticated-orcid":false,"given":"Maximilian","family":"Hils","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4518-6227","authenticated-orcid":false,"given":"Rainer","family":"B\u00f6hme","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,8,29]]},"reference":[{"key":"12_CR1","unstructured":"Abdulla, Z.: GenieACS 1.1.3, October 2018. https:\/\/genieacs.com\/"},{"key":"12_CR2","doi-asserted-by":"crossref","unstructured":"Anderson, R.: Open and closed systems are equivalent (that is. an ideal world). In: Perspectives on Free and Open Source Software, pp. 127\u2013142. MIT Press, Cambridge (2005)","DOI":"10.7551\/mitpress\/5326.003.0013"},{"key":"12_CR3","unstructured":"Antonakakis, M., et al.: Understanding the Mirai botnet. In: Proceedings of the 26th USENIX Security Symposium, pp. 1093\u20131110. Vancouver, BC, Canada (2017)"},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"Bano, S., et al.: Scanning the Internet for liveness, vol. 48, pp. 2\u20139. ACM, New York, May 2018","DOI":"10.1145\/3213232.3213234"},{"key":"12_CR5","unstructured":"Blackford, J., Digdon, M.: TR-069 Issue 1 Amendment 6. Technical report, The Broadband Forum, April 2018. https:\/\/www.broadband-forum.org\/technical\/download\/TR-069_Amendment-6.pdf"},{"issue":"1","key":"12_CR6","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1109\/MSP.2009.12","volume":"7","author":"F Callegati","year":"2009","unstructured":"Callegati, F., Cerroni, W., Ramilli, M.: Man-in-the-middle attack to the HTTPS protocol. IEEE Secur. Priv. 7(1), 78\u201381 (2009)","journal-title":"IEEE Secur. Priv."},{"key":"12_CR7","doi-asserted-by":"crossref","unstructured":"Clark, J., van Oorschot, P.C.: SoK: SSL and HTTPS: revisiting past challenges and evaluating certificate trust model enhancements. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, pp. 511\u2013525. IEEE, Berkeley, May 2013","DOI":"10.1109\/SP.2013.41"},{"key":"12_CR8","unstructured":"Cortesi, A., Hils, M., Kriechbaumer, T., contributors: mitmproxy: a free and open source interactive HTTPS proxy (2010-). https:\/\/mitmproxy.org\/, [Version 4.0]"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by internet-wide scanning. In: Proceedings of the 22nd ACM Conference on Computer and Communications Security, pp. 542\u2013553. ACM, New York, October 2015","DOI":"10.1145\/2810103.2813703"},{"key":"12_CR10","unstructured":"Erdem, O.: HoneyThing: Nesnelerin \u0130nterneti i\u00e7in Tuzak Sistem. Master\u2019s thesis, Istanbul \u015eehir University, December 2015. http:\/\/earsiv.sehir.edu.tr:8080\/xmlui\/bitstream\/handle\/11498\/25170\/000110615002.pdf"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Fahl, S., Harbach, M., Muders, T., Baumg\u00e4rtner, L., Freisleben, B., Smith, M.: Why eve and mallory love Android: an analysis of android SSL (in)security. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 50\u201361. ACM, New York (2012)","DOI":"10.1145\/2382196.2382205"},{"key":"12_CR12","unstructured":"Free Software Foundation Europe: Timeline of compulsory routers (2016). https:\/\/fsfe.org\/activities\/routers\/timeline.en.html"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 38\u201349. ACM, New York, October 2012","DOI":"10.1145\/2382196.2382204"},{"key":"12_CR14","unstructured":"Koch, R., Stelte, B.: Bot-netz ohne Fritz. In: Sicherheit in vernetzten Systemen: 18. DFN Workshop. Deutsche Forschungsnetz, Berlin, Germany (2013)"},{"key":"12_CR15","unstructured":"Nazario, J.: PhoneyC: a virtual client honeypot. In: Proceedings of the 2nd USENIX Conference on Large-scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More, p. 6. USENIX Association, Berkeley, April 2009"},{"key":"12_CR16","unstructured":"Nicolai, S., Stark, B.: TR-064 Issue 2. Technical report, The Broadband Forum, July 2015. https:\/\/www.broadband-forum.org\/technical\/download\/TR-064_Issue-2.pdf"},{"key":"12_CR17","unstructured":"Ott, J.D.: TR-135 Issue 1 Amendment 3. Technical report, The Broadband Forum, January 2013. https:\/\/www.broadband-forum.org\/technical\/download\/TR-135_Amendment-3.pdf"},{"key":"12_CR18","unstructured":"QA Cafe: Overview of a TR-069 session, June 2019. https:\/\/www.qacafe.com\/tr-069-training\/session-overview\/"},{"key":"12_CR19","unstructured":"QA Cafe: Best practices for securing TR-069, January 2020. https:\/\/www.qacafe.com\/articles\/best-practices-for-securing-tr-069\/"},{"key":"12_CR20","unstructured":"RedTeam Pentesting GmbH: o2\/Telefonica Germany: ACS discloses VoIP\/SIP credentials, January 2016. https:\/\/www.redteam-pentesting.de\/en\/advisories\/rt-sa-2015-005\/"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Rescorla, E.: HTTP Over TLS. RFC 2818, May 2000","DOI":"10.17487\/rfc2818"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Sahin, M., Francillon, A., Gupta, P., Ahamad, M.: SoK: fraud in telephony networks. In: EUROS&P 2017 2nd IEEE European Symposium on Security and Privacy. IEEE, Berkeley, April 2017","DOI":"10.1109\/EuroSP.2017.40"},{"issue":"5","key":"12_CR23","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1145\/1941487.1941516","volume":"54","author":"G Schryen","year":"2011","unstructured":"Schryen, G.: Is open source security a myth? Commun. ACM 54(5), 130\u2013140 (2011)","journal-title":"Commun. ACM"},{"key":"12_CR24","unstructured":"Seifert, C., Welch, I., Komisarczuk, P.: Taxonomy of honeypots. Technical report, Victoria University of Wellington, June 2006. http:\/\/www.mcs.vuw.ac.nz\/comp\/Publications\/archive\/CS-TR-06\/CS-TR-06-12.pdf"},{"key":"12_CR25","volume-title":"Honeypots: Tracking Hackers","author":"L Spitzner","year":"2002","unstructured":"Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley, Boston (2002)"},{"key":"12_CR26","unstructured":"Stenberg, D.: Lesser HTTPS for non-browsers, January 2017. https:\/\/daniel.haxx.se\/blog\/2017\/01\/10\/lesser-https-for-non-browsers\/"},{"key":"12_CR27","unstructured":"Tal, S.: I hunt TR-069 admins: Pwning ISPs like a boss. Defcon 22, July 2014. https:\/\/defcon.org\/images\/defcon-22\/dc-22-presentations\/Tal\/DEFCON-22-Shahar-TaI-I-hunt-TR-069-admins-UPDATED.pdf"},{"key":"12_CR28","unstructured":"Tal, S., Oppenheim, L.: Misfortune cookie (2014). http:\/\/mis.fortunecook.ie\/"},{"key":"12_CR29","unstructured":"Tal, S., Oppenheim, L.: Too many cooks - exploiting the Internet-of-TR-069-Things. In: 31th Chaos Communication Congress, December 2014. https:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/events\/6166.html"},{"key":"12_CR30","unstructured":"The Broadband Forum: List of technical reports. https:\/\/www.broadband-forum.org\/technical-reports"},{"key":"12_CR31","unstructured":"The Broadband Forum: Global fixed broadband subscribers exceed one billion (2018). https:\/\/www.broadband-forum.org\/global-fixed-broadband-subscribers-exceed-one-billion"},{"key":"12_CR32","doi-asserted-by":"crossref","unstructured":"Thomas, D.R., Pastrana, S., Hutchings, A., Clayton, R., Beresford, A.R.: Ethical issues in research using datasets of illicit origin. In: Proceedings of the 2017 Internet Measurement Conference, pp. 445\u2013462. ACM (2017)","DOI":"10.1145\/3131365.3131389"},{"key":"12_CR33","unstructured":"Valunas, A.: OpenACS 0.5.0.3 (2013). https:\/\/sourceforge.net\/projects\/openacs\/"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Vetterl, A., Clayton, R.: Honware: a virtual honeypot framework for capturing CPE and IoT zero days. In: Symposium on Electronic Crime Research (eCrime). IEEE (2019)","DOI":"10.1109\/eCrime47957.2019.9037501"},{"key":"12_CR35","unstructured":"Weinmann, R.P.: Were 900k Deutsche Telekom routers compromised by Mirai? November 2016. https:\/\/comsecuris.com\/blog\/posts\/were_900k_deutsche_telekom_routers_compromised_by_mirai\/"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-57878-7_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,12]],"date-time":"2024-08-12T19:36:52Z","timestamp":1723491412000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-57878-7_12"}},"subtitle":["Abridged Conference Version"],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030578770","9783030578787"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-57878-7_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"29 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACNS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Cryptography and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rome","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 October 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 October 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acns2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/sites.google.com\/di.uniroma1.it\/ACNS2020","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"214","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"46","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.7","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Due to COVID-19 pandemy the confernce was helt virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}