{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,18]],"date-time":"2026-07-18T11:44:21Z","timestamp":1784375061065,"version":"3.55.0"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031222948","type":"print"},{"value":"9783031222955","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-22295-5_6","type":"book-chapter","created":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T02:36:12Z","timestamp":1672540572000},"page":"101-119","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Honeysweeper: Towards Stealthy Honeytoken Fingerprinting Techniques"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4989-8523","authenticated-orcid":false,"given":"Mohamed","family":"Msaad","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5720-5504","authenticated-orcid":false,"given":"Shreyas","family":"Srinivasa","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5966-9823","authenticated-orcid":false,"given":"Mikkel M.","family":"Andersen","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3344-7258","authenticated-orcid":false,"given":"David H.","family":"Audran","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3336-9253","authenticated-orcid":false,"given":"Charity U.","family":"Orji","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5068-9158","authenticated-orcid":false,"given":"Emmanouil","family":"Vasilomanolakis","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2023,1,1]]},"reference":[{"key":"6_CR1","unstructured":"Acrobat: Acrobat API reference (2021). https:\/\/opensource.adobe.com\/dc-acrobat-sdk-docs\/acrobatsdk\/html2015\/Acro12_MasterBook\/API_References_SectionPage\/API_References\/Acrobat_API_Reference\/AV_Layer\/Weblink.html"},{"issue":"6","key":"6_CR2","first-page":"848","volume":"4","author":"E Aguirre-Anaya","year":"2014","unstructured":"Aguirre-Anaya, E., Gallegos-Garcia, G., Luna, N.S., Vargas, L.A.V.: A new procedure to detect low interaction honeypots. Int. J. Electr. Comput. Eng. (IJECE) 4(6), 848\u2013857 (2014)","journal-title":"Int. J. Electr. Comput. Eng. (IJECE)"},{"key":"6_CR3","doi-asserted-by":"publisher","first-page":"449","DOI":"10.1007\/978-0-387-36402-5_38","volume-title":"Adv. Inf. Syst. Dev.","author":"A \u010cenys","year":"2006","unstructured":"\u010cenys, A., Rainys, D., Radvilavicius, L., Goranin, N.: Database level honeytoken modules for active DBMS protection. In: Nilsson, A.G., Gustas, R., Wojtkowski, W., Wojtkowski, W.G., Wrycza, S., Zupan\u010di\u010d, J. (eds.) Adv. Inf. Syst. Dev., pp. 449\u2013457. Springer, US, Boston, MA (2006)"},{"key":"6_CR4","doi-asserted-by":"publisher","first-page":"012057","DOI":"10.1088\/1742-6596\/801\/1\/012057","volume":"801","author":"RN Dahbul","year":"2017","unstructured":"Dahbul, R.N., Lim, C., Purnama, J.: Enhancing honeypot deception capability through network service fingerprinting. J. Phys: Conf. Ser. 801, 012057 (2017). https:\/\/doi.org\/10.1088\/1742-6596\/801\/1\/012057","journal-title":"J. Phys: Conf. Ser."},{"key":"6_CR5","doi-asserted-by":"publisher","unstructured":"Faveri, C.D., Moreira, A.: Visual modeling of cyber deception. In: 2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL\/HCC), pp. 205\u2013209 (2018). https:\/\/doi.org\/10.1109\/VLHCC.2018.8506515","DOI":"10.1109\/VLHCC.2018.8506515"},{"key":"6_CR6","unstructured":"Fraunholz, D., et al.: Demystifying deception technology: a survey. CoRR abs\/1804.06196 (2018). https:\/\/arxiv.org\/abs\/1804.06196"},{"key":"6_CR7","doi-asserted-by":"publisher","unstructured":"Fu, X., Yu, W., Cheng, D., Tan, X., Streff, K., Graham, S.: On recognizing virtual honeypots and countermeasures. In: 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, pp. 211\u2013218 (2006). https:\/\/doi.org\/10.1109\/DASC.2006.36","DOI":"10.1109\/DASC.2006.36"},{"key":"6_CR8","doi-asserted-by":"publisher","unstructured":"Ghirardello, K., Maple, C., Ng, D., Kearney, P.: Cyber security of smart homes: development of a reference architecture for attack surface analysis. In: Living in the Internet of Things: Cybersecurity of the IoT - 2018, pp. 1\u201310 (2018). https:\/\/doi.org\/10.1049\/cp.2018.0045","DOI":"10.1049\/cp.2018.0045"},{"key":"6_CR9","doi-asserted-by":"publisher","unstructured":"Guarnizo, J.D., et al.: Siphon: towards scalable high-interaction physical honeypots. In: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, pp. 57\u201368. CPSS 2017, Association for Computing Machinery, New York, NY, USA (2017). https:\/\/doi.org\/10.1145\/3055186.3055192","DOI":"10.1145\/3055186.3055192"},{"key":"6_CR10","unstructured":"Gungor, A.: Pdf forensic analysis and XMP metadata streams (2017). https:\/\/www.meridiandiscovery.com\/articles\/pdf-forensic-analysis-xmp-metadata\/"},{"issue":"4","key":"6_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3214305","volume":"51","author":"X Han","year":"2018","unstructured":"Han, X., Kheir, N., Balzarotti, D.: Deception techniques in computer security: a research perspective. ACM Comput. Surv. 51(4), 1\u201336 (2018). https:\/\/doi.org\/10.1145\/3214305","journal-title":"ACM Comput. Surv."},{"key":"6_CR12","doi-asserted-by":"publisher","unstructured":"Holz, T., Raynal, F.: Detecting honeypots and other suspicious environments. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 29\u201336 (2005). https:\/\/doi.org\/10.1109\/IAW.2005.1495930","DOI":"10.1109\/IAW.2005.1495930"},{"key":"6_CR13","unstructured":"IBM: how much does a data breach cost? (2021). https:\/\/www.ibm.com\/security\/data-breach"},{"key":"6_CR14","unstructured":"IBM: Insights into what drives data breach costs (2021). https:\/\/www.ibm.com\/account\/reg\/uk-en\/signup?formid=urx-51643"},{"key":"6_CR15","unstructured":"IBM: key findings (2021). https:\/\/www.ibm.com\/downloads\/cas\/OJDVQGRY"},{"issue":"6","key":"6_CR16","doi-asserted-by":"publisher","first-page":"1025","DOI":"10.1109\/JIOT.2016.2547994","volume":"3","author":"QD La","year":"2016","unstructured":"La, Q.D., Quek, T.Q.S., Lee, J., Jin, S., Zhu, H.: Deceptive attack and defense game in honeypot-enabled networks for the internet of things. IEEE Internet Things J. 3(6), 1025\u20131035 (2016). https:\/\/doi.org\/10.1109\/JIOT.2016.2547994","journal-title":"IEEE Internet Things J."},{"key":"6_CR17","doi-asserted-by":"publisher","unstructured":"Mokube, I., Adams, M.: Honeypots: Concepts, approaches, and challenges. In: Proceedings of the 45th Annual Southeast Regional Conference. p. 321\u2013326. ACM-SE 45, Association for Computing Machinery, New York, NY, USA (2007). https:\/\/doi.org\/10.1145\/1233341.1233399","DOI":"10.1145\/1233341.1233399"},{"key":"6_CR18","doi-asserted-by":"publisher","unstructured":"Mukkamala, S., Yendrapalli, K., Basnet, R., Shankarapani, M.K., Sung, A.H.: Detection of virtual environments and low interaction honeypots. In: 2007 IEEE SMC Information Assurance and Security Workshop, pp. 92\u201398 (2007). https:\/\/doi.org\/10.1109\/IAW.2007.381919","DOI":"10.1109\/IAW.2007.381919"},{"key":"6_CR19","unstructured":"Research, T.A.: Canarytokens. https:\/\/github.com\/thinkst\/canarytokens"},{"key":"6_CR20","doi-asserted-by":"publisher","unstructured":"Sethia, V., Jeyasekar, A.: Malware capturing and analysis using dionaea honeypot. In: 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1\u20134 (2019). https:\/\/doi.org\/10.1109\/CCST.2019.8888409","DOI":"10.1109\/CCST.2019.8888409"},{"key":"6_CR21","doi-asserted-by":"publisher","unstructured":"Srinivasa, S., Pedersen, J.M., Vasilomanolakis, E.: Towards systematic honeytoken fingerprinting. In: 13th International Conference on Security of Information and Networks. SIN 2020, Association for Computing Machinery, New York, NY, USA (2020). https:\/\/doi.org\/10.1145\/3433174.3433599","DOI":"10.1145\/3433174.3433599"},{"key":"6_CR22","unstructured":"Srinivasa, S., Pedersen, J.M., Vasilomanolakis, E.: Gotta catch\u2019em all: a multistage framework for honeypot fingerprinting. arXiv preprint arXiv:2109.10652 (2021)"},{"key":"6_CR23","doi-asserted-by":"publisher","unstructured":"Srinivasa, S., Pedersen, J.M., Vasilomanolakis, E.: Open for hire: attack trends and misconfiguration pitfalls of iot devices. In: Proceedings of the 21st ACM Internet Measurement Conference, pp. 195\u2013215. IMC 2021, Association for Computing Machinery, New York, NY, USA (2021). https:\/\/doi.org\/10.1145\/3487552.3487833,https:\/\/doi.org\/10.1145\/3487552.3487833","DOI":"10.1145\/3487552.3487833,"},{"key":"6_CR24","doi-asserted-by":"publisher","unstructured":"Vasilomanolakis, E., et al.: This network is infected: hostage - a low-interaction honeypot for mobile devices. In: Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, pp. 43\u201348. SPSM 2013, Association for Computing Machinery, New York, NY, USA (2013). https:\/\/doi.org\/10.1145\/2516760.2516763","DOI":"10.1145\/2516760.2516763"},{"key":"6_CR25","doi-asserted-by":"crossref","unstructured":"Vasilomanolakis, E., Karuppayah, S., M\u00fchlh\u00e4user, M., Fischer, M.: Hostage: a mobile honeypot for collaborative defense. In: Proceedings of the 7th International Conference on security of information and networks. SIN 2014, vol. 2014, pp. 330\u2013333. ACM (2014)","DOI":"10.1145\/2659651.2659663"},{"key":"6_CR26","unstructured":"Vetterl, A., Clayton, R.: Bitter harvest: systematically fingerprinting low- and medium-interaction honeypots at internet scale. In: 12th USENIX Workshop on Offensive Technologies (WOOT 18). USENIX Association, Baltimore, MD (2018). https:\/\/www.usenix.org\/conference\/woot18\/presentation\/vetterl"},{"key":"6_CR27","doi-asserted-by":"crossref","unstructured":"Zhang, L., Thing, V.L.: Three decades of deception techniques in active cyber defense-retrospect and outlook. Comput. Secur. 106, 102288 (2021). https:\/\/arxiv.org\/abs\/2104.03594","DOI":"10.1016\/j.cose.2021.102288"}],"container-title":["Lecture Notes in Computer Science","Secure IT Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-22295-5_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T02:41:27Z","timestamp":1672540887000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-22295-5_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031222948","9783031222955"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-22295-5_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"1 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NordSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nordic Conference on Secure IT Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Reykjavic","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Iceland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nordsec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/nordsec2022.ru.is\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"85","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"24% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}