{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T11:53:22Z","timestamp":1767959602148,"version":"3.49.0"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031429903","type":"print"},{"value":"9783031429910","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-42991-0_5","type":"book-chapter","created":{"date-parts":[[2023,10,18]],"date-time":"2023-10-18T12:02:32Z","timestamp":1697630552000},"page":"73-90","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Revealing Human Attacker Behaviors Using an Adaptive Internet of Things Honeypot Ecosystem"],"prefix":"10.1007","author":[{"given":"Armin Ziaie","family":"Tabari","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guojun","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xinming","family":"Ou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anoop","family":"Singhal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,10,19]]},"reference":[{"key":"5_CR1","unstructured":"Akamai Technologies, UPnProxy: Blackhat Proxies via NAT Injections, Akamai White Paper, Cambridge, Massachusetts, 2018."},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"M. Anirudh, S. Thileeban and D. Nallathambi, Use of honeypots for mitigating DoS attacks targeted on IoT networks, Proceedings of the International Conference on Computer, Communications and Signal Processing, 2017.","DOI":"10.1109\/ICCCSP.2017.7944057"},{"key":"5_CR3","unstructured":"M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. Halderman, L. Invernizzi, M. Kallitsis, D. Kumar, C. Lever, Z. Ma, J. Mason, D. Menscher, C. Seaman, N. Sullivan, K. Thomas and Y. Zhou, Understanding the Mirai botnet, Proceedings of the Twenty-Sixth USENIX Security Symposium, pp. 1093\u20131110, 2017."},{"key":"5_CR4","unstructured":"A. Anubhav, Masuta: Satori creators\u2019 second botnet weaponizes a new router exploit, NewSky Security, January 23, 2018."},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"S. Chamotra, R. Sehgal, S. Ror and B. Singh, Honeypot deployment in broadband networks, Proceedings of the International Conference on Information Systems Security, pp. 479\u2013488, 2016.","DOI":"10.1007\/978-3-319-49806-5_27"},{"key":"5_CR6","doi-asserted-by":"crossref","unstructured":"S. Dowling, M. Schukat and H. Melvin, A ZigBee honeypot to assess IoT cyberattack behavior, Proceedings of the Twenty-Eighth Irish Signals and Systems Conference, 2017.","DOI":"10.1109\/ISSC.2017.7983603"},{"key":"5_CR7","unstructured":"S. Edwards and I. Profetis, Hajime: Analysis of a Decentralized Internet Worm for IoT Devices, Technical Report, Rapidity Networks, Boulder, Colorado, 2016."},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"J. Guarnizo, A. Tambe, S. Bhunia, M. Ochoa, N. Tippenhauer, A. Shabtai and Y. Elovici, SIPHON: Towards scalable high-interaction physical honeypots, Proceedings of the Third ACM Workshop on Cyber-Physical System Security, pp. 57\u201368, 2017.","DOI":"10.1145\/3055186.3055192"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"M. Hakim, H. Aksu, A. Uluagac and K. Akkaya, U-PoT: A honeypot framework for UPnP-based IoT devices, Proceedings of the Thirty-Seventh IEEE International Performance Computing and Communications Conference, 2018.","DOI":"10.1109\/PCCC.2018.8711321"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"P. Hanson, L. Truax and D. Saranchak, IoT honeynet for military deception and indications and warnings, in Autonomous Systems: Sensors, Vehicles, Security and the Internet of Everything, M. Dudzik and J. Ricklin (Eds.), International Society for Optics and Photonics (SPIE), Bellingham, Washington, pp. 106431A-1\u2013106431A-11, 2018.","DOI":"10.1117\/12.2305071"},{"key":"5_CR11","unstructured":"R. Joven and K. Yang, A wicked family of bots, Fortinet Blog\/ Threat Research, May 17, 2018."},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"B. Lingenfelter, I. Vakilinia and S. Sengupta, Analyzing variations among IoT botnets using medium interaction honeypots, Proceedings of the Tenth Annual Computing and Communications Workshop and Conference, pp. 761\u2013767, 2020.","DOI":"10.1109\/CCWC47524.2020.9031234"},{"key":"5_CR13","doi-asserted-by":"crossref","unstructured":"E. Lopez-Morales, C. Rubio-Medrano, A. Doupe, Y. Shoshitaishvili, R. Wang, T. Bao and G. Ahn, Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 279\u2013291, 2020.","DOI":"10.1145\/3372297.3423356"},{"key":"5_CR14","unstructured":"T. Luo, Z. Xu, X. Jin, Y. Jia and X. Ouyang, IoTCandyJar: Towards an intelligent-interaction honeypot for IoT devices, presented at Black Hat USA, 2017."},{"key":"5_CR15","unstructured":"M. Nawrocki, M. Wahlisch, T. Schmidt, C. Keil and J. Schonfelder, A Survey of Honeypot Software and Data Analysis, arXiv: 1608.06249 (arxiv.org\/abs\/1608.06249), 2016."},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"A. Oza, G. Kumar, M. Khorajiya and V. Tiwari, Snaring cyber attacks on IoT devices with a honeynet, in Computing and Network Sustainability, S. Peng, N. Dey and M. Bundele (Eds.), Springer, Singapore, pp. 1\u201312, 2019.","DOI":"10.1007\/978-981-13-7150-9_1"},{"key":"5_CR17","unstructured":"Y. Pa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama and C. Rossow, IoTPOT: Analyzing the rise of IoT compromises, Proceedings of the Ninth USENIX Workshop on Offensive Technologies, 2015."},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"A. Pauna, I. Bica, F. Pop and A. Castiglione, On the rewards of self-adaptive IoT honeypots, Annals of Telecommunications, vol. 74(7-8), pp. 501\u2013515, 2019.","DOI":"10.1007\/s12243-018-0695-7"},{"key":"5_CR19","unstructured":"T. Seals, IoT attacks skyrocket, doubling in 6 months, Threatpost, September 6, 2021."},{"key":"5_CR20","unstructured":"Security Response Team, ISTR 23: Insights into the cyber security threat landscape, Symantec Enterprise Blogs\/Threat Intelligence, March 21, 2018."},{"key":"5_CR21","unstructured":"Security Response Team, VPNFilter: New router malware with destructive capabilities, Symantec Enterprise Blogs\/Threat Intelligence, May 23, 2018."},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"H. Semic and M. Sasa, IoT honeypot: A multi-component solution for handling manual and Mirai-based attacks, Proceedings of the Twenty-Fifth Telecommunications Forum, 2017.","DOI":"10.1109\/TELFOR.2017.8249458"},{"key":"5_CR23","unstructured":"A. Tabari, X. Ou and A. Singhal, What are Attackers After on IoT Devices? An Approach Based on a Multi-Phased Multi-Faceted IoT Honeypot Ecosystem and Data Clustering, arXiv: 2112.10974v1 (arxiv.org\/abs\/2112.10974v1), 2021."},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"A. Vetterl and R. Clayton, Honware: A virtual honeypot framework for capturing CPE and IoT zero days, Proceedings of the APWG Symposium on Electronic Crime Research, 2019.","DOI":"10.1109\/eCrime47957.2019.9037501"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"B. Wang, Y. Dou, Y. Sang, Y. Zhang and J. Huang, IoTCMal: Towards a hybrid IoT honeypot for capturing and analyzing malware, Proceedings of the IEEE International Conference on Communications, 2020.","DOI":"10.1109\/ICC40277.2020.9149314"},{"key":"5_CR26","unstructured":"M. Wang, J. Santillan and F. Kuipers, ThingPot: An Interactive Internet-of-Things Honeypot, arXiv: 1807.04114 (arxiv.org\/abs\/1807.04114), 2018."}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XIX"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-42991-0_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T10:35:00Z","timestamp":1767954900000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-42991-0_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031429903","9783031429910"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-42991-0_5","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"value":"1868-4238","type":"print"},{"value":"1868-422X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"19 October 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arlington, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 January 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 January 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}