{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,20]],"date-time":"2026-02-20T18:15:41Z","timestamp":1771611341030,"version":"3.50.1"},"reference-count":133,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"EUREKA Cluster CELTIC-NEXT","award":["iCare4NextG"],"award-info":[{"award-number":["iCare4NextG"]}]},{"DOI":"10.13039\/501100004410","name":"Scientific and Technological Research Council of Turkey","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100004410","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2023]]},"DOI":"10.1109\/access.2023.3262614","type":"journal-article","created":{"date-parts":[[2023,3,28]],"date-time":"2023-03-28T19:00:11Z","timestamp":1680030011000},"page":"33584-33606","source":"Crossref","is-referenced-by-count":36,"title":["Malware Threat on Edge\/Fog Computing Environments From Internet of Things Devices Perspective"],"prefix":"10.1109","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0804-3588","authenticated-orcid":false,"given":"Ibrahim","family":"Gulatas","sequence":"first","affiliation":[{"name":"Department of Computer Engineering, Institute of Science, Istanbul Commerce University, Istanbul, Turkey"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6610-6324","authenticated-orcid":false,"given":"H. Hakan","family":"Kilinc","sequence":"additional","affiliation":[{"name":"Department of Research and Development, Orion Innovation Turkey, Istanbul, Turkey"}]},{"given":"A. Halim","family":"Zaim","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Institute of Science, Istanbul Commerce University, Istanbul, Turkey"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1846-6090","authenticated-orcid":false,"given":"M. Ali","family":"Aydin","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Faculty of Engineering, Istanbul University-Cerrahpaşa, Istanbul, Turkey"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Cisco Annual Internet Report (2018\u20132023) White Paper","year":"2020"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2767608"},{"key":"ref3","volume-title":"Mid-Year Update: 2022 SonicWall Cyber Threat Report","year":"2022"},{"key":"ref4","volume-title":"DDoS Attack That Disrupted Internet Was Largest of Its Kind in History, Experts Say","author":"Woolf","year":"2016"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.5555\/3241189.3241275"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2020.08.010"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/CNS48642.2020.9162207"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60753-5_19"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/QRS-C.2019.00088"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2021.102143"},{"key":"ref11","first-page":"3505","article-title":"The circle of life: A large-scale study of the IoT malware lifecycle","volume-title":"Proc. 30th USENIX Secur. Symp. (USENIX Security)","author":"Alrawi"},{"key":"ref12","first-page":"1","article-title":"IoTPOT: Analysing the rise of IoT compromises","volume-title":"Proc. 9th USENIX Workshop Offensive Technol. (WOOT)","author":"Pa"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/TSUSC.2018.2809665"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/MPRV.2018.03367731"},{"key":"ref15","volume-title":"IoT-23: A Labeled Dataset With Malicious and Benign IoT Network Traffic (Version 1.0.0)","author":"Garcia","year":"2020"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101707"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3110188"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102287"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.03.007"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2018.10315"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2019.2925929"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2019.01.017"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.5173"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2020.3015584"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.3026660"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2995887"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108693"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1006\/jagm.1997.0897"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2014.61"},{"key":"ref30","first-page":"24","article-title":"The industrial control system cyber kill chain","volume":"1","author":"Assante","year":"2015"},{"key":"ref31","article-title":"MITRE ATT&CK for industrial control systems: Design and philosophy","author":"Alexander","year":"2020"},{"key":"ref32","volume-title":"Hydra Source Code","year":"2021"},{"key":"ref33","volume-title":"Hydra IRC Bot, the 25 Minute Overview of the Kit","author":"Macgregor","year":"2021"},{"key":"ref34","volume-title":"FBot, a Satori Related Botnet Using Block-Chain DNS System","year":"2018"},{"key":"ref35","volume-title":"The New Developments of the FBot","author":"Ye","year":"2019"},{"key":"ref36","volume-title":"Heads of the Hydra Malware for Network Devices","author":"Janus","year":"2011"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2013.6671321"},{"key":"ref38","volume-title":"Miori IoT Botnet Delivered Via ThinkPH Exploit","author":"Remillano","year":"2018"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/EC2ND.2010.15"},{"key":"ref40","volume-title":"Hold my beer Mirai\u2014Spinoff named \u2018LiquorBot\u2019 incorporates cryptomining","author":"Arsene","year":"2020"},{"key":"ref41","volume-title":"Kaiten.c Source Code","year":"2015"},{"key":"ref42","volume-title":"Backdoor: OSX\/Tsunami.A","year":"2021"},{"key":"ref43","volume-title":"New silex malware is bricking IoT devices, has scary plans","author":"Cimpanu","year":"2019"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32808-4_7"},{"key":"ref45","volume-title":"Lightaidra Source Code","year":"2023"},{"key":"ref46","volume-title":"The Botnet Cluster on the 185.244.25.0\/24","year":"2019"},{"key":"ref47","volume-title":"Mirai Variant MooBot Targeting D-Link Devices","author":"Lei","year":"2022"},{"key":"ref48","volume-title":"An Update for a Very Active DDos Botnet: MooBot","author":"Wang","year":"2020"},{"key":"ref49","volume-title":"Port Scanning\/0 Using Insecure Embedded Devices Carna Botnet","year":"2012"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-05302-8_26"},{"key":"ref51","volume-title":"Echobot Malware Now up to 71 Exploits, Targeting SCADA","author":"Kreminchuker","year":"2019"},{"key":"ref52","volume-title":"New Mirai Variant Adds 8 New Exploits, Targets Additional IoT Devices","author":"Nigam","year":"2019"},{"key":"ref53","volume-title":"Linux Worm Targeting Hidden Devices","year":"2013"},{"key":"ref54","volume-title":"MMD-0064-2019\u2014Linux\/AirdropBot","year":"2019"},{"key":"ref55","article-title":"Wifatch: Atypical malware","author":"Tan","year":"2018"},{"key":"ref56","volume-title":"Wifatch Source Code","year":"2021"},{"key":"ref57","volume-title":"Ttint: An IoT Remote Access Trojan Spread Through 2 0-Day Vulnerabilities","author":"Tu","year":"2020"},{"key":"ref58","volume-title":"Linksys Worm the Moon Summary: What We Know so Far","author":"Ullrich","year":"2014"},{"key":"ref59","volume-title":"New Dark_Nexus IoT Botnet Puts Others to Shame","year":"2020"},{"key":"ref60","volume-title":"Dark Nexus: The Old, the New and the Ugly","year":"2020"},{"key":"ref61","volume-title":"Multistage Attack Delivers Billgates\/Setag Backdoor","author":"Karasek","year":"2019"},{"key":"ref62","volume-title":"Versatile DDoS Trojan for Linux","author":"Kuzin","year":"2014"},{"key":"ref63","volume-title":"Mozi, Another Botnet Using DHT","year":"2019"},{"key":"ref64","volume-title":"New Mozi Malware Family Quietly Amasses IoT Bots","year":"2020"},{"key":"ref65","volume-title":"AESDDoS Botnet, Containers, Exposed Docker APIs","author":"Fiser","year":"2019"},{"key":"ref66","volume-title":"MMD-0026-2014\u2014Linux\/AES.DDoS: Router Malware Warning |Reversing an ARM arch ELF","year":"2014"},{"key":"ref67","volume-title":"SORA and UNSTABLE: 2 Mirai Variants Target Video Surveillance Storage Systems","year":"2020"},{"key":"ref68","volume-title":"Gafgyt Targeting Huawei and Asus Routers and Killing Off Rival IoT Botnets","author":"Voolf","year":"2019"},{"key":"ref69","volume-title":"BASHLITE Family of Malware Infects 1 Million IoT Devices","author":"Spring","year":"2016"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2018.8538636"},{"key":"ref71","volume-title":"Gafgyt Source Code","year":"2021"},{"key":"ref72","volume-title":"RHOMBUS: A New IoT Malware","author":"Ubiedo","year":"2020"},{"key":"ref73","volume-title":"MMD-0028-2014\u2014Linux\/XOR.DDoS: Fuzzy Reversing a New China ELF","year":"2014"},{"key":"ref74","first-page":"62","article-title":"DDoS trojan: A malicious concept that conquered the ELF format","volume-title":"Proc. Virus Bull. Conf","author":"Kalnai"},{"key":"ref75","volume-title":"Analysis Report hoho.x86","year":"2021"},{"key":"ref76","volume-title":"MMD-0030-2015\u2014New ELF Malware on Shellshock: The ChinaZ","year":"2015"},{"key":"ref77","article-title":"New Mirai variant targets Zyxel network-attached storage devices","author":"Hsu","year":"2020"},{"key":"ref78","volume-title":"Mukashi Malware: What it is, How it Works and How to Prevent it |Malware Spotlight","year":"2020"},{"key":"ref79","article-title":"Dissecting Linux\/Moose","author":"Bilodeau","year":"2015"},{"key":"ref80","volume-title":"The Gafgyt Variant Vbot Seen in Its 31 Campaigns","year":"2020"},{"key":"ref81","volume-title":"MMD-0055-2016\u2014Linux\/PnScan; ELF Worm That Still Circles Around","year":"2016"},{"key":"ref82","volume-title":"Pnscan Source Code","year":"2021"},{"key":"ref83","volume-title":"Kaiji: New Chinese Linux Malware Turning to Golang","year":"2020"},{"key":"ref84","article-title":"Meet Remaiten\u2014A Linux bot on steroids targeting routers and potentially other IoT devices","author":"Malik","year":"2016"},{"key":"ref85","volume-title":"Katana: A New Variant of the Mirai Botnet","year":"2020"},{"key":"ref86","article-title":"New IoT\/Linux malware targets DVRs, forms botnet","author":"Xiao","year":"2017"},{"key":"ref87","volume-title":"HEH, a New IoT P2P Botnet Going After Weak Telnet Services","year":"2020"},{"key":"ref88","volume-title":"MMD-0058-2016\u2014Linux\/NyaDrop\u2014A Linux MIPS IoT Bad News","year":"2016"},{"key":"ref89","volume-title":"New Threat: ZHtrap Botnet Analysis Report","year":"2021"},{"key":"ref90","volume-title":"ZHtrap Botnet Uses Honeypot to Harvest Infected Devices","author":"Turing","year":"2021"},{"key":"ref91","volume-title":"Radiation IoT Cyber Security Campaign","year":"2016"},{"key":"ref92","volume-title":"MMD-0057-2016\u2014Linux\/LuaBot\u2014IoT Botnet as Service","year":"2016"},{"key":"ref93","volume-title":"Dark.IoT Botnet","year":"2023"},{"key":"ref94","volume-title":"New Mirai Variant Targeting Network Security Devices","author":"Singhal","year":"2021"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.23919\/SOFTCOM.2017.8115504"},{"key":"ref96","first-page":"1","article-title":"An extended analysis of an IoT malware from a blackhole network","volume-title":"Proc. Netw. Conf. TNC","volume":"17","author":"Dulaunoy"},{"key":"ref97","volume-title":"Mirai Source Code","year":"2017"},{"key":"ref98","volume-title":"Threat Intelligence: Analysis of the SBIDIOT IoT Malware","year":"2021"},{"key":"ref99","volume-title":"Analysis of the SBIDIOT IoT Malware","author":"Ji","year":"2021"},{"key":"ref100","first-page":"1","article-title":"Hajime: Analysis of a decentralized internet worm for IoT devices","volume":"16","author":"Edwards","year":"2016","journal-title":"Rapidity Netw."},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23488"},{"key":"ref102","volume-title":"Mirai Goes Stealth\u2014TLS & IoT Malware","year":"2021"},{"key":"ref103","volume-title":"MMD-0059-2016\u2014Linux\/IRCTelnet (new Aidra)\u2014A DDoS Botnet Aims IoT W\/IPv6 Ready","year":"2016"},{"key":"ref104","volume-title":"BotenaGo Botnet Code Leaked to GitHub, Impacting Millions of Devices","author":"Vaas","year":"2022"},{"key":"ref105","volume-title":"BrickerBot Malware Emerges, Permanently Bricks IoT Devices","year":"2017"},{"key":"ref106","volume-title":"MANGA Aka Dark Mirai-Based Campaign Targets New TP-Link Router RCE Vulnerability","author":"Salvio","year":"2021"},{"key":"ref107","volume-title":"Persirai: New IoT Botnet Targets IP Cameras","author":"Yeh","year":"2017"},{"key":"ref108","volume-title":"Fresh TOTOLINK Vulnerabilities Picked Up by Beastmode Mirai Campaign","author":"Salvio","year":"2022"},{"key":"ref109","volume-title":"Linux.MulDrop.14","year":"2017"},{"key":"ref110","volume-title":"EnemyBot: A Look Into Keksec\u2019s Latest DDoS Botnet","author":"Salvio","year":"2022"},{"key":"ref111","volume-title":"Detecting EnemyBot\u2014Securonix Initial Coverage Advisory","author":"Kolesnikov","year":"2022"},{"key":"ref112","volume-title":"IoT_Reaper: A Rapid Spreading New IoT Botnet","author":"Ye","year":"2017"},{"key":"ref113","volume-title":"IoT_Reaper: A Few Updates","year":"2017"},{"key":"ref114","volume-title":"New BotenaGo Variant Discovered by Nozomi Networks Labs","year":"2022"},{"key":"ref115","volume-title":"FBot Aka Satori is Back With New Peculiar Obfuscation, Brute-Force Techniques","year":"2019"},{"key":"ref116","volume-title":"Satori IoT Botnet Variant","year":"2018"},{"key":"ref117","volume-title":"So RapperBot, What Ya Bruting For?","author":"Salvio","year":"2022"},{"key":"ref118","article-title":"New hide N seek IoT botnet using custom-built peer-to-peer communication spotted in the wild","author":"Botezatu","year":"2018"},{"key":"ref119","volume-title":"ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks","year":"2022"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.3390\/app9132763"},{"key":"ref121","volume-title":"New VPNFilter Malware Targets at Least 500 K Networking Devices Worldwide","author":"Largent","year":"2018"},{"key":"ref122","volume-title":"Shikitega\u2014New Linux Malware Combines Unusual Stealth With a Full Suite of Capabilities","author":"Goodin","year":"2022"},{"key":"ref123","volume-title":"Shinoa, Owari, Mirai: What\u2019s With All the Anime References?","author":"Tran","year":"2019"},{"key":"ref124","volume-title":"Chaos is a Go-Based Swiss Army Knife of Malware","year":"2022"},{"key":"ref125","article-title":"Turning Internet of Things(IoT) into Internet of Vulnerabilities (IoV): IoT Botnets","author":"Angrishi","year":"2017","journal-title":"arXiv:1702.03681"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/7178164"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1016\/j.icte.2020.04.005"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427256"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.32604\/cmc.2020.010933"},{"key":"ref130","volume-title":"Beastmode Botnet Boosts DDoS Power With New Router Exploits","author":"Toulas","year":"2022"},{"key":"ref131","volume-title":"New RapperBot Campaign\u2014We Know What You Bruting for This Time","author":"Salvio","year":"2022"},{"key":"ref132","volume-title":"Mirai Botnet Attack IoT Devices Via CVE-2020-5902","author":"Merces","year":"2020"},{"key":"ref133","article-title":"Uncleanable and unkillable: The evolution of IoT botnets through P2P networking","author":"Hilt","year":"2021"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/10005208\/10083045.pdf?arnumber=10083045","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,13]],"date-time":"2024-02-13T18:56:13Z","timestamp":1707850573000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10083045\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"references-count":133,"URL":"https:\/\/doi.org\/10.1109\/access.2023.3262614","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]}}}