{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T01:58:42Z","timestamp":1773367122067,"version":"3.50.1"},"reference-count":71,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T00:00:00Z","timestamp":1658275200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T00:00:00Z","timestamp":1658275200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,7,20]]},"DOI":"10.1109\/csndsp54353.2022.9908039","type":"proceedings-article","created":{"date-parts":[[2022,10,6]],"date-time":"2022-10-06T15:41:19Z","timestamp":1665070879000},"page":"350-355","source":"Crossref","is-referenced-by-count":14,"title":["IoT Botnets: Characteristics, Exploits, Attack Capabilities, and Targets"],"prefix":"10.1109","author":[{"given":"Leona","family":"McNulty","sequence":"first","affiliation":[{"name":"University of York,Department of Computer Science,York,United Kingdom"}]},{"given":"Vassilios G.","family":"Vassilakis","sequence":"additional","affiliation":[{"name":"University of York,Department of Computer Science,York,United Kingdom"}]}],"member":"263","reference":[{"key":"ref71","article-title":"Browser-based cryptojacking sees sudden spike in activity in Q2 2020","author":"cimpanu","year":"2020","journal-title":"ZDNet"},{"key":"ref70","article-title":"Botnet owner reveals telnet access credentials for over half a million devices","author":"ikeda","year":"2020","journal-title":"CPO Magazine"},{"key":"ref39","year":"2017","journal-title":"Iot reaper A rappid spreading new iot botnet"},{"key":"ref38","author":"shattuck","year":"2018","journal-title":"BrickerBot Do good intentions justify the means or deliver meaningful results?"},{"key":"ref33","article-title":"Source code of IoT botnet Satori publicly released on Pastebin","author":"micro","year":"2018","journal-title":"Trends in Microbiology"},{"key":"ref32","article-title":"New IoT\/Linux malware targets DVRs, forms botnet","author":"xiao","year":"2017","journal-title":"Palo Alto Networks Unit 42 Blog"},{"key":"ref31","article-title":"Bashlite family of malware infects 1 million IoT devices","author":"spring","year":"2016","journal-title":"Threatpost"},{"key":"ref30","article-title":"Threat advisory: BillGates botnet","year":"2021","journal-title":"Cambridge MA United States"},{"key":"ref37","first-page":"47","article-title":"An analysis of the use of CVEs by IoT malware","author":"khoury","year":"2020","journal-title":"13th Int Symp on Foundations and Practice of Security (FPS)"},{"key":"ref36","year":"2018","journal-title":"Persirai botnet"},{"key":"ref35","article-title":"Persirai: New IoT botnet targets IP cameras","author":"yeh","year":"2017","journal-title":"Trends in Microbiology"},{"key":"ref34","article-title":"Mirai botnet affecting IoT devices","year":"2017","journal-title":"Ministry of Electronics & Information Technology Government of India"},{"key":"ref60","article-title":"New dark nexus IoT botnet puts others to shame","author":"arsene","year":"2020","journal-title":"Bitdefender"},{"key":"ref62","year":"2022","journal-title":"Fronton A botnet for creation command and control of coordinated inauthentic behaviour"},{"key":"ref61","article-title":"New Mozi malware family quietly amasses IoT bots","year":"2020","journal-title":"Lumen"},{"key":"ref63","article-title":"KrebsOnSecurity hit by huge new IoT botnet| “Meris","author":"krebs","year":"2021","journal-title":"KrebsonSecurity"},{"key":"ref28","article-title":"Security blogger identifies next IoT vulnerability, this time on Linux OS","author":"briodagh","year":"2016","journal-title":"Evolving the IoT"},{"key":"ref64","article-title":"Dark.IoT botnet","year":"2021","journal-title":"MCERT Threat Alerts"},{"key":"ref27","author":"malwaremustdie","year":"2016","journal-title":"MMD-0058-2016 - Linux\/NyaDrop - a linux MIPS IoT bad news"},{"key":"ref65","article-title":"Enemybot: A look into Keksec’s latest DDoS botnet","author":"salvio","year":"2022","journal-title":"Fortinet"},{"key":"ref66","year":"2022","journal-title":"Enemy SSH Telnet IoT botnet"},{"key":"ref29","author":"malwaremustdie","year":"2016","journal-title":"MMD-0059-2016-Linux\/IRCTelnet (new Aidra)-A DDoS botnet aims IoT w\/IPv6 ready"},{"key":"ref67","article-title":"Why malware writers are turning to open source","author":"heath","year":"2009","journal-title":"ZDNet"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.5772\/intechopen.88927"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2020.2996502"},{"key":"ref2","article-title":"Turning internet of things (IoT) into internet of vulnerabilities (IoV): IoT botnets","author":"angrishi","year":"2017","journal-title":"arXiv preprint 1702 03681"},{"key":"ref1","author":"oracle","year":"2022","journal-title":"What is the Internet of Things (IoT)?"},{"key":"ref20","year":"2017","journal-title":"Mirai botnet"},{"key":"ref22","article-title":"Hajime, the mysterious evolving botnet","author":"van der wiel","year":"2017","journal-title":"Securelist by Kaspersky"},{"key":"ref21","article-title":"Hajime: Analysis of a decentralized internet worm for IoT devices","author":"edwards","year":"2016","journal-title":"Rapidity Networks Denver Metropolitan Area CA United States"},{"key":"ref24","year":"2017","journal-title":"Linux\/Remaiten Botnet"},{"key":"ref23","article-title":"Hajime – Sophisticated, flexible, thoughtfully designed and future-proof","author":"greenens","year":"2017","journal-title":"Radware Blog"},{"key":"ref26","author":"malwaremustdie","year":"2016","journal-title":"MMD-0057-2016-Linus\/LuaBot-IoT Botnet as Service"},{"key":"ref25","year":"2017","journal-title":"LuaBot Linux\/IoT Malware"},{"key":"ref50","article-title":"Experts uncovered a proxy botnet composed of over 65,000 routers exposed via UPnP protocol","author":"paganini","year":"2018","journal-title":"Security Affairs"},{"key":"ref51","article-title":"DoubleDoor","year":"2018","journal-title":"Threat Profile New Jersey Cybersecurity & Communications Integration Cell (NJCCIC)"},{"key":"ref59","article-title":"Ttint: An IoT remote access Trojan spread through 2 0-day vulnerabilities","author":"tu","year":"2020","journal-title":"Netlab 360"},{"key":"ref58","article-title":"Kaiji: New Chinese Linux malware turning to Golang","author":"litvak","year":"2020","journal-title":"Intezer"},{"key":"ref57","article-title":"New Stealth Worker Campaign Creates a Multi-platform Army of Brute Forcers","author":"joven","year":"2019","journal-title":"Fortinet"},{"key":"ref56","article-title":"Bashlite updated with mining and backdoor commands","author":"vicente","year":"2019","journal-title":"Trends in Microbiology"},{"key":"ref55","year":"2018","journal-title":"Masuta Satori creators’ second botnet weaponizes a new router exploit"},{"key":"ref54","article-title":"DDoS botnet coder gets 13 months in prison","author":"cimpanu","year":"2020","journal-title":"ZDNet"},{"key":"ref53","first-page":"22","article-title":"Internet-facing PLCs - A new back orifice","author":"klick","year":"2015","journal-title":"Black Hat USA Las Vegas"},{"key":"ref52","year":"2018","journal-title":"Doubledoor IoT Botnet Bypasses Firewall as Well as Modem Security Using Two Backdoor Exploits"},{"key":"ref10","article-title":"Heads of the Hydra. Malware for network devices","author":"janus","year":"2011","journal-title":"Securelist by Kaspersky"},{"key":"ref11","article-title":"Aidra botnet","year":"2016","journal-title":"Threat Profile New Jersey Cybersecurity & Communications Integration Cell (NJCCIC)"},{"key":"ref40","article-title":"Cybercrime in the IoT era","author":"berasaluce","year":"2019"},{"key":"ref12","year":"2022","journal-title":"Port Scanning \/0 Using Insecure Embedded Devices Carna Botnet"},{"key":"ref13","year":"2017","journal-title":"GitHub ioscarry\/iot-malware"},{"key":"ref14","year":"2016","journal-title":"MMD-0052-2016 - Overview of SkidDDoS ELF ++ IRC Botnet"},{"key":"ref15","article-title":"IBM MSS - MuBot","author":"mcmillen","year":"2014","journal-title":"IBM Research and Intelligence Report"},{"key":"ref16","year":"2016","journal-title":"IRC-based mass router scanner\/exploiter"},{"key":"ref17","first-page":"1","article-title":"Wifatch: Atypical malware","author":"mohd","year":"2018","journal-title":"Universiti Sains Malaysia Penang Malaysia"},{"key":"ref18","article-title":"IoT white worms: Design and application","author":"ferronato","year":"2020"},{"key":"ref19","article-title":"Down the rabbit hole: How hackers exploit weak SSH credentials to build DDoS botnets","author":"tafani-dereeper","year":"2017","journal-title":"Black Alps Cybersecurity Conference"},{"key":"ref4","first-page":"137","article-title":"IoT botnet: The largest threat to the IoT network","volume":"1049","author":"dange","year":"2019","journal-title":"Data Communication and Networks Part of the Advances in Intelligent Systems and Computing book series"},{"key":"ref3","article-title":"Why legislation alone won’t solve IoT cybersecurity","author":"lawrence","year":"2017","journal-title":"DZone"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/EIConRus.2018.8317041"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3417313.3429384"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/7178164"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/EIConRus.2019.8657100"},{"key":"ref49","article-title":"A field guide to understanding IoT attacks from the Mirai botnet to its modern variants","author":"winward","year":"2018","journal-title":"IoT Attack Handbook Radware Philadelphia U S"},{"key":"ref9","article-title":"Nearly a quarter of malware now communicates using TLS","author":"nagy","year":"2020","journal-title":"Sophos News"},{"key":"ref46","article-title":"The hunt for IoT: Multi-purpose attack thingbots threaten Internet stability and human life","author":"boddy","year":"2018","journal-title":"F5 Labs Technical Report"},{"key":"ref45","year":"2018","journal-title":"VPNFilter Update—VPNFilter Exploits Endpoints Targets New Devices"},{"key":"ref48","article-title":"A Wicked family of bots","author":"joven","year":"2018","journal-title":"Fortinet"},{"key":"ref47","article-title":"Wicked botnet uses passel of exploits to target IoT","author":"seals","year":"2018","journal-title":"Threat Post"},{"key":"ref42","article-title":"GPON home routers are over TheMoon botnet","author":"zurkus","year":"2018","journal-title":"Infosecurity-magazine"},{"key":"ref41","author":"radware","year":"2017","journal-title":"Reaper botnet"},{"key":"ref44","year":"2018","journal-title":"New VPNFilter Malware Targets at Least 500K Networking Devices Worldwide"},{"key":"ref43","year":"2022","journal-title":"How to prevent your Linksys router from getting The Moon malware"}],"event":{"name":"2022 13th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)","location":"Porto, Portugal","start":{"date-parts":[[2022,7,20]]},"end":{"date-parts":[[2022,7,22]]}},"container-title":["2022 13th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9907868\/9907893\/09908039.pdf?arnumber=9908039","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,3]],"date-time":"2022-11-03T18:56:47Z","timestamp":1667501807000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9908039\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,20]]},"references-count":71,"URL":"https:\/\/doi.org\/10.1109\/csndsp54353.2022.9908039","relation":{},"subject":[],"published":{"date-parts":[[2022,7,20]]}}}