{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T15:44:50Z","timestamp":1775144690380,"version":"3.50.1"},"reference-count":46,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"4","license":[{"start":{"date-parts":[[2017,12,1]],"date-time":"2017-12-01T00:00:00Z","timestamp":1512086400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"DOI":"10.13039\/100006754","name":"U.S. Army Research Laboratory Cyber Security Collaborative Research Alliance under Cooperative Agreement","doi-asserted-by":"publisher","award":["W911NF-13-2-0045"],"award-info":[{"award-number":["W911NF-13-2-0045"]}],"id":[{"id":"10.13039\/100006754","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Netw. Serv. Manage."],"published-print":{"date-parts":[[2017,12]]},"DOI":"10.1109\/tnsm.2017.2724239","type":"journal-article","created":{"date-parts":[[2017,7,7]],"date-time":"2017-07-07T18:30:42Z","timestamp":1499452242000},"page":"1098-1112","source":"Crossref","is-referenced-by-count":75,"title":["Deceiving Network Reconnaissance Using SDN-Based Virtual Topologies"],"prefix":"10.1109","volume":"14","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5499-6101","authenticated-orcid":false,"given":"Stefan","family":"Achleitner","sequence":"first","affiliation":[]},{"given":"Thomas F.","family":"La Porta","sequence":"additional","affiliation":[]},{"given":"Patrick","family":"McDaniel","sequence":"additional","affiliation":[]},{"given":"Shridatt","family":"Sugrim","sequence":"additional","affiliation":[]},{"given":"Srikanth V.","family":"Krishnamurthy","sequence":"additional","affiliation":[]},{"given":"Ritu","family":"Chadha","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948190"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/1028788.1028809"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/SASOW.2015.23"},{"key":"ref32","first-page":"1","article-title":"A virtual honeypot framework","author":"provos","year":"2004","journal-title":"Proc Usenix Security Symp"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342466"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2005.18"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2013.303"},{"key":"ref36","first-page":"54","article-title":"Targeted cyberattacks: A superset of advanced persistent threats","volume":"11","author":"sood","year":"2013","journal-title":"IEEE Security Privacy"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516684"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(08)70129-6"},{"key":"ref10","year":"2017","journal-title":"Reconnaissance Deception System Prototype Implementation"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1016\/j.peva.2005.07.032"},{"key":"ref11","year":"2016","journal-title":"Scapy"},{"key":"ref12","year":"2016","journal-title":"Stages of a Cyber Attack"},{"key":"ref13","year":"2011","journal-title":"Symantec Advanced Persistent Threats"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2995959.2995962"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.65"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2016.7795427"},{"key":"ref17","first-page":"605","article-title":"Zmap: Fast Internet-wide scanning and its security applications","author":"durumeric","year":"2013","journal-title":"Proc Usenix Security"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36883-7_19"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664285"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/PCCC.2008.4745139"},{"key":"ref4","year":"2016","journal-title":"Mininet&#x2014;Realistic Virtual SDN Network Emulator"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491199"},{"key":"ref3","year":"2017","journal-title":"Linux traffic control"},{"key":"ref6","year":"2016","journal-title":"Openflow"},{"key":"ref29","author":"mcclure","year":"2009","journal-title":"Hacking Exposed Network Security Secrets and Solutions"},{"key":"ref5","year":"2016","journal-title":"NMap Network Scanner"},{"key":"ref8","year":"2016","journal-title":"Pox&#x2014;Python SDN Controller"},{"key":"ref7","year":"2016","journal-title":"Openvswitch"},{"key":"ref2","year":"2017","journal-title":"Outlier Detection"},{"key":"ref9","year":"2016","journal-title":"Python API for nMap"},{"key":"ref1","year":"2017","journal-title":"Advanced Persistent Threats&#x2014;Attack and Defense"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOMMST.2014.6992342"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2007.02.006"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2016.7524602"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/511334.511337"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/1851182.1851266"},{"key":"ref42","doi-asserted-by":"crossref","first-page":"347","DOI":"10.1007\/978-3-319-15509-8_26","article-title":"What you need to know about SDN flow tables","author":"ku?niar","year":"2015","journal-title":"Proc Int'l Conf Passive and Active Measurement"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.bjp.2013.10.014"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2015.2467358"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2011.2175747"},{"key":"ref44","first-page":"4","article-title":"Honeyd&#x2014;A virtual honeypot daemon","volume":"2","author":"provos","year":"2003","journal-title":"Proc 10th DFN-CERT Workshop"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342467"},{"key":"ref43","first-page":"4","article-title":"MitiBox: Camouflage and deception for network scan mitigation","author":"malcot","year":"2009","journal-title":"Proc HotSec"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2015.7218443"}],"container-title":["IEEE Transactions on Network and Service Management"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/4275028\/8170467\/07971943.pdf?arnumber=7971943","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T16:25:07Z","timestamp":1642004707000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7971943\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,12]]},"references-count":46,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1109\/tnsm.2017.2724239","relation":{},"ISSN":["1932-4537"],"issn-type":[{"value":"1932-4537","type":"print"}],"subject":[],"published":{"date-parts":[[2017,12]]}}}