{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T04:34:17Z","timestamp":1772771657350,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,10,30]],"date-time":"2020-10-30T00:00:00Z","timestamp":1604016000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,10,30]]},"DOI":"10.1145\/3372297.3417277","type":"proceedings-article","created":{"date-parts":[[2020,11,2]],"date-time":"2020-11-02T18:27:02Z","timestamp":1604341622000},"page":"743-756","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":66,"title":["Examining Mirai's Battle over the Internet of Things"],"prefix":"10.1145","author":[{"given":"Harm","family":"Griffioen","sequence":"first","affiliation":[{"name":"Hasso Plattner Institute for Digital Engineering University of Potsdam, Potsdam, Germany"}]},{"given":"Christian","family":"Doerr","sequence":"additional","affiliation":[{"name":"Hasso Plattner Institute for Digital Engineering University of Potsdam, Potsdam, Germany"}]}],"member":"320","published-online":{"date-parts":[[2020,11,2]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"26th USENIX Security Symposium . 1093--1110","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis , Tim April , Michael Bailey , Matt Bernhard , Elie Bursztein , Jaime Cochran , Zakir Durumeric , J Alex Halderman , Luca Invernizzi , Michalis Kallitsis , 2017 . Understanding the mirai botnet . In 26th USENIX Security Symposium . 1093--1110 . Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J Alex Halderman, Luca Invernizzi, Michalis Kallitsis, et almbox. 2017. Understanding the mirai botnet. In 26th USENIX Security Symposium . 1093--1110."},{"key":"e_1_3_2_2_2_1","volume-title":"Presented as part of the 21st USENIX Security Symposium. 491--506.","author":"Antonakakis Manos","unstructured":"Manos Antonakakis , Roberto Perdisci , Yacin Nadji , Nikolaos Vasiloglou , Saeed Abu-Nimeh , Wenke Lee , and David Dagon . 2012. From throw-away traffic to bots: detecting the rise of DGA-based malware . In Presented as part of the 21st USENIX Security Symposium. 491--506. Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, and David Dagon. 2012. From throw-away traffic to bots: detecting the rise of DGA-based malware. In Presented as part of the 21st USENIX Security Symposium. 491--506."},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354230"},{"key":"e_1_3_2_2_4_1","first-page":"7","article-title":"An algorithm for anomaly-based botnet detection","volume":"6","author":"Binkley James R","year":"2006","unstructured":"James R Binkley and Suresh Singh . 2006 . An algorithm for anomaly-based botnet detection . SRUTI , Vol. 6 (2006), 7 -- 7 . James R Binkley and Suresh Singh. 2006. An algorithm for anomaly-based botnet detection. SRUTI , Vol. 6 (2006), 7--7.","journal-title":"SRUTI"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098954.3098985"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2659651.2659673"},{"key":"e_1_3_2_2_7_1","volume-title":"Dieharder: A random number test suite. Open Source software library, under development, URL http:\/\/www. phy. duke. edu\/ rgb\/General\/dieharder. php","author":"Brown Robert G","year":"2013","unstructured":"Robert G Brown , Dirk Eddelbuettel , and David Bauer . 2013 . Dieharder: A random number test suite. Open Source software library, under development, URL http:\/\/www. phy. duke. edu\/ rgb\/General\/dieharder. php (2013). Robert G Brown, Dirk Eddelbuettel, and David Bauer. 2013. Dieharder: A random number test suite. Open Source software library, under development, URL http:\/\/www. phy. duke. edu\/ rgb\/General\/dieharder. php (2013)."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"crossref","unstructured":"Orcc un cC etin Carlos Gan\u00e1n Lisette Altena Takahiro Kasama Daisuke Inoue Kazuki Tamiya Ying Tie Katsunari Yoshioka and Michel van Eeten. 2019. Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai. In NDSS .  Orcc un cC etin Carlos Gan\u00e1n Lisette Altena Takahiro Kasama Daisuke Inoue Kazuki Tamiya Ying Tie Katsunari Yoshioka and Michel van Eeten. 2019. Cleaning Up the Internet of Evil Things: Real-World Evidence on ISP and Consumer Efforts to Remove Mirai. In NDSS .","DOI":"10.14722\/ndss.2019.23438"},{"key":"e_1_3_2_2_9_1","first-page":"6","article-title":"The Zombie Roundup","volume":"5","author":"Cooke Evan","year":"2005","unstructured":"Evan Cooke , Farnam Jahanian , and Danny McPherson . 2005 . The Zombie Roundup : Understanding, Detecting, and Disrupting Botnets. SRUTI , Vol. 5 (2005), 6 -- 6 . Evan Cooke, Farnam Jahanian, and Danny McPherson. 2005. The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets. SRUTI , Vol. 5 (2005), 6--6.","journal-title":"Understanding, Detecting, and Disrupting Botnets. SRUTI"},{"key":"e_1_3_2_2_10_1","volume-title":"Iot malware: Comprehensive survey, analysis framework and case studies. BlackHat USA","author":"Costin Andrei","year":"2018","unstructured":"Andrei Costin and Jonas Zaddach . 2018. Iot malware: Comprehensive survey, analysis framework and case studies. BlackHat USA ( 2018 ). Andrei Costin and Jonas Zaddach. 2018. Iot malware: Comprehensive survey, analysis framework and case studies. BlackHat USA (2018)."},{"key":"e_1_3_2_2_11_1","volume-title":"23rd USENIX Security Symposium . 65--78","author":"Durumeric Zakir","year":"2014","unstructured":"Zakir Durumeric , Michael Bailey , and J Alex Halderman . 2014 . An internet-wide view of internet-wide scanning . In 23rd USENIX Security Symposium . 65--78 . Zakir Durumeric, Michael Bailey, and J Alex Halderman. 2014. An internet-wide view of internet-wide scanning. In 23rd USENIX Security Symposium . 65--78."},{"key":"e_1_3_2_2_12_1","volume-title":"International Symposium on Research in Attacks, Intrusions and Defenses (RAID) .","author":"Ghiette Vincent","year":"2019","unstructured":"Vincent Ghiette , Harm Griffioen , and Christian Doerr . 2019 . Fingerprinting Tooling used for SSH Compromisation Attempts . In International Symposium on Research in Attacks, Intrusions and Defenses (RAID) . Vincent Ghiette, Harm Griffioen, and Christian Doerr. 2019. Fingerprinting Tooling used for SSH Compromisation Attempts. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID) ."},{"key":"e_1_3_2_2_13_1","volume-title":"the permanent denial-of-service botnet, is back with a vengeance. Ars Technica","author":"Goodin Dan","year":"2017","unstructured":"Dan Goodin . 2017. BrickerBot , the permanent denial-of-service botnet, is back with a vengeance. Ars Technica ( 2017 ). Dan Goodin. 2017. BrickerBot, the permanent denial-of-service botnet, is back with a vengeance. Ars Technica (2017)."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407051"},{"key":"e_1_3_2_2_15_1","volume-title":"Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection.","author":"Gu Guofei","year":"2008","unstructured":"Guofei Gu , Roberto Perdisci , Junjie Zhang , and Wenke Lee . 2008 . Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. (2008). Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. 2008. Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. (2008)."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2739482.2768435"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196537"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"crossref","unstructured":"Stephen Herwig Katura Harvey George Hughey Richard Roberts and Dave Levin. 2019. Measurement and Analysis of Hajime a Peer-to-peer IoT Botnet. In NDSS .  Stephen Herwig Katura Harvey George Hughey Richard Roberts and Dave Levin. 2019. Measurement and Analysis of Hajime a Peer-to-peer IoT Botnet. In NDSS .","DOI":"10.14722\/ndss.2019.23488"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2017.8170867"},{"key":"e_1_3_2_2_20_1","first-page":"7","article-title":"Wide-Scale Botnet Detection and Characterization","volume":"7","author":"Karasaridis Anestis","year":"2007","unstructured":"Anestis Karasaridis , Brian Rexroad , David A Hoeflin , 2007 . Wide-Scale Botnet Detection and Characterization . HotBots , Vol. 7 (2007), 7 -- 7 . Anestis Karasaridis, Brian Rexroad, David A Hoeflin, et almbox. 2007. Wide-Scale Botnet Detection and Characterization. HotBots , Vol. 7 (2007), 7--7.","journal-title":"HotBots"},{"key":"e_1_3_2_2_21_1","volume-title":"Proceedings of the Royal Society A","volume":"115","author":"Kermack William Ogilvy","year":"1927","unstructured":"William Ogilvy Kermack and A. G. McKendrick . 1927. A contribution to the mathematical theory of epidemics . Proceedings of the Royal Society A , Vol. 115 , 772 ( 1927 ). William Ogilvy Kermack and A. G. McKendrick. 1927. A contribution to the mathematical theory of epidemics. Proceedings of the Royal Society A , Vol. 115, 772 (1927)."},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2017.201"},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICICIC.2009.127"},{"key":"e_1_3_2_2_24_1","volume-title":"An In-Depth Analysis of the Mirai Botnet. In International Conference on Software Security and Assurance (ICSSA) .","author":"Margolis Joel","year":"2017","unstructured":"Joel Margolis , Tae Tom Oh , Suyash Jadhav , Young Ho Kim , and Jeong Neyo Kim . 2017 . An In-Depth Analysis of the Mirai Botnet. In International Conference on Software Security and Assurance (ICSSA) . Joel Margolis, Tae Tom Oh, Suyash Jadhav, Young Ho Kim, and Jeong Neyo Kim. 2017. An In-Depth Analysis of the Mirai Botnet. In International Conference on Software Security and Assurance (ICSSA) ."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/IAS.2008.58"},{"key":"e_1_3_2_2_26_1","volume-title":"Persirai: New internet of things (IoT) botnet targets ip cameras. URL: https:\/\/blog. trendmicro. com\/trendlabs-security-intelligence\/persirai-new-internetthings-iot-botnet-targets-ip-cameras","author":"Micro Trend","year":"2017","unstructured":"Trend Micro . 2017 . Persirai: New internet of things (IoT) botnet targets ip cameras. URL: https:\/\/blog. trendmicro. com\/trendlabs-security-intelligence\/persirai-new-internetthings-iot-botnet-targets-ip-cameras (2017). Trend Micro. 2017. Persirai: New internet of things (IoT) botnet targets ip cameras. URL: https:\/\/blog. trendmicro. com\/trendlabs-security-intelligence\/persirai-new-internetthings-iot-botnet-targets-ip-cameras (2017)."},{"key":"e_1_3_2_2_27_1","volume-title":"9th USENIX Workshop on Offensive Technologies (WOOT 15)","author":"Pa Pa Yin Minn","year":"2015","unstructured":"Yin Minn Pa Pa , Shogo Suzuki , Katsunari Yoshioka , Tsutomu Matsumoto , Takahiro Kasama , and Christian Rossow . 2015 . IoTPOT: analysing the rise of IoT compromises . In 9th USENIX Workshop on Offensive Technologies (WOOT 15) . Yin Minn Pa Pa, Shogo Suzuki, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, and Christian Rossow. 2015. IoTPOT: analysing the rise of IoT compromises. In 9th USENIX Workshop on Offensive Technologies (WOOT 15) ."},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.24.522"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2018.8433199"},{"key":"e_1_3_2_2_30_1","volume-title":"Oct. 29","author":"Reasearch CP","year":"2017","unstructured":"CP Reasearch . [n. d.]. Iotroop botnet: The full investigation , Oct. 29 2017 . ([n. d.]). CP Reasearch. [n. d.]. Iotroop botnet: The full investigation, Oct. 29 2017. ([n. d.])."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISBAST.2014.7013134"},{"key":"e_1_3_2_2_32_1","volume-title":"Apr. 7","author":"Seals T","year":"2017","unstructured":"T Seals . [n. d.]. Bricker bot follows mirai tactics to permanently dos iot devices , Apr. 7 2017 . ([n. d.]). T Seals. [n. d.]. Bricker bot follows mirai tactics to permanently dos iot devices, Apr. 7 2017. ([n. d.])."},{"key":"e_1_3_2_2_33_1","volume-title":"27th USENIX Security Symposium. 15--32","author":"Soltan Saleh","year":"2018","unstructured":"Saleh Soltan , Prateek Mittal , and H Vincent Poor . 2018 . BlackIoT: IoT botnet of high wattage devices can disrupt the power grid . In 27th USENIX Security Symposium. 15--32 . Saleh Soltan, Prateek Mittal, and H Vincent Poor. 2018. BlackIoT: IoT botnet of high wattage devices can disrupt the power grid. In 27th USENIX Security Symposium. 15--32."},{"key":"e_1_3_2_2_34_1","volume-title":"Botnet detection","author":"Strayer W Timothy","unstructured":"W Timothy Strayer , David Lapsely , Robert Walsh , and Carl Livadas . 2008. Botnet detection based on network behavior . In Botnet detection . Springer , 1--24. W Timothy Strayer, David Lapsely, Robert Walsh, and Carl Livadas. 2008. Botnet detection based on network behavior. In Botnet detection . Springer, 1--24."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCNS.2016.2532804"},{"key":"e_1_3_2_2_36_1","volume-title":"On the Design and Performance of Prefix-preserving IP Traffic Trace Anonymization. In ACM SIGCOMM Workshop on Internet Measurement .","author":"Xu Jun","unstructured":"Jun Xu , Jinliang Fan , Mostafa Ammar , and Sue B. Moon . 2001 . On the Design and Performance of Prefix-preserving IP Traffic Trace Anonymization. In ACM SIGCOMM Workshop on Internet Measurement . Jun Xu, Jinliang Fan, Mostafa Ammar, and Sue B. Moon. 2001. On the Design and Performance of Prefix-preserving IP Traffic Trace Anonymization. In ACM SIGCOMM Workshop on Internet Measurement ."},{"key":"e_1_3_2_2_37_1","unstructured":"Xiaolu Zhang Oren Upton Nicole Lang Beebe and Kim-Kwang Raymond Choo. [n. d.]. IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers. ([n. d.]).  Xiaolu Zhang Oren Upton Nicole Lang Beebe and Kim-Kwang Raymond Choo. [n. d.]. IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers. ([n. d.])."},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SOCA.2014.58"}],"event":{"name":"CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event USA","acronym":"CCS '20","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372297.3417277","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372297.3417277","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:01:31Z","timestamp":1750197691000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372297.3417277"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,10,30]]},"references-count":38,"alternative-id":["10.1145\/3372297.3417277","10.1145\/3372297"],"URL":"https:\/\/doi.org\/10.1145\/3372297.3417277","relation":{},"subject":[],"published":{"date-parts":[[2020,10,30]]},"assertion":[{"value":"2020-11-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}