{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T18:16:05Z","timestamp":1777486565965,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":40,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,10,30]],"date-time":"2020-10-30T00:00:00Z","timestamp":1604016000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100006133","name":"U.S. Department of Energy","doi-asserted-by":"publisher","award":["DE-OE0000780"],"award-info":[{"award-number":["DE-OE0000780"]}],"id":[{"id":"10.13039\/100006133","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF-17-1-0370"],"award-info":[{"award-number":["W911NF-17-1-0370"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Arizona State University","award":["Center for Cybersecurity and Digital Forensics"],"award-info":[{"award-number":["Center for Cybersecurity and Digital Forensics"]}]},{"DOI":"10.13039\/100006435","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1651661"],"award-info":[{"award-number":["1651661"]}],"id":[{"id":"10.13039\/100006435","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["HR001118C0060 and FA875019C0003"],"award-info":[{"award-number":["HR001118C0060 and FA875019C0003"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,10,30]]},"DOI":"10.1145\/3372297.3423356","type":"proceedings-article","created":{"date-parts":[[2021,3,4]],"date-time":"2021-03-04T16:20:06Z","timestamp":1614874806000},"page":"279-291","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":71,"title":["HoneyPLC: A Next-Generation Honeypot for Industrial Control Systems"],"prefix":"10.1145","author":[{"given":"Efr\u00e9n","family":"L\u00f3pez-Morales","sequence":"first","affiliation":[{"name":"Arizona State University, Tempe, AZ, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Carlos","family":"Rubio-Medrano","sequence":"additional","affiliation":[{"name":"Texas A&M University - Corpus Christi, Corpus Christi, TX, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adam","family":"Doup\u00e9","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, AZ, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yan","family":"Shoshitaishvili","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, AZ, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ruoyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, AZ, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tiffany","family":"Bao","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, AZ, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gail-Joon","family":"Ahn","sequence":"additional","affiliation":[{"name":"Arizona State University, Tempe, AZ, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,11,2]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2016. S7comm - The Wireshark Wiki. https:\/\/wiki.wireshark.org\/S7comm. 2016. S7comm - The Wireshark Wiki. https:\/\/wiki.wireshark.org\/S7comm."},{"key":"e_1_3_2_2_2_1","unstructured":"2020. DataSoft\/Honeyd. https:\/\/github.com\/DataSoft\/Honeyd original-date: 2011-12-09T22:40:03Z. 2020. DataSoft\/Honeyd. https:\/\/github.com\/DataSoft\/Honeyd original-date: 2011-12-09T22:40:03Z."},{"key":"e_1_3_2_2_3_1","unstructured":"2020. SCADA HoneyNet Project: Building Honeypots for Industrial Networks. http:\/\/scadahoneynet.sourceforge.net\/ 2020. SCADA HoneyNet Project: Building Honeypots for Industrial Networks. http:\/\/scadahoneynet.sourceforge.net\/"},{"key":"e_1_3_2_2_4_1","unstructured":"2020. SCADACS\/PLCinject. https:\/\/github.com\/SCADACS\/PLCinject original-date: 2015-07-13T09:38:19Z. 2020. SCADACS\/PLCinject. https:\/\/github.com\/SCADACS\/PLCinject original-date: 2015-07-13T09:38:19Z."},{"key":"e_1_3_2_2_5_1","unstructured":"ABB. [n.d.]. PLC Automation. https:\/\/new.abb.com\/plc. Accessed: 2020-02--24. ABB. [n.d.]. PLC Automation. https:\/\/new.abb.com\/plc. Accessed: 2020-02--24."},{"key":"e_1_3_2_2_6_1","unstructured":"Allen-Bradley. [n.d.]. Programmable Controllers. https:\/\/ab.rockwellautomation.com\/Programmable-Controllers. Accessed: 2020-02--24. Allen-Bradley. [n.d.]. Programmable Controllers. https:\/\/ab.rockwellautomation.com\/Programmable-Controllers. Accessed: 2020-02--24."},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994487.2994493"},{"key":"e_1_3_2_2_8_1","unstructured":"Hans Berger. 2006. Automating with STEP7 in STL and SCL: programmable controllers Simatic S7--300\/400. Publicis. Hans Berger. 2006. Automating with STEP7 in STL and SCL: programmable controllers Simatic S7--300\/400. Publicis."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-10329-7_12"},{"key":"e_1_3_2_2_10_1","volume-title":"Int. Conference on Smart Computing and Communication. Springer, 300--309","author":"Cao Jianhong","year":"2017"},{"key":"e_1_3_2_2_11_1","volume-title":"Analysis of the cyber attack on the Ukrainian power grid","author":"Case Defense Use","year":"2016"},{"key":"e_1_3_2_2_12_1","first-page":"29","article-title":"W32. stuxnet dossier. White paper, Symantec Corp","volume":"5","author":"Falliere Nicolas","year":"2011","journal-title":"Security Response"},{"key":"e_1_3_2_2_13_1","unstructured":"Kevin E Hemsley E Fisher etal 2018. History of industrial control system cyber incidents. Technical Report. Idaho National Lab.(INL) Idaho Falls ID (United States). Kevin E Hemsley E Fisher et al. 2018. History of industrial control system cyber incidents. Technical Report. Idaho National Lab.(INL) Idaho Falls ID (United States)."},{"key":"e_1_3_2_2_14_1","volume-title":"GasPot Released at Blackhat","author":"Hilt Stephen","year":"2015"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISI.2016.7745468"},{"key":"e_1_3_2_2_16_1","volume-title":"ICSREF: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries. In Network and Distributed System Security Symposium, (NDSS)","author":"Keliris Anastasis","year":"2019"},{"key":"e_1_3_2_2_17_1","volume-title":"Internet-facing PLCs-a new back orifice. Blackhat USA","author":"Klick Johannes","year":"2015"},{"key":"e_1_3_2_2_18_1","unstructured":"Jan Kneschke. 2020. Lighttpd-fly light. https:\/\/www.lighttpd.net\/. Jan Kneschke. 2020. Lighttpd-fly light. https:\/\/www.lighttpd.net\/."},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"crossref","first-page":"37","DOI":"10.26636\/jtit.2015.4.983","article-title":"Shape: A honeypot for electric power substation","volume":"4","author":"Ko\u0142ty's Kamil","year":"2015","journal-title":"J. of Telecommunications and Information Technology"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.67"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2016.103"},{"key":"e_1_3_2_2_22_1","unstructured":"Gordon Fyodor Lyon. 2009. Nmap network scanning: The official Nmap project guide to network discovery and security scanning .Insecure. Gordon Fyodor Lyon. 2009. Nmap network scanning: The official Nmap project guide to network discovery and security scanning .Insecure."},{"key":"e_1_3_2_2_23_1","volume-title":"LLC (2016-02--25)","author":"Matherly John","year":"2015"},{"key":"e_1_3_2_2_24_1","unstructured":"John Matherly. 2019. personal communication. John Matherly. 2019. personal communication."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1233341.1233399"},{"key":"e_1_3_2_2_26_1","unstructured":"MushMush. 2020. Conpot. https:\/\/github.com\/mushorg\/conpot. MushMush. 2020. Conpot. https:\/\/github.com\/mushorg\/conpot."},{"key":"e_1_3_2_2_27_1","unstructured":"Davide Nardella. 2018. Snap7. http:\/\/snap7.sourceforge.net\/. Davide Nardella. 2018. Snap7. http:\/\/snap7.sourceforge.net\/."},{"key":"e_1_3_2_2_28_1","volume-title":"10th DFN-CERT Workshop","volume":"2","author":"Provos Niels","year":"2003"},{"key":"e_1_3_2_2_29_1","unstructured":"Niels Provos and Thorsten Holz. 2007. Virtual honeypots: from botnet tracking to intrusion detection. Pearson Education. Niels Provos and Thorsten Holz. 2007. Virtual honeypots: from botnet tracking to intrusion detection. Pearson Education."},{"key":"e_1_3_2_2_30_1","unstructured":"Ubuntu Manpage Repository. 2019 a. snmpwalk - retrieve a subtree of management values using SNMP GETNEXT requests. http:\/\/manpages.ubuntu.com\/manpages\/bionic\/man1\/snmpwalk.1.html. Ubuntu Manpage Repository. 2019 a. snmpwalk - retrieve a subtree of management values using SNMP GETNEXT requests. http:\/\/manpages.ubuntu.com\/manpages\/bionic\/man1\/snmpwalk.1.html."},{"key":"e_1_3_2_2_31_1","unstructured":"Ubuntu Manpage Repository. 2019 b. Wget - The non-interactive network downloader. http:\/\/manpages.ubuntu.com\/manpages\/disco\/en\/man1\/wget.1.html. Ubuntu Manpage Repository. 2019 b. Wget - The non-interactive network downloader. http:\/\/manpages.ubuntu.com\/manpages\/disco\/en\/man1\/wget.1.html."},{"key":"e_1_3_2_2_32_1","unstructured":"SCADACS. 2017. Snap7. https:\/\/github.com\/SCADACS\/snap7. SCADACS. 2017. Snap7. https:\/\/github.com\/SCADACS\/snap7."},{"key":"e_1_3_2_2_33_1","unstructured":"Justin Searle. 2015. plcscan. https:\/\/github.com\/meeas\/plcscan. Justin Searle. 2015. plcscan. https:\/\/github.com\/meeas\/plcscan."},{"key":"e_1_3_2_2_34_1","unstructured":"Siemens. [n.d.]. The intelligent choice for your automation task: SIMATIC controllers. https:\/\/new.siemens.com\/global\/en\/products\/automation\/systems\/industrial\/plc.html. Accessed: 2020-02--24. Siemens. [n.d.]. The intelligent choice for your automation task: SIMATIC controllers. https:\/\/new.siemens.com\/global\/en\/products\/automation\/systems\/industrial\/plc.html. Accessed: 2020-02--24."},{"key":"e_1_3_2_2_35_1","volume-title":"VB2018","author":"Slowik Joe","year":"2018"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-82e2008"},{"key":"e_1_3_2_2_37_1","volume-title":"NIST special publication 800--82, revision 2: Guide to industrial control systems (ICS) security","author":"Stouffer Keith","year":"2014"},{"key":"e_1_3_2_2_38_1","unstructured":"Susan Marie Wade. 2011. SCADA Honeynets: The attractiveness of honeypots as critical infrastructure security tools for the detection and analysis of advanced threats. (2011). Susan Marie Wade. 2011. SCADA Honeynets: The attractiveness of honeypots as critical infrastructure security tools for the detection and analysis of advanced threats. (2011)."},{"key":"e_1_3_2_2_39_1","unstructured":"Kyle Wilhoit and Stephen Hilt. [n.d.]. The GasPot Experiment: Unexamined Perils in Using. ([n. d.]). Kyle Wilhoit and Stephen Hilt. [n.d.]. The GasPot Experiment: Unexamined Perils in Using. ([n. d.])."},{"key":"e_1_3_2_2_40_1","volume-title":"Int. Conference on Information and Communications Security. Springer, 412--423","author":"Xiao Feng","year":"2017"}],"event":{"name":"CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event USA","acronym":"CCS '20","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372297.3423356","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372297.3423356","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372297.3423356","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:02:20Z","timestamp":1750197740000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372297.3423356"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,10,30]]},"references-count":40,"alternative-id":["10.1145\/3372297.3423356","10.1145\/3372297"],"URL":"https:\/\/doi.org\/10.1145\/3372297.3423356","relation":{},"subject":[],"published":{"date-parts":[[2020,10,30]]},"assertion":[{"value":"2020-11-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}