{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,2]],"date-time":"2025-10-02T05:56:28Z","timestamp":1759384588456,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":74,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,8,25]],"date-time":"2020-08-25T00:00:00Z","timestamp":1598313600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,8,25]]},"DOI":"10.1145\/3407023.3407044","type":"proceedings-article","created":{"date-parts":[[2021,11,23]],"date-time":"2021-11-23T04:37:03Z","timestamp":1637642223000},"page":"1-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["PaperW8"],"prefix":"10.1145","author":[{"given":"Calvin","family":"Brierley","sequence":"first","affiliation":[{"name":"University of Kent"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jamie","family":"Pont","sequence":"additional","affiliation":[{"name":"University of Kent"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Budi","family":"Arief","sequence":"additional","affiliation":[{"name":"University of Kent"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David J.","family":"Barnes","sequence":"additional","affiliation":[{"name":"University of Kent"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Julio","family":"Hernandez-Castro","sequence":"additional","affiliation":[{"name":"University of Kent"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,8,25]]},"reference":[{"volume-title":"Barco wePresent WiPG-1600W wireless presentation system Desktop HDMI + VGA (D-Sub). https:\/\/www.amazon.co.uk\/wePresent-WiPG-1600W-wireless-presentation-Desktop\/dp\/B076T41MVC [Accessed","year":"2020","key":"e_1_3_2_1_1_1"},{"volume-title":"Das U-Boot - the Universal Boot Loader. https:\/\/www.denx.de\/wiki\/U-Boot [Accessed","year":"2020","key":"e_1_3_2_1_2_1"},{"key":"e_1_3_2_1_3_1","unstructured":"[n.d.]. General MTD documentation. http:\/\/www.linux-mtd.infradead.org\/doc\/general.html [Accessed: April 2020].  [n.d.]. General MTD documentation. http:\/\/www.linux-mtd.infradead.org\/doc\/general.html [Accessed: April 2020]."},{"volume-title":"https:\/\/littlevgl.com\/ [Accessed","year":"2020","author":"GL.","key":"e_1_3_2_1_4_1"},{"volume-title":"https:\/\/www.ballicom.co.uk\/wepresent-r9866100eu-.p1408805.html [Accessed","year":"2020","author":"WePresent","key":"e_1_3_2_1_5_1"},{"volume-title":"D-Link Internet Report. https:\/\/dlink-report.shodan.io\/ [Accessed","year":"2020","key":"e_1_3_2_1_6_1"},{"volume-title":"Huawei Router HG532 - Arbitrary Command Execution. https:\/\/www.exploit-db.com\/exploits\/43414 [Accessed","year":"2020","key":"e_1_3_2_1_7_1"},{"volume-title":"https:\/\/blog.talosintelligence.com\/2018\/06\/vpnfilter-update.html [Accessed","year":"2020","key":"e_1_3_2_1_8_1"},{"volume-title":"https:\/\/www.fortinet.com\/blog\/threat-research\/petya-s-master-boot-record-infection.html [Accessed","year":"2020","key":"e_1_3_2_1_9_1"},{"volume-title":"Shodan MVPower DVR Search. https:\/\/www.shodan.io\/search?query=JAWS%2F1.0 [Accessed","year":"2020","key":"e_1_3_2_1_10_1"},{"volume-title":"BitPyLock Ransomware Now Threatens to Publish Stolen Data. https:\/\/www.bleepingcomputer.com\/news\/security\/bitpylock-ransomware-now-threatens-to-publish-stolen-data\/ [Accessed","year":"2020","author":"Abrams Lawrence","key":"e_1_3_2_1_11_1"},{"volume-title":"Satori Mirai Variant Alert. https:\/\/www.akamai.com\/uk\/en\/multimedia\/documents\/state-of-the-internet\/satori-mirai-variant-alert-threat-advisory.pdf [Accessed","year":"2020","key":"e_1_3_2_1_12_1"},{"volume-title":"BusyBox: The Swiss Army Knife of Embedded Linux. https:\/\/busybox.net\/about.html [Accessed","year":"2020","author":"Andersen Erik","key":"e_1_3_2_1_13_1"},{"volume-title":"CNC source code release. https:\/\/hackforums.net\/showthread.php?tid=5420472 [Accessed","year":"2020","author":"Mirai Botnet World's Largest","key":"e_1_3_2_1_14_1"},{"key":"e_1_3_2_1_15_1","unstructured":"Manos Antonakakis Tim April Michael Bailey Matt Bernhard Elie Bursztein Jaime Cochran Zakir Durumeric J Alex Halderman Luca Invernizzi Michalis Kallitsis etal 2017. Understanding the mirai botnet. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1093--1110.  Manos Antonakakis Tim April Michael Bailey Matt Bernhard Elie Bursztein Jaime Cochran Zakir Durumeric J Alex Halderman Luca Invernizzi Michalis Kallitsis et al. 2017. Understanding the mirai botnet. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1093--1110."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5220\/0008956004480456"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/WIRELESSVITAE.2011.5940923"},{"volume-title":"https:\/\/www.exploit-db.com\/exploits\/46786 [Accessed","year":"2020","author":"Baines Jacob","key":"e_1_3_2_1_18_1"},{"volume-title":"Florida town pays $600,000 virus ransom. https:\/\/www.bbc.co.uk\/news\/technology-48704612 [Accessed","year":"2020","author":"BBC.","key":"e_1_3_2_1_19_1"},{"volume-title":"Hide and Seek IoT Botnet resurfaces with new tricks, persistence. https:\/\/labs.bitdefender.com\/2018\/05\/hide-and-seek-iot-botnet-resurfaces-with-new-tricks-persistence\/ [Accessed","year":"2020","author":"Botezatu Bogdan","key":"e_1_3_2_1_20_1"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyz009"},{"key":"e_1_3_2_1_22_1","unstructured":"Larry Cashdollar. 2019. SIRT Advisory: Silexbot bricking systems with known default login credentials. https:\/\/blogs.akamai.com\/sitr\/2019\/06\/sirt-advisory-silexbot-bricking-systems-with-known-default-login-credentials.html [Accessed: April 2020].  Larry Cashdollar. 2019. SIRT Advisory: Silexbot bricking systems with known default login credentials. https:\/\/blogs.akamai.com\/sitr\/2019\/06\/sirt-advisory-silexbot-bricking-systems-with-known-default-login-credentials.html [Accessed: April 2020]."},{"volume-title":"Android Ransomware Infects LG Smart TV. https:\/\/www.bleepingcomputer.com\/news\/security\/android-ransomware-infects-lg-smart-tv\/ [Accessed","year":"2020","author":"Cimpanu Catalin","key":"e_1_3_2_1_23_1"},{"volume-title":"mydlink. https:\/\/www.mydlink.com\/ [Accessed","year":"2020","key":"e_1_3_2_1_24_1"},{"volume-title":"IoT Attacks Escalating with a 217.5% Increase in Volume. https:\/\/www.bleepingcomputer.com\/news\/security\/iot-attacks-escalating-with-a-2175-percent-increase-in-volume\/ [Accessed","year":"2020","author":"Gatlan Sergiu","key":"e_1_3_2_1_25_1"},{"volume-title":"Maze Ransomware Demands $6 Million Ransom From South-wire. https:\/\/www.bleepingcomputer.com\/news\/security\/maze-ransomware-demands-6-million-ransom-from-southwire\/ [Accessed","year":"2020","author":"Gatlan Sergiu","key":"e_1_3_2_1_26_1"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-008-0092-2"},{"key":"e_1_3_2_1_28_1","unstructured":"Dan Goodin. 2016. Record-breaking DDoS reportedly delivered by >145k hacked cameras. https:\/\/arstechnica.com\/information-technology\/2016\/09\/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever\/ [Accessed: April 2020].  Dan Goodin. 2016. Record-breaking DDoS reportedly delivered by >145k hacked cameras. https:\/\/arstechnica.com\/information-technology\/2016\/09\/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever\/ [Accessed: April 2020]."},{"key":"e_1_3_2_1_29_1","unstructured":"Dan Goodin. 2017. BrickerBot the permanent denial-of-service botnet is back with a vengeance. https:\/\/arstechnica.com\/information-technology\/2017\/04\/brickerbot-the-permanent-denial-of-service-botnet-is-back-with-a-vengeance\/ [Accessed: April 2020].  Dan Goodin. 2017. BrickerBot the permanent denial-of-service botnet is back with a vengeance. https:\/\/arstechnica.com\/information-technology\/2017\/04\/brickerbot-the-permanent-denial-of-service-botnet-is-back-with-a-vengeance\/ [Accessed: April 2020]."},{"volume-title":"The Untold Story of NotPetya, the Most Devastating Cyberattack in History. https:\/\/www.wired.com\/story\/notpetya-cyberattack-ukraine-russia-code-crashed-the-world\/ [Accessed","year":"2020","author":"Greenberg Andy","key":"e_1_3_2_1_30_1"},{"volume-title":"Economic analysis of ransomware. Available at SSRN 2937641","year":"2017","author":"Hernandez-Castro Julio","key":"e_1_3_2_1_31_1"},{"volume-title":"The Internet of Thing: How a single coffee maker's vulnerabilities symbolize a world of IoT risks. https:\/\/blog.avast.com\/avast-hacked-a-smart-coffee-maker [Accessed","year":"2020","author":"Hron Martin","key":"e_1_3_2_1_32_1"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00047"},{"volume-title":"https:\/\/github.com\/JeremyNGalloway\/mod_plaintext.py\/blob\/master\/mod_plaintext.py [Accessed","year":"2020","author":"Source BrickerBot","key":"e_1_3_2_1_34_1"},{"volume-title":"https:\/\/github.com\/jgamblin\/Mirai-Source-Code [Accessed","year":"2020","author":"Jha Paras","key":"e_1_3_2_1_35_1"},{"volume-title":"https:\/\/twitter.com\/a3019397\/status\/463349646073794561 [Accessed","year":"2020","key":"e_1_3_2_1_36_1"},{"key":"e_1_3_2_1_37_1","unstructured":"Simon Kenin. 2018. Mass MikroTik Router Infection - First we cryptojack Brazil then we take the World? https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/mass-mikrotik-router-infection-first-we-cryptojack-brazil-then-we-take-the-world\/ [Accessed: April 2020].  Simon Kenin. 2018. Mass MikroTik Router Infection - First we cryptojack Brazil then we take the World? https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/mass-mikrotik-router-infection-first-we-cryptojack-brazil-then-we-take-the-world\/ [Accessed: April 2020]."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-20550-2_1"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2017.201"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053035"},{"volume-title":"Preventing Ransomware on the Internet of Things. (2017). https:\/\/pdfs.semanticscholar.org\/419f\/8d22ba3eea1f4d9fbcd6b3b68d294504d276.pdf [Accessed","year":"2020","author":"Koopman Michael","key":"e_1_3_2_1_41_1"},{"volume-title":"Torii botnet - Not another Mirai variant. https:\/\/blog.avast.com\/new-torii-botnet-threat-research [Accessed","year":"2020","author":"Kroustek Jakub","key":"e_1_3_2_1_42_1"},{"volume-title":"Multiple Netgear routers are vulnerable to arbitrary command injection. https:\/\/www.kb.cert.org\/vuls\/id\/582384\/ [Accessed","year":"2020","author":"Land Joel","key":"e_1_3_2_1_43_1"},{"volume-title":"New VPNFilter malware targets at least 500K networking devices worldwide. https:\/\/blog.talosintelligence.com\/2018\/05\/VPNFilter.html [Accessed","year":"2020","author":"Largent William","key":"e_1_3_2_1_44_1"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2016.7487938"},{"volume-title":"https:\/\/www.macronix.com\/Lists\/Datasheet\/Attachments\/7647\/MX29LV320E%20T-B%2\\c%203V%2c%2032Mb%2c%20v1.3.pdf [Accessed","year":"2020","author":"E","key":"e_1_3_2_1_46_1"},{"volume-title":"New Seftad Ransomware Attacks Master Boot Record. https:\/\/securelist.com\/and-now-an-mbr-ransomware\/30626\/ [Accessed","year":"2020","author":"Maslennikov Denis","key":"e_1_3_2_1_47_1"},{"volume-title":"New trends in the world of IoT threats. https:\/\/securelist.com\/new-trends-in-the-world-of-iot-threats\/87991\/ [Accessed","year":"2020","author":"Mikhail Kuzin Vladimir Kuskov","key":"e_1_3_2_1_48_1"},{"volume-title":"Investigation: WannaCry cyber attack and the NHS. National Audit Office","year":"2017","author":"Morse Amyas","key":"e_1_3_2_1_49_1"},{"volume-title":"https:\/\/badpackets.net\/200000-mikrotik-routers-worldwide-have-been-compromised-to-inject-cryptojacking-malware\/ [Accessed","year":"2020","author":"Mursch Troy","key":"e_1_3_2_1_50_1"},{"key":"e_1_3_2_1_51_1","unstructured":"Netgear. 2015. R6250 Smart wifi Router User Manual. http:\/\/www.downloads.netgear.com\/files\/GDC\/R6250\/R6250_UM_13Apr2015.pdf [Accessed: April 2020].  Netgear. 2015. R6250 Smart wifi Router User Manual. http:\/\/www.downloads.netgear.com\/files\/GDC\/R6250\/R6250_UM_13Apr2015.pdf [Accessed: April 2020]."},{"volume-title":"How to upload firmware to a NETGEAR router using Windows TFTP. https:\/\/kb.netgear.com\/000059634\/How-to-upload-firmware-to-a-NETGEAR-router-using-Windows-TFTP [Accessed","year":"2020","key":"e_1_3_2_1_52_1"},{"volume-title":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016--6277 [Accessed","year":"2020","author":"Detail NIST.","key":"e_1_3_2_1_53_1"},{"volume-title":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-17215 [Accessed","year":"2020","author":"Detail NIST.","key":"e_1_3_2_1_54_1"},{"volume-title":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10999 [Accessed","year":"2020","author":"NIST.","key":"e_1_3_2_1_55_1"},{"volume-title":"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-3929 [Accessed","year":"2020","author":"Detail NIST.","key":"e_1_3_2_1_56_1"},{"key":"e_1_3_2_1_57_1","unstructured":"Department of Health and Social Care. 2018. Securing Cyber Resilience in Health and Care. https:\/\/assets.publishing.service.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/747464\/securing-cyber-resilience-in-health-and-care-september-2018-update.pdf [Accessed: April 2020].  Department of Health and Social Care. 2018. Securing Cyber Resilience in Health and Care. https:\/\/assets.publishing.service.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/747464\/securing-cyber-resilience-in-health-and-care-september-2018-update.pdf [Accessed: April 2020]."},{"volume-title":"Ransomware: A growing menace","year":"2012","author":"O'Gorman Gavin","key":"e_1_3_2_1_58_1"},{"volume-title":"https:\/\/github.com\/ReFirmLabs\/binwalk [Accessed","year":"2020","key":"e_1_3_2_1_59_1"},{"volume-title":"A New IoT Botnet Storm is Coming. https:\/\/research.checkpoint.com\/new-iot-botnet-storm-coming\/ [Accessed","year":"2020","author":"Research Checkpoint","key":"e_1_3_2_1_60_1"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2016.46"},{"volume-title":"Software update for IoTthe current state of play. https:\/\/elinux.org\/images\/f\/f5\/Embedded_Systems_Software_Update_for_IoT.pdf [Accessed","year":"2020","author":"Simmonds Chris","key":"e_1_3_2_1_63_1"},{"volume-title":"Software updates for embedded Linux: requirement and reality. https:\/\/mender.io\/resources\/whitepapers\/_resources\/Software%2520Updates.pdf [Accessed","year":"2020","author":"Simmonds Chris","key":"e_1_3_2_1_64_1"},{"volume-title":"Forget Mirai - Brickerbot malware will kill your crap IoT devices. https:\/\/www.theregister.co.uk\/2017\/04\/08\/brickerbot_malware_kills_iot_devices\/ [Accessed","year":"2020","author":"Thomson Iain","key":"e_1_3_2_1_65_1"},{"volume-title":"New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices. https:\/\/www.pentestpartners.com\/security-blog\/pwning-cctv-cameras\/ [Accessed","year":"2020","author":"Tierney Andrew","key":"e_1_3_2_1_66_1"},{"volume-title":"Thermostat Ransomware: a lesson in IoT security. https:\/\/www.pentestpartners.com\/security-blog\/thermostat-ransomware-a-lesson-in-iot-security\/ [Accessed","year":"2020","author":"Tierney Andrew","key":"e_1_3_2_1_67_1"},{"volume-title":"Coin Mining DVRs: A compromise from start to finish. https:\/\/isc.sans.edu\/diary\/Coin+Mining+DVRs%3a+A+compromise+from+start+to+finish.\/18071 [Accessed","year":"2020","author":"Ullrich Johannes","key":"e_1_3_2_1_68_1"},{"volume-title":"Upgrade without Bricking. https:\/\/elinux.org\/images\/6\/61\/Upgrading_Without_Bricking.pdf [Accessed","year":"2020","author":"Vandecappelle Arnout","key":"e_1_3_2_1_69_1"},{"volume-title":"GitHub - fuzzywalls\/CVE-2019-10999. https:\/\/github.com\/fuzzywalls\/CVE-2019-10999 [Accessed","year":"2020","author":"Walls Evan","key":"e_1_3_2_1_70_1"},{"volume-title":"Riviera Beach Manager: City has most of its data back after ransomware attack. https:\/\/cbs12.com\/news\/local\/riviera-beach-manager-city-has-most-of-its-data-back-after-ransomware-attack [Accessed","year":"2020","key":"e_1_3_2_1_71_1"},{"volume-title":"Today the web was broken by countless hacked devices - your 60-second summary. https:\/\/www.theregister.co.uk\/2016\/10\/21\/dyn_dns_ddos_explained\/ [Accessed","year":"2020","author":"Williams Chris","key":"e_1_3_2_1_72_1"},{"key":"e_1_3_2_1_73_1","unstructured":"Karim Yagh Jon Masters Gilad Ben-Yossef and Philippe Gerum. 2008. Building Embedded Linux Systems. O'Reilly Chapter 8 219 236 297--298.  Karim Yagh Jon Masters Gilad Ben-Yossef and Philippe Gerum. 2008. Building Embedded Linux Systems. O'Reilly Chapter 8 219 236 297--298."},{"volume-title":"https:\/\/documents.westerndigital.com\/content\/dam\/doc-library\/en_us\/assets\/public\/western-digital\/collateral\/white-paper\/white-paper-emmc-security.pdf [Accessed","year":"2020","author":"Zilberstein Einav","key":"e_1_3_2_1_74_1"}],"event":{"name":"ARES 2020: The 15th International Conference on Availability, Reliability and Security","acronym":"ARES 2020","location":"Virtual Event Ireland"},"container-title":["Proceedings of the 15th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3407023.3407044","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3407023.3407044","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:24:42Z","timestamp":1750195482000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3407023.3407044"}},"subtitle":["an IoT bricking ransomware proof of concept"],"short-title":[],"issued":{"date-parts":[[2020,8,25]]},"references-count":74,"alternative-id":["10.1145\/3407023.3407044","10.1145\/3407023"],"URL":"https:\/\/doi.org\/10.1145\/3407023.3407044","relation":{},"subject":[],"published":{"date-parts":[[2020,8,25]]},"assertion":[{"value":"2020-08-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}