{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T15:29:11Z","timestamp":1774538951562,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,13]],"date-time":"2022-11-13T00:00:00Z","timestamp":1668297600000},"content-version":"vor","delay-in-days":366,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1929580, CNS-1929406, CNS-1931573"],"award-info":[{"award-number":["CNS-1929580, CNS-1929406, CNS-1931573"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,12]]},"DOI":"10.1145\/3460120.3484581","type":"proceedings-article","created":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T12:05:27Z","timestamp":1636805127000},"page":"1338-1356","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":21,"title":["MaMIoT: Manipulation of Energy Market Leveraging High Wattage IoT Botnets"],"prefix":"10.1145","author":[{"given":"Tohid","family":"Shekari","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Celine","family":"Irvene","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Alvaro A.","family":"Cardenas","sequence":"additional","affiliation":[{"name":"University of California, Santa Cruz, Santa Cruz, CA, USA"}]},{"given":"Raheem","family":"Beyah","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2021,11,13]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"-. 2019. Bloomberg Terminal. https:\/\/en.wikipedia.org\/wiki\/Bloomberg_Terminal"},{"key":"e_1_3_2_1_2_1","unstructured":". 2019. DDOS Attacks against Global Markets. https:\/\/www.akamai.com\/us\/en\/multimedia\/documents\/secure\/ddos-attacks-against-global-markets-white-paper.pdf"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ifacol.2015.12.414"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2016.2622686"},{"key":"e_1_3_2_1_5_1","volume-title":"26th USENIX Security Symp. 1093--1110","author":"Manos","unstructured":"Manos Antonakakis et al. 2017. Understanding the Mirai botnet. In 26th USENIX Security Symp. 1093--1110."},{"key":"e_1_3_2_1_6_1","volume-title":"Math HJ Bollen, and Jaap E Daalder","author":"Bhattacharya Kankar","year":"2012","unstructured":"Kankar Bhattacharya, Math HJ Bollen, and Jaap E Daalder. 2012. Operation of restructured power systems .Springer Science & Business Media."},{"key":"e_1_3_2_1_7_1","unstructured":"Security Boulevard. 2018. Here's how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack. https:\/\/securityboulevard.com\/2018\/08\/heres-how-anyone-with-20-can-hire-an-iot-botnet-to-blast-out-a-week-long-ddos-attack\/"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5547\/01956574.39.2.pbur"},{"key":"e_1_3_2_1_9_1","unstructured":"Buyexerciser. 2020. Treadmill workout tips: How long should I run on the treadmill?"},{"key":"e_1_3_2_1_10_1","unstructured":"California Independent System Operator. 2019 a. California Independent System Operator. https:\/\/en.wikipedia.org\/wiki\/California_Independent_System_Operator"},{"key":"e_1_3_2_1_11_1","unstructured":"California Independent System Operator. 2019 b. Energy Market & Operation Data. http:\/\/oasis.caiso.com\/mrioasis\/logon.do"},{"key":"e_1_3_2_1_12_1","unstructured":"California Independent System Operator. 2019 c. Reliability Requirements. http:\/\/www.caiso.com\/planning\/Pages\/ReliabilityRequirements\/Default.aspx#Historical"},{"key":"e_1_3_2_1_13_1","unstructured":"Catalin Cimpanu. 2016. You Can Now Rent a Mirai Botnet of 400 000 Bots. https:\/\/www.bleepingcomputer.com\/news\/security\/you-can-now-rent-a-mirai-botnet-of-400-000-bots\/"},{"key":"e_1_3_2_1_14_1","volume-title":"Traders profit as power grid is overworked. The New York Times","author":"Creswell Julie","year":"2014","unstructured":"Julie Creswell and Robert Gebeloff. 2014. Traders profit as power grid is overworked. The New York Times (2014)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134639"},{"key":"e_1_3_2_1_16_1","unstructured":"Scott DiSavino. July 2013. JPMorgan to pay $410 million to settle power market case. https:\/\/www.reuters.com\/article\/us-jpmorgan-ferc\/jpmorgan-to-pay-410-million-to-settle-power-market-case-idUSBRE96T0NA20130730"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/NAPS.2017.8107363"},{"key":"e_1_3_2_1_18_1","unstructured":"Energy Efficiency and Renewable Energy Clearinghouse. 2020. Energy Use of Some Typical Home Appliances. http:\/\/sites.science.oregonstate.edu\/ hetheriw\/energy\/quick\/eff\/EREC_Brief_Energy_Use_of_Some_Typical_Home_Appliances.htm"},{"key":"e_1_3_2_1_19_1","volume-title":"Tapes show Enron arranged plant shutdown. New York Times","author":"Egan Timothy","year":"2005","unstructured":"Timothy Egan. 2005. Tapes show Enron arranged plant shutdown. New York Times (2005)."},{"key":"e_1_3_2_1_20_1","unstructured":"We Energies. 2020. Appliance savings with Time-of-Use. https:\/\/www.we-energies.com\/residential\/acctoptions\/tou_wi_shiftappli.htm"},{"key":"e_1_3_2_1_21_1","unstructured":"Maureen Farrell. July 2013. JPMorgan settles electricity manipulation case for $410 million. https:\/\/money.cnn.com\/2013\/07\/30\/investing\/jp-morgan-electricity-fines\/index.html"},{"key":"e_1_3_2_1_22_1","unstructured":"Laundry Butler for You. [n.d.]. How Much Laundry Does the Average Person Do?"},{"key":"e_1_3_2_1_23_1","unstructured":"GE. [n.d.]. GE Wi-Fi connect appliances. https:\/\/www.geappliances.com\/ge\/connected-appliances\/"},{"key":"e_1_3_2_1_24_1","unstructured":"Dan Goodin. 2017b. Assessing the threat the Reaper botnet poses to the Internet-what we know now. https:\/\/arstechnica.com\/information-technology\/2017\/10\/assessing-the-threat-the-reaper-botnet-poses-to-the-internet-what-we-know-now\/"},{"key":"e_1_3_2_1_25_1","unstructured":"Dan Goodin. 2018. New IoT botnet offers DDoSes of once-unimaginable sizes for $20. https:\/\/arstechnica.com\/information-technology\/2018\/02\/for-sale-ddoses-guaranteed-to-take-down-gaming-servers-just-20\/"},{"key":"e_1_3_2_1_26_1","unstructured":"Dan Goodin. December 2017 a. 100 000-strong botnet built on router 0-day could strike at any time. https:\/\/arstechnica.com\/information-technology\/2017\/12\/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time\/"},{"key":"e_1_3_2_1_27_1","unstructured":"Martin Holladay. 2013. Garage Door Openers Are Always On ."},{"key":"e_1_3_2_1_28_1","volume-title":"28th USENIX Security Symp. 1115--1132","author":"Huang Bing","year":"2019","unstructured":"Bing Huang, Alvaro A Cardenas, and Ross Baldick. 2019. Not everything is dark and gloomy: Power grid protections against IoT demand attacks. In 28th USENIX Security Symp. 1115--1132."},{"key":"e_1_3_2_1_29_1","unstructured":"imperva. 2019. Booters Stressers and DDoSers. https:\/\/www.imperva.com\/learn\/application-security\/booters-stressers-ddosers\/"},{"key":"e_1_3_2_1_30_1","unstructured":"Rommel Joven and Evgeny Ananin. 2018. DDoS-for-Hire Service Powered by Bushido Botnet. https:\/\/www.fortinet.com\/blog\/threat-research\/ddos-for-hire-service-powered-by-bushido-botnet-.html"},{"key":"e_1_3_2_1_31_1","unstructured":"John Kennedy. [n.d.]. https:\/\/www.siliconrepublic.com\/enterprise\/dragonfly-us-russia-energy-grid-hackers. https:\/\/www.symantec.com\/blogs\/threat-intelligence\/dragonfly-energy-sector-cyber-attacks"},{"key":"e_1_3_2_1_32_1","volume-title":"Fundamentals of power system economics","author":"Kirschen Daniel Sadi","unstructured":"Daniel Sadi Kirschen and Goran Strbac. 2004. Fundamentals of power system economics. Vol. 1. Wiley Online Library."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1038\/s41597-020-0434-6"},{"key":"e_1_3_2_1_34_1","unstructured":"KrebsonSecurity. [n.d.]. Did the Mirai Botnet Really Take Liberia Offline? https:\/\/krebsonsecurity.com\/2016\/11\/did-the-mirai-botnet-really-take-liberia-offline\/"},{"key":"e_1_3_2_1_35_1","volume-title":"ICS Defense Use Case: Analysis of the cyber attack on the Ukrainian power grid","author":"Lee Robert M","year":"2016","unstructured":"Robert M Lee, Michael J Assante, and Tim Conway. 2016. ICS Defense Use Case: Analysis of the cyber attack on the Ukrainian power grid. Electricity Information Sharing and Analysis Center, SANS ICS (2016)."},{"key":"e_1_3_2_1_36_1","unstructured":"Jessica Lietz. 2018. How Much Does the Hot Water Heater Affect an Electric Bill? https:\/\/homeguides.sfgate.com\/much-hot-water-heater-affect-electric-bill-88704.html"},{"key":"e_1_3_2_1_37_1","unstructured":"Craig Lloyds. 2018. How Much Electricity Do All Your Appliances Use?"},{"key":"e_1_3_2_1_38_1","volume-title":"The smartest guys in the room: The amazing rise and scandalous fall of Enron","author":"McLean Bethany","unstructured":"Bethany McLean and Peter Elkind. 2013. The smartest guys in the room: The amazing rise and scandalous fall of Enron .Penguin."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2011.2160297"},{"key":"e_1_3_2_1_40_1","volume-title":"How Enron Manipulated State's Power Market. Los Angeles Times","author":"Mulligan T","year":"2002","unstructured":"T Mulligan. 2002. How Enron Manipulated State's Power Market. Los Angeles Times (2002)."},{"key":"e_1_3_2_1_41_1","unstructured":"New York Independent System Operator. [n.d.]. Annual Report. https:\/\/www.nyiso.com\/documents\/20142\/2223020\/2018-Power-Trends.pdf\/4cd3a2a6--838a-bb54-f631--8982a7bdfa7a"},{"key":"e_1_3_2_1_42_1","unstructured":"New York Independent System Operator. 2019 a. Energy Market & Operation Data. https:\/\/www.nyiso.com\/energy-market-operational-data"},{"key":"e_1_3_2_1_43_1","unstructured":"New York Independent System Operator. 2019 b. Load Data. https:\/\/www.nyiso.com\/load-data"},{"key":"e_1_3_2_1_44_1","unstructured":"Union of Concerned Scientists. [n.d.]. Electric Vehicle Charging Types Time Cost and Savings ."},{"key":"e_1_3_2_1_45_1","unstructured":"Office of Enforcement Federal Energy Regulatory Commission Washington D.C. 2019. 2018 Report on Enforcement. https:\/\/www.ferc.gov\/legal\/staff-reports\/2018\/11--15--18-enforcement.pdf?csrt=4611620575164854265"},{"key":"e_1_3_2_1_46_1","unstructured":"Pennsylvania and New Jersey Independent System Operator. 2019. Energy Market. https:\/\/www.pjm.com\/markets-and-operations\/energy.aspx"},{"key":"e_1_3_2_1_47_1","unstructured":"Troutman Pepper. November 2017. FERC Approves $105 Million Settlement with Barclays for Market Manipulation. https:\/\/www.lexology.com\/library\/detail.aspx?g=79b6712f-2db8--415e-9a93--6307c086d5a6"},{"key":"e_1_3_2_1_48_1","unstructured":"Payless Power. 2019. HOW MANY WATTS DOES A REFRIGERATOR USE ."},{"key":"e_1_3_2_1_49_1","unstructured":"Radware. 2018. A Quick History of IoT Botnets. https:\/\/blog.radware.com\/uncategorized\/2018\/03\/history-of-iot-botnets\/"},{"key":"e_1_3_2_1_50_1","volume-title":"Market operations in electric power systems: forecasting, scheduling, and risk management","author":"Shahidehpour Mohammad","unstructured":"Mohammad Shahidehpour, Hatim Yamin, and Zuyi Li. 2003. Market operations in electric power systems: forecasting, scheduling, and risk management .John Wiley & Sons."},{"key":"e_1_3_2_1_51_1","volume-title":"27th USENIX Security Symp. 15--32","author":"Soltan Saleh","year":"2018","unstructured":"Saleh Soltan, Prateek Mittal, and H Vincent Poor. 2018. BlackIoT: IoT botnet of high wattage devices can disrupt the power grid. In 27th USENIX Security Symp. 15--32."},{"key":"e_1_3_2_1_52_1","volume-title":"Power system optimization modeling in GAMS","author":"Soroudi Alireza","unstructured":"Alireza Soroudi. [n.d.]. Power system optimization modeling in GAMS .Springer."},{"key":"e_1_3_2_1_53_1","unstructured":"Statistica. 2019. Number of homes with smart thermostats in North America from 2014 to 2020 (in millions). https:\/\/www.statista.com\/statistics\/625868\/homes-with-smart-thermostats-in-north-america\/"},{"key":"e_1_3_2_1_54_1","unstructured":"HVAC Talk. 2019. How many hours should the AC run during the hottest days of the year?"},{"key":"e_1_3_2_1_55_1","unstructured":"US Energy Information Administration. 2019 a. U.S. energy facts explained. https:\/\/www.eia.gov\/energyexplained\/us-energy-facts\/"},{"key":"e_1_3_2_1_56_1","volume-title":"2019 b. Wholesale electricity prices were generally lower","author":"US Energy Information Administration","year":"2019","unstructured":"US Energy Information Administration. 2019 b. Wholesale electricity prices were generally lower in 2019, except in Texas. https:\/\/www.eia.gov\/todayinenergy\/detail.php?id=42456#"},{"key":"e_1_3_2_1_57_1","unstructured":"US Energy Information Administration. 2020. 2018 Average Monthly Bill- Residential. https:\/\/www.eia.gov\/electricity\/sales_revenue_price\/pdf\/table5_a.pdf"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRS.2013.2274673"},{"key":"e_1_3_2_1_59_1","unstructured":"Christian Vasquez. June 2020. 'Major vulnerability': EV hacks could threaten power grid. https:\/\/www.eenews.net\/stories\/1063401375"},{"key":"e_1_3_2_1_60_1","unstructured":"Whirlpool. 2020. How long do dishwashers run? https:\/\/www.whirlpool.com\/blog\/kitchen\/how-long-do-dishwashers-run.html"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23235"},{"key":"e_1_3_2_1_62_1","volume-title":"On the Feasibility of Automating Stock Market Manipulation. In Annual Computer Security Applications Conference. 277--290","author":"Yagemann Carter","year":"2020","unstructured":"Carter Yagemann, Simon P Chung, Erkam Uzun, Sai Ragam, Brendan Saltaformaggio, and Wenke Lee. 2020. On the Feasibility of Automating Stock Market Manipulation. In Annual Computer Security Applications Conference. 277--290."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/CPRE.2011.6035612"},{"key":"e_1_3_2_1_64_1","unstructured":"Kim Zetter. July 2018. Inside the Cunning Unprecedented Hack of Ukraine's Power Grid. https:\/\/www.wired.com\/2016\/03\/inside-cunning-unprecedented-hack-ukraines-power-grid\/"}],"event":{"name":"CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event Republic of Korea","acronym":"CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484581","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3484581","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3484581","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T20:44:54Z","timestamp":1763498694000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484581"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,12]]},"references-count":64,"alternative-id":["10.1145\/3460120.3484581","10.1145\/3460120"],"URL":"https:\/\/doi.org\/10.1145\/3460120.3484581","relation":{},"subject":[],"published":{"date-parts":[[2021,11,12]]},"assertion":[{"value":"2021-11-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}