{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,16]],"date-time":"2025-07-16T11:57:47Z","timestamp":1752667067313,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,12,3]],"date-time":"2021-12-03T00:00:00Z","timestamp":1638489600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,12,3]]},"DOI":"10.1145\/3507509.3507511","type":"proceedings-article","created":{"date-parts":[[2022,3,7]],"date-time":"2022-03-07T17:10:31Z","timestamp":1646673031000},"page":"9-20","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["SDNHive: A Proof-of-Concept SDN and Honeypot System for Defending Against Internal Threats"],"prefix":"10.1145","author":[{"given":"Meatasit","family":"Karakate","sequence":"first","affiliation":[{"name":"Graduate School of Information Science and Technology, The University of Tokyo, Japan"}]},{"given":"Hiroshi","family":"Esaki","sequence":"additional","affiliation":[{"name":"Graduate School of Information Science and Technology, The University of Tokyo, Japan"}]},{"given":"Hideya","family":"Ochiai","sequence":"additional","affiliation":[{"name":"Graduate School of Information Science and Technology, The University of Tokyo, Japan"}]}],"member":"320","published-online":{"date-parts":[[2022,3,7]]},"reference":[{"volume-title":"Cyber-attack: Europol says it was unprecedented in scale. BBC News (May","year":"2017","unstructured":"2017. Cyber-attack: Europol says it was unprecedented in scale. BBC News (May 2017 ). https:\/\/www.bbc.com\/news\/world-europe-39907965 2017. Cyber-attack: Europol says it was unprecedented in scale. BBC News (May 2017). https:\/\/www.bbc.com\/news\/world-europe-39907965","key":"e_1_3_2_1_1_1"},{"unstructured":"2017. Detect WannaCry Initial Exploit Traffic with NetMon. https:\/\/logrhythm.com\/blog\/using-netmon-to-detect-wannacry-initial-exploit-traffic\/  2017. Detect WannaCry Initial Exploit Traffic with NetMon. https:\/\/logrhythm.com\/blog\/using-netmon-to-detect-wannacry-initial-exploit-traffic\/","key":"e_1_3_2_1_2_1"},{"unstructured":"2017. New ransomware old techniques: Petya adds worm capabilities. http:\/\/www.microsoft.com\/security\/blog\/2017\/06\/27\/new-ransomware-old-techniques-petya-adds-worm-capabilities\/  2017. New ransomware old techniques: Petya adds worm capabilities. http:\/\/www.microsoft.com\/security\/blog\/2017\/06\/27\/new-ransomware-old-techniques-petya-adds-worm-capabilities\/","key":"e_1_3_2_1_3_1"},{"unstructured":"2017. NotPetya Ransomware Attack [Technical Analysis]. https:\/\/www.crowdstrike.com\/blog\/petrwrap-ransomware-technical-analysis-triple-threat-file-encryption-mft-encryption-credential-theft\/  2017. NotPetya Ransomware Attack [Technical Analysis]. https:\/\/www.crowdstrike.com\/blog\/petrwrap-ransomware-technical-analysis-triple-threat-file-encryption-mft-encryption-credential-theft\/","key":"e_1_3_2_1_4_1"},{"unstructured":"2017. Trojan.TrickBot. https:\/\/blog.malwarebytes.com\/detections\/trojan-trickbot\/  2017. Trojan.TrickBot. https:\/\/blog.malwarebytes.com\/detections\/trojan-trickbot\/","key":"e_1_3_2_1_5_1"},{"volume-title":"DoublePulsar emulation is broken","unstructured":"2018. DoublePulsar emulation is broken ; creates new, corrupted variants of WannaCry \u00b7 Issue #240 \u00b7 DinoTools\/ dionaea. https:\/\/github.com\/DinoTools\/dionaea\/issues\/240 2018. DoublePulsar emulation is broken; creates new, corrupted variants of WannaCry \u00b7 Issue #240 \u00b7 DinoTools\/dionaea. https:\/\/github.com\/DinoTools\/dionaea\/issues\/240","key":"e_1_3_2_1_6_1"},{"unstructured":"2020. Getting Started with GNS3 | GNS3 Documentation. https:\/\/docs.gns3.com\/docs\/  2020. Getting Started with GNS3 | GNS3 Documentation. https:\/\/docs.gns3.com\/docs\/","key":"e_1_3_2_1_7_1"},{"unstructured":"2020. New Golang Worm Drops XMRig Miner on Servers. https:\/\/www.intezer.com\/blog\/research\/new-golang-worm-drops-xmrig-miner-on-servers\/  2020. New Golang Worm Drops XMRig Miner on Servers. https:\/\/www.intezer.com\/blog\/research\/new-golang-worm-drops-xmrig-miner-on-servers\/","key":"e_1_3_2_1_8_1"},{"unstructured":"2021. LockBit ransomware \u2014 What You Need to Know. https:\/\/www.kaspersky.com\/resource-center\/threats\/lockbit-ransomware  2021. LockBit ransomware \u2014 What You Need to Know. https:\/\/www.kaspersky.com\/resource-center\/threats\/lockbit-ransomware","key":"e_1_3_2_1_9_1"},{"unstructured":"2021. Mininet: An Instant Virtual Network on Your Laptop (or Other PC) - Mininet. http:\/\/mininet.org\/  2021. Mininet: An Instant Virtual Network on Your Laptop (or Other PC) - Mininet. http:\/\/mininet.org\/","key":"e_1_3_2_1_10_1"},{"unstructured":"2021. Netdata - Monitor everything in real time for free with Netdata. https:\/\/www.netdata.cloud\/  2021. Netdata - Monitor everything in real time for free with Netdata. https:\/\/www.netdata.cloud\/","key":"e_1_3_2_1_11_1"},{"unstructured":"2021. Open Network Operating System (ONOS) SDN Controller for SDN\/NFV Solutions. https:\/\/opennetworking.org\/onos\/  2021. Open Network Operating System (ONOS) SDN Controller for SDN\/NFV Solutions. https:\/\/opennetworking.org\/onos\/","key":"e_1_3_2_1_12_1"},{"unstructured":"2021. Open vSwitch. https:\/\/www.openvswitch.org\/  2021. Open vSwitch. https:\/\/www.openvswitch.org\/","key":"e_1_3_2_1_13_1"},{"unstructured":"2021. Ryuk Ransomware: Now with Worming Self-Propagation. https:\/\/threatpost.com\/ryuk-ransomware-worming-self-propagation\/164412\/  2021. Ryuk Ransomware: Now with Worming Self-Propagation. https:\/\/threatpost.com\/ryuk-ransomware-worming-self-propagation\/164412\/","key":"e_1_3_2_1_14_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_15_1","DOI":"10.1016\/j.techsoc.2010.07.001"},{"key":"e_1_3_2_1_16_1","volume-title":"Ransomware detection and mitigation using software-defined networking: The case of WannaCry. Computers & Electrical Engineering 76 (June","author":"Akbanov Maxat","year":"2019","unstructured":"Maxat Akbanov , Vassilios\u00a0 G. Vassilakis , and Michael\u00a0 D. Logothetis . 2019. Ransomware detection and mitigation using software-defined networking: The case of WannaCry. Computers & Electrical Engineering 76 (June 2019 ), 111\u2013121. https:\/\/doi.org\/10.1016\/j.compeleceng.2019.03.012 10.1016\/j.compeleceng.2019.03.012 Maxat Akbanov, Vassilios\u00a0G. Vassilakis, and Michael\u00a0D. Logothetis. 2019. Ransomware detection and mitigation using software-defined networking: The case of WannaCry. Computers & Electrical Engineering 76 (June 2019), 111\u2013121. https:\/\/doi.org\/10.1016\/j.compeleceng.2019.03.012"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_17_1","DOI":"10.26636\/jtit.2019.130218"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_18_1","DOI":"10.1109\/ACCESS.2021.3058897"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1109\/MNET.2016.1600110NM"},{"unstructured":"Larry Dignan. [n.d.]. Colonial Pipeline cyberattack shuts down pipeline that supplies 45% of East Coast\u2019s fuel. https:\/\/www.zdnet.com\/article\/colonial-pipeline-cyberattack-shuts-down-pipeline-that-supplies-45-of-east-coasts-fuel\/  Larry Dignan. [n.d.]. Colonial Pipeline cyberattack shuts down pipeline that supplies 45% of East Coast\u2019s fuel. https:\/\/www.zdnet.com\/article\/colonial-pipeline-cyberattack-shuts-down-pipeline-that-supplies-45-of-east-coasts-fuel\/","key":"e_1_3_2_1_20_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_21_1","DOI":"10.1109\/CHILECON.2017.8229528"},{"doi-asserted-by":"crossref","unstructured":"S. Ghafur S. Kristensen K. Honeyford G. Martin A. Darzi and P. Aylin. 2019. A retrospective impact analysis of the WannaCry cyberattack on the NHS. npj Digital Medicine 2 1 (Oct. 2019) 1-7. https:\/\/doi.org\/10.1038\/s41746-019-0161-6 10.1038\/s41746-019-0161-6","key":"#cr-split#-e_1_3_2_1_22_1.1","DOI":"10.1038\/s41746-019-0161-6"},{"doi-asserted-by":"crossref","unstructured":"S. Ghafur S. Kristensen K. Honeyford G. Martin A. Darzi and P. Aylin. 2019. A retrospective impact analysis of the WannaCry cyberattack on the NHS. npj Digital Medicine 2 1 (Oct. 2019) 1-7. https:\/\/doi.org\/10.1038\/s41746-019-0161-6","key":"#cr-split#-e_1_3_2_1_22_1.2","DOI":"10.1038\/s41746-019-0161-6"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_23_1","DOI":"10.23919\/ICACT.2018.8323682"},{"key":"e_1_3_2_1_24_1","volume-title":"SDN-based Malware Detection and Mitigation: The Case of ExPetr Ransomware. In 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT). 150\u2013155","author":"Rouka Elpida","year":"2020","unstructured":"Elpida Rouka , Celyn Birkinshaw , and Vassilios\u00a0 G. Vassilakis . 2020 . SDN-based Malware Detection and Mitigation: The Case of ExPetr Ransomware. In 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT). 150\u2013155 . https:\/\/doi.org\/10.1109\/ICIoT48696.2020.9089514 10.1109\/ICIoT48696.2020.9089514 Elpida Rouka, Celyn Birkinshaw, and Vassilios\u00a0G. Vassilakis. 2020. SDN-based Malware Detection and Mitigation: The Case of ExPetr Ransomware. In 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT). 150\u2013155. https:\/\/doi.org\/10.1109\/ICIoT48696.2020.9089514"},{"unstructured":"Ben\u00a0Shimol Snir. 2021. Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign. https:\/\/www.varonis.com\/blog\/darkside-ransomware\/  Ben\u00a0Shimol Snir. 2021. Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign. https:\/\/www.varonis.com\/blog\/darkside-ransomware\/","key":"e_1_3_2_1_25_1"},{"unstructured":"Adam Stahl. [n.d.]. Malware: What It Is How It Spreads and How It Has Become an Epidemic. https:\/\/www.kelsercorp.com\/blog\/what-is-malware-how-does-it-spread  Adam Stahl. [n.d.]. Malware: What It Is How It Spreads and How It Has Become an Epidemic. https:\/\/www.kelsercorp.com\/blog\/what-is-malware-how-does-it-spread","key":"e_1_3_2_1_26_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_27_1","DOI":"10.1109\/SECPRI.1996.502676"},{"key":"e_1_3_2_1_28_1","first-page":"5","article-title":"Hybrid Epidemics - A Case Study on Computer Worm Conficker","volume":"10","author":"Zhang Changwang","year":"2015","unstructured":"Changwang Zhang , Shi Zhou , and Benjamin\u00a0 M. Chain . 2015 . Hybrid Epidemics - A Case Study on Computer Worm Conficker . PLOS ONE 10 , 5 (May 2015), e0127478. https:\/\/doi.org\/10.1371\/journal.pone.0127478 arXiv:1406.6046. 10.1371\/journal.pone.0127478 Changwang Zhang, Shi Zhou, and Benjamin\u00a0M. Chain. 2015. Hybrid Epidemics - A Case Study on Computer Worm Conficker. PLOS ONE 10, 5 (May 2015), e0127478. https:\/\/doi.org\/10.1371\/journal.pone.0127478 arXiv:1406.6046.","journal-title":"PLOS ONE"},{"key":"e_1_3_2_1_29_1","volume-title":"SDN Controllers: Benchmarking & Performance Evaluation. arXiv:1902.04491 [cs] (Feb","author":"Zhu Liehuang","year":"2019","unstructured":"Liehuang Zhu , Md\u00a0Monjurul Karim , Kashif Sharif , Fan Li , Xiaojiang Du , and Mohsen Guizani . 2019. SDN Controllers: Benchmarking & Performance Evaluation. arXiv:1902.04491 [cs] (Feb . 2019 ). http:\/\/arxiv.org\/abs\/1902.04491 arXiv:1902.04491. Liehuang Zhu, Md\u00a0Monjurul Karim, Kashif Sharif, Fan Li, Xiaojiang Du, and Mohsen Guizani. 2019. SDN Controllers: Benchmarking & Performance Evaluation. arXiv:1902.04491 [cs] (Feb. 2019). http:\/\/arxiv.org\/abs\/1902.04491 arXiv:1902.04491."}],"event":{"acronym":"ICCNS 2021","name":"ICCNS 2021: 2021 the 11th International Conference on Communication and Network Security","location":"Weihai China"},"container-title":["2021 the 11th International Conference on Communication and Network Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3507509.3507511","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3507509.3507511","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:12:25Z","timestamp":1750191145000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3507509.3507511"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,12,3]]},"references-count":30,"alternative-id":["10.1145\/3507509.3507511","10.1145\/3507509"],"URL":"https:\/\/doi.org\/10.1145\/3507509.3507511","relation":{},"subject":[],"published":{"date-parts":[[2021,12,3]]},"assertion":[{"value":"2022-03-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}