{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,9]],"date-time":"2026-07-09T22:28:22Z","timestamp":1783636102480,"version":"3.55.0"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,12,5]],"date-time":"2022-12-05T00:00:00Z","timestamp":1670198400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"COM3, an Interreg project supported by the North Sea Programme of the European Regional Development Fund of the European Union"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,12,5]]},"DOI":"10.1145\/3564625.3564645","type":"proceedings-article","created":{"date-parts":[[2022,12,3]],"date-time":"2022-12-03T01:01:29Z","timestamp":1670029289000},"page":"742-755","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":22,"title":["Interaction matters: a comprehensive analysis and a dataset of hybrid IoT\/OT honeypots"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5720-5504","authenticated-orcid":false,"given":"Shreyas","family":"Srinivasa","sequence":"first","affiliation":[{"name":"Aalborg University, Denmark"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1903-2921","authenticated-orcid":false,"given":"Jens Myrup","family":"Pedersen","sequence":"additional","affiliation":[{"name":"Aalborg University, Denmark"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5068-9158","authenticated-orcid":false,"given":"Emmanouil","family":"Vasilomanolakis","sequence":"additional","affiliation":[{"name":"Technical University of Denmark, Denmark"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2022,12,5]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/IPACT.2017.8245158"},{"key":"e_1_3_2_1_2_1","volume-title":"Understanding the Mirai Botnet. In 26th USENIX Security Symposium (USENIX Security 17)","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis , Tim April , Michael Bailey , Matt Bernhard , Elie Bursztein , Jaime Cochran , Zakir Durumeric , J.\u00a0 Alex Halderman , Luca Invernizzi , Michalis Kallitsis , Deepak Kumar , Chaz Lever , Zane Ma , Joshua Mason , Damian Menscher , Chad Seaman , Nick Sullivan , Kurt Thomas , and Yi Zhou . 2017 . Understanding the Mirai Botnet. In 26th USENIX Security Symposium (USENIX Security 17) . USENIX Association, Vancouver, BC, 1093\u20131110. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/antonakakis Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J.\u00a0Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 1093\u20131110. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/antonakakis"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134614"},{"key":"e_1_3_2_1_4_1","unstructured":"Busybox. 2022. Busybox DockerHub. BusyBox. https:\/\/hub.docker.com\/_\/busybox  Busybox. 2022. Busybox DockerHub. BusyBox. https:\/\/hub.docker.com\/_\/busybox"},{"key":"e_1_3_2_1_5_1","volume-title":"Advances in Security, Networks, and Internet of Things, Kevin Daimi, Hamid\u00a0R","author":"Cabral Z.","unstructured":"Warren\u00a0 Z. Cabral , Craig Valli , Leslie\u00a0 F. Sikos , and Samuel\u00a0 G. Wakeling . 2021. Analysis of Conpot and Its BACnet Features for Cyber-Deception . In Advances in Security, Networks, and Internet of Things, Kevin Daimi, Hamid\u00a0R . Arabnia, Leonidas Deligiannidis, Min-Shiang Hwang, and Fernando\u00a0G. Tinetti (Eds.). Springer International Publishing , Cham , 329\u2013339. Warren\u00a0Z. Cabral, Craig Valli, Leslie\u00a0F. Sikos, and Samuel\u00a0G. Wakeling. 2021. Analysis of Conpot and Its BACnet Features for Cyber-Deception. In Advances in Security, Networks, and Internet of Things, Kevin Daimi, Hamid\u00a0R. Arabnia, Leonidas Deligiannidis, Min-Shiang Hwang, and Fernando\u00a0G. Tinetti (Eds.). Springer International Publishing, Cham, 329\u2013339."},{"key":"e_1_3_2_1_6_1","volume-title":"Retrieved","year":"2021","unstructured":"Censys. 2021 . Censys Search . Retrieved June 28, 2021 from https:\/\/censys.io\/ Censys. 2021. Censys Search. Retrieved June 28, 2021 from https:\/\/censys.io\/"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3307334.3326083"},{"key":"e_1_3_2_1_8_1","unstructured":"Docker. 2022. DockerHub. Docker. https:\/\/hub.docker.com\/  Docker. 2022. DockerHub. Docker. https:\/\/hub.docker.com\/"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.23919\/CyCon49761.2020.9131734"},{"key":"e_1_3_2_1_10_1","unstructured":"ENISA. 2020. ENISA Threat Landscape 2020 - Malware. ENISA. https:\/\/www.enisa.europa.eu\/publications\/malware  ENISA. 2020. ENISA Threat Landscape 2020 - Malware. ENISA. https:\/\/www.enisa.europa.eu\/publications\/malware"},{"key":"e_1_3_2_1_11_1","volume-title":"Retrieved","year":"2021","unstructured":"Golang. 2021 . Go Language . Retrieved March 16, 2022 from https:\/\/golang.org\/ Golang. 2021. Go Language. Retrieved March 16, 2022 from https:\/\/golang.org\/"},{"key":"e_1_3_2_1_12_1","unstructured":"GreyNoise. 2022. GreyNoise. https:\/\/viz.greynoise.io\/  GreyNoise. 2022. GreyNoise. https:\/\/viz.greynoise.io\/"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3055186.3055192"},{"key":"e_1_3_2_1_14_1","unstructured":"iphub. 2022. iphub. iphub. https:\/\/iphub.info\/  iphub. 2022. iphub. iphub. https:\/\/iphub.info\/"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2017.2748421"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379542"},{"key":"e_1_3_2_1_17_1","unstructured":"Linuxserver.io. 2022. Openssh DockerHub. OpenSSH. https:\/\/hub.docker.com\/r\/linuxserver\/openssh-serve  Linuxserver.io. 2022. Openssh DockerHub. OpenSSH. https:\/\/hub.docker.com\/r\/linuxserver\/openssh-serve"},{"key":"e_1_3_2_1_18_1","volume-title":"Poster: Re-thinking the honeypot for cyber-physical systems. In Poster at IEEE Symposium on Security and Privacy","author":"Litchfield Samuel","year":"2016","unstructured":"Samuel Litchfield , David Formby , Jonathan Rogers , Sakis Meliopoulos , and Raheem Beyah . 2016 . Poster: Re-thinking the honeypot for cyber-physical systems. In Poster at IEEE Symposium on Security and Privacy . IEEE, San Jose , California . Samuel Litchfield, David Formby, Jonathan Rogers, Sakis Meliopoulos, and Raheem Beyah. 2016. Poster: Re-thinking the honeypot for cyber-physical systems. In Poster at IEEE Symposium on Security and Privacy. IEEE, San Jose, California."},{"key":"e_1_3_2_1_19_1","unstructured":"Microsoft. 2021. The Mozi Botnet. Microsoft. https:\/\/www.microsoft.com\/security\/blog\/2021\/08\/19\/how-to-proactively-defend-against-mozi-iot-botnet\/  Microsoft. 2021. The Mozi Botnet. Microsoft. https:\/\/www.microsoft.com\/security\/blog\/2021\/08\/19\/how-to-proactively-defend-against-mozi-iot-botnet\/"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2021.100464"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSIT.2016.7549474"},{"key":"e_1_3_2_1_22_1","unstructured":"Lisa\u00a0O. Monaco. 2021. DAG Monaco Delivers Remarks at Press Conference on Darkside Attack on Colonial Pipeline. The United States Department of Justice. https:\/\/www.justice.gov\/opa\/speech\/dag-monaco-delivers-remarks-press-conference-darkside-attack-colonial-pipeline  Lisa\u00a0O. Monaco. 2021. DAG Monaco Delivers Remarks at Press Conference on Darkside Attack on Colonial Pipeline. The United States Department of Justice. https:\/\/www.justice.gov\/opa\/speech\/dag-monaco-delivers-remarks-press-conference-darkside-attack-colonial-pipeline"},{"key":"e_1_3_2_1_23_1","volume-title":"2019 IFIP\/IEEE Symposium on Integrated Network and Service Management (IM). IEEE, IEEE, Washington DC, USA, 134\u2013143","author":"Morishita Shun","year":"2019","unstructured":"Shun Morishita , Takuya Hoizumi , Wataru Ueno , Rui Tanabe , Carlos Ga\u00f1\u00e1n , Michel\u00a0 JG van Eeten , Katsunari Yoshioka , and Tsutomu Matsumoto . 2019 . Detect me if you\u2026 oh wait. An internet-wide view of self-revealing honeypots . In 2019 IFIP\/IEEE Symposium on Integrated Network and Service Management (IM). IEEE, IEEE, Washington DC, USA, 134\u2013143 . Shun Morishita, Takuya Hoizumi, Wataru Ueno, Rui Tanabe, Carlos Ga\u00f1\u00e1n, Michel\u00a0JG van Eeten, Katsunari Yoshioka, and Tsutomu Matsumoto. 2019. Detect me if you\u2026 oh wait. An internet-wide view of self-revealing honeypots. In 2019 IFIP\/IEEE Symposium on Integrated Network and Service Management (IM). IEEE, IEEE, Washington DC, USA, 134\u2013143."},{"key":"e_1_3_2_1_24_1","volume-title":"Retrieved","author":"Ocean Digital","year":"2022","unstructured":"Digital Ocean . 2022 . Digital Ocean Droplet monitoring . Retrieved March 16, 2022 from https:\/\/docs.digitalocean.com\/products\/monitoring\/ Digital Ocean. 2022. Digital Ocean Droplet monitoring. Retrieved March 16, 2022 from https:\/\/docs.digitalocean.com\/products\/monitoring\/"},{"key":"e_1_3_2_1_25_1","unstructured":"OITC. 2022. Modbus-server DockerHub. OITC. https:\/\/hub.docker.com\/r\/oitc\/modbus-server  OITC. 2022. Modbus-server DockerHub. OITC. https:\/\/hub.docker.com\/r\/oitc\/modbus-server"},{"key":"e_1_3_2_1_26_1","unstructured":"Michel Oosterhof. 2016. Cowrie SSH\/telnet honeypot. https:\/\/github.com\/micheloosterhof\/cowrie  Michel Oosterhof. 2016. Cowrie SSH\/telnet honeypot. https:\/\/github.com\/micheloosterhof\/cowrie"},{"key":"e_1_3_2_1_27_1","volume-title":"IoTPOT: Analysing the Rise of IoT Compromises. In 9th USENIX Workshop on Offensive Technologies (WOOT 15)","author":"Minn\u00a0Pa Pa Yin","year":"2015","unstructured":"Yin Minn\u00a0Pa Pa , Shogo Suzuki , Katsunari Yoshioka , Tsutomu Matsumoto , Takahiro Kasama , and Christian Rossow . 2015 . IoTPOT: Analysing the Rise of IoT Compromises. In 9th USENIX Workshop on Offensive Technologies (WOOT 15) . USENIX Association, Washington, D.C.https:\/\/www.usenix.org\/conference\/woot15\/workshop-program\/presentation\/pa Yin Minn\u00a0Pa Pa, Shogo Suzuki, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, and Christian Rossow. 2015. IoTPOT: Analysing the Rise of IoT Compromises. In 9th USENIX Workshop on Offensive Technologies (WOOT 15). USENIX Association, Washington, D.C.https:\/\/www.usenix.org\/conference\/woot15\/workshop-program\/presentation\/pa"},{"key":"e_1_3_2_1_28_1","unstructured":"plgd. 2022. CoAP-Gateway. plgd. https:\/\/hub.docker.com\/r\/plgd\/coap-gateway  plgd. 2022. CoAP-Gateway. plgd. https:\/\/hub.docker.com\/r\/plgd\/coap-gateway"},{"key":"e_1_3_2_1_29_1","unstructured":"Deutsche Telekom AG\u00a0Honeypot Project. 2022. T-Pot: A Multi-Honeypot Platform.  Deutsche Telekom AG\u00a0Honeypot Project. 2022. T-Pot: A Multi-Honeypot Platform."},{"key":"e_1_3_2_1_30_1","unstructured":"Eclipse Project. 2022. Eclipse Mosquitto DockerHub. Eclipse Project. https:\/\/hub.docker.com\/_\/eclipse-mosquitto  Eclipse Project. 2022. Eclipse Mosquitto DockerHub. Eclipse Project. https:\/\/hub.docker.com\/_\/eclipse-mosquitto"},{"key":"e_1_3_2_1_31_1","unstructured":"The Apache HTTP\u00a0Server Project. 2022. HTTPD DockerHub. The Apache Project. https:\/\/hub.docker.com\/_\/httpd  The Apache HTTP\u00a0Server Project. 2022. HTTPD DockerHub. The Apache Project. https:\/\/hub.docker.com\/_\/httpd"},{"key":"e_1_3_2_1_32_1","unstructured":"The\u00a0Tor Project. 2022. ExoneraTor. The Tor Project. https:\/\/metrics.torproject.org\/exonerator.html  The\u00a0Tor Project. 2022. ExoneraTor. The Tor Project. https:\/\/metrics.torproject.org\/exonerator.html"},{"key":"e_1_3_2_1_33_1","unstructured":"L Rist. 2009. Glastopf project.  L Rist. 2009. Glastopf project."},{"key":"e_1_3_2_1_34_1","unstructured":"Lukas Rist Johnny Vestergaard Daniel Haslinger A Pasquale and J Smith. 2013. Conpot ics\/scada honeypot.  Lukas Rist Johnny Vestergaard Daniel Haslinger A Pasquale and J Smith. 2013. Conpot ics\/scada honeypot."},{"key":"e_1_3_2_1_35_1","unstructured":"Frances Robles and Nicole Perlroth. 2021. \u2018Dangerous Stuff\u2019: Hackers Tried to Poison Water Supply of Florida Town. The New York Times. https:\/\/www.nytimes.com\/2021\/02\/08\/us\/oldsmar-florida-water-supply-hack.html  Frances Robles and Nicole Perlroth. 2021. \u2018Dangerous Stuff\u2019: Hackers Tried to Poison Water Supply of Florida Town. The New York Times. https:\/\/www.nytimes.com\/2021\/02\/08\/us\/oldsmar-florida-water-supply-hack.html"},{"key":"e_1_3_2_1_36_1","volume-title":"Sarracenia: Enhancing the Performance and Stealthiness of SSH Honeypots Using Virtual Machine Introspection","author":"Sentanoe Stewart","year":"2018","unstructured":"Stewart Sentanoe , Benjamin Taubmann , and Hans\u00a0 P. Reiser . 2018 . Sarracenia: Enhancing the Performance and Stealthiness of SSH Honeypots Using Virtual Machine Introspection . In Secure IT Systems, Nils Gruschka (Ed.). Springer International Publishing , Cham , 255\u2013271. Stewart Sentanoe, Benjamin Taubmann, and Hans\u00a0P. Reiser. 2018. Sarracenia: Enhancing the Performance and Stealthiness of SSH Honeypots Using Virtual Machine Introspection. In Secure IT Systems, Nils Gruschka (Ed.). Springer International Publishing, Cham, 255\u2013271."},{"key":"e_1_3_2_1_37_1","unstructured":"SHODAN. 2022. Honeypot or Not?https:\/\/honeyscore.shodan.io  SHODAN. 2022. Honeypot or Not?https:\/\/honeyscore.shodan.io"},{"key":"e_1_3_2_1_38_1","unstructured":"SHODAN. 2022. Shodan. https:\/\/www.shodan.io\/  SHODAN. 2022. Shodan. https:\/\/www.shodan.io\/"},{"key":"e_1_3_2_1_39_1","unstructured":"Shreyas Srinivasa Jens\u00a0Myrup Pedersen and Emmanouil Vasilomanolakis. 2021. Gotta catch \u2019em all: a Multistage Framework for honeypot fingerprinting. arxiv:2109.10652\u00a0[cs.CR]  Shreyas Srinivasa Jens\u00a0Myrup Pedersen and Emmanouil Vasilomanolakis. 2021. Gotta catch \u2019em all: a Multistage Framework for honeypot fingerprinting. arxiv:2109.10652\u00a0[cs.CR]"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487833"},{"key":"e_1_3_2_1_41_1","volume-title":"26th European Symposium on Research in Computer Security (ESORICS)","author":"Srinivasa Shreyas","year":"2021","unstructured":"Shreyas Srinivasa , Jens\u00a0Myrup Pedersen , and Emmanouil Vasilomanolakis . 2021 . RIoTPot: a modular hybrid-interaction IoT\/OT honeypot . In 26th European Symposium on Research in Computer Security (ESORICS) 2021. Springer, Springer, Darmstadt, Germany. Shreyas Srinivasa, Jens\u00a0Myrup Pedersen, and Emmanouil Vasilomanolakis. 2021. RIoTPot: a modular hybrid-interaction IoT\/OT honeypot. In 26th European Symposium on Research in Computer Security (ESORICS) 2021. Springer, Springer, Darmstadt, Germany."},{"key":"e_1_3_2_1_42_1","unstructured":"Dino Tools. 2010. Web Honeypot. https:\/\/github.com\/DinoTools\/dionaea\/  Dino Tools. 2010. Web Honeypot. https:\/\/github.com\/DinoTools\/dionaea\/"},{"key":"e_1_3_2_1_43_1","unstructured":"R Trapkickin. 2015. Who is scanning the Internet?  R Trapkickin. 2015. Who is scanning the Internet?"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.dib.2022.107795"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.dib.2022.107795"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2659651.2659663"},{"key":"e_1_3_2_1_47_1","volume-title":"12th USENIX Workshop on Offensive Technologies (WOOT 18)","author":"Vetterl Alexander","year":"2018","unstructured":"Alexander Vetterl and Richard Clayton . 2018 . Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale . In 12th USENIX Workshop on Offensive Technologies (WOOT 18) . USENIX Association, Baltimore, MD, 9. https:\/\/www.usenix.org\/conference\/woot18\/presentation\/vetterl Alexander Vetterl and Richard Clayton. 2018. Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale. In 12th USENIX Workshop on Offensive Technologies (WOOT 18). USENIX Association, Baltimore, MD, 9. https:\/\/www.usenix.org\/conference\/woot18\/presentation\/vetterl"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/eCrime47957.2019.9037501"},{"key":"e_1_3_2_1_49_1","unstructured":"Virustotal. 2022. Virustotal. https:\/\/www.virustotal.com  Virustotal. 2022. Virustotal. https:\/\/www.virustotal.com"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cie.2021.107174"},{"key":"e_1_3_2_1_51_1","unstructured":"Andy Wick and community. 2022. Arkime. Arkime. https:\/\/arkime.com\/index#home\/  Andy Wick and community. 2022. Arkime. Arkime. https:\/\/arkime.com\/index#home\/"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3420023"}],"event":{"name":"ACSAC: Annual Computer Security Applications Conference","location":"Austin TX USA","acronym":"ACSAC"},"container-title":["Proceedings of the 38th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564645","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3564625.3564645","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:12Z","timestamp":1750183752000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564645"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,5]]},"references-count":52,"alternative-id":["10.1145\/3564625.3564645","10.1145\/3564625"],"URL":"https:\/\/doi.org\/10.1145\/3564625.3564645","relation":{},"subject":[],"published":{"date-parts":[[2022,12,5]]},"assertion":[{"value":"2022-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}