{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T08:44:25Z","timestamp":1780044265817,"version":"3.53.1"},"publisher-location":"New York, NY, USA","reference-count":93,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,10,16]],"date-time":"2023-10-16T00:00:00Z","timestamp":1697414400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Secure Networking by Design","award":["10028034"],"award-info":[{"award-number":["10028034"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3617072.3617110","type":"proceedings-article","created":{"date-parts":[[2023,10,13]],"date-time":"2023-10-13T17:47:04Z","timestamp":1697219224000},"page":"277-295","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["But is it exploitable? Exploring how Router Vendors Manage and Patch Security Vulnerabilities in Consumer-Grade Routers"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2082-2610","authenticated-orcid":false,"given":"George","family":"Chalhoub","sequence":"first","affiliation":[{"name":"Department of Computer Science, University of Oxford, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8236-980X","authenticated-orcid":false,"given":"Andrew","family":"Martin","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Oxford, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Sixteenth Symposium on Usable Privacy and Security (SOUPS","author":"Alomar Noura","year":"2020","unstructured":"Noura Alomar, Primal Wijesekera, Edward Qiu, and Serge Egelman. 2020. \" You\u2019ve got your nice list of bugs, now what?\" vulnerability discovery and management processes in the wild. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). 319\u2013339."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/EDCC.2016.34"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.4225\/75"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infoecopol.2009.10.002"},{"key":"e_1_3_2_1_5_1","volume-title":"Accessing hidden and hard-to-reach populations: Snowball research strategies. Social research update 33, 1","author":"Atkinson Rowland","year":"2001","unstructured":"Rowland Atkinson and John Flint. 2001. Accessing hidden and hard-to-reach populations: Snowball research strategies. Social research update 33, 1 (2001), 1\u20134. Publisher: Guildord."},{"key":"e_1_3_2_1_6_1","volume-title":"Timing the Application of Security Patches for Optimal Uptime.Proceedings of LISA\u201902: Sixteenth Systems Administration Conference, 233\u2013242","author":"Beattie Steve","year":"2002","unstructured":"Steve Beattie, Seth Arnold, Crispin Cowan, Perry Wagle, Chris Wright, and Adam Shostack. 2002. Timing the Application of Security Patches for Optimal Uptime.Proceedings of LISA\u201902: Sixteenth Systems Administration Conference, 233\u2013242."},{"key":"e_1_3_2_1_7_1","volume-title":"Using research instruments: A guide for researchers","author":"Birmingham Peter","unstructured":"Peter Birmingham and David Wilkinson. 2003. Using research instruments: A guide for researchers. Routledge."},{"key":"e_1_3_2_1_8_1","volume-title":"The patch problem: It\u2019s costing your business real dollars. Baroudi Bloor","author":"Bloor B.","year":"2003","unstructured":"B. Bloor. 2003. The patch problem: It\u2019s costing your business real dollars. Baroudi Bloor (2003). https:\/\/www.netsense.info\/downloads\/PatchProblemReport_BaroudiBloor.pdf"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2018.05.023"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security","author":"Blythe M.","year":"2015","unstructured":"John\u00a0M. Blythe, Lynne Coventry, and Linda Little. 2015. Unpacking Security Policy Compliance: The Motivators and Barriers of Employees\u2019 Security Behaviors. In Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security (Ottawa, Canada) (SOUPS \u201915). USENIX Association, USA, 103\u2013122."},{"key":"e_1_3_2_1_11_1","unstructured":"Brennen Bouwmeester Elsa Rodr\u00edguez Carlos Ga\u00f1\u00e1n Michel\u00a0van Eeten and Simon Parkin. 2021. \"The Thing Doesn\u2019t Have a Name\": Learning from Emergent {Real-World} Interventions in Smart Home Security. 493\u2013512. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/bouwmeester"},{"key":"e_1_3_2_1_12_1","volume-title":"The IoT\u2019s security nightmare will never end. You can now search insecure cameras by address. Wired UK (Nov","author":"Burgess Matt","year":"2018","unstructured":"Matt Burgess. 2018. The IoT\u2019s security nightmare will never end. You can now search insecure cameras by address. Wired UK (Nov. 2018). https:\/\/www.wired.co.uk\/article\/internet-of-things-security-camera-search-location"},{"key":"e_1_3_2_1_13_1","volume-title":"Research on interviewing techniques. Sociological methodology 12","author":"Cannell F.","year":"1981","unstructured":"Charles\u00a0F. Cannell, Peter\u00a0V. Miller, and Lois Oksenberg. 1981. Research on interviewing techniques. Sociological methodology 12 (1981), 389\u2013437."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3555537"},{"key":"e_1_3_2_1_15_1","volume-title":"The Role of User Experience in the Security and Privacy Design of Smart Home Cameras. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020","author":"Chalhoub George","year":"2020","unstructured":"George Chalhoub, Ivan Flechais, Norbert Nthala, and Ruba Abu-Salma. 2020. Innovation Inaction or In Action? The Role of User Experience in the Security and Privacy Design of Smart Home Cameras. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). USENIX Association, 185\u2013204. https:\/\/www.usenix.org\/conference\/soups2020\/presentation\/chalhoub"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3491102.3501833"},{"key":"e_1_3_2_1_17_1","volume-title":"SOUPS Workshop on Usable IT Security Management (USM). 1\u20134.","author":"Chiasson Sonia","year":"2007","unstructured":"Sonia Chiasson, P.\u00a0C. van Oorschot, and Robert Biddle. 2007. Even experts deserve usable security: Design guidelines for security management systems. In SOUPS Workshop on Usable IT Security Management (USM). 1\u20134."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1177\/001316446002000104"},{"key":"e_1_3_2_1_19_1","volume-title":"Basics of qualitative research: Techniques and procedures for developing grounded theory","author":"Corbin Juliet","unstructured":"Juliet Corbin and Anselm Strauss. 2014. Basics of qualitative research: Techniques and procedures for developing grounded theory. Sage publications."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1323293.1294283"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2398356.2398377"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1620545.1620564"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243794"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/2228298.2228332"},{"key":"e_1_3_2_1_25_1","first-page":"1","article-title":"Patch management-bits, bad guys, and bucks","volume":"3","author":"Donner M.","year":"2003","unstructured":"M. Donner. 2003. Patch management-bits, bad guys, and bucks. Secure Business Quarterly 3, 2 (2003), 1\u20134.","journal-title":"Secure Business Quarterly"},{"key":"e_1_3_2_1_26_1","unstructured":"Edward G.2022. Record-breaking number of router security flaws discovered in the last few years. https:\/\/atlasvpn.com\/blog\/record-breaking-number-of-router-security-flaws-discovered-in-the-last-few-years"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3596267"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1046\/j.1365-2648.1997.00371.x"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.44"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.4135\/9780857020116"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2008.4630094"},{"key":"e_1_3_2_1_33_1","volume-title":"Snowball sampling. The annals of mathematical statistics","author":"Goodman A.","year":"1961","unstructured":"Leo\u00a0A. Goodman. 1961. Snowball sampling. The annals of mathematical statistics (1961), 148\u2013170."},{"key":"e_1_3_2_1_34_1","volume-title":"How many interviews are enough? An experiment with data saturation and variability. Field methods 18, 1","author":"Guest Greg","year":"2006","unstructured":"Greg Guest, Arwen Bunce, and Laura Johnson. 2006. How many interviews are enough? An experiment with data saturation and variability. Field methods 18, 1 (2006), 59\u201382."},{"key":"e_1_3_2_1_35_1","volume-title":"Haber and Brad Hibbert","author":"J.","year":"2018","unstructured":"Morey\u00a0J. Haber and Brad Hibbert. 2018. Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations. Apress. Google-Books-ID: vSpgDwAAQBAJ."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.4225\/75"},{"key":"e_1_3_2_1_37_1","first-page":"1","article-title":"The Linux router: an inexpensive alternative to commercial routers in the lab","volume":"23","author":"Heldenbrand David","year":"2007","unstructured":"David Heldenbrand and Christopher Carey. 2007. The Linux router: an inexpensive alternative to commercial routers in the lab. Journal of Computing Sciences in Colleges 23, 1 (Oct. 2007), 127\u2013133.","journal-title":"Journal of Computing Sciences in Colleges"},{"key":"e_1_3_2_1_38_1","unstructured":"Hollie Hennessy. 2021. Millions of people in the UK at risk of using insecure routers - Which? News. https:\/\/www.which.co.uk\/news\/article\/millions-of-people-in-the-uk-at-risk-of-using-unsecure-routers-afweT5A8CGNf"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00071"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.7916\/D8R78MXV"},{"key":"e_1_3_2_1_41_1","volume-title":"Six million Sky routers had serious security flaw. BBC News (Nov","author":"Wakefield Jane","year":"2021","unstructured":"Jane Wakefield. 2021. Six million Sky routers had serious security flaw. BBC News (Nov. 2021). https:\/\/www.bbc.com\/news\/technology-59332840"},{"key":"e_1_3_2_1_42_1","unstructured":"Jose Nazario. 2027. The problem with patching in addressing IoT vulnerabilities. https:\/\/www.fastly.com\/blog\/problem-patching-addressing-iot-vulnerabilities"},{"key":"e_1_3_2_1_43_1","first-page":"1","article-title":"Using interviews as research instruments","volume":"2","author":"Kajornboon Annabel\u00a0Bhamani","year":"2005","unstructured":"Annabel\u00a0Bhamani Kajornboon. 2005. Using interviews as research instruments. E-journal for Research Teachers 2, 1 (2005), 1\u20139.","journal-title":"E-journal for Research Teachers"},{"key":"e_1_3_2_1_44_1","volume-title":"Taming Information Technology: Lessons from Studies of System Administrators","author":"Kandogan Eser","unstructured":"Eser Kandogan, Paul Maglio, and Eben Haber. 2012. Taming Information Technology: Lessons from Studies of System Administrators. OUP USA. Google-Books-ID: cJ36Q5HDPaYC."},{"key":"e_1_3_2_1_45_1","unstructured":"Emmanouil Karamanos. 2010. Investigation of home router security. http:\/\/urn.kb.se\/resolve?urn=urn:nbn:se:kth:diva-91107"},{"key":"e_1_3_2_1_46_1","volume-title":"87 critical vulnerabilities discovered in routers","year":"2021","unstructured":"Kaspersky. 2022. 87 critical vulnerabilities discovered in routers in 2021. https:\/\/www.kaspersky.com\/about\/press-releases\/2022_87-critical-vulnerabilities-discovered-in-routers-in-2021 Section: Resource Center."},{"key":"e_1_3_2_1_47_1","unstructured":"Alex\u00a0J. Kibe. 2018. An Experiment to Determine the Effect of Ethical Hacking on It Administrator\u2019s Patch and Vulnerability Management Attitudes a Case of a Leading Telecommunications Company. Thesis. university of nairobi. http:\/\/erepository.uonbi.ac.ke\/handle\/11295\/104505Accepted: 2019-01-09T05:35:17Z."},{"key":"e_1_3_2_1_48_1","unstructured":"Mike Knight. 2019. Old Routers Are Targets For Hackers. https:\/\/reformit.co.uk\/old-routers-are-targets-for-hackers\/"},{"key":"e_1_3_2_1_49_1","first-page":"108","article-title":"Role of interviews, observation, pitfalls and ethical issues in qualitative research methods","volume":"2","author":"Koskei Benjamin","year":"2015","unstructured":"Benjamin Koskei and Catherine Simiyu. 2015. Role of interviews, observation, pitfalls and ethical issues in qualitative research methods. Journal of Educational Policy and Entrepreneurial Research 2, 3 (2015), 108\u2013117.","journal-title":"Journal of Educational Policy and Entrepreneurial Research"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.apergo.2006.03.010"},{"key":"e_1_3_2_1_51_1","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium","author":"Krombholz Katharina","year":"2017","unstructured":"Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl. 2017. \"I Have No Idea What i\u2019m Doing\": On the Usability of Deploying HTTPS. In Proceedings of the 26th USENIX Conference on Security Symposium (Vancouver, BC, Canada) (SEC\u201917). USENIX Association, USA, 1339\u20131356."},{"key":"e_1_3_2_1_52_1","unstructured":"Lorenz Kustosch Carlos Ga\u00f1\u00e1n Mattis van\u2019t Schip Michel van Eeten and Simon Parkin. [n. d.]. Measuring Up to (Reasonable) Consumer Expectations: Providing an Empirical Basis for Holding IoT Manufacturers Legally Responsible. ([n. d.])."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-04372-8_8"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134072"},{"key":"e_1_3_2_1_55_1","volume-title":"Fifteenth Symposium on Usable Privacy and Security (SOUPS","author":"Li Frank","year":"2019","unstructured":"Frank Li, Lisa Rogers, Arunesh Mathur, Nathan Malkin, and Marshini Chetty. 2019. Keepers of the machines: Examining how system administrators manage software updates for multiple machines. In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). 273\u2013288."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36084-0_17"},{"key":"e_1_3_2_1_57_1","volume-title":"Router security report","author":"MARIA NAMESTNIKOVA.","year":"2021","unstructured":"MARIA NAMESTNIKOVA. 2022. Router security report 2021. https:\/\/securelist.com\/router-security-2021\/106711\/"},{"key":"e_1_3_2_1_58_1","first-page":"1","article-title":"Software patch management-the new frontier","volume":"3","author":"McGhie Lynda","year":"2003","unstructured":"Lynda McGhie. 2003. Software patch management-the new frontier. Secure Business Quarterly 3, 2 (2003), 1\u20134.","journal-title":"Secure Business Quarterly"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1057\/palgrave.ejis.3000704"},{"key":"e_1_3_2_1_60_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Mu Dongliang","year":"2018","unstructured":"Dongliang Mu, Alejandro Cuevas, Limin Yang, Hang Hu, Xinyu Xing, Bing Mao, and Gang Wang. 2018. Understanding the reproducibility of crowd-reported security vulnerabilities. In 27th USENIX Security Symposium (USENIX Security 18). 919\u2013936."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.48"},{"key":"e_1_3_2_1_62_1","volume-title":"Your old router is an absolute goldmine for troublesome hackers. Wired UK (Jan","author":"Nast Cond\u00e9","year":"2023","unstructured":"Cond\u00e9 Nast. 2023. Your old router is an absolute goldmine for troublesome hackers. Wired UK (Jan. 2023). https:\/\/www.wired.co.uk\/article\/router-wifi-security-settings"},{"key":"e_1_3_2_1_63_1","volume-title":"Virgin Media Routers Left VPN Users Vulnerable Since at Least","author":"Mott Nathaniel","year":"2019","unstructured":"Nathaniel Mott. 2021. Virgin Media Routers Left VPN Users Vulnerable Since at Least 2019. https:\/\/uk.pcmag.com\/security\/135764\/virgin-media-routers-left-vpn-users-vulnerable-since-at-least-2019"},{"key":"e_1_3_2_1_64_1","unstructured":"South Florida\u00a0Caribbean News. 2022. Why You Should Replace Your ISP\u2019s Router With A Store-Bought One?https:\/\/sflcn.com\/why-you-should-replace-your-isp-router-with-a-store-bought-one\/"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382245"},{"key":"e_1_3_2_1_66_1","unstructured":"Adar Ovadya Rom Ogen Yakov Mallah Niv Gilboa and Yossi Oren. 2019. Cross-Router Covert Channels.. In WOOT@ USENIX Security Symposium. https:\/\/www.usenix.org\/system\/files\/woot19-paper_ovadia.pdf"},{"key":"e_1_3_2_1_67_1","volume-title":"Mayee Corpin, Orla Cox, Paul Wood, and Scott Wallace.","author":"O\u2019Gorman Brigid","year":"2019","unstructured":"Brigid O\u2019Gorman, Candid Wueest, Dick O\u2019Brien, Gillian Cleary, Hon Lau, John-Paul Power, Mayee Corpin, Orla Cox, Paul Wood, and Scott Wallace. 2019. ISTR Internet Security Threat Report. A Report published by SYMANTEC 24 (Feb. 2019), 32. https:\/\/docs.broadcom.com\/doc\/istr-24-2019-en"},{"key":"e_1_3_2_1_68_1","unstructured":"U.\u00a0K. Parliament. 2022. Product Security and Telecommunications Infrastructure (PSTI) Bill. (2022). https:\/\/bills.parliament.uk\/bills\/3069"},{"key":"e_1_3_2_1_69_1","volume-title":"The IoT threat landscape and top smart home vulnerabilities","author":"Pascu Luana","year":"2018","unstructured":"Luana Pascu. 2019. The IoT threat landscape and top smart home vulnerabilities in 2018. Bitdefender (2019). https:\/\/www.bitdefender.com\/files\/News\/CaseStudies\/study\/229\/Bitdefender-Whitepaper-The-IoT-Threat-Landscape-and-Top-Smart-Home-Vulnerabilities-in-2018.pdf"},{"key":"e_1_3_2_1_70_1","volume-title":"Security Report","author":"Weidenbach Peter","year":"2020","unstructured":"Peter Weidenbach and Johannes vom Dorp. 2020. Home Router Security Report 2020. Fraunhofer Gesellschaft (June 2020). https:\/\/www.fkie.fraunhofer.de\/content\/dam\/fkie\/de\/documents\/HomeRouter\/HomeRouterSecurity_2020_Bericht.pdf"},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2019.00017"},{"key":"e_1_3_2_1_72_1","volume-title":"Are markets for vulnerabilities effective?Mis Quarterly","author":"Ransbotham Sam","year":"2012","unstructured":"Sam Ransbotham, Sabyaschi Mitra, and Jon Ramsey. 2012. Are markets for vulnerabilities effective?Mis Quarterly (2012), 43\u201364. Publisher: JSTOR."},{"key":"e_1_3_2_1_73_1","volume-title":"https:\/\/rittbul.bg\/resources\/westermo_pb_100-3870_product_guide-4-24-27.pdf","author":"Routers DSL","year":"2014","unstructured":"Broadband\u00a0DSL Routers. 2014. Routers. Westermo (2014). https:\/\/rittbul.bg\/resources\/westermo_pb_100-3870_product_guide-4-24-27.pdf"},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1111\/j.1442-2018.2010.00541.x"},{"key":"e_1_3_2_1_75_1","unstructured":"Sam Bocetta. 2021. Hackers Targeting Router Devices: Is Your Household Vulnerable?https:\/\/www.networkcomputing.com\/network-security\/hackers-targeting-router-devices-your-household-vulnerable"},{"key":"e_1_3_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-54978-1_16"},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.4135\/9780857020093"},{"key":"e_1_3_2_1_78_1","volume-title":"Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches. In 31th USENIX Security Symposium (USENIX Security).","author":"Shi Youkun","year":"2022","unstructured":"Youkun Shi, Yuan Zhang, Tianhan Luo, Xiangyu Mao, Yinzhi Cao, Ziwen Wang, Yudi Zhao, Zongan Huang, and Min Yang. 2022. Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches. In 31th USENIX Security Symposium (USENIX Security)."},{"key":"e_1_3_2_1_79_1","unstructured":"Silviu Stahie. 2021. Virtual Patching Home Routers Before before Manufacturers Is the Way Forward. https:\/\/www.bitdefender.co.uk\/blog\/hotforsecurity\/virtual-patching-home-routers-before-before-manufacturers-is-the-way-forward\/"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1109\/PERCOMW.2017.7917622"},{"key":"e_1_3_2_1_81_1","volume-title":"Secure IoT. In USENIX Security Symposium. USENIX Association.","author":"Sombatruang Nissy","year":"2023","unstructured":"Nissy Sombatruang, Tristan Caulfield, Ingolf Becker, Akira Fujita, Takahiro Kasama, Koji Nakao, and Daisuke Inoue. 2023. Internet Service Providers\u2019 and Individuals\u2019 Attitudes, Barriers, and Incentives to Secure IoT. In USENIX Security Symposium. USENIX Association."},{"key":"e_1_3_2_1_82_1","volume-title":"Basics of qualitative research techniques","author":"Strauss Anselm","unstructured":"Anselm Strauss and Juliet Corbin. 1998. Basics of qualitative research techniques. Sage publications Thousand Oaks, CA."},{"key":"e_1_3_2_1_83_1","volume-title":"Grounded theory in practice","author":"Strauss Anselm","unstructured":"Anselm Strauss and Juliet\u00a0M. Corbin. 1997. Grounded theory in practice. Sage."},{"key":"e_1_3_2_1_84_1","unstructured":"Suzanne Kernes Dawe. 2022. Lumen discovers new malware that targeted home-office routers for two years. http:\/\/news.lumen.com\/2022-06-28-Lumen-discovers-new-malware-that-targeted-home-office-routers-for-two-years"},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.15394\/jdfsl.2017.1444"},{"key":"e_1_3_2_1_86_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484593"},{"key":"e_1_3_2_1_87_1","volume-title":"Sixteenth Symposium on Usable Privacy and Security (SOUPS","author":"Tiefenau Christian","year":"2020","unstructured":"Christian Tiefenau, Maximilian H\u00e4ring, Katharina Krombholz, and Emanuel Von\u00a0Zezschwitz. 2020. Security, availability, and multiple information sources: Exploring update behavior of system administrators. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). 239\u2013258."},{"key":"e_1_3_2_1_88_1","volume-title":"A Look Into the Most Noteworthy Home Network Security Threats of","author":"Micro Trend","year":"2017","unstructured":"Trend Micro. 2018. A Look Into the Most Noteworthy Home Network Security Threats of 2017. https:\/\/www.trendmicro.com\/vinfo\/us\/security\/research-and-analysis\/threat-reports\/roundup\/a-look-into-the-most-noteworthy-home-network-security-threats-of-2017"},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/1477973.1477975"},{"key":"e_1_3_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.1145\/1641587.1641588"},{"key":"e_1_3_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025509"},{"key":"e_1_3_2_1_92_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030194.1015489"},{"key":"e_1_3_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.1109\/ChinaCom.2012.6417484"},{"key":"e_1_3_2_1_94_1","doi-asserted-by":"publisher","DOI":"10.1145\/2834050.2834095"}],"event":{"name":"EuroUSEC 2023: The 2023 European Symposium on Usable Security","location":"Copenhagen Denmark","acronym":"EuroUSEC 2023"},"container-title":["Proceedings of the 2023 European Symposium on Usable Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617072.3617110","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3617072.3617110","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:36:07Z","timestamp":1750178167000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617072.3617110"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":93,"alternative-id":["10.1145\/3617072.3617110","10.1145\/3617072"],"URL":"https:\/\/doi.org\/10.1145\/3617072.3617110","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}