{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T16:43:04Z","timestamp":1773247384252,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":71,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3690195","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"3674-3688","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Release the Hounds! Automated Inference and Empirical Security Evaluation of Field-Deployed PLCs Using Active Network Data"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-0705-5667","authenticated-orcid":false,"given":"Ryan","family":"Pickren","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-1051-172X","authenticated-orcid":false,"given":"Animesh","family":"Chhotaray","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2242-048X","authenticated-orcid":false,"given":"Frank","family":"Li","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-7302-0178","authenticated-orcid":false,"given":"Saman","family":"Zonouz","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9188-3464","authenticated-orcid":false,"given":"Raheem","family":"Beyah","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2023. Censys Search. https:\/\/search.censys.io\/. Accessed: 2023-08--17."},{"key":"e_1_3_2_1_2_1","unstructured":"2023. Shodan. https:\/\/www.shodan.io\/. Accessed: 2023-08--17."},{"key":"e_1_3_2_1_3_1","unstructured":"2024. ipinfo.io. https:\/\/ipinfo.io\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Arizton Advisory and Intelligence. [n. d.]. PLC Market - Global Outlook and Forecast 2020--2025. https:\/\/www.arizton.com\/market-reports\/plc-market-analysis."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3081741"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102939"},{"key":"e_1_3_2_1_7_1","unstructured":"AVM. [n. d.]. FritzBox | Our top models. https:\/\/en.avm.de\/products\/fritzbox\/."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC1866"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2014.03.001"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","unstructured":"Tim Bray. 2017. The JavaScript Object Notation (JSON) Data Interchange Format. https:\/\/www.rfc-editor.org\/info\/rfc8259. https:\/\/doi.org\/10.17487\/RFC8259","DOI":"10.17487\/RFC8259"},{"key":"e_1_3_2_1_11_1","unstructured":"Censys. [n. d.]. Censys Internet Scanning Intro. https:\/\/support.censys.io\/hc\/en- us\/articles\/360059603231-Censys-Internet-Scanning-Intro."},{"key":"e_1_3_2_1_12_1","unstructured":"Censys. [n. d.]. Data Definitions. https:\/\/search.censys.io\/search\/definitions?resource=hosts."},{"key":"e_1_3_2_1_13_1","unstructured":"Censys. [n. d.]. Dropbear SSH. https:\/\/matt.ucc.asn.au\/dropbear\/dropbear.html."},{"key":"e_1_3_2_1_14_1","unstructured":"Censys. [n. d.]. Report on Hosts. https:\/\/search.censys.io\/search\/report?resource =hosts."},{"key":"e_1_3_2_1_15_1","unstructured":"Censys. [n. d.]. Search with Labels. https:\/\/support.censys.io\/hc\/en-us\/articles\/13446586006292-Search-with-Labels."},{"key":"e_1_3_2_1_16_1","unstructured":"Centre for the Protection of National Infrastructure. [n. d.]. Firewall Deployment for SCADA and Process Control Systems. https:\/\/www.energy.gov\/sites\/prod\/files\/Good%20Practices%20Guide%20for%20Firewall%20Deployment.pdf."},{"key":"e_1_3_2_1_17_1","volume-title":"Online discoverability and vulnerabilities of ICS\/SCADA devices in the Netherlands. arXiv preprint arXiv:2011.02019","author":"Ceron Joao M","year":"2020","unstructured":"Joao M Ceron, Justyna J Chromik, Jair Santanna, and Aiko Pras. 2020. Online discoverability and vulnerabilities of ICS\/SCADA devices in the Netherlands. arXiv preprint arXiv:2011.02019 (2020)."},{"key":"e_1_3_2_1_18_1","unstructured":"CISA. [n. d.]. NERC Critical Infrastructure Protection (NERC CIP). https:\/\/niccs.cisa.gov\/education-training\/catalog\/captiva-solutions-llc\/nerc-critical-infrastructure-protection-nerc-cip."},{"key":"e_1_3_2_1_19_1","unstructured":"CODESYS. [n. d.]. CODESYS WEBVISU. https:\/\/www.codesys.com\/products\/codesys-visualization\/webvisu . html."},{"key":"e_1_3_2_1_20_1","unstructured":"Cybersecurity Infrastructure Security Agency. 2023. Exploitation of Unitronics PLCs used in Water and Wastewater Systems. https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/11\/28\/exploitation-unitronics-plcs-used-water-and-wastewater-systems."},{"key":"e_1_3_2_1_21_1","unstructured":"Daniel Stenberg. 2022. curl: Command Line Tool and Library for Transferring Data with URLs. https:\/\/curl.se\/."},{"key":"e_1_3_2_1_22_1","unstructured":"Leonardo de Moura and Nikolaj Bj\u00f8rner. 2023. Z3 Theorem Prover. https:\/\/github.com\/Z3Prover\/z3."},{"key":"e_1_3_2_1_23_1","unstructured":"Defense Use Case. 2016. Analysis of the cyber attack on the Ukrainian power grid. (2016) 1--29."},{"key":"e_1_3_2_1_24_1","volume-title":"Proc. Black Hat USA. 1--26","author":"Pinto Alessandro Di","year":"2018","unstructured":"Alessandro Di Pinto, Younes Dragoni, and Andrea Carcano. 2018. TRITON: The first ICS cyber attack on safety instrument systems. In Proc. Black Hat USA. 1--26."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/eCrime51433.2020.9493257"},{"key":"e_1_3_2_1_26_1","volume-title":"22nd USENIX Security Symposium (USENIX Security 13)","author":"Durumeric Zakir","year":"2013","unstructured":"Zakir Durumeric, Eric Wustrow, and J Alex Halderman. 2013. ZMap: fast internet-wide scanning and its security applications. In 22nd USENIX Security Symposium (USENIX Security 13). 605--620."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCTURKEY53027.2021.9654285"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7230"},{"key":"e_1_3_2_1_29_1","unstructured":"Python Software Foundation. 2023. functools ' Higher-order functions and operations on callable objects. https:\/\/docs.python.org\/3\/library\/functools.html."},{"key":"e_1_3_2_1_30_1","unstructured":"Four-Faith. [n. d.]. Four-Faith. https:\/\/www.fourfaith.com\/."},{"key":"e_1_3_2_1_31_1","volume-title":"Security, Privacy, and Anonymity in Computation, Communication, and Storage: SpaCCS 2020 International Workshops, Nanjing, China, December 18--20","author":"Hanka Thomas","year":"2020","unstructured":"Thomas Hanka, Matthias Niedermaier, Florian Fischer, Susanne Kie\u00dfling, Peter Knauer, and Dominik Merli. 2021. Impact of active scanning tools for device discovery in industrial networks. In Security, Privacy, and Anonymity in Computation, Communication, and Storage: SpaCCS 2020 International Workshops, Nanjing, China, December 18--20, 2020, Proceedings 13. Springer, 557--572."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719050"},{"key":"e_1_3_2_1_33_1","volume-title":"International yearbook of cartography 7","author":"Jenks George F","year":"1967","unstructured":"George F Jenks. 1967. The data model concept in statistical mapping. International yearbook of cartography 7 (1967), 186--190."},{"key":"e_1_3_2_1_34_1","unstructured":"Kaspersky. [n. d.]. Industrial Control Systems and Their Online Availability. https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/43\/2016\/07\/07190427\/KL_REPORT_ICS_Availability_Statistics.pdf."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/MWSCAS.2016.7870006"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.67"},{"key":"e_1_3_2_1_37_1","volume-title":"Thou shalt not depend on me: Analysing the use of outdated javascript libraries on the web. arXiv preprint arXiv:1811.00918","author":"Lauinger Tobias","year":"2018","unstructured":"Tobias Lauinger, Abdelberi Chaabane, Sajjad Arshad, William Robertson, Christo Wilson, and Engin Kirda. 2018. Thou shalt not depend on me: Analysing the use of outdated javascript libraries on the web. arXiv preprint arXiv:1811.00918 (2018)."},{"key":"e_1_3_2_1_38_1","unstructured":"Mathieu Leplatre. 2023. jenkspy: Optimal Jenks-Caspall Natural Breaks classification in pure Python. https:\/\/github.com\/mthh\/jenkspy."},{"key":"e_1_3_2_1_39_1","first-page":"21","article-title":"Quantitatively assessing and visualising industrial system attack surfaces. University of Cambridge","volume":"7","author":"Leverett Eireann P","year":"2011","unstructured":"Eireann P Leverett. 2011. Quantitatively assessing and visualising industrial system attack surfaces. University of Cambridge, Darwin College 7 (2011), 21.","journal-title":"Darwin College"},{"key":"e_1_3_2_1_40_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Li Frank","year":"2016","unstructured":"Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey, Damon McCoy, Stefan Savage, and Vern Paxson. 2016. You've got vulnerability: Exploring effective vulnerability notifications. In 25th USENIX Security Symposium (USENIX Security 16). 1033--1050."},{"key":"e_1_3_2_1_41_1","volume-title":"Proceedings of the fifth Berkeley symposium on mathematical statistics and probability","volume":"1","author":"James","unstructured":"James MacQueen et al. 1967. Some methods for classification and analysis of multivariate observations. In Proceedings of the fifth Berkeley symposium on mathematical statistics and probability, Vol. 1. Oakland, CA, USA, 281--297."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2016.7906943"},{"key":"e_1_3_2_1_43_1","volume-title":"Executive functions and components of oral reading fluency through the lens of text complexity. Reading and writing 33","author":"Nguyen Tin Q","year":"2020","unstructured":"Tin Q Nguyen, Sage E Pickren, Neena M Saha, and Laurie E Cutting. 2020. Executive functions and components of oral reading fluency through the lens of text complexity. Reading and writing 33 (2020), 1037--1073."},{"key":"e_1_3_2_1_44_1","unstructured":"nmap.org. [n. d.]. NMAP. https:\/\/nmap.org\/."},{"key":"e_1_3_2_1_45_1","unstructured":"Leapfrog Online. 2023. rstr: Random string module for Python. https:\/\/github.com\/leapfrogonline\/rstr."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.5555\/1953048.2078195"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Ryan Pickren Tohid Shekari Zonouz Saman and Raheem Beyah. 2024. Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware. In NDSS. 1--18.","DOI":"10.14722\/ndss.2024.23049"},{"key":"e_1_3_2_1_48_1","unstructured":"Iuliu Popovici. 2023. RegExTractor: A simple tool to extract regular expressions from text. https:\/\/github.com\/iuliux\/RegExTractor."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMSWA.2006.1665217"},{"key":"e_1_3_2_1_50_1","unstructured":"Pure-FTPD. [n. d.]. Pure-FTPD. https:\/\/www.pureftpd.org\/project\/pure-ftpd\/."},{"key":"e_1_3_2_1_51_1","unstructured":"Bob Radvanovsky. [n. d.]. Project SHINE: 1 000 000 Internet-Connected SCADA and ICS Systems and Counting. https:\/\/www.tofinosecurity.com\/blog\/project-shine-1000000-internet-connected-scada-and-ics-systems-and-counting."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1016\/0377-0427(87)90125-7"},{"key":"e_1_3_2_1_53_1","volume-title":"Term-weighting approaches in automatic text retrieval. Information processing & management 24, 5","author":"Salton Gerard","year":"1988","unstructured":"Gerard Salton and Christopher Buckley. 1988. Term-weighting approaches in automatic text retrieval. Information processing & management 24, 5 (1988), 513--523."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0254937"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833730"},{"key":"e_1_3_2_1_56_1","unstructured":"Schneider. [n. d.]. PowerLogic Energy Meters. https:\/\/www.se.com\/us\/en\/product-range\/1717-powerlogic-energy-meters\/."},{"key":"e_1_3_2_1_57_1","unstructured":"scikit. [n. d.]. Tokenizing text with scikit-learn. https:\/\/scikit-learn.org\/stable\/tutorial\/text_analytics\/working_with_text_data.html#tokenizing-text-with-scikit-learn."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","unstructured":"Yakov Shafranovich. 2005. Common Format and MIME Type for Comma-Separated Values (CSV) Files. https:\/\/www.rfc-editor.org\/info\/rfc4180. https:\/\/doi.org\/10.17487\/RFC4180","DOI":"10.17487\/RFC4180"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2637364.2591972"},{"key":"e_1_3_2_1_60_1","unstructured":"Shodan. [n. d.]. Shodan Explore | Industrial Control Systems. https:\/\/www.shodan.io\/explore\/category\/industrial-control-systems."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","unstructured":"Robyn Speer. 2022. rspeer\/wordfreq: v3.0. https:\/\/doi.org\/10.5281\/zenodo.7199437","DOI":"10.5281\/zenodo.7199437"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.5555\/1182576.1182584"},{"key":"e_1_3_2_1_63_1","unstructured":"PLC Technician Training. [n. d.]. Latest Advancement in PLC Technology. https:\/\/www.plctechnician.com\/news-blog\/latest-advancement-plc-technology."},{"key":"e_1_3_2_1_64_1","unstructured":"WAGO. [n. d.]. Container Virtualization with Docker. https:\/\/www.wago.com\/us\/open-automation\/modular-software\/linux\/docker."},{"key":"e_1_3_2_1_65_1","unstructured":"WAGO. [n. d.]. Control Included: Embedded Linux. https:\/\/www.wago.com\/us\/embedded-linux."},{"key":"e_1_3_2_1_66_1","unstructured":"WAGO. [n. d.]. High Number of Unreported Errors in Controllers Accessible via the Internet. https:\/\/www.wago.com\/global\/open-automation\/cybersecurity\/georgia-institute-warns-about-underestimated-risks."},{"key":"e_1_3_2_1_67_1","unstructured":"WAGO. [n. d.]. WAGO Products Join AWS Partner Device Catalog and AWS IoT Greengrass. https:\/\/www.wago.com\/us\/aws-partner."},{"key":"e_1_3_2_1_68_1","volume-title":"The Purdue enterprise reference architecture and methodology (PERA). Handbook of life cycle engineering: concepts, models, and technologies 289","author":"Williams Timothy","year":"1998","unstructured":"Timothy Williams. 1998. The Purdue enterprise reference architecture and methodology (PERA). Handbook of life cycle engineering: concepts, models, and technologies 289 (1998)."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"crossref","unstructured":"Yixiong Wu Jianwei Zhuge Tingting Yin Tianyi Li Junmin Zhu Guannan Guo Yue Liu and Jianju Hu. 2021. From Exposed to Exploited: Drawing the Picture of Industrial Control Systems Security Status in the Internet Age. In ICISSP. 237--248.","DOI":"10.5220\/0010327902370248"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2020.3037908"},{"key":"e_1_3_2_1_71_1","unstructured":"ZoomEye. [n. d.]. ZoomEye. https:\/\/www.zoomeye.org\/."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690195","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690195","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T05:52:55Z","timestamp":1755841975000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690195"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":71,"alternative-id":["10.1145\/3658644.3690195","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3690195","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}