{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T04:33:57Z","timestamp":1773117237019,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":125,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,9,8]]},"DOI":"10.1145\/3718958.3754344","type":"proceedings-article","created":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T16:54:11Z","timestamp":1756313651000},"page":"147-163","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Censys: A Map of Internet Hosts and Services"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9647-4192","authenticated-orcid":false,"given":"Zakir","family":"Durumeric","sequence":"first","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-7159-7576","authenticated-orcid":false,"given":"Hudson","family":"Clark","sequence":"additional","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-1139-5535","authenticated-orcid":false,"given":"Jeff","family":"Cody","sequence":"additional","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8156-8839","authenticated-orcid":false,"given":"Elliot","family":"Cubit","sequence":"additional","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-2437-7144","authenticated-orcid":false,"given":"Matt","family":"Ellison","sequence":"additional","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-3336-0958","authenticated-orcid":false,"given":"Liz","family":"Izhikevich","sequence":"additional","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-7293-3290","authenticated-orcid":false,"given":"Ariana","family":"Mirian","sequence":"additional","affiliation":[{"name":"Censys Inc., Ann Arbor, MI, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,8,27]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Israeli officials say Iran exploiting security cameras to guide missile strikes author=Antoniuk Daryna. https:\/\/therecord.media\/iran-espionage-israeli-security-cameras-missile-attacks."},{"key":"e_1_3_2_1_2_1","unstructured":"Netlas - Search the Internet Your Way. Accessed: 2024-11-25."},{"key":"e_1_3_2_1_3_1","volume-title":"Long. Digital Threats: Research and Practice","author":"Network Attack Surface Mapping A Survey","year":"2024","unstructured":"A Survey on Network Attack Surface Mapping, author=Everson, Douglas and Cheng, Long. Digital Threats: Research and Practice, 2024."},{"key":"e_1_3_2_1_4_1","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Aas J.","year":"2019","unstructured":"J. Aas, R. Barnes, B. Case, Z. Durumeric, P. Eckersley, A. Flores-L\u00f3pez, J. A. Halderman, J. Hoffman-Andrews, J. Kasten, E. Rescorla, et al. Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web. In ACM SIGSAC Conference on Computer and Communications Security, 2019."},{"key":"e_1_3_2_1_5_1","volume-title":"Diff: A Relational Interface for Large-Scale Data Explanation. Proceedings of the VLDB Endowment","author":"Abuzaid F.","year":"2018","unstructured":"F. Abuzaid, P. Kraft, S. Suri, E. Gan, E. Xu, A. Shenoy, A. Ananthanarayan, J. Sheu, E. Meijer, X. Wu, et al. Diff: A Relational Interface for Large-Scale Data Explanation. Proceedings of the VLDB Endowment, 2018."},{"key":"e_1_3_2_1_6_1","volume-title":"USENIX Workshop on Offensive Technologies","author":"Adrian D.","year":"2014","unstructured":"D. Adrian, Z. Durumeric, G. Singh, and J. A. Halderman. Zippier ZMap: Internet-Wide Scanning at 10 Gbps. In USENIX Workshop on Offensive Technologies, 2014."},{"key":"e_1_3_2_1_7_1","volume-title":"ACM Internet Measurement Conference","author":"Allman M.","year":"2007","unstructured":"M. Allman, V. Paxson, and J. Terrell. A Brief History of Scanning. In ACM Internet Measurement Conference, 2007."},{"key":"e_1_3_2_1_8_1","unstructured":"J. Althouse. JA4+ network fingerprinting. https:\/\/blog.foxio.io\/ja4+-network-fingerprinting."},{"key":"e_1_3_2_1_9_1","unstructured":"Amazon AWS. CQRS pattern. https:\/\/docs.aws.amazon.com\/prescriptive-guidance\/latest\/modernization-data-persistence\/cqrs-pattern.html."},{"key":"e_1_3_2_1_10_1","unstructured":"Amnesty International. German-made FinSpy spyware found in Egypt and Mac and Linux versions revealed. https:\/\/www.amnesty.org\/en\/latest\/research\/2020\/09\/german-made-finspy-spyware-found-in-egypt-and-mac-and-linux-versions-revealed\/."},{"key":"e_1_3_2_1_11_1","unstructured":"Amnesty International. Morocco: Human Rights Defenders Targeted with NSO Group's Spyware. https:\/\/www.amnesty.org\/en\/latest\/research\/2019\/10\/morocco-human-rights-defenders-targeted-with-nso-groups-spyware\/."},{"key":"e_1_3_2_1_12_1","volume-title":"Understanding the Mirai Botnet. In USENIX Security Symposium","author":"Antonakakis M.","year":"2017","unstructured":"M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis, et al. Understanding the Mirai Botnet. In USENIX Security Symposium, 2017."},{"key":"e_1_3_2_1_13_1","volume-title":"ip-ranges.json. https:\/\/docs.aws.amazon.com\/vpc\/latest\/userguide\/aws-ip-ranges.html","author":"AWS.","year":"2024","unstructured":"AWS. ip-ranges.json. https:\/\/docs.aws.amazon.com\/vpc\/latest\/userguide\/aws-ip-ranges.html, 2024."},{"key":"e_1_3_2_1_14_1","author":"Bano S.","year":"2018","unstructured":"S. Bano, P. Richter, M. Javed, S. Sundaresan, Z. Durumeric, S. J. Murdoch, R. Mortier, and V. Paxson. Scanning the Internet for Liveness. ACM SIGCOMM Computer Communication Review, 2018.","journal-title":"Scanning the Internet for Liveness. ACM SIGCOMM Computer Communication Review"},{"key":"e_1_3_2_1_15_1","volume-title":"Oorschot. Empirical Scanning Analysis of Censys and Shodan. In Workshop on Measurements, Attacks, and Defenses for the Web","author":"Bennett C.","year":"2021","unstructured":"C. Bennett, A. Abdou, and P. C. van Oorschot. Empirical Scanning Analysis of Censys and Shodan. In Workshop on Measurements, Attacks, and Defenses for the Web, 2021."},{"key":"e_1_3_2_1_16_1","volume-title":"ACM Internet Measurement Conference","author":"Beverly R.","year":"2018","unstructured":"R. Beverly, R. Durairajan, D. Plonka, and J. P. Rohrer. In the ip of the beholder: Strategies for active IPv6 topology discovery. In ACM Internet Measurement Conference, 2018."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1037\/13620-004"},{"key":"e_1_3_2_1_18_1","volume-title":"Stratosphere: Finding Vulnerable Cloud Storage Buckets. In Symposium on Research in Attacks, Intrusions and Defenses","author":"Cable J.","year":"2021","unstructured":"J. Cable, D. Gregory, L. Izhikevich, and Z. Durumeric. Stratosphere: Finding Vulnerable Cloud Storage Buckets. In Symposium on Research in Attacks, Intrusions and Defenses, 2021."},{"key":"e_1_3_2_1_19_1","unstructured":"Censys. Turning Off the (Information) Flow: Working With the EPA to Secure Hundreds of Exposed Water HMIs. https:\/\/censys.com\/blog\/turning-off-the-information-flow-working-with-the-epa-to-secure-hundreds-of-exposed-water-hmis."},{"key":"e_1_3_2_1_20_1","volume-title":"Workshop on the Economics of Information Security","author":"Cetin O.","year":"2017","unstructured":"O. Cetin, C. Ganan, M. Korczynski, and M. Van Eeten. Make Notifications Great Again: Learning How to Notify in the Age of Large-Scale Vulnerability Scanning. In Workshop on the Economics of Information Security, 2017."},{"key":"e_1_3_2_1_21_1","volume-title":"Exploring Shodan from the Perspective of Industrial Control Systems","author":"Chen Y.","year":"2020","unstructured":"Y. Chen, X. Lian, D. Yu, S. Lv, S. Hao, and Y. Ma. Exploring Shodan from the Perspective of Industrial Control Systems. IEEE Access, 2020."},{"key":"e_1_3_2_1_22_1","volume-title":"The 11th Workshop on Active Internet Measurements Workshop Report. ACM SIGCOMM Computer Communication Review","author":"Claffy K. C.","year":"2019","unstructured":"K. C. Claffy and D. Clark. The 11th Workshop on Active Internet Measurements Workshop Report. ACM SIGCOMM Computer Communication Review, 2019."},{"key":"e_1_3_2_1_23_1","volume-title":"Beyond Noise: Filtering Pseudo-Services","author":"Clark H.","year":"2024","unstructured":"H. Clark. Beyond Noise: Filtering Pseudo-Services, 2024. Accessed: 2024-12-17."},{"key":"e_1_3_2_1_24_1","unstructured":"Coalition. BinaryEdge Transition FAQ. https:\/\/help.coalitioninc.com\/hc\/en-us\/articles\/34383910057371-BinaryEdge-Transition-FAQ."},{"key":"e_1_3_2_1_25_1","volume-title":"BOD 23-02 Implementation Guidance: Mitigating the Risk of Internet-Exposed Management Interfaces","author":"Cybersecurity","year":"2023","unstructured":"Cybersecurity and I. S. A. (CISA). BOD 23-02 Implementation Guidance: Mitigating the Risk of Internet-Exposed Management Interfaces, 2023."},{"key":"e_1_3_2_1_26_1","unstructured":"Cybersecurity and Infrastructure Security Agency (CISA). Industrial Control Systems (ICS). https:\/\/www.cisa.gov\/topics\/industrial-control-systems."},{"key":"e_1_3_2_1_27_1","unstructured":"Cyentia Institute. Information Risk Insights Study: Ransomware. https:\/\/www.cyentia.com\/wp-content\/uploads\/2024\/08\/IRIS_Ransomware.pdf."},{"key":"e_1_3_2_1_28_1","volume-title":"International Conference on Availability, Reliability and Security","author":"Drichel A.","year":"2021","unstructured":"A. Drichel, V. Drury, J. von Brandt, and U. Meyer. Finding Phish in a Haystack: A pipeline for Phishing Classification on Certificate Transparency Logs. In International Conference on Availability, Reliability and Security, 2021."},{"key":"e_1_3_2_1_29_1","volume-title":"Zgrab2","author":"Durumeric Z.","year":"2018","unstructured":"Z. Durumeric and D. Adrian. Zgrab2, 2018. https:\/\/github.com\/zmap\/zgrab2."},{"key":"e_1_3_2_1_30_1","unstructured":"Z. Durumeric D. Adrian M. Bailey and J. Halderman. Heartbleed bug health report. https:\/\/zmap.io\/heartbleed."},{"key":"e_1_3_2_1_31_1","volume-title":"ACM SIGSAC Conference on computer and communications security","author":"Durumeric Z.","year":"2015","unstructured":"Z. Durumeric, D. Adrian, A. Mirian, M. Bailey, and J. A. Halderman. A Search Engine Backed by Internet-wide Scanning. In ACM SIGSAC Conference on computer and communications security, 2015."},{"key":"e_1_3_2_1_32_1","volume-title":"Tracking the FREAK attack","author":"Durumeric Z.","year":"2015","unstructured":"Z. Durumeric, D. Adrian, A. Mirian, M. Bailey, and J. A. Halderman. Tracking the FREAK attack, 2015. https:\/\/freakattack.com\/."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815695"},{"key":"e_1_3_2_1_34_1","volume-title":"Ten Years of ZMap. In ACM Internet Measurement Conference","author":"Durumeric Z.","year":"2024","unstructured":"Z. Durumeric, D. Adrian, P. Stephens, E. Wustrow, and J. A. Halderman. Ten Years of ZMap. In ACM Internet Measurement Conference, 2024."},{"key":"e_1_3_2_1_35_1","volume-title":"23rd USENIX Security Symposium","author":"Durumeric Z.","year":"2014","unstructured":"Z. Durumeric, M. Bailey, and J. A. Halderman. An Internet-Wide view of Internet-Wide scanning. In 23rd USENIX Security Symposium, 2014."},{"key":"e_1_3_2_1_36_1","volume-title":"Analysis of the HTTPS Certificate Ecosystem. In ACM Internet Measurement Conference","author":"Durumeric Z.","year":"2013","unstructured":"Z. Durumeric, J. Kasten, M. Bailey, and J. A. Halderman. Analysis of the HTTPS Certificate Ecosystem. In ACM Internet Measurement Conference, 2013."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_2_1_38_1","volume-title":"22nd USENIX Security Symposium","author":"Durumeric Z.","year":"2013","unstructured":"Z. Durumeric, E. Wustrow, and J. A. Halderman. ZMap: Fast Internet-wide Scanning and its Security Applications. In 22nd USENIX Security Symposium, 2013."},{"key":"e_1_3_2_1_39_1","unstructured":"Embee Research. A Beginner's Guide to Hunting Malicious Open Directories. https:\/\/censys.com\/a-beginners-guide-to-hunting-open-directories\/."},{"key":"e_1_3_2_1_40_1","unstructured":"Embee Research. A Beginner's Guide to Tracking Malware Infrastructure. https:\/\/censys.com\/a-beginners-guide-to-tracking-malware-infrastructure\/."},{"key":"e_1_3_2_1_41_1","unstructured":"Embee Research. Combining Pivot Points to Identify Malware Infrastructure - Redline Smokeloader and Cobalt Strike. https:\/\/www.embeeresearch.io\/combining-pivot-points-to-identify-malware-infrastructure-redline-smokeloader-and-cobalt-strike\/."},{"key":"e_1_3_2_1_42_1","volume-title":"Applied Networking Research Workshop","author":"Fiebig T.","year":"2023","unstructured":"T. Fiebig. Crisis, Ethics, Reliability & a measurement. network: Reflections on Active Network Measurements in Academia. In Applied Networking Research Workshop, 2023."},{"key":"e_1_3_2_1_43_1","volume-title":"https:\/\/en.fofa.info\/","author":"FOFA.","year":"2024","unstructured":"FOFA. Fofa search engine. https:\/\/en.fofa.info\/, 2024."},{"key":"e_1_3_2_1_44_1","unstructured":"fopwn. Hunting VIPER C2 Instances on Censys. https:\/\/community.censys.com\/threat-hunting-38\/hunting-viper-c2-instances-on-censys-140."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987445"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278564"},{"key":"e_1_3_2_1_47_1","volume-title":"ACM SIGCOMM Conference","author":"Gigis P.","year":"2021","unstructured":"P. Gigis, M. Calder, L. Manassakis, G. Nomikos, V. Kotronis, X. Dimitropoulos, E. Katz-Bassett, and G. Smaragdakis. Seven years in the Life of Hypergiants' Off-nets. In ACM SIGCOMM Conference, 2021."},{"key":"e_1_3_2_1_48_1","unstructured":"Google. Protocol buffers. https:\/\/protobuf.dev\/."},{"key":"e_1_3_2_1_49_1","volume-title":"Masscan: Mass IP port scanner","author":"Graham R.","year":"2014","unstructured":"R. Graham. Masscan: Mass IP port scanner, 2014. https:\/\/github.com\/robertdavidgraham\/masscan."},{"key":"e_1_3_2_1_50_1","volume-title":"A week in the life of a GreyNoise Sensor: It's all about the tags. https:\/\/www.greynoise.io\/blog\/a-week-in-the-life-of-a-greynoise-sensor-its-all-about-the-tags","year":"2023","unstructured":"Greyniose. A week in the life of a GreyNoise Sensor: It's all about the tags. https:\/\/www.greynoise.io\/blog\/a-week-in-the-life-of-a-greynoise-sensor-its-all-about-the-tags, 2023."},{"key":"e_1_3_2_1_51_1","first-page":"164","volume-title":"Characterizing Ten Years of Internet Scanning. In Proceedings of the 2024 ACM on Internet Measurement Conference","author":"Griffioen H.","year":"2024","unstructured":"H. Griffioen, G. Koursiounis, G. Smaragdakis, and C. Doerr. Have you SYN me? Characterizing Ten Years of Internet Scanning. In Proceedings of the 2024 ACM on Internet Measurement Conference, pages 149\u2013164, 2024."},{"key":"e_1_3_2_1_52_1","volume-title":"Towards Ethical Server-Side Scans in Security and Privacy Research. In IEEE Symposium on Security and Privacy","author":"Hantke F.","year":"2024","unstructured":"F. Hantke, S. Roth, R. Mrowczynski, C. Utz, and B. Stock. Where are the Red Lines? Towards Ethical Server-Side Scans in Security and Privacy Research. In IEEE Symposium on Security and Privacy, 2024."},{"key":"e_1_3_2_1_53_1","volume-title":"Census and Survey of the Visible Internet. In ACM Internet Measurement Conference","author":"Heidemann J.","year":"2008","unstructured":"J. Heidemann, Y. Pradkin, R. Govindan, C. Papadopoulos, G. Bartlett, and J. Bannister. Census and Survey of the Visible Internet. In ACM Internet Measurement Conference, 2008."},{"key":"e_1_3_2_1_54_1","volume-title":"USENIX Security Symposium","author":"Heninger N.","year":"2012","unstructured":"N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman. Mining your Ps and Qs: Detection of Widespread Weak Keys in Network Devices. In USENIX Security Symposium, 2012."},{"key":"e_1_3_2_1_55_1","volume-title":"USENIX Security Symposium","author":"Hiesgen R.","year":"2022","unstructured":"R. Hiesgen, M. Nawrocki, A. King, A. Dainotti, T. C. Schmidt, and M. W\u00e4hlisch. Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope. In USENIX Security Symposium, 2022."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM42981.2021.9488794"},{"key":"e_1_3_2_1_57_1","volume-title":"6sense: Internet-wide IPv6 scanning and its security applications","author":"Hsu G. W. M. E. A.","year":"2024","unstructured":"G. W. M. E. A. Hsu, S. Bhat, and A. B. F. L. P. Pearce. 6sense: Internet-wide IPv6 scanning and its security applications. 2024."},{"key":"e_1_3_2_1_58_1","unstructured":"IPVM. Russian Military Used Hacked Cameras in Missile Strike on Capital Alleges Ukraine. https:\/\/ipvm.com\/reports\/russia-hacked-hikvision."},{"key":"e_1_3_2_1_59_1","volume-title":"LZR: Identifying Unexpected Internet Services. In USENIX Security Symposium","author":"Izhikevich L.","year":"2021","unstructured":"L. Izhikevich, R. Teixeira, and Z. Durumeric. LZR: Identifying Unexpected Internet Services. In USENIX Security Symposium, 2021."},{"key":"e_1_3_2_1_60_1","volume-title":"ACM SIGCOMM","author":"Izhikevich L.","year":"2022","unstructured":"L. Izhikevich, R. Teixeira, and Z. Durumeric. Predicting IPv4 Services Across All Ports. In ACM SIGCOMM, 2022."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3618257.3624818"},{"key":"e_1_3_2_1_62_1","volume-title":"Networked Device Identification: A Survey. In International Conference on Data Science in Cyberspace","author":"Jiang Y.","year":"2021","unstructured":"Y. Jiang, Y. Li, and Y. Sun. Networked Device Identification: A Survey. In International Conference on Data Science in Cyberspace, 2021."},{"key":"e_1_3_2_1_63_1","volume-title":"ACM Internet Measurement Conference","author":"Klick J.","year":"2016","unstructured":"J. Klick, S. Lau, M. W\u00e4hlisch, and V. Roth. Towards Better Internet Citizenship: Reducing the Footprint of Internet-wide Scans by Topology Aware Prefix Selection. In ACM Internet Measurement Conference, 2016."},{"key":"e_1_3_2_1_64_1","volume-title":"Tracking Certificate Misissuance in The Wild. In IEEE Symposium on Security and Privacy","author":"Kumar D.","year":"2018","unstructured":"D. Kumar, Z. Wang, M. Hyder, J. Dickinson, G. Beck, D. Adrian, J. Mason, Z. Durumeric, J. A. Halderman, and M. Bailey. Tracking Certificate Misissuance in The Wild. In IEEE Symposium on Security and Privacy, 2018."},{"key":"e_1_3_2_1_65_1","volume-title":"Communications of the ACM","author":"Laurie B.","year":"2014","unstructured":"B. Laurie. Certificate Transparency. Communications of the ACM, 2014."},{"key":"e_1_3_2_1_66_1","volume-title":"USENIX Security Symposium","author":"Li F.","year":"2016","unstructured":"F. Li, Z. Durumeric, J. Czyz, M. Karami, M. Bailey, D. McCoy, S. Savage, and V. Paxson. You've Got Vulnerability: Exploring Effective Vulnerability Notifications. In USENIX Security Symposium, 2016."},{"key":"e_1_3_2_1_67_1","volume-title":"Cyber Security: 17th China Annual Conference","author":"Li R.","year":"2020","unstructured":"R. Li, M. Shen, H. Yu, C. Li, P. Duan, and L. Zhu. A Survey on Cyberspace Search Engines. In Cyber Security: 17th China Annual Conference, 2020."},{"key":"e_1_3_2_1_68_1","volume-title":"ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement","author":"Lin\u00e5ker J.","year":"2024","unstructured":"J. Lin\u00e5ker, G. Link, and K. Lumbard. Sustaining Maintenance Labor for Healthy Open Source Software Projects through Human Infrastructure: A Maintainer Perspective. In ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement, 2024."},{"key":"e_1_3_2_1_69_1","volume-title":"Computer Networks","author":"Liu Z.","year":"2019","unstructured":"Z. Liu, Y. Xiong, X. Liu, W. Xie, and P. Zhu. 6Tree: Efficient Dynamic Discovery of Active Addresses in the IPv6 Address Space. Computer Networks, 2019."},{"key":"e_1_3_2_1_70_1","unstructured":"Lumen Black Lotus Labs. Derailing the Raptor Train. https:\/\/assets.lumen.com\/is\/content\/Lumen\/raptor-train-handbook-copy."},{"key":"e_1_3_2_1_71_1","volume-title":"CoNEXT","author":"Luo Y.","year":"2024","unstructured":"Y. Luo, C. Li, Z. Wang, and J. Yang. IPREDS: Efficient Prediction System for Internet-wide Port and Service Scanning. CoNEXT, 2024."},{"key":"e_1_3_2_1_72_1","volume-title":"Best Practices for Notification Studiesfor Security and Privacy Issues on the Internet. In International Conference on Availability, Reliability and Security","author":"Maa\u00df M.","year":"2021","unstructured":"M. Maa\u00df, H. Prid\u00f6hl, D. Herrmann, and M. Hollick. Best Practices for Notification Studiesfor Security and Privacy Issues on the Internet. In International Conference on Availability, Reliability and Security, 2021."},{"key":"e_1_3_2_1_73_1","volume-title":"USENIX Security Symposium","author":"Maass M.","year":"2021","unstructured":"M. Maass, A. St\u00f6ver, H. Prid\u00f6hl, S. Bretthauer, D. Herrmann, M. Hollick, and I. Spiecker. Effective Notification Campaigns on the Web: A Matter of Trust, Framing, and Support. In USENIX Security Symposium, 2021."},{"key":"e_1_3_2_1_74_1","volume-title":"Citizen Lab","author":"Marczak B.","year":"2016","unstructured":"B. Marczak and J. Scott-Railton. The Million Dollar Dissident: NSO Group's iPhone Zero-Days Used Against a UAE Human Rights Defender. Citizen Lab, 2016."},{"key":"e_1_3_2_1_75_1","volume-title":"Hooking Candiru: Another Mercenary Spyware Vendor Comes into Focus","author":"Marczak B.","year":"2021","unstructured":"B. Marczak, J. Scott-Railton, K. Berdan, B. Abdul Razzak, and R. Deibert. Hooking Candiru: Another Mercenary Spyware Vendor Comes into Focus, 2021. https:\/\/citizenlab.ca\/2021\/07\/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus\/."},{"key":"e_1_3_2_1_76_1","unstructured":"B. Marczak J. Scott-Railton B. A. Razzak N. Aljizawi S. Anstis K. Berdan and R. Deibert. Pegasus vs. Predator Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware. https:\/\/citizenlab.ca\/2021\/12\/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware\/."},{"key":"e_1_3_2_1_77_1","unstructured":"J. Matherly. Complete guide to Shodan. 2015."},{"key":"e_1_3_2_1_78_1","volume-title":"IEEE","author":"Mazel J.","year":"2017","unstructured":"J. Mazel, R. Fontugne, and K. Fukuda. Profiling Internet Scanners: Spatiotemporal Structures and Measurement Ethics. In Network traffic measurement and analysis conference. IEEE, 2017."},{"key":"e_1_3_2_1_79_1","volume-title":"ACM Internet Measurement Conference","author":"McDonald A.","year":"2018","unstructured":"A. McDonald, M. Bernhard, L. Valenta, B. VanderSloot, W. Scott, N. Sullivan, J. A. Halderman, and R. Ensafi. 403 Forbidden: A Global View of CDN Geoblocking. In ACM Internet Measurement Conference, 2018."},{"key":"e_1_3_2_1_80_1","volume-title":"The Effects of Ransomware Attacks on Hospitals and Patients. The Effects of Ransomware Attacks on Hospitals and Patients","author":"McGlave C. C.","year":"2023","unstructured":"C. C. McGlave, H. Neprash, and S. Nikpay. Hacked to Pieces? The Effects of Ransomware Attacks on Hospitals and Patients. The Effects of Ransomware Attacks on Hospitals and Patients, 2023."},{"key":"e_1_3_2_1_81_1","volume-title":"Open Source Systems: IFIP WG International Conference","author":"Miller C.","year":"2019","unstructured":"C. Miller, D. G. Widder, C. K\u00e4stner, and B. Vasilescu. Why Do People Give Up Flossing? A Study of Contributor Disengagement in Open Source. In Open Source Systems: IFIP WG International Conference, 2019."},{"key":"e_1_3_2_1_82_1","author":"Miller K.","unstructured":"K. Miller. Rural texas towns report cyberattacks that caused one water system to overflow. AP News.","journal-title":"News."},{"key":"e_1_3_2_1_83_1","volume-title":"An Internet-Wide View of ICS Devices","author":"Mirian A.","year":"2016","unstructured":"A. Mirian, Z. Ma, D. Adrian, M. Tischer, T. Chuenchujit, T. Yardley, R. Berthier, J. Mason, Z. Durumeric, J. A. Halderman, et al. An Internet-Wide View of ICS Devices. In IEEE Privacy, Security and Trust, 2016."},{"key":"e_1_3_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131405"},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2023.23084"},{"key":"e_1_3_2_1_86_1","unstructured":"Netlas LLC. About netlas.io. https:\/\/app.netlas.io\/about\/."},{"key":"e_1_3_2_1_87_1","unstructured":"Office of the Director of National Intelligence. Recent Cyber Attacks on US Infrastructure Underscore Vulnerability of Critical US Systems. https:\/\/www.dni.gov\/files\/CTIIC\/documents\/products\/Recent_Cyber_Attacks_on_US_Infrastructure_Underscore_Vulnerability_of_Critical_US_Systems-June2024.pdf."},{"key":"e_1_3_2_1_88_1","volume-title":"ACM Internet measurement conference","author":"Padmanabhan R.","year":"2016","unstructured":"R. Padmanabhan, A. Dhamdhere, E. Aben, K. Claffy, and N. Spring. Reasons Dynamic Addresses Change. In ACM Internet measurement conference, 2016."},{"key":"e_1_3_2_1_89_1","volume-title":"International Conference on Emerging Networking Experiments and Technologies","author":"Padmanabhan R.","year":"2020","unstructured":"R. Padmanabhan, J. P. Rula, P. Richter, S. D. Strowes, and A. Dainotti. DynamIPs: Analyzing Address Assignment Practices in IPv4 and IPv6. In International Conference on Emerging Networking Experiments and Technologies, 2020."},{"key":"e_1_3_2_1_90_1","volume-title":"Proceedings of the VLDB Endowment","author":"Palkar S.","year":"2018","unstructured":"S. Palkar, F. Abuzaid, P. Bailis, and M. Zaharia. Filter Before You Parse: Faster Analytics on Raw Data with Sparser. Proceedings of the VLDB Endowment, 2018."},{"key":"e_1_3_2_1_91_1","volume-title":"LISA","author":"Provos N.","year":"2001","unstructured":"N. Provos and P. Honeyman. Scanssh: Scanning the internet for SSH servers. In LISA, 2001."},{"key":"e_1_3_2_1_92_1","volume-title":"ACM\/IEEE International Conference on Software Engineering: New Ideas and Emerging Results","author":"Raman N.","year":"2020","unstructured":"N. Raman, M. Cao, Y. Tsvetkov, C. K\u00e4stner, and B. Vasilescu. Stress and Burnout in Open Source: Toward Finding, Understanding, and Mitigating Unhealthy Interactions. In ACM\/IEEE International Conference on Software Engineering: New Ideas and Emerging Results, 2020."},{"key":"e_1_3_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.23099"},{"key":"e_1_3_2_1_94_1","volume-title":"Quantifying the Impact of Blocklisting in the Age of Address Reuse. In ACM Internet Measurement Conference","author":"Ramanathan S.","year":"2020","unstructured":"S. Ramanathan, A. Hossain, J. Mirkovic, M. Yu, and S. Afroz. Quantifying the Impact of Blocklisting in the Age of Address Reuse. In ACM Internet Measurement Conference, 2020."},{"key":"e_1_3_2_1_95_1","volume-title":"USENIX Security Symposium","author":"Ramesh R.","year":"2023","unstructured":"R. Ramesh, R. S. Raman, A. Virkud, A. Dirksen, A. Huremagic, D. Fifield, D. Rodenburg, R. Hynes, D. Madory, and R. Ensafi. Network Responses to Russia's Invasion of Ukraine in 2022: A Cautionary Tale for Internet Freedom. In USENIX Security Symposium, 2023."},{"key":"e_1_3_2_1_96_1","unstructured":"Recorded Future Insikt Group. Chinese Cyberespionage Originating From Tsinghua University Infrastructure. https:\/\/go.recordedfuture.com\/hubfs\/reports\/cta-2018-0816.pdf."},{"key":"e_1_3_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987473"},{"key":"e_1_3_2_1_98_1","volume-title":"Reconciling High Speed Probing with Ethical Probing. In CoNEXT Student Workshop","author":"Rimlinger H.","year":"2023","unstructured":"H. Rimlinger, K. Vermeulen, M. Gouel, O. Fourmaux, and T. Friedman. To Probe or Not to Probe? Reconciling High Speed Probing with Ethical Probing. In CoNEXT Student Workshop, 2023."},{"key":"e_1_3_2_1_99_1","volume-title":"ACM Workshop on Privacy in the Electronic Society","author":"Roberts R.","year":"2019","unstructured":"R. Roberts and D. Levin. When certificate transparency is too transparent: Analyzing information leakage in https domain names. In ACM Workshop on Privacy in the Electronic Society, 2019."},{"key":"e_1_3_2_1_100_1","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Ryan K.","year":"2023","unstructured":"K. Ryan, K. He, G. A. Sullivan, and N. Heninger. Passive SSH Key Compromise via Lattices. In ACM SIGSAC Conference on Computer and Communications Security, 2023."},{"key":"e_1_3_2_1_101_1","volume-title":"ACM SIGCOMM","author":"Rye E.","year":"2023","unstructured":"E. Rye and D. Levin. IPv6 Hitlists at Scale: Be Careful What you Wish For. In ACM SIGCOMM, 2023."},{"key":"e_1_3_2_1_102_1","volume-title":"Game Theory and Machine Learning for Cyber Security","author":"Sarabi A.","year":"2021","unstructured":"A. Sarabi, K. Jin, and M. Liu. Smart internet probing: Scanning using Adaptive Machine Learning. Game Theory and Machine Learning for Cyber Security, 2021."},{"key":"e_1_3_2_1_103_1","volume-title":"ACM Internet Measurement Conference","author":"Scheitle Q.","year":"2018","unstructured":"Q. Scheitle, O. Hohlfeld, J. Gamba, J. Jelten, T. Zimmermann, S. D. Strowes, and N. Vallina-Rodriguez. A Long Way to the Top: Significance, Structure, and Stability of Internet Top Lists. In ACM Internet Measurement Conference, 2018."},{"key":"e_1_3_2_1_104_1","volume-title":"Industrial control systems","year":"2024","unstructured":"Shodan. Industrial control systems, 2024. https:\/\/www.shodan.io\/explore\/category\/industrial-control-systems."},{"key":"e_1_3_2_1_105_1","volume-title":"Shodan search engine. https:\/\/www.shodan.io\/","year":"2024","unstructured":"Shodan. Shodan search engine. https:\/\/www.shodan.io\/, 2024."},{"key":"e_1_3_2_1_106_1","author":"Song G.","year":"2024","unstructured":"G. Song, L. He, T. Chen, J. Lin, L. Fan, K. Wen, Z. Wang, and J. Yang. PMap: Reinforcement Learning-Based Internet-Wide Port Scanning. IEEE\/ACM Transactions on Networking, 2024.","journal-title":"PMap: Reinforcement Learning-Based Internet-Wide Port Scanning. IEEE\/ACM Transactions on Networking"},{"key":"e_1_3_2_1_107_1","volume-title":"Which Doors Are Open: Reinforcement Learning-based Internet-wide Port Scanning. In IEEE\/ACM Symposium on Quality of Service","author":"Song G.","year":"2023","unstructured":"G. Song, L. He, T. Zhao, Y. Luo, Y. Wu, L. Fan, C. Li, Z. Wang, and J. Yang. Which Doors Are Open: Reinforcement Learning-based Internet-wide Port Scanning. In IEEE\/ACM Symposium on Quality of Service, 2023."},{"key":"e_1_3_2_1_108_1","volume-title":"USENIX Annual Technical Conference","author":"Song G.","year":"2022","unstructured":"G. Song, J. Yang, L. He, Z. Wang, G. Li, C. Duan, Y. Liu, and Z. Sun. AddrMiner: A Comprehensive Global Active IPv6 Address Discovery System. In USENIX Annual Technical Conference, 2022."},{"key":"e_1_3_2_1_109_1","volume-title":"Measuring the Security Harm of TLS Crypto Shortcuts. In ACM Internet Measurement Conference","author":"Springall D.","year":"2016","unstructured":"D. Springall, Z. Durumeric, and J. A. Halderman. Measuring the Security Harm of TLS Crypto Shortcuts. In ACM Internet Measurement Conference, 2016."},{"key":"e_1_3_2_1_110_1","volume-title":"Didn't You Hear Me?\u2014Towards More Successful Web Vulnerability Notifications","author":"Stock B.","year":"2018","unstructured":"B. Stock, G. Pellegrino, F. Li, M. Backes, and C. Rossow. Didn't You Hear Me?\u2014Towards More Successful Web Vulnerability Notifications. 2018."},{"key":"e_1_3_2_1_111_1","volume-title":"USENIX Security Symposium","author":"Stock B.","year":"2016","unstructured":"B. Stock, G. Pellegrino, C. Rossow, M. Johns, and M. Backes. Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification. In USENIX Security Symposium, 2016."},{"key":"e_1_3_2_1_112_1","volume-title":"USENIX Security Symposium","author":"Sullivan G. A.","year":"2022","unstructured":"G. A. Sullivan, J. Sippe, N. Heninger, and E. Wustrow. Open to a Fault: On the Passive Compromise of TLS Keys via Transient Errors. In USENIX Security Symposium, 2022."},{"key":"e_1_3_2_1_113_1","volume-title":"Privacy Enhancing Technologies","author":"Utz C.","year":"2023","unstructured":"C. Utz, M. Michels, M. Degeling, N. Marnau, and B. Stock. Comparing Large-Scale Privacy and Security Notifications. Privacy Enhancing Technologies, 2023."},{"key":"e_1_3_2_1_114_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987462"},{"key":"e_1_3_2_1_115_1","unstructured":"Verizon. 2024 data breach investigations report (DBIR). https:\/\/www.verizon.com\/business\/resources\/T32e\/reports\/2024-dbir-data-breach-investigations-report.pdf."},{"key":"e_1_3_2_1_116_1","volume-title":"IEEE European Symposium on Security and Privacy","author":"Vermeer M.","year":"2021","unstructured":"M. Vermeer, J. West, A. Cuevas, S. Niu, N. Christin, M. Van Eeten, T. Fiebig, C. Gan\u00e1n, and T. Moore. SoK: a Framework for Asset Discovery: Systematizing Advances in Network Measurements for Protecting Organizations. In IEEE European Symposium on Security and Privacy, 2021."},{"key":"e_1_3_2_1_117_1","volume-title":"On the Origin of Scanning: The Impact of Location on Internet-Wide Scans. In ACM Internet Measurement Conference","author":"Wan G.","year":"2020","unstructured":"G. Wan, L. Izhikevich, D. Adrian, K. Yoshioka, R. Holz, C. Rossow, and Z. Durumeric. On the Origin of Scanning: The Impact of Location on Internet-Wide Scans. In ACM Internet Measurement Conference, 2020."},{"key":"e_1_3_2_1_118_1","doi-asserted-by":"publisher","DOI":"10.14778\/3364324.3364333"},{"key":"e_1_3_2_1_119_1","unstructured":"F. Weimer. Factoring RSA Keys with TLS Perfect Forward Secrecy. Red Hat Technical Report 2015."},{"key":"e_1_3_2_1_120_1","volume-title":"ACM Internet Measurement Conference","author":"Williams G.","year":"2024","unstructured":"G. Williams and P. Pearce. Seeds of Scanning: Exploring the Effects of Datasets, Methods, and Metrics on IPv6 Internet Scanning. In ACM Internet Measurement Conference, 2024."},{"key":"e_1_3_2_1_121_1","volume-title":"International Conference on Network Simulation and Evaluation","author":"Wu B.","year":"2023","unstructured":"B. Wu, S. Zhang, Y. Liu, and Z. Yang. A Survey of Network Asset Detection Technology. In International Conference on Network Simulation and Evaluation, 2023."},{"key":"e_1_3_2_1_122_1","volume-title":"Revealing the Black Box of Device Search Engine: Scanning Assets, Strategies, and Ethical Consideration. arXiv preprint arXiv:2412.15696","author":"Wu M.","year":"2024","unstructured":"M. Wu, G. Hong, J. Chen, Q. Liu, S. Tang, Y. Li, B. Liu, H. Duan, and M. Yang. Revealing the Black Box of Device Search Engine: Scanning Assets, Strategies, and Ethical Consideration. arXiv preprint arXiv:2412.15696, 2024."},{"key":"e_1_3_2_1_123_1","unstructured":"G. Young. CQRS documents 2010. https:\/\/cqrs.wordpress.com\/."},{"key":"e_1_3_2_1_124_1","volume-title":"ACM Internet Measurement Conference","author":"Zirngibl J.","year":"2022","unstructured":"J. Zirngibl, L. Steger, P. Sattler, O. Gasser, and G. Carle. Rusty Clusters? Dusting an IPv6 Research Foundation. In ACM Internet Measurement Conference, 2022."},{"key":"e_1_3_2_1_125_1","volume-title":"Zoomeye search engine. https:\/\/www.zoomeye.hk\/","year":"2024","unstructured":"ZoomEye. Zoomeye search engine. https:\/\/www.zoomeye.hk\/, 2024."}],"event":{"name":"SIGCOMM '25: ACM SIGCOMM 2025 Conference","location":"S\u00e3o Francisco Convent Coimbra Portugal","acronym":"SIGCOMM '25","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication"]},"container-title":["Proceedings of the ACM SIGCOMM 2025 Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3718958.3754344","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T16:56:24Z","timestamp":1756313784000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3718958.3754344"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,27]]},"references-count":125,"alternative-id":["10.1145\/3718958.3754344","10.1145\/3718958"],"URL":"https:\/\/doi.org\/10.1145\/3718958.3754344","relation":{},"subject":[],"published":{"date-parts":[[2025,8,27]]},"assertion":[{"value":"2025-08-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}