{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T16:03:30Z","timestamp":1780589010039,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"name":"National Institute of Information and Communications Technology (NICT)","award":["JPJ012368C08101"],"award-info":[{"award-number":["JPJ012368C08101"]}]},{"name":"JSPS KAKENHI","award":["21KK0178"],"award-info":[{"award-number":["21KK0178"]}]},{"name":"Dutch Research Council (NWO)","award":["CS.007"],"award-info":[{"award-number":["CS.007"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1145\/3779208.3785282","type":"proceedings-article","created":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:21:58Z","timestamp":1780586518000},"page":"128-143","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["The End of Anarchy? Understanding the Life of HTTP Exploits Used in IoT Malware Infections"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-8916-0661","authenticated-orcid":false,"given":"Ryu","family":"Kuki","sequence":"first","affiliation":[{"name":"Yokohama National University, Yokohama, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6771-9915","authenticated-orcid":false,"given":"Takayuki","family":"Sasaki","sequence":"additional","affiliation":[{"name":"Yokohama National University, Yokohama, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5280-6853","authenticated-orcid":false,"given":"Arwa","family":"Al Alsadi","sequence":"additional","affiliation":[{"name":"Delft University of Technology, Delft, Netherlands"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4699-3007","authenticated-orcid":false,"given":"Carlos","family":"Ga\u00f1\u00e1n","sequence":"additional","affiliation":[{"name":"Delft University of Technology, Delft, Netherlands and Yokohama National University, Yokohama, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0964-8631","authenticated-orcid":false,"given":"Katsunari","family":"Yoshioka","sequence":"additional","affiliation":[{"name":"Yokohama National University, Yokohama, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2026,6,4]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"3522","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Alrawi O.","year":"2021","unstructured":"O. Alrawi, C. Lever, K. Valakuzhy, R. Court, K. Snow, F. Monrose, and M. Antonakakis, \u201cThe circle of life: A Large-Scale study of the IoT malware lifecycle,\u201d in 30th USENIX Security Symposium (USENIX Security 21), Aug. 2021, pp. 3505\u20133522."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3488932.3517408"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607241"},{"key":"e_1_3_2_1_4_1","volume-title":"Malware and exploits on the dark web","author":"Burgess J.","year":"2022","unstructured":"J. Burgess, \u201cMalware and exploits on the dark web,\u201d 2022."},{"key":"e_1_3_2_1_5_1","first-page":"151","volume-title":"2021 IFIP\/IEEE International Symposium on Integrated Network Management (IM)","author":"Kato S.","year":"2021","unstructured":"S. Kato, R. Tanabe, K. Yoshioka, and T. Matsumoto, \u201cAdaptive observation of emerging cyber attacks targeting various iot devices,\u201d in 2021 IFIP\/IEEE International Symposium on Integrated Network Management (IM), 2021, pp. 143\u2013151."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/CANDARW60564.2023.00055"},{"key":"e_1_3_2_1_7_1","first-page":"341","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Feng X.","year":"2018","unstructured":"X. Feng, Q. Li, H. Wang, and L. Sun, \u201cAcquisitional rule-based engine for discovering Internet-of-Things devices,\u201d in 27th USENIX Security Symposium (USENIX Security 18). Baltimore, MD: USENIX Association, Aug. 2018, pp. 327\u2013341. [Online]. Available: https:\/\/www.usenix.org\/conference\/usenixsecuritty18\/presentation\/feng"},{"key":"e_1_3_2_1_8_1","volume-title":"National Vulnerability Database","unstructured":"\u201cNational Vulnerability Database,\u201d https:\/\/nvd.nist.gov\/, Online."},{"key":"e_1_3_2_1_9_1","volume-title":"Chinese National Vulnerability Database","unstructured":"\u201cChinese National Vulnerability Database,\u201d https:\/\/www.cnvd.org.cn\/, Online."},{"key":"e_1_3_2_1_10_1","volume-title":"Vulners","unstructured":"\u201cVulners,\u201d https:\/\/vulners.com\/, Online."},{"key":"e_1_3_2_1_11_1","volume-title":"Exploit-DB","unstructured":"\u201cExploit-DB,\u201d https:\/\/www.exploit-db.com\/, Online."},{"key":"e_1_3_2_1_12_1","volume-title":"The official exploit-database repository","unstructured":"\u201cThe official exploit-database repository,\u201d https:\/\/gitlab.com\/exploit-database\/exploitdb, Online."},{"key":"e_1_3_2_1_13_1","volume-title":"GitHub","unstructured":"\u201cGitHub,\u201d https:\/\/github.com\/, Online."},{"key":"e_1_3_2_1_14_1","volume-title":"Packet Storm","unstructured":"\u201cPacket Storm,\u201d https:\/\/packetstormsecurity.com\/, Online."},{"key":"e_1_3_2_1_15_1","volume-title":"IPinfo.io","unstructured":"\u201cIPinfo.io,\u201d https:\/\/ipinfo.io\/, Online."},{"key":"e_1_3_2_1_16_1","volume-title":"s. cyber trust mark","author":"Federal Communications Commission (FCC), \u201cU.","year":"2024","unstructured":"Federal Communications Commission (FCC), \u201cU.s. cyber trust mark,\u201d https:\/\/www.fcc.gov\/CyberTrustMark, 2024."},{"key":"e_1_3_2_1_17_1","volume-title":"Japan cyber star (jc-star)","author":"J. Information-technology Promotion Agency","year":"2024","unstructured":"J. Information-technology Promotion Agency, \u201cJapan cyber star (jc-star),\u201d https:\/\/www.ipa.go.jp\/en\/security\/jc-star\/index.html, 2024."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5220\/0011784400003405"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1002\/spy2.444"},{"key":"e_1_3_2_1_20_1","volume-title":"9th USENIX Workshop on Offensive Technologies (WOOT 15)","author":"Pa Y. M. P.","year":"2015","unstructured":"Y. M. P. Pa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama, and C. Rossow, \u201cIotpot: Analysing the rise of iot compromises,\u201d in 9th USENIX Workshop on Offensive Technologies (WOOT 15), 2015."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833730"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2021.3106669"},{"key":"e_1_3_2_1_23_1","first-page":"06249","article-title":"A survey on honeypot software and data analysis","volume":"1608","author":"Nawrocki M.","year":"2016","unstructured":"M. Nawrocki, M. W\u00e4hlisch, T. C. Schmidt, C. Keil, and J. Sch\u00f6nfelder, \u201cA survey on honeypot software and data analysis,\u201d CoRR, vol. abs\/1608.06249, 2016. [Online]. Available: http:\/\/arxiv.org\/abs\/1608.06249","journal-title":"CoRR"},{"key":"e_1_3_2_1_24_1","volume-title":"AusCERT Asia Pacific Information Technology Security Conference","author":"Pouget F.","year":"2004","unstructured":"F. Pouget, M. Dacier et al., \u201cHoneypot-based forensics,\u201d in AusCERT Asia Pacific Information Technology Security Conference, 2004."},{"issue":"1","key":"e_1_3_2_1_25_1","first-page":"1","article-title":"Activity monitoring for large honeynets and network telescopes","volume":"1","author":"Francois J.","year":"2008","unstructured":"J. Francois, O. Festor et al., \u201cActivity monitoring for large honeynets and network telescopes,\u201d International Journal on Advances in Systems and Measurements, vol. 1, no. 1, pp. 1\u201313, 2008.","journal-title":"International Journal on Advances in Systems and Measurements"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/NPC.2008.82"},{"key":"e_1_3_2_1_27_1","first-page":"S128","volume-title":"A framework for attack patterns' discovery in honeynet data","author":"Thonnard O.","year":"2008","unstructured":"O. Thonnard and M. Dacier, \u201cA framework for attack patterns' discovery in honeynet data,\u201d digital investigation, vol. 5, pp. S128-S139, 2008."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/EDCC.2006.17"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1217935.1217938"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3488932.3517423"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00154"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329849"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00043"},{"key":"e_1_3_2_1_34_1","volume-title":"The menlo report: Ethical principles guiding information and communication technology research","year":"2012","unstructured":"\u201cThe menlo report: Ethical principles guiding information and communication technology research,\u201d https:\/\/www.dhs.gov\/sites\/default\/files\/publications\/CSD-MenloPrinciplesCORE-20120803_1.pdf, 2012."},{"key":"e_1_3_2_1_35_1","volume-title":"CVE-2020-8515-PoC","year":"2020","unstructured":"\u201cCVE-2020-8515-PoC,\u201d https:\/\/github.com\/imjdl\/CVE-2020-8515-PoC, Online, this work is distributed in the Apache License 2.0. (https:\/\/www.apache.org\/licenses\/LICENSE-2.0)."}],"event":{"name":"ASIA CCS '26: ACM Asia Conference on Computer and Communications Security","location":"Bangalore India","acronym":"ASIA CCS '26","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3779208.3785282","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:41:45Z","timestamp":1780587705000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3779208.3785282"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":35,"alternative-id":["10.1145\/3779208.3785282","10.1145\/3779208"],"URL":"https:\/\/doi.org\/10.1145\/3779208.3785282","relation":{},"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"2026-06-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}