{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,3,3]],"date-time":"2024-03-03T00:07:13Z","timestamp":1709424433633},"reference-count":31,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Fundamentals"],"published-print":{"date-parts":[[2024,3,1]]},"DOI":"10.1587\/transfun.2023cip0018","type":"journal-article","created":{"date-parts":[[2023,9,18]],"date-time":"2023-09-18T22:18:22Z","timestamp":1695075502000},"page":"291-305","source":"Crossref","is-referenced-by-count":0,"title":["Observation of Human-Operated Accesses Using Remote Management Device Honeypot"],"prefix":"10.1587","volume":"E107.A","author":[{"given":"Takayuki","family":"SASAKI","sequence":"first","affiliation":[{"name":"Yokohama National University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mami","family":"KAWAGUCHI","sequence":"additional","affiliation":[{"name":"Yokohama National University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Takuhiro","family":"KUMAGAI","sequence":"additional","affiliation":[{"name":"Yokohama National University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Katsunari","family":"YOSHIOKA","sequence":"additional","affiliation":[{"name":"Yokohama National University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tsutomu","family":"MATSUMOTO","sequence":"additional","affiliation":[{"name":"Yokohama National University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"532","reference":[{"key":"1","doi-asserted-by":"publisher","unstructured":"[1] G. Stergiopoulos, D.A. Gritzalis, and E. Limnaios, \u201cCyber-attacks on the oil & gas sector: A survey on incident assessment and attack patterns,\u201d IEEE Access, vol.8, pp.128440-128475, 2020. 10.1109\/access.2020.3007960","DOI":"10.1109\/ACCESS.2020.3007960"},{"key":"2","unstructured":"[2] Trend Micro, German steel plant suffers significant damage from targeted attack, https:\/\/www.trendmicro.com\/vinfo\/fr\/security\/news\/cyber-attacks\/german-steel-plant-suffers-significant-damage-from-targeted-attack, 2015."},{"key":"3","unstructured":"[3] Survey of vulnerable devices (Japanese). http:\/\/www.soumu.go.jp\/menu_news\/s-news\/01ryutsu03_02000154.html"},{"key":"4","unstructured":"[4] N. Zhang, S. Demetriou, X. Mi, W. Diao, K. Yuan, P. Zong, F. Qian, X. Wang, K. Chen, Y. Tian, C.A. Gunter, K. Zhang, P. Tague, and Y.-H. Lin, \u201cUnderstanding iot security through the data crystal ball: Where we are now and where we are going to be,\u201d CoRR, abs\/1703.09809, 2017. 10.48550\/arXiv.1703.09809"},{"key":"5","doi-asserted-by":"crossref","unstructured":"[5] T. Sasaki, A. Fujita, C.H. Ganan, M. van Eeten, K. Yoshioka, and T. Matsumoto, \u201cExposed infrastructures: Discovery, attacks and remediation of insecure ICS remote management devices,\u201d IEEE SP, 2022. 10.1109\/sp46214.2022.9833730","DOI":"10.1109\/SP46214.2022.9833730"},{"key":"6","unstructured":"[6] Yin Minn PaPa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama, and C. Rossow, \u201cIoTPOT: Analysing the rise of iot compromises,\u201d 9th USENIX Workshop on Offensive Technologies (WOOT 15), Washington, D.C., 2015."},{"key":"7","doi-asserted-by":"publisher","unstructured":"[7] Yin Minn PaPa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama, and C. Rossow, \u201cIoTPOT: A novel honeypot for revealing current IoT threats,\u201d Journal of Information Processing, vol.24, no.3, pp.522-533, 2016. 10.2197\/ipsjjip.24.522","DOI":"10.2197\/ipsjjip.24.522"},{"key":"8","unstructured":"[8] Conpot, https:\/\/github.com\/mushorg\/conpot"},{"key":"9","unstructured":"[9] Shodan, https:\/\/www.shodan.io\/"},{"key":"10","unstructured":"[10] Censys, https:\/\/censys.io\/"},{"key":"11","unstructured":"[11] Zoomeye, https:\/\/www.zoomeye.org\/"},{"key":"12","unstructured":"[12] M. Nawrocki, M. \u00e4hlisch, T.C. Schmidt, C. Keil, and J. Sch\u00f6nfelder, \u201cA survey on honeypot software and data analysis,\u201d CoRR, abs\/1608.06249, 2016."},{"key":"13","unstructured":"[13] Guerrilla mail, https:\/\/www.guerrillamail.com\/"},{"key":"14","unstructured":"[14] Kasm workspaces, https:\/\/www-develop.kasmweb.com\/"},{"key":"15","doi-asserted-by":"crossref","unstructured":"[15] T. Sasaki, K. Yoshioka, and T. Matsumoto, \u201cWho are you? OSINT-based profiling of infrastructure honeypot visitors,\u201d 2023 11th International Symposium on Digital Forensics and Security (ISDFS), pp.1-6, 2023. 10.1109\/isdfs58141.2023.10131856","DOI":"10.1109\/ISDFS58141.2023.10131856"},{"key":"16","doi-asserted-by":"crossref","unstructured":"[16] D.I. Buza, F. Juh\u00e1sz, G. Miru, M. F\u00e9legyh\u00e1zi, and T. Holczer, \u201cCryPLH: Protecting smart energy systems from targeted attacks with a PLC honeypot,\u201d Smart Grid Security, J. Cuellar, ed., pp.181-192, Springer International Publishing, Cham, 2014. 10.1007\/978-3-319-10329-7_12","DOI":"10.1007\/978-3-319-10329-7_12"},{"key":"17","doi-asserted-by":"crossref","unstructured":"[17] D. Antonioli, A. Agrawal, and N.O. Tippenhauer, \u201cTowards high-interaction virtual ICS honeypots-in-a-box,\u201d Proc. 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy, CPS-SPC'16, pp.13-22, New York, NY, USA, 2016. 10.1145\/2994487.2994493","DOI":"10.1145\/2994487.2994493"},{"key":"18","doi-asserted-by":"crossref","unstructured":"[18] D. Antonioli and N.O. Tippenhauer, \u201cMiniCPS: A toolkit for security research on CPS networks,\u201d Proc. First ACM Workshop on Cyber-Physical Systems-Security and\/or PrivaCy, CPS-SPC'15, pp.91-100, New York, NY, USA, 2015. 10.1145\/2808705.2808715","DOI":"10.1145\/2808705.2808715"},{"key":"19","doi-asserted-by":"publisher","unstructured":"[19] H. Naruoka, M. Matsuta, W. Machii, T. Aoyama, M. Koike, I. Koshijima, and Y. Hashimoto, \u201cICS honeypot system (CamouflageNet) based on attacker's human factors,\u201d Procedia Manufacturing, vol.3, pp.1074-1081, 2015. 6th International Conference on Applied Human Factors and Ergonomics (AHFE 2015) and the Affiliated Conferences, AHFE 2015. 10.1016\/j.promfg.2015.07.175","DOI":"10.1016\/j.promfg.2015.07.175"},{"key":"20","unstructured":"[20] C. Perine, L. Remorin, M. R\u00f6sler, S. Hilt, F. Maggi and R. Vosseler, \u201cCaught in the act: Running a realistic factory honeypot to capture real threats,\u201d 2020."},{"key":"21","unstructured":"[21] P. Simoes, T. Cruz, J. Proen\u00e7a, and E. Monteiro, \u201cOn the use of honeypots for detecting cyber attacks on industrial control networks,\u201d July 2013."},{"key":"22","doi-asserted-by":"crossref","unstructured":"[22] P. Sim\u00f5es, T. Cruz, J. Proen\u00e7a, and E. Monteiro, \u201cSpecialized honeypots for SCADA systems,\u201d Cyber Security: Analytics, Technology and Automation, pp.251-269, Springer, Cham, 2015. 10.1007\/978-3-319-18302-2_16","DOI":"10.1007\/978-3-319-18302-2_16"},{"key":"23","doi-asserted-by":"crossref","unstructured":"[23] T. Barron and N. Nikiforakis, \u201cPicky attackers: Quantifying the role of system properties on intruder behavior,\u201d Proc. 33rd Annual Computer Security Applications Conference, ACSAC 2017, pp.387-398, 2017. 10.1145\/3134600.3134614","DOI":"10.1145\/3134600.3134614"},{"key":"24","doi-asserted-by":"crossref","unstructured":"[24] B. Farinholt, M. Rezaeirad, P. Pearce, H. Dharmdasani, H. Yin, S.L. Blond, D. McCoy, and K. Levchenko, \u201cTo catch a ratter: Monitoring the behavior of amateur darkcomet RAT operators in the wild, 2017 IEEE Symposium on Security and Privacy (SP), 2017. 10.1109\/sp.2017.48","DOI":"10.1109\/SP.2017.48"},{"key":"25","unstructured":"[25] M. Rezaeirad, B. Farinholt, H. Dharmdasani, P. Pearce, K. Levchenko, and D. McCoy, \u201cSchr\u00f6dinger's RAT: Profiling the stakeholders in the remote access trojan ecosystem,\u201d 27th USENIX Security Symposium (USENIX Security 18), pp.1043-1060, Baltimore, MD, 2018."},{"key":"26","unstructured":"[26] T. Vaidya, \u201c2001-2013: Survey and analysis of major cyberattacks,\u201d CoRR, abs\/1507.06673, 2015. 10.48550\/arXiv.1507.06673"},{"key":"27","doi-asserted-by":"publisher","unstructured":"[27] X. Li, \u201cA review of motivations of illegal cyber activities,\u201d Criminology & Social Integration, vol.25, no.1, pp.110-126, 2017. 10.31299\/ksi.25.1.4","DOI":"10.31299\/ksi.25.1.4"},{"key":"28","unstructured":"[28] Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure."},{"key":"29","doi-asserted-by":"crossref","unstructured":"[29] L. Ablon, Data Thieves: The Motivations of Cyber Threat Actors and Their Use and Monetization of Stolen Data, RAND Corporation, Santa Monica, CA, 2018.","DOI":"10.7249\/CT490"},{"key":"30","doi-asserted-by":"crossref","unstructured":"[30] Z. Jia, X. Cui, Q. Liu, X. Wang, and C. Liu, \u201cMicro-honeypot: Using browser fingerprinting to track attackers,\u201d 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), pp.197-204, 2018. 10.1109\/dsc.2018.00036","DOI":"10.1109\/DSC.2018.00036"},{"key":"31","unstructured":"[31] The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research, https:\/\/www.dhs.gov\/sites\/default\/files\/publications\/CSD-MenloPrinciplesCORE-20120803_1.pdf, 2012."}],"container-title":["IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E107.A\/3\/E107.A_2023CIP0018\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,2]],"date-time":"2024-03-02T03:28:36Z","timestamp":1709350116000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E107.A\/3\/E107.A_2023CIP0018\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,3,1]]},"references-count":31,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2024]]}},"URL":"https:\/\/doi.org\/10.1587\/transfun.2023cip0018","relation":{},"ISSN":["0916-8508","1745-1337"],"issn-type":[{"value":"0916-8508","type":"print"},{"value":"1745-1337","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,1]]},"article-number":"2023CIP0018"}}