{"id":"https://openalex.org/W4288057737","doi":"https://doi.org/10.1109/sp46214.2022.9833730","title":"Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices","display_name":"Exposed Infrastructures: Discovery, Attacks and Remediation of Insecure ICS Remote Management Devices","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W4288057737","doi":"https://doi.org/10.1109/sp46214.2022.9833730"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833730","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833730","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071744763","display_name":"Takayuki Sasaki","orcid":"https://orcid.org/0000-0001-8534-1346"},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Takayuki Sasaki","raw_affiliation_strings":["Yokohama National University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Yokohama National University","institution_ids":["https://openalex.org/I180203408"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113597090","display_name":"Akira Fujita","orcid":null},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]},{"id":"https://openalex.org/I90023481","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349","country_code":"JP","type":"facility","lineage":["https://openalex.org/I90023481"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Akira Fujita","raw_affiliation_strings":["Yokohama National University","National Institute of Information and Communications Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Yokohama National University","institution_ids":["https://openalex.org/I180203408"]},{"raw_affiliation_string":"National Institute of Information and Communications Technology","institution_ids":["https://openalex.org/I90023481"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048211807","display_name":"Carlos Ga\u00f1\u00e1n","orcid":"https://orcid.org/0000-0002-4699-3007"},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]},{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["JP","NL"],"is_corresponding":false,"raw_author_name":"Carlos H. Ga\u00f1\u00e1n","raw_affiliation_strings":["TU Delft","Yokohama National University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Delft","institution_ids":["https://openalex.org/I98358874"]},{"raw_affiliation_string":"Yokohama National University","institution_ids":["https://openalex.org/I180203408"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012946294","display_name":"Michel van Eeten","orcid":"https://orcid.org/0000-0002-0338-2812"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]},{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]}],"countries":["JP","NL"],"is_corresponding":false,"raw_author_name":"Michel van Eeten","raw_affiliation_strings":["TU Delft","Yokohama National University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TU Delft","institution_ids":["https://openalex.org/I98358874"]},{"raw_affiliation_string":"Yokohama National University","institution_ids":["https://openalex.org/I180203408"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028367744","display_name":"Katsunari Yoshioka","orcid":"https://orcid.org/0000-0003-0964-8631"},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Katsunari Yoshioka","raw_affiliation_strings":["Yokohama National University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Yokohama National University","institution_ids":["https://openalex.org/I180203408"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108109302","display_name":"Tsutomu Matsumoto","orcid":null},"institutions":[{"id":"https://openalex.org/I180203408","display_name":"Yokohama National University","ror":"https://ror.org/03zyp6p76","country_code":"JP","type":"education","lineage":["https://openalex.org/I180203408"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Tsutomu Matsumoto","raw_affiliation_strings":["Yokohama National University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Yokohama National University","institution_ids":["https://openalex.org/I180203408"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5071744763"],"corresponding_institution_ids":["https://openalex.org/I180203408"],"apc_list":null,"apc_paid":null,"fwci":12.9789,"has_fulltext":false,"cited_by_count":40,"citation_normalized_percentile":{"value":0.99527068,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"2379","last_page":"2396"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/modbus","display_name":"Modbus","score":0.664923906326294},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5854856371879578},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.576994776725769},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5599643588066101},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.557616651058197},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.5393360257148743},{"id":"https://openalex.org/keywords/remote-control","display_name":"Remote control","score":0.5019071102142334},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.4555273652076721},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.41816407442092896},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2302171289920807},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.21105849742889404},{"id":"https://openalex.org/keywords/communications-protocol","display_name":"Communications protocol","score":0.20269814133644104},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09836277365684509}],"concepts":[{"id":"https://openalex.org/C2776666747","wikidata":"https://www.wikidata.org/wiki/Q1135322","display_name":"Modbus","level":3,"score":0.664923906326294},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5854856371879578},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.576994776725769},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5599643588066101},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.557616651058197},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.5393360257148743},{"id":"https://openalex.org/C557691694","wikidata":"https://www.wikidata.org/wiki/Q185091","display_name":"Remote control","level":2,"score":0.5019071102142334},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.4555273652076721},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.41816407442092896},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2302171289920807},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.21105849742889404},{"id":"https://openalex.org/C12269588","wikidata":"https://www.wikidata.org/wiki/Q132364","display_name":"Communications protocol","level":2,"score":0.20269814133644104},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09836277365684509},{"id":"https://openalex.org/C157915830","wikidata":"https://www.wikidata.org/wiki/Q2928001","display_name":"Bubble","level":2,"score":0.0},{"id":"https://openalex.org/C129307140","wikidata":"https://www.wikidata.org/wiki/Q6795880","display_name":"Maximum bubble pressure method","level":3,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/sp46214.2022.9833730","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833730","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},{"id":"pmh:oai:tudelft.nl:uuid:ed7095bd-a3d5-43a4-a709-445d5bb348be","is_oa":false,"landing_page_url":"http://resolver.tudelft.nl/uuid:ed7095bd-a3d5-43a4-a709-445d5bb348be","pdf_url":null,"source":{"id":"https://openalex.org/S4306400906","display_name":"Research Repository (Delft University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I98358874","host_organization_name":"Delft University of Technology","host_organization_lineage":["https://openalex.org/I98358874"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"conference paper"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5400000214576721,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G1185133503","display_name":null,"funder_award_id":"CS.007","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G3723536152","display_name":null,"funder_award_id":"JPJ000254","funder_id":"https://openalex.org/F4320325628","funder_display_name":"Ministry of Internal Affairs and Communications"},{"id":"https://openalex.org/G6825320561","display_name":null,"funder_award_id":"VidW.1154.19.011","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"}],"funders":[{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320324891","display_name":"Iran Telecommunication Research Center","ror":"https://ror.org/01a3g2z22"},{"id":"https://openalex.org/F4320325628","display_name":"Ministry of Internal Affairs and Communications","ror":"https://ror.org/00vs1pz50"},{"id":"https://openalex.org/F4320335839","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W313385724","https://openalex.org/W1669806660","https://openalex.org/W2085457667","https://openalex.org/W2112736324","https://openalex.org/W2253731897","https://openalex.org/W2292723020","https://openalex.org/W2295108256","https://openalex.org/W2295872627","https://openalex.org/W2316818372","https://openalex.org/W2341612996","https://openalex.org/W2360903897","https://openalex.org/W2463495559","https://openalex.org/W2540831950","https://openalex.org/W2562876364","https://openalex.org/W2608113618","https://openalex.org/W2623359660","https://openalex.org/W2794007494","https://openalex.org/W2800590803","https://openalex.org/W2923481942","https://openalex.org/W2945816945","https://openalex.org/W3034480370","https://openalex.org/W3128124346","https://openalex.org/W4288079454","https://openalex.org/W6691499162","https://openalex.org/W6719104381","https://openalex.org/W6730584882","https://openalex.org/W6750946276"],"related_works":["https://openalex.org/W2789663798","https://openalex.org/W2375896275","https://openalex.org/W4230913293","https://openalex.org/W2166943775","https://openalex.org/W2775236000","https://openalex.org/W2073762068","https://openalex.org/W2151915331","https://openalex.org/W2071426633","https://openalex.org/W2369443931","https://openalex.org/W2372573519"],"abstract_inverted_index":{"Geographically":[0],"distributed":[1],"infrastructures,":[2],"such":[3,56],"as":[4,35,131],"buildings,":[5],"dams,":[6],"and":[7,23,44,46,63,77,200,211,251],"solar":[8],"power":[9],"plants,":[10],"are":[11,92],"commonly":[12],"maintained":[13],"via":[14,71,244],"Internet-connected":[15],"remote":[16,32,118,195],"management":[17,33,119,196],"devices.":[18],"Previous":[19],"studies":[20],"on":[21,185],"detecting":[22],"securing":[24],"industrial":[25,106],"control":[26,104],"systems":[27,107],"(ICS)":[28],"have":[29,137],"overlooked":[30],"these":[31,69,90,149,163],"devices,":[34,120],"they":[36,233],"do":[37,48,167],"not":[38,49],"expose":[39],"ICS-specific":[40],"services":[41],"like":[42],"Modbus":[43],"BACnet":[45],"thus":[47],"show":[50,86,152],"up":[51],"in":[52,81,206,226,268],"Internet-wide":[53],"scans":[54],"for":[55,68,248,257],"services.":[57],"In":[58],"this":[59],"paper,":[60],"we":[61,121,151,189,263],"implement":[62],"validate":[64],"a":[65,112,157,245],"discovery":[66],"method":[67,216],"devices":[70,80,91,197,210,230,250,261],"their":[72,242],"Web":[73],"User":[74],"Interface":[75],"(WebUI)":[76],"detect":[78],"890":[79],"Japan":[82],"alone.":[83],"We":[84,202,240],"also":[85],"that":[87,147,153,214,232,253],"many":[88],"of":[89,127,160,192,208,223,228,259,270],"highly":[93],"insecure.":[94],"Many":[95],"allow":[96],"access":[97],"to":[98,141,173],"the":[99,103,142,177,186,209,220,224,229,238,260,266,271],"status":[100],"or":[101,133,235],"even":[102],"over":[105,154],"without":[108],"proper":[109],"authentication.":[110],"Taking":[111],"closer":[113],"look":[114],"at":[115],"three":[116],"prevalent":[117],"discovered":[122],"13":[123],"0-day":[124],"vulnerabilities,":[125],"several":[126],"which":[128],"were":[129,255],"rated":[130],"medium":[132],"high":[134],"severity.":[135],"They":[136],"been":[138],"responsibly":[139],"disclosed":[140],"manufacturers.":[143],"By":[144],"using":[145],"honeypots":[146],"imitate":[148],"systems,":[150,164],"time,":[155],"only":[156],"small":[158],"number":[159],"attackers":[161],"enter":[162],"but":[165],"some":[166],"change":[168],"critical":[169],"parameters.":[170],"Attackers":[171],"appear":[172],"interact":[174],"more":[175,180],"with":[176],"system":[178],"when":[179,262],"facility":[181],"information":[182],"is":[183],"displayed":[184],"WebUI.":[187],"Finally,":[188],"notified":[190],"operators":[191],"317":[193],"vulnerable":[194,249],"by":[198],"email":[199],"telephone.":[201],"reached":[203],"212":[204],"persons":[205,225,267],"charge":[207,227,269],"received":[212],"confirmation":[213],"our":[215],"had":[217],"correctly":[218],"identified":[219],"device.":[221,272],"50%":[222],"stated":[231],"mitigated":[234],"will":[236],"mitigate":[237],"problem.":[239],"confirmed":[241],"actions":[243],"followup":[246],"scan":[247],"found":[252],"measures":[254],"taken":[256],"58%":[258],"could":[264],"reach":[265]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":10},{"year":2024,"cited_by_count":11},{"year":2023,"cited_by_count":14},{"year":2022,"cited_by_count":2}],"updated_date":"2026-06-05T09:01:59.212387","created_date":"2025-10-10T00:00:00"}