{"id":"https://openalex.org/W4403511290","doi":"https://doi.org/10.1109/tce.2024.3482708","title":"Your IP Camera Can Be Abused for Payments: A Study of IoT Exploitation for Financial Services Leveraging Shodan and Criminal Infrastructures","display_name":"Your IP Camera Can Be Abused for Payments: A Study of IoT Exploitation for Financial Services Leveraging Shodan and Criminal Infrastructures","publication_year":2024,"publication_date":"2024-10-17","ids":{"openalex":"https://openalex.org/W4403511290","doi":"https://doi.org/10.1109/tce.2024.3482708"},"language":"en","primary_location":{"id":"doi:10.1109/tce.2024.3482708","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tce.2024.3482708","pdf_url":null,"source":{"id":"https://openalex.org/S126824455","display_name":"IEEE Transactions on Consumer Electronics","issn_l":"0098-3063","issn":["0098-3063","1558-4127"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Consumer Electronics","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066023126","display_name":"Yuba R. Siwakoti","orcid":"https://orcid.org/0009-0007-7074-1188"},"institutions":[{"id":"https://openalex.org/I137853757","display_name":"Howard University","ror":"https://ror.org/05gt1vc06","country_code":"US","type":"education","lineage":["https://openalex.org/I137853757"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yuba R. Siwakoti","raw_affiliation_strings":["Howard University, Washington, DC, USA","Department of Electrical and Computer Science, Howard University, Washington, DC, USA"],"affiliations":[{"raw_affiliation_string":"Howard University, Washington, DC, USA","institution_ids":["https://openalex.org/I137853757"]},{"raw_affiliation_string":"Department of Electrical and Computer Science, Howard University, Washington, DC, USA","institution_ids":["https://openalex.org/I137853757"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085147127","display_name":"Manish Bhurtel","orcid":"https://orcid.org/0000-0003-0699-4889"},"institutions":[{"id":"https://openalex.org/I137853757","display_name":"Howard University","ror":"https://ror.org/05gt1vc06","country_code":"US","type":"education","lineage":["https://openalex.org/I137853757"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Manish Bhurtel","raw_affiliation_strings":["Department of Electrical and Computer Science, Howard University, Washington, DC, USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Science, Howard University, Washington, DC, USA","institution_ids":["https://openalex.org/I137853757"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046343080","display_name":"Danda B. Rawat","orcid":"https://orcid.org/0000-0003-3638-3464"},"institutions":[{"id":"https://openalex.org/I137853757","display_name":"Howard University","ror":"https://ror.org/05gt1vc06","country_code":"US","type":"education","lineage":["https://openalex.org/I137853757"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Danda B. Rawat","raw_affiliation_strings":["Department of Electrical and Computer Science, Howard University, Washington, DC, USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Science, Howard University, Washington, DC, USA","institution_ids":["https://openalex.org/I137853757"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000604351","display_name":"Adam Oest","orcid":"https://orcid.org/0000-0002-4313-3714"},"institutions":[{"id":"https://openalex.org/I1302135459","display_name":"PayPal (United States)","ror":"https://ror.org/016jadm77","country_code":"US","type":"company","lineage":["https://openalex.org/I1302135459"]},{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Adam Oest","raw_affiliation_strings":["Security Department, PayPal Inc., San Jose, CA, USA","Amazon, AZ, US"],"affiliations":[{"raw_affiliation_string":"Security Department, PayPal Inc., San Jose, CA, USA","institution_ids":["https://openalex.org/I1302135459"]},{"raw_affiliation_string":"Amazon, AZ, US","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5030454129","display_name":"RC Johnson","orcid":null},"institutions":[{"id":"https://openalex.org/I1305429384","display_name":"JPMorgan Chase & Co (United States)","ror":"https://ror.org/01x3kkr08","country_code":"US","type":"company","lineage":["https://openalex.org/I1305429384"]},{"id":"https://openalex.org/I1302135459","display_name":"PayPal (United States)","ror":"https://ror.org/016jadm77","country_code":"US","type":"company","lineage":["https://openalex.org/I1302135459"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"RC Johnson","raw_affiliation_strings":["PayPal Inc., San Jose, CA, USA","JPMorgan Chase, AZ, USA"],"affiliations":[{"raw_affiliation_string":"PayPal Inc., San Jose, CA, USA","institution_ids":["https://openalex.org/I1302135459"]},{"raw_affiliation_string":"JPMorgan Chase, AZ, USA","institution_ids":["https://openalex.org/I1305429384"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5066023126"],"corresponding_institution_ids":["https://openalex.org/I137853757"],"apc_list":null,"apc_paid":null,"fwci":1.7184,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.88391953,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":"70","issue":"4","first_page":"7562","last_page":"7573"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.907800018787384,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.907800018787384,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/payment","display_name":"Payment","score":0.799350380897522},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6013125777244568},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.5813546180725098},{"id":"https://openalex.org/keywords/financial-services","display_name":"Financial services","score":0.4501205086708069},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3710128962993622},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.3619534969329834},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.32926952838897705}],"concepts":[{"id":"https://openalex.org/C145097563","wikidata":"https://www.wikidata.org/wiki/Q1148747","display_name":"Payment","level":2,"score":0.799350380897522},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6013125777244568},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.5813546180725098},{"id":"https://openalex.org/C139043278","wikidata":"https://www.wikidata.org/wiki/Q837171","display_name":"Financial services","level":2,"score":0.4501205086708069},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3710128962993622},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.3619534969329834},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.32926952838897705}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tce.2024.3482708","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tce.2024.3482708","pdf_url":null,"source":{"id":"https://openalex.org/S126824455","display_name":"IEEE Transactions on Consumer Electronics","issn_l":"0098-3063","issn":["0098-3063","1558-4127"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Consumer Electronics","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.47999998927116394}],"awards":[{"id":"https://openalex.org/G4114661379","display_name":null,"funder_award_id":"W911NF-20-2-0277","funder_id":"https://openalex.org/F4320338295","funder_display_name":"Army Research Laboratory"},{"id":"https://openalex.org/G6678393747","display_name":null,"funder_award_id":"203958","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"}],"funders":[{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"},{"id":"https://openalex.org/F4320338295","display_name":"Army Research Laboratory","ror":"https://ror.org/011hc8f90"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W1977661704","https://openalex.org/W1998690350","https://openalex.org/W2581042172","https://openalex.org/W2745141831","https://openalex.org/W2785945928","https://openalex.org/W2789904583","https://openalex.org/W2800306076","https://openalex.org/W2860610442","https://openalex.org/W2903294440","https://openalex.org/W2911547762","https://openalex.org/W2945441410","https://openalex.org/W2980318030","https://openalex.org/W2986144686","https://openalex.org/W3004171232","https://openalex.org/W3043781642","https://openalex.org/W3084102164","https://openalex.org/W3094434138","https://openalex.org/W3128124346","https://openalex.org/W3175402960","https://openalex.org/W3185095951","https://openalex.org/W3203063668","https://openalex.org/W4295928027","https://openalex.org/W4312369036","https://openalex.org/W4323338381","https://openalex.org/W4361770927","https://openalex.org/W4386274113","https://openalex.org/W4387126888","https://openalex.org/W4387834972","https://openalex.org/W6767139982"],"related_works":["https://openalex.org/W4245926026","https://openalex.org/W4311097251","https://openalex.org/W2586548817","https://openalex.org/W2625093826","https://openalex.org/W4200598720","https://openalex.org/W2921026492","https://openalex.org/W4247463117","https://openalex.org/W4361251261","https://openalex.org/W3031181660","https://openalex.org/W4238100021"],"abstract_inverted_index":{"The":[0],"Internet":[1],"of":[2,28],"Things":[3],"(IoT)":[4],"devices":[5,22,39,77,102,145],"are":[6,23,103,141],"being":[7],"abused":[8,107,143],"by":[9,40,74,79,149],"exploiting":[10],"their":[11],"vulnerabilities.":[12],"Despite":[13],"the":[14,85],"significant":[15],"efforts":[16],"to":[17,71],"improve":[18],"IoT":[19,21,38,61,76,101,144],"security,":[20],"still":[24],"at":[25],"higher":[26],"risk":[27],"exploitation":[29],"than":[30],"computer":[31],"systems.":[32],"First,":[33],"this":[34],"paper":[35],"identifies":[36],"vulnerable":[37],"applying":[41],"a":[42],"sampling":[43],"strategy":[44],"incorporating":[45],"Common":[46],"Vulnerabilities":[47],"and":[48,54,89,106,118,127,129],"Exposures":[49],"(CVE)":[50],"entries,":[51],"Shodan\u2019s":[52],"exposure,":[53],"public":[55],"research":[56],"documents.":[57],"Then,":[58],"we":[59,94],"investigated":[60],"abuses":[62],"in":[63,84,110],"financial":[64,119],"crimes":[65,120],"for":[66],"17":[67],"months":[68],"(October":[69],"2021":[70],"February":[72],"2023)":[73],"mapping":[75],"exposed":[78,100],"Shodan":[80],"with":[81,96],"proxies":[82,109],"found":[83],"darknet,":[86],"underground":[87],"forums,":[88],"Telegram":[90],"channels.":[91],"After":[92],"investigation,":[93],"conclude":[95],"reasonable":[97],"confidence":[98],"that":[99,136],"taken":[104],"over":[105],"as":[108,114,146],"criminal":[111],"activities":[112],"such":[113],"credential":[115],"stuffing":[116],"attacks":[117],"like":[121],"illegal":[122],"money":[123],"transfers,":[124],"cryptocurrency":[125],"trading":[126],"stealing,":[128],"credit":[130],"card":[131],"fraud.":[132],"Our":[133],"study":[134],"reveals":[135],"cameras":[137],"(IP,":[138],"network,":[139],"security)":[140],"mostly":[142],"proxies,":[147],"followed":[148],"NAS":[150],"storage.":[151]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}