{"id":"https://openalex.org/W2807540840","doi":"https://doi.org/10.1109/tifs.2019.2895955","title":"Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization","display_name":"Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization","publication_year":2019,"publication_date":"2019-01-29","ids":{"openalex":"https://openalex.org/W2807540840","doi":"https://doi.org/10.1109/tifs.2019.2895955","mag":"2807540840"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2019.2895955","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2019.2895955","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1805.11666","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082153975","display_name":"Salman Salamatian","orcid":null},"institutions":[{"id":"https://openalex.org/I4210110987","display_name":"IIT@MIT","ror":"https://ror.org/01wp8zh54","country_code":"US","type":"facility","lineage":["https://openalex.org/I30771326","https://openalex.org/I4210110987"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Salman Salamatian","raw_affiliation_strings":["Department of Electrical Engineering and Computer Science, MIT Cambridge, MA, USA"],"raw_orcid":"https://orcid.org/0000-0002-3773-8442","affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering and Computer Science, MIT Cambridge, MA, USA","institution_ids":["https://openalex.org/I4210110987"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043037048","display_name":"Wasim Huleihel","orcid":"https://orcid.org/0000-0001-7500-1911"},"institutions":[{"id":"https://openalex.org/I63966007","display_name":"Massachusetts Institute of Technology","ror":"https://ror.org/042nb2s44","country_code":"US","type":"education","lineage":["https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wasim Huleihel","raw_affiliation_strings":["Research Laboratory of Electronics, Massachusetts Institute of Technology, Cambridge, MA, USA;"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Laboratory of Electronics, Massachusetts Institute of Technology, Cambridge, MA, USA;","institution_ids":["https://openalex.org/I63966007"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008645615","display_name":"Ahmad Beirami","orcid":"https://orcid.org/0000-0002-1998-5271"},"institutions":[{"id":"https://openalex.org/I63966007","display_name":"Massachusetts Institute of Technology","ror":"https://ror.org/042nb2s44","country_code":"US","type":"education","lineage":["https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ahmad Beirami","raw_affiliation_strings":["Dept. of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge (MA), USA"],"raw_orcid":"https://orcid.org/0000-0002-1998-5271","affiliations":[{"raw_affiliation_string":"Dept. of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge (MA), USA","institution_ids":["https://openalex.org/I63966007"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050033032","display_name":"Asaf Cohen","orcid":"https://orcid.org/0000-0002-9567-5793"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Asaf Cohen","raw_affiliation_strings":["Department of Electrical Engineering, Ben-Gurion University of the Negev, Beersheba, Israel"],"raw_orcid":"https://orcid.org/0000-0002-9567-5793","affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering, Ben-Gurion University of the Negev, Beersheba, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075370174","display_name":"Muriel M\u00e9dard","orcid":"https://orcid.org/0000-0003-4059-407X"},"institutions":[{"id":"https://openalex.org/I4210110987","display_name":"IIT@MIT","ror":"https://ror.org/01wp8zh54","country_code":"US","type":"facility","lineage":["https://openalex.org/I30771326","https://openalex.org/I4210110987"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Muriel Medard","raw_affiliation_strings":["Department of Electrical Engineering and Computer Science, MIT Cambridge, MA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering and Computer Science, MIT Cambridge, MA, USA","institution_ids":["https://openalex.org/I4210110987"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.7053,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.76917711,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":96},"biblio":{"volume":"14","issue":"9","first_page":"2288","last_page":"2299"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/brute-force-attack","display_name":"Brute-force attack","score":0.8033276796340942},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7865682244300842},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.6065284609794617},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6029735803604126},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.5828370451927185},{"id":"https://openalex.org/keywords/synchronization","display_name":"Synchronization (alternating current)","score":0.5504891276359558},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.544224739074707},{"id":"https://openalex.org/keywords/asynchronous-communication","display_name":"Asynchronous communication","score":0.5375755429267883},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4208261966705322},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.2711293697357178},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.2431524395942688},{"id":"https://openalex.org/keywords/channel","display_name":"Channel (broadcasting)","score":0.23228582739830017}],"concepts":[{"id":"https://openalex.org/C207468940","wikidata":"https://www.wikidata.org/wiki/Q869370","display_name":"Brute-force attack","level":3,"score":0.8033276796340942},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7865682244300842},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.6065284609794617},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6029735803604126},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.5828370451927185},{"id":"https://openalex.org/C2778562939","wikidata":"https://www.wikidata.org/wiki/Q1298791","display_name":"Synchronization (alternating current)","level":3,"score":0.5504891276359558},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.544224739074707},{"id":"https://openalex.org/C151319957","wikidata":"https://www.wikidata.org/wiki/Q752739","display_name":"Asynchronous communication","level":2,"score":0.5375755429267883},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4208261966705322},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2711293697357178},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2431524395942688},{"id":"https://openalex.org/C127162648","wikidata":"https://www.wikidata.org/wiki/Q16858953","display_name":"Channel (broadcasting)","level":2,"score":0.23228582739830017},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1109/tifs.2019.2895955","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2019.2895955","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1805.11666","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1805.11666","pdf_url":"https://arxiv.org/pdf/1805.11666","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:2807540840","is_oa":true,"landing_page_url":"https://arxiv.org/pdf/1805.11666v2","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"pmh:oai:dspace.mit.edu:1721.1/136220","is_oa":true,"landing_page_url":"https://hdl.handle.net/1721.1/136220","pdf_url":null,"source":{"id":"https://openalex.org/S4306400425","display_name":"DSpace@MIT (Massachusetts Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I63966007","host_organization_name":"Massachusetts Institute of Technology","host_organization_lineage":["https://openalex.org/I63966007"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv","raw_type":"http://purl.org/eprint/type/JournalArticle"},{"id":"doi:10.48550/arxiv.1805.11666","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1805.11666","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1805.11666","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1805.11666","pdf_url":"https://arxiv.org/pdf/1805.11666","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7900000214576721}],"awards":[{"id":"https://openalex.org/G4719454620","display_name":null,"funder_award_id":"HR0011-17-C-0050","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G5258291282","display_name":null,"funder_award_id":"CCF-1527270","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W1651134482","https://openalex.org/W1874092637","https://openalex.org/W2001935257","https://openalex.org/W2006726173","https://openalex.org/W2024493876","https://openalex.org/W2048755632","https://openalex.org/W2049791310","https://openalex.org/W2073342447","https://openalex.org/W2099177213","https://openalex.org/W2106695582","https://openalex.org/W2112267744","https://openalex.org/W2118308679","https://openalex.org/W2123097583","https://openalex.org/W2131814097","https://openalex.org/W2137753450","https://openalex.org/W2148808905","https://openalex.org/W2151170200","https://openalex.org/W2156589055","https://openalex.org/W2156745536","https://openalex.org/W2163402243","https://openalex.org/W2163465499","https://openalex.org/W2165203736","https://openalex.org/W2232733999","https://openalex.org/W2538793708","https://openalex.org/W2734150319","https://openalex.org/W2744780413","https://openalex.org/W2787743471","https://openalex.org/W2794001933","https://openalex.org/W2794597466","https://openalex.org/W2962685566","https://openalex.org/W2962861047","https://openalex.org/W2965588185","https://openalex.org/W3035133096","https://openalex.org/W3103971931","https://openalex.org/W3137092842","https://openalex.org/W6629844888"],"related_works":["https://openalex.org/W2982449340","https://openalex.org/W2963070423","https://openalex.org/W2752693842","https://openalex.org/W3036962440","https://openalex.org/W3119704641","https://openalex.org/W3128563747","https://openalex.org/W2980672900","https://openalex.org/W2945893265","https://openalex.org/W3159715284","https://openalex.org/W3123468315","https://openalex.org/W3212503043","https://openalex.org/W2962709062","https://openalex.org/W3196895914","https://openalex.org/W2987337476","https://openalex.org/W3161801732","https://openalex.org/W2785800839","https://openalex.org/W1965954589","https://openalex.org/W2904814116","https://openalex.org/W3093080236","https://openalex.org/W3083407765"],"abstract_inverted_index":{"In":[0,85,242],"September":[1],"2017,":[2],"McAffee":[3],"Labs":[4],"quarterly":[5],"report":[6],"estimated":[7],"that":[8,71],"brute":[9],"force":[10],"attacks":[11,32,70,78,92,251],"represent":[12],"20\\%":[13],"of":[14,24,51,58,105,127,130,134,161,168,177,216],"total":[15],"network":[16],"attacks,":[17],"making":[18],"them":[19],"the":[20,48,56,103,110,128,175,185,195,200,219],"most":[21],"prevalent":[22],"type":[23],"attack":[25],"ex-aequo":[26],"with":[27,170],"browser":[28],"based":[29,122],"vulnerabilities.":[30],"These":[31],"have":[33],"sometimes":[34],"catastrophic":[35],"consequences,":[36],"and":[37,54,107,158,213],"understanding":[38],"their":[39],"fundamental":[40],"limits":[41],"may":[42],"play":[43],"an":[44,135,148,231],"important":[45],"role":[46],"in":[47,55,147,183,194,203],"risk":[49],"assessment":[50],"password-secured":[52],"systems,":[53],"design":[57],"better":[59],"security":[60],"protocols.":[61],"While":[62],"some":[63],"solutions":[64],"exist":[65],"to":[66,101,115],"prevent":[67],"online":[68],"brute-force":[69,250],"arise":[72],"from":[73,165,230],"one":[74],"single":[75],"IP":[76],"address,":[77],"performed":[79],"by":[80,93,179,188,225],"botnets":[81],"are":[82,192],"more":[83],"challenging.":[84],"this":[86],"paper,":[87],"we":[88],"analyze":[89],"these":[90],"distributed":[91,239],"using":[94,226],"a":[95,117,125,138,143,153,163,166,180,204],"simplified":[96],"model.":[97],"Our":[98,119],"aim":[99],"is":[100,121,145,152,223,236],"understand":[102],"impact":[104],"distribution":[106],"asynchronization":[108],"on":[109,123],"overall":[111],"computational":[112,159],"effort":[113,160],"necessary":[114],"breach":[116],"system.":[118],"result":[120],"Guesswork,":[124],"measure":[126],"number":[129],"queries":[131,186],"(guesses)":[132],"required":[133],"adversary":[136],"before":[137],"correct":[139],"sequence,":[140],"such":[141],"as":[142,252,254],"password,":[144],"found":[146],"optimal":[149,221],"attack.":[150],"Guesswork":[151],"direct":[154],"surrogate":[155],"for":[156,199,214,238],"time":[157],"guessing":[162],"sequence":[164],"set":[167],"sequences":[169,215],"associated":[171],"likelihoods.":[172],"We":[173,207],"model":[174],"lack":[176],"synchronization":[178],"worst-case":[181],"optimization":[182],"which":[184],"made":[187],"multiple":[189],"adversarial":[190],"agents":[191],"received":[193],"worst":[196],"possible":[197],"order":[198],"adversary,":[201],"resulting":[202],"min-max":[205],"formulation.":[206],"show":[208],"that,":[209],"even":[210],"without":[211],"synchronization,":[212],"growing":[217],"length,":[218],"asymptotic":[220],"performance":[222],"achievable":[224],"randomized":[227],"guesses":[228],"drawn":[229],"appropriate":[232],"distribution.":[233],"Therefore,":[234],"randomization":[235],"key":[237],"asynchronous":[240,245],"attacks.":[241],"other":[243],"words,":[244],"guessers":[246],"can":[247],"asymptotically":[248],"perform":[249],"efficiently":[253],"synchronized":[255],"guessers.":[256]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2020,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}