{"id":"https://openalex.org/W2123070675","doi":"https://doi.org/10.1145/1920261.1920276","title":"A quantitative analysis of the insecurity of embedded network devices","display_name":"A quantitative analysis of the insecurity of embedded network devices","publication_year":2010,"publication_date":"2010-12-06","ids":{"openalex":"https://openalex.org/W2123070675","doi":"https://doi.org/10.1145/1920261.1920276","mag":"2123070675"},"language":"en","primary_location":{"id":"doi:10.1145/1920261.1920276","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1920261.1920276","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5049299865","display_name":"Ang Cui","orcid":null},"institutions":[{"id":"https://openalex.org/I78577930","display_name":"Columbia University","ror":"https://ror.org/00hj8s172","country_code":"US","type":"education","lineage":["https://openalex.org/I78577930"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ang Cui","raw_affiliation_strings":["Columbia University"],"affiliations":[{"raw_affiliation_string":"Columbia University","institution_ids":["https://openalex.org/I78577930"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084213178","display_name":"Salvatore J. Stolfo","orcid":"https://orcid.org/0000-0003-1611-0100"},"institutions":[{"id":"https://openalex.org/I78577930","display_name":"Columbia University","ror":"https://ror.org/00hj8s172","country_code":"US","type":"education","lineage":["https://openalex.org/I78577930"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Salvatore J. Stolfo","raw_affiliation_strings":["Columbia University"],"affiliations":[{"raw_affiliation_string":"Columbia University","institution_ids":["https://openalex.org/I78577930"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5049299865"],"corresponding_institution_ids":["https://openalex.org/I78577930"],"apc_list":null,"apc_paid":null,"fwci":10.0076,"has_fulltext":false,"cited_by_count":167,"citation_normalized_percentile":{"value":0.97946452,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"97","last_page":"106"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.6085540652275085},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5740939974784851},{"id":"https://openalex.org/keywords/voice-over-ip","display_name":"Voice over IP","score":0.5431363582611084},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5413420796394348},{"id":"https://openalex.org/keywords/population","display_name":"Population","score":0.5242512226104736},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5037164092063904},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4866100549697876},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4294191002845764},{"id":"https://openalex.org/keywords/government","display_name":"Government (linguistics)","score":0.41259995102882385},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.32175713777542114},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.17846307158470154}],"concepts":[{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.6085540652275085},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5740939974784851},{"id":"https://openalex.org/C171246234","wikidata":"https://www.wikidata.org/wiki/Q81945","display_name":"Voice over IP","level":3,"score":0.5431363582611084},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5413420796394348},{"id":"https://openalex.org/C2908647359","wikidata":"https://www.wikidata.org/wiki/Q2625603","display_name":"Population","level":2,"score":0.5242512226104736},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5037164092063904},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4866100549697876},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4294191002845764},{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.41259995102882385},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.32175713777542114},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.17846307158470154},{"id":"https://openalex.org/C149923435","wikidata":"https://www.wikidata.org/wiki/Q37732","display_name":"Demography","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1920261.1920276","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1920261.1920276","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 26th Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W51761525","https://openalex.org/W1981205788","https://openalex.org/W2012307997","https://openalex.org/W2116426048","https://openalex.org/W2747125559","https://openalex.org/W2914982603","https://openalex.org/W2993373113","https://openalex.org/W4234713688"],"related_works":["https://openalex.org/W2007990153","https://openalex.org/W2136820819","https://openalex.org/W2559937395","https://openalex.org/W2102071504","https://openalex.org/W3176025591","https://openalex.org/W2374654254","https://openalex.org/W2359074461","https://openalex.org/W2130966263","https://openalex.org/W2121102995","https://openalex.org/W2766405666"],"abstract_inverted_index":{"We":[0,149],"present":[1],"a":[2,14,146,158,185],"quantitative":[3,194],"lower":[4,160],"bound":[5,161],"on":[6,13,162,196,229],"the":[7,18,28,32,40,151,163,170,174,198,221,230,244,251],"number":[8,222],"of":[9,27,34,42,63,139,166,187,218,223,253],"vulnerable":[10,36,133,144,167,200,225],"embedded":[11,37,51,66,201,226],"device":[12,202],"global":[15,199],"scale.":[16],"Over":[17],"past":[19],"year,":[20],"we":[21,44,183,207,237],"have":[22,45,208],"systematically":[23],"scanned":[24],"large":[25],"portions":[26],"internet":[29],"to":[30,79,90,213,239,249,257],"monitor":[31],"presence":[33],"trivially":[35,224],"devices.":[38,67],"At":[39],"time":[41],"writing,":[43],"identified":[46],"over":[47,61,131,137,243],"540,000":[48],"publicly":[49],"accessible":[50,141],"devices":[52,69,102,134,142,168,227],"configured":[53],"with":[54,210],"factory":[55],"default":[56],"root":[57,181],"passwords.":[58],"This":[59],"constitutes":[60],"13%":[62],"all":[64],"discovered":[65],"These":[68],"range":[70],"from":[71,126],"enterprise":[72],"equipment":[73,92],"such":[74,82,93,140],"as":[75,83,94,118,120],"firewalls":[76],"and":[77,87,97,178,190],"routers":[78],"consumer":[80],"appliances":[81],"VoIP":[84],"adapters,":[85],"cable":[86],"IPTV":[88],"boxes":[89],"office":[91],"network":[95,122],"printers":[96],"video":[98],"conferencing":[99],"units.":[100],"Vulnerable":[101],"were":[103],"detected":[104],"in":[105,154,169,247],"144":[106],"countries,":[107],"across":[108],"17,427":[109],"unique":[110],"private":[111],"enterprise,":[112],"ISP,":[113],"government,":[114],"educational,":[115],"satellite":[116],"provider":[117],"well":[119],"residential":[121],"environments.":[123],"Preliminary":[124],"results":[125],"our":[127,205],"longitudinal":[128,235],"study":[129],"tracking":[130],"102,000":[132],"revealed":[135],"that":[136],"96%":[138],"remain":[143],"after":[145],"4-month":[147],"period.":[148],"believe":[150],"data":[152,241],"presented":[153],"this":[155,259],"paper":[156],"provides":[157],"conservative":[159],"actual":[164],"population":[165],"wild.":[171],"By":[172],"combining":[173],"observed":[175],"vulnerability":[176],"distributions":[177],"its":[179,193],"potential":[180],"causes,":[182],"propose":[184],"set":[186],"mitigation":[188],"strategies":[189],"hypothesize":[191],"about":[192],"impact":[195],"reducing":[197,220],"population.":[203],"Employing":[204],"strategy,":[206],"partnered":[209],"Team":[211],"Cymru":[212],"engage":[214],"key":[215],"organizations":[216],"capable":[217],"significantly":[219],"currently":[228],"internet.":[231],"As":[232],"an":[233],"ongoing":[234],"study,":[236],"plan":[238],"gather":[240],"continuously":[242],"next":[245],"year":[246],"order":[248],"quantify":[250],"effectiveness":[252],"community's":[254],"cumulative":[255],"effort":[256],"mitigate":[258],"pervasive":[260],"threat.":[261]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":12},{"year":2021,"cited_by_count":14},{"year":2020,"cited_by_count":20},{"year":2019,"cited_by_count":20},{"year":2018,"cited_by_count":21},{"year":2017,"cited_by_count":20},{"year":2016,"cited_by_count":8},{"year":2015,"cited_by_count":10},{"year":2014,"cited_by_count":6},{"year":2013,"cited_by_count":7},{"year":2012,"cited_by_count":4}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}