{"id":"https://openalex.org/W4311165999","doi":"https://doi.org/10.1145/3564625.3564645","title":"Interaction matters: a comprehensive analysis and a dataset of hybrid IoT/OT honeypots","display_name":"Interaction matters: a comprehensive analysis and a dataset of hybrid IoT/OT honeypots","publication_year":2022,"publication_date":"2022-12-03","ids":{"openalex":"https://openalex.org/W4311165999","doi":"https://doi.org/10.1145/3564625.3564645"},"language":"en","primary_location":{"id":"doi:10.1145/3564625.3564645","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3564625.3564645","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3564625.3564645","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 38th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3564625.3564645","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056423120","display_name":"Shreyas Srinivasa","orcid":"https://orcid.org/0000-0002-5720-5504"},"institutions":[{"id":"https://openalex.org/I891191580","display_name":"Aalborg University","ror":"https://ror.org/04m5j1k67","country_code":"DK","type":"education","lineage":["https://openalex.org/I891191580"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Shreyas Srinivasa","raw_affiliation_strings":["Aalborg University, Denmark"],"raw_orcid":"https://orcid.org/0000-0002-5720-5504","affiliations":[{"raw_affiliation_string":"Aalborg University, Denmark","institution_ids":["https://openalex.org/I891191580"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034797912","display_name":"Jens Myrup Pedersen","orcid":"https://orcid.org/0000-0002-1903-2921"},"institutions":[{"id":"https://openalex.org/I891191580","display_name":"Aalborg University","ror":"https://ror.org/04m5j1k67","country_code":"DK","type":"education","lineage":["https://openalex.org/I891191580"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Jens Myrup Pedersen","raw_affiliation_strings":["Aalborg University, Denmark"],"raw_orcid":"https://orcid.org/0000-0002-1903-2921","affiliations":[{"raw_affiliation_string":"Aalborg University, Denmark","institution_ids":["https://openalex.org/I891191580"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083149653","display_name":"Emmanouil Vasilomanolakis","orcid":"https://orcid.org/0000-0001-5068-9158"},"institutions":[{"id":"https://openalex.org/I96673099","display_name":"Technical University of Denmark","ror":"https://ror.org/04qtj9h94","country_code":"DK","type":"education","lineage":["https://openalex.org/I96673099"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Emmanouil Vasilomanolakis","raw_affiliation_strings":["Technical University of Denmark, Denmark"],"raw_orcid":"https://orcid.org/0000-0001-5068-9158","affiliations":[{"raw_affiliation_string":"Technical University of Denmark, Denmark","institution_ids":["https://openalex.org/I96673099"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":22,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"742","last_page":"755"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.9574737548828125},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7518366575241089},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7421462535858154},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.6066117882728577},{"id":"https://openalex.org/keywords/deception","display_name":"Deception","score":0.5871894359588623},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5608317255973816},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5220082402229309},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.4701941907405853},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.44671061635017395},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.44554391503334045},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.21552759408950806},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.10878559947013855},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.06979683041572571}],"concepts":[{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.9574737548828125},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7518366575241089},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7421462535858154},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.6066117882728577},{"id":"https://openalex.org/C2779267917","wikidata":"https://www.wikidata.org/wiki/Q170028","display_name":"Deception","level":2,"score":0.5871894359588623},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5608317255973816},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5220082402229309},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.4701941907405853},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.44671061635017395},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.44554391503334045},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.21552759408950806},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.10878559947013855},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.06979683041572571},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3564625.3564645","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3564625.3564645","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3564625.3564645","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 38th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:openaire/f5317c6f-fac6-4fc9-b0c2-286f4f1fbefb","is_oa":true,"landing_page_url":"https://vbn.aau.dk/da/publications/f5317c6f-fac6-4fc9-b0c2-286f4f1fbefb","pdf_url":"https://vbn.aau.dk/ws/files/519309283/3564625.3564645.pdf","source":{"id":"https://openalex.org/S4306401731","display_name":"VBN Forskningsportal (Aalborg Universitet)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I891191580","host_organization_name":"Aalborg University","host_organization_lineage":["https://openalex.org/I891191580"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Srinivasa, S, Pedersen, J M & Vasilomanolakis, E 2022, Interaction matters : a comprehensive analysis and a dataset of hybrid IoT/OT honeypots. in Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC) 2022. Association for Computing Machinery (ACM), pp. 742-755, Annual Computer Security Applications Conference 2022 (ACSAC) , Austin, Texas, United States, 05/12/2022. https://doi.org/10.1145/3564625.3564645","raw_type":"info:eu-repo/semantics/conferenceObject"},{"id":"pmh:oai:pure.atira.dk:publications/4560eabd-d795-496a-9857-aea1e753cf6a","is_oa":true,"landing_page_url":"https://orbit.dtu.dk/en/publications/4560eabd-d795-496a-9857-aea1e753cf6a","pdf_url":null,"source":{"id":"https://openalex.org/S4306400705","display_name":"Technical University of Denmark, DTU Orbit (Technical University of Denmark, DTU)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I96673099","host_organization_name":"Technical University of Denmark","host_organization_lineage":["https://openalex.org/I96673099"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Srinivasa , S , Pedersen , J M &amp; Vasilomanolakis , E 2022 , Interaction matters: a comprehensive analysis and a dataset of hybrid IoT/OT honeypots . in Proceedings of the 38 th Annual Computer Security Applications Conference . Association for Computing Machinery , pp. 742\u2013755 , 38 th Annual Computer Security Applications Conference , Austin , Texas , United States , 05/12/2022 . https://doi.org/10.1145/3564625.3564645","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"doi:10.1145/3564625.3564645","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3564625.3564645","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3564625.3564645","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 38th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320335322","display_name":"European Regional Development Fund","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320337753","display_name":"Interreg","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4311165999.pdf","grobid_xml":"https://content.openalex.org/works/W4311165999.grobid-xml"},"referenced_works_count":17,"referenced_works":["https://openalex.org/W1997149057","https://openalex.org/W2508637173","https://openalex.org/W2579739707","https://openalex.org/W2760509023","https://openalex.org/W2773671833","https://openalex.org/W2782568060","https://openalex.org/W2899271149","https://openalex.org/W2951384144","https://openalex.org/W3010754046","https://openalex.org/W3028311012","https://openalex.org/W3039975887","https://openalex.org/W3096676835","https://openalex.org/W3126610160","https://openalex.org/W3186345182","https://openalex.org/W3203063668","https://openalex.org/W4221095853","https://openalex.org/W4289038676"],"related_works":["https://openalex.org/W2350724208","https://openalex.org/W2000018903","https://openalex.org/W3142690625","https://openalex.org/W1534090575","https://openalex.org/W2360866534","https://openalex.org/W2372392697","https://openalex.org/W4312961703","https://openalex.org/W2362932354","https://openalex.org/W2391396896","https://openalex.org/W2998623387"],"abstract_inverted_index":{"The":[0],"Internet":[1,72],"of":[2,94,168],"things":[3],"(IoT)":[4],"and":[5,39,59,73,123,128,154,192],"critical":[6],"infrastructure":[7,125],"utilizing":[8],"operational":[9],"technology":[10],"(OT)":[11],"protocols":[12,118],"are":[13,49],"nowadays":[14],"a":[15,62,75,95,134],"common":[16],"attack":[17,20,140],"target":[18],"and/or":[19],"surface":[21],"used":[22],"to":[23,51,68,100,109,126,164],"further":[24],"propagate":[25],"malicious":[26],"actions.":[27],"Deception":[28],"techniques":[29],"such":[30],"as":[31],"honeypots":[32],"have":[33,184],"been":[34],"proposed":[35],"for":[36,82],"both":[37,121],"IoT":[38],"OT":[40],"but":[41],"they":[42],"either":[43],"lack":[44],"an":[45,185],"extensive":[46],"evaluation":[47,80],"or":[48],"subject":[50],"fingerprinting":[52],"attacks.":[53,156,174],"In":[54],"this":[55],"paper,":[56],"we":[57,86,136,158],"extend":[58],"evaluate":[60],"RIoTPot,":[61],"hybrid-interaction":[63,107],"honeypot,":[64],"by":[65],"exposing":[66],"it":[67,111],"attacks":[69,131,191],"on":[70,120],"the":[71,88,92,130,160,166,173,180],"perform":[74],"longitudinal":[76],"study":[77,90,127],"with":[78,116],"multiple":[79],"parameters":[81],"three":[83,113],"months.":[84],"Furthermore,":[85],"publish":[87],"aforementioned":[89],"in":[91,112,172,188],"form":[93],"dataset":[96],"that":[97,149,179],"is":[98],"available":[99],"researchers":[101],"upon":[102],"request.":[103],"We":[104],"leverage":[105],"RIoTPot's":[106],"model":[108],"deploy":[110],"interaction":[114,182],"variants":[115],"six":[117],"deployed":[119],"cloud":[122],"self-hosted":[124],"compare":[129],"gathered.":[132],"At":[133],"glance,":[135],"receive":[137],"10.87":[138],"million":[139],"events":[141],"originating":[142],"from":[143],"22,":[144],"518":[145],"unique":[146],"IP":[147,162],"addresses":[148,163],"involve":[150],"brute-force,":[151],"poisoning,":[152],"multistage":[153],"other":[155],"Moreover,":[157],"fingerprint":[159],"attacker":[161],"identify":[165],"type":[167],"devices":[169],"who":[170],"participate":[171],"Lastly,":[175],"our":[176],"results":[177],"indicate":[178],"honeypot":[181],"levels":[183],"important":[186],"role":[187],"attracting":[189],"specific":[190],"scanning":[193],"probes.":[194]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":4}],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2025-10-10T00:00:00"}
