{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T21:07:01Z","timestamp":1729631221380,"version":"3.28.0"},"reference-count":35,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,8]]},"DOI":"10.1109\/ares.2016.36","type":"proceedings-article","created":{"date-parts":[[2016,12,17]],"date-time":"2016-12-17T02:53:22Z","timestamp":1481943202000},"page":"599-608","source":"Crossref","is-referenced-by-count":2,"title":["What's Your Major Threat? On the Differences between the Network Behavior of Targeted and Commodity Malware"],"prefix":"10.1109","author":[{"given":"Enrico","family":"Mariconti","sequence":"first","affiliation":[]},{"given":"Jeremiah","family":"Onaolapo","sequence":"additional","affiliation":[]},{"given":"Gordon","family":"Ross","sequence":"additional","affiliation":[]},{"given":"Gianluca","family":"Stringhini","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.29"},{"key":"ref32","article-title":"The underground economy of spam: A botmaster's perspective of coordinating large-scale spam campaigns","author":"stone-gross","year":"2011","journal-title":"USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653738"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/EC2ND.2009.10"},{"key":"ref35","article-title":"Automatically Generating Models for Botnet Detection","author":"wurzinger","year":"2009","journal-title":"European Symposium on Research in Computer Security (ESORICS)"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1963.10500845"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(87)90122-2"},{"key":"ref11","article-title":"On the composition of elementary errors","author":"cramer","year":"1928","journal-title":"Skand Aktuar Tidskr"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/1815396.1815568"},{"key":"ref13","article-title":"Discriminatory analysis, nonparametric discrimination","author":"fix","year":"1951","journal-title":"USAF school of Aviation Medicine Randolph Field"},{"journal-title":"Malware report","year":"2014","key":"ref14"},{"journal-title":"Detecting sub-verted cryptographic protocols by entropy checking Laboratoire Specification et Verification","year":"2006","author":"goubault-larrecq","key":"ref15"},{"key":"ref16","article-title":"BotMiner: Clustering Analysis of Network Traffic for Protocol-and Structure-Independent Botnet Detection","author":"gu","year":"2008","journal-title":"USENIX Security Symposium"},{"key":"ref17","article-title":"BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation","author":"gu","year":"2007","journal-title":"USENIX Security Symposium"},{"key":"ref18","article-title":"Measuring and detecting fast-flux service networks","author":"holz","year":"2008","journal-title":"Symposium on Network and Distributed Systems Security (NDSS 97)"},{"key":"ref19","article-title":"Rb-seeker: Auto-detection of redirection botnets","author":"hu","year":"2009","journal-title":"Symposium on Network and Distributed Systems Security (NDSS 97)"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.14"},{"key":"ref4","article-title":"A look at targeted attacks through the lense of an NGO","author":"blond","year":"2014","journal-title":"USENIX Security Symposium"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39235-1_2"},{"key":"ref3","article-title":"Efficient detection of split personalities in malware","author":"balzarotti","year":"2010","journal-title":"Symposium on Network and Distributed Systems Security (NDSS 97)"},{"key":"ref6","article-title":"Tracking DDoS attacks: Insights into the business of disrupting the web","author":"buscher","year":"2012","journal-title":"USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/ICSNC.2008.44"},{"key":"ref5","article-title":"Random forests","volume":"45","author":"breiman","year":"2001","journal-title":"Machine Learning"},{"key":"ref8","article-title":"Insights from the inside: A view of botnet management from infiltration","author":"cho","year":"2010","journal-title":"USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)"},{"journal-title":"The Nitro Attacks","year":"2011","author":"chien","key":"ref7"},{"key":"ref2","article-title":"Building a Dynamic Reputation System for DNS","author":"antonakakis","year":"2010","journal-title":"USENIX Security Symposium"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866355"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177729437"},{"key":"ref20","article-title":"Studying Spamming Botnets Using Botlab","author":"john","year":"2009","journal-title":"USENIX Symposium on Networked Systems Design and Implementation (NSDI)"},{"key":"ref22","article-title":"Spamcraft: An inside look at spam campaign orchestration","author":"kreibich","year":"2009","journal-title":"USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)"},{"journal-title":"Principal Component Analysis","year":"2002","author":"jolliffe","key":"ref21"},{"key":"ref24","article-title":"Data mining approaches for intrusion detection","author":"lee","year":"1998","journal-title":"USENIX Security Symposium"},{"journal-title":"To Kill a Centrifuge","year":"2013","author":"langner","key":"ref23"},{"key":"ref26","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-70542-0_10","article-title":"Fluxor: detecting and monitoring fast-flux service networks","author":"passerini","year":"2008","journal-title":"Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)"},{"key":"ref25","article-title":"A data mining framework for building intrusion detection models","author":"lee","year":"1999","journal-title":"IEEE Symposium on Security and Privacy"}],"event":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES )","start":{"date-parts":[[2016,8,31]]},"location":"Salzburg, Austria","end":{"date-parts":[[2016,9,2]]}},"container-title":["2016 11th International Conference on Availability, Reliability and Security (ARES)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7777698\/7784494\/07784624.pdf?arnumber=7784624","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,16]],"date-time":"2019-09-16T12:46:59Z","timestamp":1568638019000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7784624\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,8]]},"references-count":35,"URL":"https:\/\/doi.org\/10.1109\/ares.2016.36","relation":{},"subject":[],"published":{"date-parts":[[2016,8]]}}}