{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,19]],"date-time":"2025-03-19T13:52:37Z","timestamp":1742392357909},"publisher-location":"Berlin, Heidelberg","reference-count":52,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540317784"},{"type":"electronic","value":"9783540317791"}],"license":[{"start":{"date-parts":[[2006,1,1]],"date-time":"2006-01-01T00:00:00Z","timestamp":1136073600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11663812_1","type":"book-chapter","created":{"date-parts":[[2006,1,20]],"date-time":"2006-01-20T07:57:08Z","timestamp":1137743828000},"page":"1-21","source":"Crossref","is-referenced-by-count":21,"title":["Virtual Playgrounds for Worm Behavior Investigation"],"prefix":"10.1007","author":[{"given":"Xuxian","family":"Jiang","sequence":"first","affiliation":[]},{"given":"Dongyan","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Helen J.","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Eugene H.","family":"Spafford","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"1_CR1","unstructured":"Bro, http:\/\/bro-ids.org"},{"key":"1_CR2","unstructured":"Internet Protocol V4 Address Space, http:\/\/www.iana.org\/assignments\/ipv4-address-space"},{"key":"1_CR3","unstructured":"Linux Ramen Worm, http:\/\/service1.symantec.com\/sarc\/sarc.nsf\/html\/pf\/linux.ramenworm.html"},{"key":"1_CR4","unstructured":"Linux\/Lion Worms, http:\/\/www.sophos.com\/virusinfo\/analyses\/linuxlion.html"},{"key":"1_CR5","unstructured":"Linux\/Slapper Worms, http:\/\/www.sophos.com\/virusinfo\/analyses\/linuxslappera.html"},{"key":"1_CR6","unstructured":"Objdump, http:\/\/www.gnu.org\/software\/binutils\/manual\/html_chapter\/binutils_4.html"},{"key":"1_CR7","unstructured":"PlanetLab, http:\/\/www.planet-lab.org"},{"key":"1_CR8","unstructured":"Snort, http:\/\/www.snort.org"},{"key":"1_CR9","unstructured":"Tcpdump, http:\/\/www.tcpdump.org"},{"key":"1_CR10","unstructured":"The DETER Project, http:\/\/www.isi.edu\/deter\/"},{"key":"1_CR11","unstructured":"The Honeynet Project, http:\/\/www.honeynet.org"},{"key":"1_CR12","unstructured":"Virtual PC, http:\/\/www.microsoft.com\/windows\/virtualpc\/default.mspx"},{"key":"1_CR13","unstructured":"VMware, http:\/\/www.vmware.com\/"},{"key":"1_CR14","unstructured":"ISC Bind 8 Transaction Signatures Buffer Overflow Vulnerability (2001), http:\/\/www.securityfocus.com\/bid\/2302"},{"key":"1_CR15","unstructured":"Linux Adore Worms (2001), http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/linux.adore.worm.html"},{"key":"1_CR16","unstructured":"Linux Lion Worms (2001), http:\/\/www.whitehats.com\/library\/worms\/lion\/"},{"key":"1_CR17","unstructured":"Ramen Worm (February 2001), http:\/\/www.sans.org\/y2k\/ramen.htm"},{"key":"1_CR18","unstructured":"CERT Advisory CA-2002-27 Apache\/mod_ssl Worm, http:\/\/www.cert.org\/advisories\/CA-2002-27.html (2002)"},{"key":"1_CR19","unstructured":"PUD: Peer-To-Peer UDP Distributed Denial of Service (2002), http:\/\/www.packetstormsecurity.org\/distributed\/pud.tgz"},{"key":"1_CR20","unstructured":"Google Smacks Down Santy Worm (December 2004), http:\/\/www.pcworld.com\/news\/article\/0,aid,119029,00.asp"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"MyDoom Worms (2004), http:\/\/us.mcafee.com\/virusInfo\/default.asp?id=mydoom","DOI":"10.1016\/S1353-4858(04)00036-4"},{"key":"1_CR22","unstructured":"Santy Worms (December 2004), http:\/\/www.f-secure.com\/v-descs\/santy_a.shtml"},{"key":"1_CR23","unstructured":"Witty Worms (March 2004), http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.witty.worm.html"},{"key":"1_CR24","unstructured":"Vanderpool Technology (2005), http:\/\/www.intel.com\/technology\/computing\/vptech\/"},{"key":"1_CR25","unstructured":"Anderson, T., Peterson, L., Shenker, S., Turner, J.: A Global Communications Infrastructure: A Way Forward (December 2004), http:\/\/www.arl.wustl.edu\/netv\/contrib\/nsf_Dec2.ppt"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Alex Ho, R.N., Pratt, I., Warfield, A.: Xen and the Art of Virtualization. In: SOSP 2003 (2003)","DOI":"10.1145\/945445.945462"},{"key":"1_CR27","unstructured":"Carella, C., Dike, J., Fox, N., Ryan, M.: UML Extensions for Honeypots in the ISTS Distributed Honeypot Project. In: Proceedings of the 2004 IEEE Workshop on Information Assurance United States Military Academy, West Point, NY (June 2004)"},{"key":"1_CR28","unstructured":"Craveiro, P.: SANS Malware FAQ: What is t0rn rootkit?, http:\/\/www.sans.org\/resources\/malwarefaq\/t0rn_rootkit.php"},{"key":"1_CR29","doi-asserted-by":"crossref","unstructured":"Dagon, D., Qin, X., Gu, G., Lee, W., Grizzard, J., Levine, J., Owen, H.: HoneyStat: Local Worm Detection Using Honeypots. In: Proceedings of the 7th RAID (September 2004)","DOI":"10.1007\/978-3-540-30143-1_3"},{"key":"1_CR30","unstructured":"Dike, J.: User Mode Linux, http:\/\/user-mode-linux.sourceforge.net"},{"key":"1_CR31","doi-asserted-by":"crossref","unstructured":"Dunlap, G., King, S., Cinar, S., Basrai, M., Chen, P.: ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. In: OSDI 2002 (2002)","DOI":"10.1145\/1060289.1060309"},{"key":"1_CR32","unstructured":"Jiang, X., Xu, D.: VIOLIN: Virtual Internetworking on Overlay Infrastructure. Technical Report CSD-TR-03-027, Purdue University (July 2003)"},{"key":"1_CR33","unstructured":"Jiang, X., Xu, D., Eigenmann, R.: Protection Mechanisms for Application Service Hosting Platforms. In: CCGrid 2004 (April 2004)"},{"key":"1_CR34","unstructured":"K2. ADMmutate. CanSecWest\/Core01 Conference, Vancouver (March 2001), http:\/\/www.ktwo.ca\/ADMmutate-0.8.4.tar.gz"},{"key":"1_CR35","unstructured":"Kim, H.A., Karp, B.: Autograph: Toward Automated, Distributed Worm Signature Detection. In: Proceedings of the 13th Usenix Security Symposium (August 2004)"},{"key":"1_CR36","unstructured":"Nazario, J.: Defense and Detection Strategies against Internet Worms. Artech House Publishers (2004) ISBN: 1-58053-537-2"},{"key":"1_CR37","unstructured":"Newsome, J., Karp, B., Song, D.: Polygraph: Automatically Generating Signatures for Polymorphic Worms. In: Proceedings of Oakland 2005 (May 2005)"},{"key":"1_CR38","unstructured":"Perriot, F., Szor, P.: An Analysis of the Slapper Worm Exploit. Symantec White Paper, http:\/\/securityresponse.symantec.com\/avcenter\/reference\/analysis.slapper.worm.pdf"},{"key":"1_CR39","doi-asserted-by":"crossref","unstructured":"Perumalla, K.S., Sundaragopalan, S.: High-Fidelity Modeling of Computer Network Worms. In: Proceedings of 20th ACSAC (December 2004)","DOI":"10.21236\/ADA470528"},{"key":"1_CR40","unstructured":"Provos, N.: A Virtual Honeypot Framework. In: Proceedings of the USENIX 13th Security Symposium, San Diego, USA (August 2004)"},{"key":"1_CR41","unstructured":"Ptacek, T., Nazario, J.: Exploit Virulence: Deriving Worm Trends From Vulnerability Data. In: CanSecWest\/Core 2004 Conference, Vancouver (April 2004)"},{"key":"1_CR42","unstructured":"Singh, S., Estan, C., Varghese, G., Savage, S.: Automated Worm Fingerprinting. In: Proceedings of the ACM\/USENIX OSDI (December 2004)"},{"key":"1_CR43","unstructured":"Sundararaj, A., Dinda, P.: Towards Virtual Networks for Virtual Machine Grid Computing. In: Proceedings of the Third USENIX Virtual Machine Technology Symposium (VM 2004) (August 2004)"},{"key":"1_CR44","unstructured":"Szor, P.: Fighting Computer Virus Attacks. In: Invited Talk, the 13th Usenix Security Symposium (Security 2004), San Diego, CA (August 2004)"},{"key":"1_CR45","unstructured":"Touch, J.: Dynamic Internet Overlay Deployment and Management Using the X-Bone. In: Proc. of IEEE ICNP 2000 (November 2000)"},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Twycross, J., Williamson, M.M.: Implementing and Testing a Virus Throttle. In: Proceedings of the USENIX 12th Security Symposium, Washington, DC (August 2003)","DOI":"10.1109\/CSAC.2003.1254312"},{"key":"1_CR47","doi-asserted-by":"crossref","unstructured":"Vahdat, A., Yocum, K., Walsh, K., Mahadevan, P., Kostic, D., Chase, J., Becker, D.: Scalability and Accuracy in a Large-Scale Network Emulator. In: OSDI 2002 (2002)","DOI":"10.1145\/1060289.1060315"},{"key":"1_CR48","unstructured":"Whalley, I., Arnold, B., Chess, D., Morar, J., Segal, A.: An Environment for Controlled Worm Replication & Analysis (Internet-inna-Box). In: Proceedings of Virus Bulletin Conference (September 2000)"},{"key":"1_CR49","doi-asserted-by":"crossref","unstructured":"Whitaker, A., Shaw, M., Gribble, S.D.: Scale and Performance in the Denali Isolation Kernel. In: Proceedings of USENIX OSDI 2002 (December 2002)","DOI":"10.1145\/1060289.1060308"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An Integrated Experimental Environment for Distributed Systems and Networks. In: Proceedings of 5th OSDI (December 2002)","DOI":"10.1145\/1060289.1060313"},{"key":"1_CR51","doi-asserted-by":"crossref","unstructured":"Yegneswaran, V., Barford, P., Plonka, D.: On the Design and Use of Internet Sinks for Network Abuse Monitoring. In: Proc. of 7th RAID (September 2004)","DOI":"10.1007\/978-3-540-30143-1_8"},{"key":"1_CR52","unstructured":"Zou, C.C., Towsley, D., Gong, W., Cai, S.: Routing Worm: A Fast, Selective Attack Worm based on IP Address Information. Umass ECE Technical Report TR-03-CSE-06 (November 2003)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11663812_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,12]],"date-time":"2020-04-12T02:23:13Z","timestamp":1586658193000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11663812_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540317784","9783540317791"],"references-count":52,"URL":"https:\/\/doi.org\/10.1007\/11663812_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}