{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T05:46:41Z","timestamp":1725515201334},"publisher-location":"Boston, MA","reference-count":24,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9780387096988"},{"type":"electronic","value":"9780387096995"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-09699-5_6","type":"book-chapter","created":{"date-parts":[[2008,7,16]],"date-time":"2008-07-16T18:12:54Z","timestamp":1216231974000},"page":"79-93","source":"Crossref","is-referenced-by-count":3,"title":["Collaborative architecture for malware detection and analysis"],"prefix":"10.1007","author":[{"given":"Michele","family":"Colajanni","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniele","family":"Gozzi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mirco","family":"Marchetti","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"6_CR1","unstructured":"Sharon Gaudin (2007), Storm Worm botnet more powerful than top supercomputers, Information Week, available at http:\/\/www.informationweek.com\/software\/showArticle.jhtml?articleID=201804528"},{"key":"6_CR2","unstructured":"ShadowServer Foundation homepage, available at http:\/\/www.shadowserver.org"},{"key":"6_CR3","unstructured":"Nepenthes, available at http:\/\/nepenthes.mwcollect.org\/"},{"key":"6_CR4","unstructured":"Xu D and Ning P (2005), Privacy-Preserving Alert Correlation: A Concept Hierarchy Based Approach, 21st Comp. Sec. App. Conf."},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Jaeyeon Jung J and Sit E (2004) An empirical study of spam traffic and the use of DNS black lists, IMC \u201904: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement","DOI":"10.1145\/1028788.1028838"},{"key":"6_CR6","doi-asserted-by":"crossref","first-page":"319","DOI":"10.1007\/11555827_19","volume-title":"Computer Security \u2013 ESORICS 2005","author":"Felix C. Freiling","year":"2005","unstructured":"Freiling FC, Holz T, and Wicherski G (2005) Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks, ESORICS 2005: Proceedings of the 10th European Symposium on Research in Computer Security"},{"issue":"3","key":"6_CR7","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1109\/TDSC.2004.21","volume":"1","author":"F. Valeur","year":"2004","unstructured":"Valeur F, Vigna G, Kruegel C, and Kemmerer RA (2004) A Comprehensive Approach to Intrusion Detection Alert Correlation, IEEE Transactions on dependable and secure computing, Jul-Sept 2004, Vol. 1 pp.146-169","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"6_CR8","unstructured":"When-Yi Hsin, Shian-Shiong Tseng, Shun-Chieh Lin (2005) A study of alert based collaborative defense, Proceedings of the 8th International Symposium on Parallel Architectures, Algorithms and Networks (ISPAN05)"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Zhu S, Setia S, Jajodia S (2003) LEAP: efficient security mechanisms for large-scale distributed sensor networks, CCS \u201903: Proceedings of the 10th ACM conference on Computer and communications security","DOI":"10.1145\/948117.948120"},{"key":"6_CR10","unstructured":"Perrig A, Canetti R, Tygar JD, Song D (2000) Efficient Authentication and Signing of Multicast Streams over Lossy Channels, Proc. of the 2000 IEEE Symposium on Security and Privacy"},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"Przydatek B, Song D, Perrig A (2003) SIA: secure information aggregation in sensor networks, SenSys \u201903: Proceedings of the 1st international conference on Embedded networked sensor systems","DOI":"10.1145\/958491.958521"},{"key":"6_CR12","unstructured":"mwcollect Alliance, homepage available at http:\/\/alliance.mwcollect.org\/"},{"key":"6_CR13","unstructured":"Robert Tappan Morris (1988), The Morris Worm, homepage available at http:\/\/www.morrisworm.com\/. Cited 17 Jan 2008."},{"key":"6_CR14","unstructured":"Internet Storm Center (2004), Sasser Worm, LSASS exploit analysis, available at http:\/\/isc.sans.org\/diary.html?date=2004-04-30"},{"key":"6_CR15","unstructured":"Computer emergency Response Team (2000), CERT_R Advisory CA-2000-04 Love Letter Worm, available at http:\/\/www.cert.org\/advisories\/CA-2000-04.html"},{"key":"6_CR16","unstructured":"SymantecTM(2004), W32.Wallon.A@mm worm description, available at http:\/\/www.symantec.com\/security response\/writeup.jsp?docid=2004-051112-0815-99"},{"key":"6_CR17","unstructured":"US-CERT (2004), Technical Cyber Security Alert TA04-356A (Santy worm), available at http:\/\/www.us-cert.gov\/cas\/techalerts\/TA04-356A.html"},{"key":"6_CR18","unstructured":"Wikipedia (2007), Timeline of notable computer viruses and worms, available at http:\/\/en.wikipedia.org\/wiki\/Timeline of notable computer viruses and worms{#}2006"},{"key":"6_CR19","unstructured":"IETF Intrusion DetectionWorking Group (2007) The Intrusion Detection Message Exchange Format (IDMEF), available at http:\/\/tools.ietf.org\/html\/rfc4765"},{"key":"6_CR20","unstructured":"Norman ASA, homepage available at http:\/www.norman.com\/"},{"key":"6_CR21","unstructured":"Prelude Hybrid IDS project, homepage available at http:\/\/www.prelude-ids.org\/"},{"key":"6_CR22","unstructured":"Virustotal, a malware analysis service offered by Hispasec Sistemas, available at http:\/\/www.virustotal.com\/"},{"key":"6_CR23","unstructured":"Norman SandBox Information Center, available at http:\/\/sandbox.norman.com"},{"key":"6_CR24","unstructured":"CWSandbox, Behavior-based Malware Analysis remote sandbox service, homepage available at http:\/\/www.cwsandbox.org\/"}],"container-title":["IFIP \u2013 The International Federation for Information Processing","Proceedings of The Ifip Tc 11 23rd International Information Security Conference"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-09699-5_6.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,28]],"date-time":"2021-04-28T01:45:52Z","timestamp":1619574352000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-09699-5_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387096988","9780387096995"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-09699-5_6","relation":{},"ISSN":["1571-5736"],"issn-type":[{"type":"print","value":"1571-5736"}],"subject":[]}}