{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T18:51:09Z","timestamp":1771699869238,"version":"3.50.1"},"publisher-location":"Boston, MA","reference-count":45,"publisher":"Springer US","isbn-type":[{"value":"9780387687667","type":"print"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-68768-1_3","type":"book-chapter","created":{"date-parts":[[2007,10,22]],"date-time":"2007-10-22T07:27:09Z","timestamp":1193038029000},"page":"45-64","source":"Crossref","is-referenced-by-count":4,"title":["Characterizing Bots\u2019 Remote Control Behavior"],"prefix":"10.1007","author":[{"given":"Elizabeth","family":"Stinson","sequence":"first","affiliation":[]},{"given":"John C.","family":"Mitchell","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"3_CR1","unstructured":"Turoff, A.: Defensive CGI Programming with Taint Mode and CGI::UNTAINT"},{"key":"3_CR2","unstructured":"Schneier, B.: How Bot Those Nets? In Wired Magazine, July 27, 2006."},{"key":"3_CR3","unstructured":"Dagon, D.: Botnet Detection and Response: The Network Is the Infection. In Operations, Analysis, and Research Center Workshop, July 2005."},{"key":"3_CR4","unstructured":"Ilett, D.: Most spam generated by botnets, says expert. ZDNet, Sept. 22, 2004."},{"key":"3_CR5","doi-asserted-by":"crossref","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In IEEE Symposium on Security and Privacy, May 2001.","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"3_CR6","unstructured":"Cooke, E., Jahanian, F., McPherson, D.: The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets. In Steps to Reducing Unwanted Traffic on the Internet, July 2005."},{"key":"3_CR7","unstructured":"Kirda, E., Kruegel, C., Banks, G., Vigna, G., Kemmerer, R.: Behavior-based Spyware Detection. In Proc. 15th USENIX Security Symposium, August 2006."},{"key":"3_CR8","unstructured":"Hoglund, G., Butler, J.: Rootkits: Subverting the Windows Kernel. First Edition, Addison-Wesley, Upper Saddle River, NJ, 2006."},{"key":"3_CR9","unstructured":"Hunt, G., Brubacher, B.: Detours: Binary Interception of Win32 Functions. In 3rd USENIX Windows NT Symposium, July 1999."},{"key":"3_CR10","unstructured":"Butler, J.: Bypassing 3rd Party Windows Buffer Overflow Protection. In phrack Volume 0x0b, Issue 0x3e, Phile #0x0, 7\/13\/2004."},{"key":"3_CR11","doi-asserted-by":"crossref","unstructured":"Chow, J., Pfaff, B., Garfinkel, T., Christopher, K., Rosenblum, M.: Understanding Data Lifetime via Whole System Simulation. In Proc. of the USENIX 13th Security Symposium, August 2004.","DOI":"10.1145\/1133572.1133599"},{"key":"3_CR12","unstructured":"Newsome, J., Song, D.: Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. In Network and Distributed Systems Symposium, February 2005."},{"key":"3_CR13","doi-asserted-by":"crossref","unstructured":"Rabek, J., Khazan, R., Lewandowski, S., Cunningham, R.: Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code. In Proc. of the ACM Workshop on Rapid Malcode, October 2003.","DOI":"10.1145\/948187.948201"},{"key":"3_CR14","doi-asserted-by":"crossref","unstructured":"Ashcraft, K., Engler, D.: Using programmer-written compiler extensions to catch security holes. In IEEE Symposium on Security and Privacy, May 2002.","DOI":"10.1109\/SECPRI.2002.1004368"},{"key":"3_CR15","unstructured":"Locking Ruby in the Safe http:\/\/www.rubycentral.com\/book\/taint.html"},{"key":"3_CR16","unstructured":"LURHQ. Phatbot Trojan Analysis. http:\/\/www.lurhq.com\/phatbot.html"},{"key":"3_CR17","unstructured":"Overton, M.: Bots and Botnets: Risks, Issues, and Prevention. In Virus Bulletin Conference, Dublin, Ireland, October 2005."},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"Ianelli, N., Hackworth, A.: Botnets as a Vehicle for Online Crime. CERT Coordination Center, December 2005.","DOI":"10.5769\/C2006003"},{"key":"3_CR19","unstructured":"perlsec http:\/\/perldoc.perl.org\/perlsec.html"},{"key":"3_CR20","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A Sense of Self for Unix Processes. In IEEE Symposium on Security and Privacy, May 1996.","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"3_CR21","unstructured":"Kandula, S., Katabi, D., Jacob, M., Berger, A.: Botz-4-Sale: Surviving Organized DDoS Attacks That Mimic Flash Crowds. In Network and Distributed System Security Symposium, May 2005."},{"key":"3_CR22","unstructured":"Strider GhostBuster Rootkit Detection http:\/\/research.microsoft.com\/rootkit\/"},{"key":"3_CR23","unstructured":"Garfinkel, T., Rosenblum, M.: A Virtual Machine Introspection Based Architecture for Intrusion Detection. In Network & Distributed Systems Security, Feb. 2003."},{"key":"3_CR24","unstructured":"Honeynet Project & Research Alliance. Know your Enemy: Tracking Botnets."},{"key":"3_CR25","unstructured":"Shankar, U., Talwar, K., Foster, J., Wagner, D.: Detecting format string vulnerabilities with type qualifiers. In Proc. 10th USENIX Security Symp., Aug. 2001."},{"key":"3_CR26","unstructured":"Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure execution via program shepherding. In Proc. 11th USENIX Security Symposium, August 2002."},{"key":"3_CR27","unstructured":"Naraine, R. Money Bots: Hackers Cash In on Hijacked PCs. eWeek, Sept. 2006."},{"key":"3_CR28","unstructured":"Cui, W., Katz, R., Tan, W.: BINDER: An Extrusion-based Break-in Detector for Personal Computers. In Proc. of the 21st Annual Computer Security Applications Conference, December 2005."},{"key":"3_CR29","unstructured":"Martin, K.: Stop the bots. In The Register, April, 2006."},{"key":"3_CR30","unstructured":"Keizer, G.: Bot Networks Behind Big Boost In Phishing Attacks. TechWeb, Nov. 2004."},{"key":"3_CR31","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S.: Testing Malware Detectors. In Proc. of the International Symposium on Software Testing and Analysis, July 2004.","DOI":"10.1145\/1007512.1007518"},{"key":"3_CR32","unstructured":"MSDN Library. Using Messages and Message Queues."},{"key":"3_CR33","unstructured":"Symantec Internet Security Threat Report, Trends for July 05-December 05. Volume IX, Published March 2006."},{"key":"3_CR34","unstructured":"Sturgeon, W.: Net pioneer predicts overwhelming botnet surge. ZDNet News, January 29, 2007."},{"key":"3_CR35","unstructured":"Symantec Internet Security Threat Report, Trends for January 06-June 06, Volume X. Published September 2006."},{"key":"3_CR36","doi-asserted-by":"crossref","unstructured":"Freiling, F., Holz, T., Wicherski, G.: Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks. In European Symposium On Research In Computer Security, September 2006.","DOI":"10.1007\/11555827_19"},{"key":"3_CR37","doi-asserted-by":"crossref","unstructured":"Rajab, M., Zarfoss, J., Monrose, F., Terzis, A.: A Multifaceted Approach to Understanding the Botnet Phenomenon. In Proc. of ACM SIGCOMM\/USENIX Internet Measurement Conference, October 2006.","DOI":"10.1145\/1177080.1177086"},{"key":"3_CR38","unstructured":"Jevans, D.: The Latest Trends in Phishing, Crimeware and Cash-Out Schemes. Private correspondence."},{"key":"3_CR39","unstructured":"Gu, G., Porras, P., Yegneswaran, V., Fong, M., Lee, W.: BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation. Manuscript."},{"key":"3_CR40","unstructured":"Goebel, J., Holz, T.: Rishi: Identify Bot-Contaminated Hosts by IRC Nickname Evaluation. 1st Workshop on Hot Topics in Understanding Botnets, April 2007."},{"key":"3_CR41","unstructured":"Karasaridis, A., Rexroad, B., Hoeflin, D.: Wide-Scale Botnet Detection and Characterization. 1st Workshop on Hot Topics in Understanding Botnets, April 2007."},{"key":"3_CR42","unstructured":"Wang, Y., Beck, D., Vo, B., Roussev, R., Verbowski, C.: Detecting Stealth Software with Strider GhostBuster. Microsoft Technical Report MSR-TR-2005-25."},{"key":"3_CR43","doi-asserted-by":"crossref","unstructured":"Lam, V., Antonatos, S., Akritidis, P., Anagnostakis, K.: Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure. In the 13th ACM Conference on Computer and Communications Security, October 2006.","DOI":"10.1145\/1180405.1180434"},{"key":"3_CR44","unstructured":"Stinson, E., Mitchell, J.: Characterizing the Remote Control Behavior of Bots. Manuscript. http:\/\/www.stanford.edu\/\u2216~{}stinson\/pub\/botswat_long.pdf"},{"key":"3_CR45","unstructured":"mIRC Help, Viruses, Trojans, and Worms."}],"container-title":["Advances in Information Security","Botnet Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-68768-1_3.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,29]],"date-time":"2021-04-29T00:04:34Z","timestamp":1619654674000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-68768-1_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387687667"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-68768-1_3","relation":{},"subject":[]}}