{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,20]],"date-time":"2025-09-20T22:14:46Z","timestamp":1758406486558,"version":"3.37.3"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030004699"},{"type":"electronic","value":"9783030004705"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-00470-5_14","type":"book-chapter","created":{"date-parts":[[2018,9,6]],"date-time":"2018-09-06T06:43:19Z","timestamp":1536216199000},"page":"295-314","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":43,"title":["Dictionary Extraction and Detection of Algorithmically Generated Domain Names in Passive DNS Traffic"],"prefix":"10.1007","author":[{"given":"Mayana","family":"Pereira","sequence":"first","affiliation":[]},{"given":"Shaun","family":"Coleman","sequence":"additional","affiliation":[]},{"given":"Bin","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Martine","family":"DeCock","sequence":"additional","affiliation":[]},{"given":"Anderson","family":"Nascimento","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,9,7]]},"reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"Abbink, J., Doerr, C.: Popularity-based detection of domain generation algorithms. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, p. 79. ACM (2017)","DOI":"10.1145\/3098954.3107008"},{"key":"14_CR2","unstructured":"ALEXA: Top sites on the web (2017). http:\/\/alexa.com\/topsites"},{"key":"14_CR3","unstructured":"Antonakakis, M., et al.: From throw-away traffic to bots: detecting the rise of DGA-based malware. In: 21st USENIX Security Symposium, pp. 24\u201324 (2012). http:\/\/dl.acm.org\/citation.cfm?id=2362793.2362817"},{"key":"14_CR4","unstructured":"Barabosch, T., Wichmann, A., Leder, F., Gerhards-Padilla, E.: Automatic extraction of domain name generation algorithms from current malware. In: Proceedings of NATO Symposium IST-111 on Information Assurance and Cyber Defense (2012)"},{"key":"14_CR5","unstructured":"Bilge, L., Kirda, E., Kruegel, C., Balduzzi, M.: Exposure: finding malicious domains using passive DNS analysis. In: NDSS (2011)"},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"Diestel, R.: Graph Theory. Graduate Texts in Mathematics, vol. 137. Springer, Heidelberg (2005)","DOI":"10.1007\/978-3-642-14279-6_7"},{"key":"14_CR7","unstructured":"Geffner, J.: End-to-end analysis of a domain generating algorithm malware family. Black Hat USA 2013 (2013)"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Krishnan, S., Taylor, T., Monrose, F., McHugh, J.: Crossing the threshold: detecting network malfeasance via sequential hypothesis testing. In: 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1\u201312 (2013)","DOI":"10.1109\/DSN.2013.6575364"},{"issue":"5","key":"14_CR9","doi-asserted-by":"publisher","first-page":"056127","DOI":"10.1103\/PhysRevE.72.056127","volume":"72","author":"PG Lind","year":"2005","unstructured":"Lind, P.G., Gonzalez, M.C., Herrmann, H.J.: Cycles and clustering in bipartite networks. Phys. Rev. E 72(5), 056127 (2005)","journal-title":"Phys. Rev. E"},{"key":"14_CR10","unstructured":"Lison, P., Mavroeidis, V.: Automatic detection of malware-generated domains with recurrent neural models. arXiv:1709.07102 (2017)"},{"key":"14_CR11","doi-asserted-by":"publisher","unstructured":"Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2009, pp. 1245\u20131254 (2009). https:\/\/doi.org\/10.1145\/1557019.1557153","DOI":"10.1145\/1557019.1557153"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Mao, G., Zhang, N.: Analysis of average shortest-path length of scale-free network. J. Appl. Math. (2013). http:\/\/dx.doi.org\/10.1155\/2013\/865643","DOI":"10.1155\/2013\/865643"},{"key":"14_CR13","first-page":"4","volume":"8","author":"DK McGrath","year":"2008","unstructured":"McGrath, D.K., Gupta, M.: Behind phishing: an examination of phisher modi operandi. LEET 8, 4 (2008)","journal-title":"LEET"},{"key":"14_CR14","doi-asserted-by":"publisher","unstructured":"Mowbray, M., Hagen, J.: Finding domain-generation algorithms by looking at length distribution. In: 25th IEEE International Symposium on Software Reliability Engineering Workshops, ISSRE Workshops, pp. 395\u2013400 (2014). https:\/\/doi.org\/10.1109\/ISSREW.2014.20","DOI":"10.1109\/ISSREW.2014.20"},{"key":"14_CR15","unstructured":"Plohmann, D., Yakdan, K., Klatt, M., Bader, J., Gerhards-Padilla, E.: A comprehensive measurement study of domain generating malware. In: 25th USENIX Security Symposium, pp. 263\u2013278 (2016)"},{"key":"14_CR16","unstructured":"Saxe, J., Berlin, K.: eXpose: a character-level convolutional neural network with embeddings for detecting malicious URLs, file paths and registry keys. arXiv:1702.08568 (2017)"},{"key":"14_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/978-3-319-08509-8_11","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S Schiavoni","year":"2014","unstructured":"Schiavoni, S., Maggi, F., Cavallaro, L., Zanero, S.: Phoenix: DGA-based botnet tracking and intelligence. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 192\u2013211. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-08509-8_11"},{"key":"14_CR18","unstructured":"Skuratovich, S.: Matsnu technical report. Check Point Software Technologies Ltd. (2015). https:\/\/blog.checkpoint.com\/wp-content\/uploads\/2015\/07\/matsnu-malwareid-technical-brief.pdf"},{"key":"14_CR19","doi-asserted-by":"publisher","first-page":"2401","DOI":"10.1016\/j.neucom.2017.11.018","volume":"275","author":"D Tran","year":"2018","unstructured":"Tran, D., Mac, H., Tong, V., Tran, H.A., Nguyen, L.G.: A LSTM based framework for handling multiclass imbalance in DGA botnet detection. Neurocomputing 275, 2401\u20132413 (2018)","journal-title":"Neurocomputing"},{"key":"14_CR20","unstructured":"Woodbridge, J., Anderson, H.S., Ahuja, A., Grant, D.: Predicting domain generation algorithms with long short-term memory networks. arXiv:1611.00791 (2016)"},{"key":"14_CR21","doi-asserted-by":"publisher","unstructured":"Yadav, S., Reddy, A.K.K., Reddy, A.L.N., Ranjan, S.: Detecting algorithmically generated malicious domain names. In: Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, pp. 48\u201361 (2010). https:\/\/doi.org\/10.1145\/1879141.1879148","DOI":"10.1145\/1879141.1879148"},{"key":"14_CR22","doi-asserted-by":"crossref","unstructured":"Yu, B., Gray, D., Pan, J., De Cock, M., Nascimento, A.: Inline DGA detection with deep networks. In: Data Mining for Cyber Security, Proceedings of International Conference on Data Mining (ICDM 2017) Workshops, pp. 683\u2013692 (2017)","DOI":"10.1109\/ICDMW.2017.96"},{"key":"14_CR23","doi-asserted-by":"crossref","unstructured":"Yu, B., Pan, J., Hu, J., Nascimento, A., De Cock, M.: Character level based detection of DGA domain names. In: Proceedings of IJCNN at WCCI2018 (2018 IEEE World Congress on Computational Intelligence) (2018)","DOI":"10.1109\/IJCNN.2018.8489147"},{"key":"14_CR24","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"258","DOI":"10.1007\/978-3-319-08979-9_20","volume-title":"Machine Learning and Data Mining in Pattern Recognition","author":"B Yu","year":"2014","unstructured":"Yu, B., Smith, L., Threefoot, M.: Semi-supervised time series modeling for real-time flux domain detection on passive DNS traffic. In: Perner, P. (ed.) MLDM 2014. LNCS (LNAI), vol. 8556, pp. 258\u2013271. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-08979-9_20"},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"Yu, B., Smith, L., Threefoot, M., Olumofin, F.: Behavior analysis based DNS tunneling detection with big data technologies. In: Proceedings of the International Conference on Internet of Things and Big Data, pp. 284\u2013290 (2016)","DOI":"10.5220\/0005795002840290"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-00470-5_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,23]],"date-time":"2019-10-23T16:38:03Z","timestamp":1571848683000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-00470-5_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030004699","9783030004705"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-00470-5_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]}}}