{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T07:44:21Z","timestamp":1742975061325,"version":"3.40.3"},"publisher-location":"Cham","reference-count":14,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030142339"},{"type":"electronic","value":"9783030142346"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-14234-6_37","type":"book-chapter","created":{"date-parts":[[2019,2,20]],"date-time":"2019-02-20T08:02:08Z","timestamp":1550649728000},"page":"658-671","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Early Detection of Remote Access Trojan by Software Network Behavior"],"prefix":"10.1007","author":[{"given":"Masatsugu","family":"Oya","sequence":"first","affiliation":[]},{"given":"Kazumasa","family":"Omote","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,2,21]]},"reference":[{"key":"37_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1007\/978-3-319-49151-6_8","volume-title":"Information Security Practice and Experience","author":"D Adachi","year":"2016","unstructured":"Adachi, D., Omote, K.: A host-based detection method of remote access trojan in the early stage. In: Bao, F., Chen, L., Deng, R.H., Wang, G. (eds.) ISPEC 2016. LNCS, vol. 10060, pp. 110\u2013121. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-49151-6_8"},{"key":"37_CR2","doi-asserted-by":"crossref","unstructured":"Bekerman, D., Shapira, B., Rokach, L., Bar, A.: Unknown malware detection using network traffic classification. In: CNS 2015, pp. 134\u2013142. IEEE (2015)","DOI":"10.1109\/CNS.2015.7346821"},{"issue":"1","key":"37_CR3","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1587\/transfun.E99.A.145","volume":"E99.A","author":"Dan JIANG","year":"2016","unstructured":"Jiang, D., Omote, K.: A RAT detection method based on network behavior of the communication\u2019s early stage. IEICE Trans. Fundam. E99.A(1), 145\u2013153 (2016)","journal-title":"IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences"},{"key":"37_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-26362-5_1","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"KN Khasawneh","year":"2015","unstructured":"Khasawneh, K.N., Ozsoy, M., Donovick, C., Abu-Ghazaleh, N., Ponomarev, D.: Ensemble learning for low-level hardware-supported malware detection. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 3\u201325. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26362-5_1"},{"key":"37_CR5","doi-asserted-by":"crossref","unstructured":"Li, S., Yun, X., Zhang, Y., Xiao, J., Wang, Y.: A general framework of trojan communication detection based on network traces. In: NAS 2012, pp. 49\u201358. IEEE (2012)","DOI":"10.1109\/NAS.2012.10"},{"issue":"5","key":"37_CR6","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/s11859-013-0944-6","volume":"18","author":"Y Liang","year":"2013","unstructured":"Liang, Y., Peng, G., Zhang, H., Wang, Y.: An unknown trojan detection method based on software network behavior. Wuhan Univ. J. Nat. Sci, 18(5), 369\u2013376 (2013)","journal-title":"Wuhan Univ. J. Nat. Sci,"},{"key":"37_CR7","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: ACSAC 2007, pp. 421\u2013430. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"37_CR8","doi-asserted-by":"crossref","unstructured":"Rabek, J.C., Khazan, R.I., Lewandowski, S.M., Cunningham, R.K.: Detection of injected, dynamically generated, and obfuscated malicious code. In: ACM workshop on Rapid Malcode, pp. 76\u201382. ACM (2003)","DOI":"10.1145\/948187.948201"},{"issue":"18","key":"37_CR9","doi-asserted-by":"publisher","first-page":"2227","DOI":"10.1016\/j.comcom.2011.07.001","volume":"34","author":"P Sangkatsanee","year":"2011","unstructured":"Sangkatsanee, P., Wattanapongsakrn, N., Charnsripinyo, C.: Practical real-time intrusion detection using machine learning approaches. Comput. Commun. 34(18), 2227\u20132235 (2011)","journal-title":"Comput. Commun."},{"key":"37_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-319-11379-1_6","volume-title":"Research in Attacks, Intrusions and Defenses","author":"A Tang","year":"2014","unstructured":"Tang, A., Sethumadhavan, S., Stolfo, S.J.: Unsupervised anomaly-based malware detection using hardware features. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 109\u2013129. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-11379-1_6"},{"issue":"8","key":"37_CR11","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/S1353-4858(11)70086-1","volume":"2011","author":"C Tankard","year":"2011","unstructured":"Tankard, C.: Advanced persistent threats and how to monitor and deter them. Netw. Secur. 2011(8), 16\u201319 (2011)","journal-title":"Netw. Secur."},{"key":"37_CR12","unstructured":"Check Point Software Technologies Ltd., Grobal Cyber Attack Treands Report (2017)"},{"key":"37_CR13","doi-asserted-by":"crossref","unstructured":"Wu, S., Liu, S., Lin, W., Zhao, X., Chen, S.: Detecting remote access trojans through external control at area network borders. In: ANCS 2017, pp. 131\u2013141. ACM\/IEEE (2017)","DOI":"10.1109\/ANCS.2017.27"},{"key":"37_CR14","doi-asserted-by":"crossref","unstructured":"Yamada, M., Morinaga, M., Unno, Y., Torii, S., Takenaka, M.: RAT-based malicious activities detection on enterprise internal networks. In: ICITST 2015, pp. 321\u2013325. IEEE (2015)","DOI":"10.1109\/ICITST.2015.7412113"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-14234-6_37","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,7]],"date-time":"2024-03-07T15:06:47Z","timestamp":1709824007000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-14234-6_37"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030142339","9783030142346"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-14234-6_37","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"21 February 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Inscrypt","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Fuzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 December 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cisc2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/xxhb.fjnu.edu.cn\/inscrypt2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"32","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}