{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T11:47:21Z","timestamp":1726055241639},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030335052"},{"type":"electronic","value":"9783030335069"}],"license":[{"start":{"date-parts":[[2019,10,18]],"date-time":"2019-10-18T00:00:00Z","timestamp":1571356800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-33506-9_60","type":"book-chapter","created":{"date-parts":[[2019,10,17]],"date-time":"2019-10-17T18:15:43Z","timestamp":1571336143000},"page":"657-669","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Perception Mining of Network Protocol\u2019s Stealth Attack Behaviors"],"prefix":"10.1007","author":[{"given":"Yan-Jing","family":"Hu","sequence":"first","affiliation":[]},{"given":"Xu An","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,10,18]]},"reference":[{"key":"60_CR1","first-page":"1","volume":"3","author":"A Harale","year":"2017","unstructured":"Harale, A., Tambe, S.: Detection and analysis of network & application layer attacks using honey pot with system security features. Int. J. Adv. Res. Ideas Innov. Technol. 3, 1\u20134 (2017)","journal-title":"Int. J. Adv. Res. Ideas Innov. Technol."},{"key":"60_CR2","doi-asserted-by":"crossref","unstructured":"Meng, B., et al.: DDOS attack detection system based on analysis of users\u2019 behaviors for application layer. In: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC) 2017, pp. 596\u2013599 (2017)","DOI":"10.1109\/CSE-EUC.2017.109"},{"key":"60_CR3","doi-asserted-by":"crossref","unstructured":"Wang, Y., Yang, J.: Ethical hacking and network defense: choose your best network vulnerability scanning tool. In: 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA) 2017. IEEE Conference Publications, pp. 110\u2013113 (2017)","DOI":"10.1109\/WAINA.2017.39"},{"key":"60_CR4","doi-asserted-by":"crossref","unstructured":"Bateman, W.M., Amaya, A., Fenstermaker, J.: Securing the grid and your critical utility functions. In: 2017 IEEE Rural Electric Power Conference (REPC) 2017, pp. 29\u201337 (2017)","DOI":"10.1109\/REPC.2017.22"},{"key":"60_CR5","unstructured":"Dooley, M., Rooney, T.: DNS vulnerabilities. In: DNS Security Management 2017, p. 324. Wiley-IEEE Press (2017)"},{"key":"60_CR6","doi-asserted-by":"crossref","unstructured":"Almubairik, N.A., Wills, G.: Automated penetration testing based on a threat model. In: 11th International Conference for Internet Technology and Secured Transactions (ICITST) 2016, pp. 413\u2013414. IEEE Conference Publications (2016)","DOI":"10.1109\/ICITST.2016.7856742"},{"issue":"3","key":"60_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2840724","volume":"48","author":"J Narayan","year":"2015","unstructured":"Narayan, J., Shukla, S.K., Clancy, T.C.: A survey of automatic protocol reverse engineering tools. ACM Comput. Surv. 48(3), 1\u201326 (2015)","journal-title":"ACM Comput. Surv."},{"key":"60_CR8","unstructured":"Zhang Zhao, W.Q.-Y., Wen, T.: Survey of mining protocol specifications. Comput. Eng. Appl. 49, 1\u20139 (2013)"},{"issue":"3","key":"60_CR9","doi-asserted-by":"publisher","first-page":"716","DOI":"10.3390\/s19030716","volume":"19","author":"X Luo","year":"2019","unstructured":"Luo, X., et al.: A type-aware approach to message clustering for protocol reverse engineering. Sensors 19(3), 716 (2019)","journal-title":"Sensors"},{"key":"60_CR10","doi-asserted-by":"crossref","unstructured":"Votipka, D., et al.: An observational investigation of reverse engineers\u2019 process and mental models. In: Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems 2019, pp. 1\u20136. ACM, Glasgow (2019)","DOI":"10.1145\/3290607.3313040"},{"key":"60_CR11","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1016\/j.eswa.2018.08.009","volume":"115","author":"P Li","year":"2019","unstructured":"Li, P., Mao, K.: Knowledge-oriented convolutional neural network for causal relation extraction from natural language texts. Expert Syst. Appl. 115, 512\u2013523 (2019)","journal-title":"Expert Syst. Appl."},{"key":"60_CR12","doi-asserted-by":"crossref","unstructured":"Bossert, G., Guih\u00e9ry, F., Hiet, G.: Towards automated protocol reverse engineering using semantic information. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security 2014, pp. 51\u201362. ACM, Kyoto (2014)","DOI":"10.1145\/2590296.2590346"},{"key":"60_CR13","doi-asserted-by":"crossref","unstructured":"Koganti, V.S., Galla, L.K., Nuthalapati, N.: Internet worms and its detection. In: International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT) 2016, pp. 64\u201373. IEEE Conference Publications (2016)","DOI":"10.1109\/ICCICCT.2016.7987920"},{"key":"60_CR14","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-319-40667-1_9","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Andre Pawlowski","year":"2016","unstructured":"Pawlowski, A., Contag, M., Holz, T.: Probfuscation: an obfuscation approach using probabilistic control flows. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R. (eds.) Detection of Intrusions and Malware, and Vulnerability Assessment: Proceedings of the 13th International Conference, DIMVA 2016, San Sebasti\u00e1n, Spain, 7\u20138 July 2016, pp. 165\u2013185. Springer, Cham (2016)"},{"key":"60_CR15","doi-asserted-by":"crossref","unstructured":"Xie, X., et al.: Mixed obfuscation of overlapping instruction and self-modify code based on hyper-chaotic opaque predicates. In: Tenth International Conference on Computational Intelligence and Security 2014, pp. 524\u2013528. IEEE Conference Publications (2014)","DOI":"10.1109\/CIS.2014.45"},{"key":"60_CR16","unstructured":"Payer, M.: HexPADS: a platform to detect \u201cstealth\u201d attacks. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds.) Engineering Secure Software and Systems: Proceedings of the 8th International Symposium, ESSoS 2016, London, UK, 6\u20138 April 2016, pp. 138\u2013154. Springer, Cham (2016)"},{"issue":"11","key":"60_CR17","doi-asserted-by":"publisher","first-page":"943","DOI":"10.1631\/jzus.C1300242","volume":"15","author":"A Karim","year":"2014","unstructured":"Karim, A., et al.: Botnet detection techniques: review, future trends, and issues. J. Zhejiang Univ. Sci. C 15(11), 943\u2013983 (2014)","journal-title":"J. Zhejiang Univ. Sci. C"},{"issue":"3","key":"60_CR18","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/s10462-011-9210-5","volume":"36","author":"MJ Abul Hasan","year":"2011","unstructured":"Abul Hasan, M.J., Ramakrishnan, S.: A survey: hybrid evolutionary algorithms for cluster analysis. Artif. Intell. Rev. 36(3), 179\u2013204 (2011)","journal-title":"Artif. Intell. Rev."},{"key":"60_CR19","doi-asserted-by":"crossref","unstructured":"Lim, J., Reps, T., Liblit, B.: Extracting output formats from executables. In: Proceedings of the Working Conference on Reverse Engineering, Benevento, Italy (2006)","DOI":"10.1109\/WCRE.2006.29"},{"issue":"2","key":"60_CR20","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2089125.2089126","volume":"44","author":"M Egele","year":"2012","unstructured":"Egele, M., et al.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. 44(2), 1\u201342 (2012)","journal-title":"ACM Comput. Surv."},{"key":"60_CR21","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Dawn, S.: Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 317\u2013329 (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"60_CR22","doi-asserted-by":"crossref","unstructured":"Caballero, J., Poosankam, P., Kreibich, C., Song, D.: Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 621\u2013634 (2009)","DOI":"10.1145\/1653662.1653737"}],"container-title":["Lecture Notes in Networks and Systems","Advances on Broad-Band Wireless Computing, Communication and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-33506-9_60","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,17]],"date-time":"2019-10-17T18:22:14Z","timestamp":1571336534000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-33506-9_60"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,10,18]]},"ISBN":["9783030335052","9783030335069"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-33506-9_60","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"type":"print","value":"2367-3370"},{"type":"electronic","value":"2367-3389"}],"subject":[],"published":{"date-parts":[[2019,10,18]]},"assertion":[{"value":"18 October 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"BWCCA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Broadband and Wireless Computing, Communication and Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Antwerp","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 November 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 November 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"bwcca2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/voyager.ce.fit.ac.jp\/conf\/bwcca\/2019\/index.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}