{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T13:51:21Z","timestamp":1726062681689},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030372279"},{"type":"electronic","value":"9783030372286"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37228-6_22","type":"book-chapter","created":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T05:00:05Z","timestamp":1576472405000},"page":"450-471","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Victim-Aware Adaptive Covert Channels"],"prefix":"10.1007","author":[{"given":"Riccardo","family":"Bortolameotti","sequence":"first","affiliation":[]},{"given":"Thijs","family":"van Ede","sequence":"additional","affiliation":[]},{"given":"Andrea","family":"Continella","sequence":"additional","affiliation":[]},{"given":"Maarten","family":"Everts","sequence":"additional","affiliation":[]},{"given":"Willem","family":"Jonker","sequence":"additional","affiliation":[]},{"given":"Pieter","family":"Hartel","sequence":"additional","affiliation":[]},{"given":"Andreas","family":"Peter","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,12,13]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Rossow, C., et al: Sandnet: network traffic analysis of malicious software. In: BADGERS, pp. 78\u201388. ACM (2011)","key":"22_CR1","DOI":"10.1145\/1978672.1978682"},{"doi-asserted-by":"crossref","unstructured":"Stone-Gross, B., et al.: Your Botnet is my Botnet: analysis of a Botnet takeover. In: CCS, pp. 635\u2013647. ACM (2009)","key":"22_CR2","DOI":"10.1145\/1653662.1653738"},{"doi-asserted-by":"crossref","unstructured":"Continella, A., et al.: ShieldFS: a self-healing, ransomware-aware filesystem. In: ACSAC. ACM (2016)","key":"22_CR3","DOI":"10.1145\/2991079.2991110"},{"key":"22_CR4","doi-asserted-by":"publisher","first-page":"117","DOI":"10.3233\/JCS-15773","volume":"25","author":"A Continella","year":"2017","unstructured":"Continella, A., Carminati, M., Polino, M., Lanzi, A., Zanero, S., Maggi, F.: Prometheus: analyzing webinject-based information stealers. J. Comput. Secur. 25, 117\u2013137 (2017)","journal-title":"J. Comput. Secur."},{"issue":"3","key":"22_CR5","first-page":"50","volume":"47","author":"S Wendzel","year":"2015","unstructured":"Wendzel, S., Zander, S., Fechner, B., Herdin, C.: Pattern-based survey and categorization of network covert channel techniques. ACM CSUR 47(3), 50 (2015)","journal-title":"ACM CSUR"},{"doi-asserted-by":"crossref","unstructured":"Houmansadr, A., Brubaker, C., Shmatikov, V.: The parrot is dead: observing unobservable network communications. In: IEEE S&P, pp. 65\u201379 (2013)","key":"22_CR6","DOI":"10.1109\/SP.2013.14"},{"doi-asserted-by":"crossref","unstructured":"Dyer, K.P., Coull, S.E., Ristenpart, T., Shrimpton, T.: Protocol misidentification made easy with format-transforming encryption. In: CCS, pp. 61\u201372. ACM (2013)","key":"22_CR7","DOI":"10.1145\/2508859.2516657"},{"unstructured":"Wright, C.V., Coull, S.E., Monrose, F.: Traffic morphing: an efficient defense against statistical traffic analysis. In: NDSS (2009)","key":"22_CR8"},{"unstructured":"Moghaddam, H.M., Li, B., Derakhshani, M., Goldberg, I.: SkypeMorph: protocol obfuscation for tor bridges. In: ACM CCS 2012, pp. 97\u2013108 (2012)","key":"22_CR9"},{"doi-asserted-by":"crossref","unstructured":"Weinberg, Z., Wang, J., Yegneswaran, V., Briesemeister, L., Cheung, S., Wang, F., Boneh, D.: StegoTorus: a camouflage proxy for the tor anonymity system. In: ACM CCS 2012, pp. 109\u2013120 (2012)","key":"22_CR10","DOI":"10.1145\/2382196.2382211"},{"unstructured":"FAKEM RAT: Malware Disguised as Windows Messenger and Yahoo! Messenger. \nhttps:\/\/www.trendmicro.de\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp-fakem-rat.pdf","key":"22_CR11"},{"doi-asserted-by":"crossref","unstructured":"Bortolameotti, R. et al.: DECANTeR: detection of anomalous outbound HTTP traffic by passive application fingerprinting. In: ACSAC, pp. 373\u2013386. ACM (2017)","key":"22_CR12","DOI":"10.1145\/3134600.3134605"},{"doi-asserted-by":"crossref","unstructured":"Borders, K., Prakash, A.: Web tap: detecting covert web traffic. In: CCS, pp. 110\u2013120. ACM (2004)","key":"22_CR13","DOI":"10.1145\/1030083.1030100"},{"doi-asserted-by":"crossref","unstructured":"Schwenk, G., Rieck, K.: Adaptive detection of covert communication in http requests. In: EC2ND, pp. 25\u201332. IEEE (2011)","key":"22_CR14","DOI":"10.1109\/EC2ND.2011.12"},{"unstructured":"Fogla, P., Sharif, M.I., Perdisci, R., Kolesnikov, O.M., Lee, W.: Polymorphic blending attacks. In: USENIX Security 2006 (2006)","key":"22_CR15"},{"doi-asserted-by":"crossref","unstructured":"Fogla, P., Lee, W.: Evading network anomaly detection systems: formal reasoning and practical techniques. In: ACM CCS 2006, pp. 59\u201368 (2006)","key":"22_CR16","DOI":"10.1145\/1180405.1180414"},{"key":"22_CR17","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1016\/j.cose.2016.01.006","volume":"59","author":"JJ Davis","year":"2016","unstructured":"Davis, J.J., Foo, E.: Automated feature engineering for HTTP tunnel detection. Comput. Secur. 59, 166\u2013185 (2016)","journal-title":"Comput. Secur."},{"doi-asserted-by":"crossref","unstructured":"Casenove, M.: Exfiltrations using polymorphic blending techniques: analysis and countermeasures. In: Cyber Conflict: Architectures in Cyberspace (CyCon), pp. 217\u2013230. IEEE (2015)","key":"22_CR18","DOI":"10.1109\/CYCON.2015.7158479"},{"doi-asserted-by":"crossref","unstructured":"Yarochkin, F.V., Dai, S.-Y., Lin, C.-H., Huang, Y., Kuo, S.-Y.: Towards adaptive covert communication system. In: PRDC, pp. 153\u2013159. IEEE (2008)","key":"22_CR19","DOI":"10.1109\/PRDC.2008.26"},{"unstructured":"EMOTET Returns, Starts Spreading via Spam Botnet. \nhttps:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/emotet-returns-starts-spreading-via-spam-botnet\/","key":"22_CR20"},{"unstructured":"PNFilter Malware Now Exploiting Endpoints, Not Just Routers. \nhttps:\/\/duo.com\/decipher\/vpnfilter-malware-now-exploiting-endpoints-not-just-routers","key":"22_CR21"},{"doi-asserted-by":"crossref","unstructured":"Zarras, A., Papadogiannakis, A., Gawlik, R., Holz, T.: Automated generation of models for fast and precise detection of http-based malware. In: PST, pp. 249\u2013256. IEEE (2014)","key":"22_CR22","DOI":"10.1109\/PST.2014.6890946"},{"issue":"4","key":"22_CR23","doi-asserted-by":"publisher","first-page":"80:1","DOI":"10.1145\/3214305","volume":"51","author":"X Han","year":"2018","unstructured":"Han, X., Kheir, N., Balzarotti, D.: Deception techniques in computer security: a research perspective. ACM Comput. Surv. 51(4), 80:1\u201380:36 (2018)","journal-title":"ACM Comput. Surv."},{"doi-asserted-by":"crossref","unstructured":"Durumeric, Z., et al.: The security impact of https interception. In: NDSS (2017)","key":"22_CR24","DOI":"10.14722\/ndss.2017.23456"},{"doi-asserted-by":"crossref","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP (2018)","key":"22_CR25","DOI":"10.5220\/0006639801080116"},{"doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the closed world: On using machine learning for network intrusion detection. In: S&P, pp. 305\u2013316. IEEE (2010)","key":"22_CR26","DOI":"10.1109\/SP.2010.25"},{"doi-asserted-by":"crossref","unstructured":"Borders, K., Prakash, A.: Quantifying information leaks in outbound web traffic. In: IEEE S&P 2009, pp. 129\u2013140 (2009)","key":"22_CR27","DOI":"10.1109\/SP.2009.9"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37228-6_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T05:02:50Z","timestamp":1576472570000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37228-6_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372279","9783030372286"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37228-6_22","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}