{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T01:00:18Z","timestamp":1740099618343,"version":"3.37.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030387877"},{"type":"electronic","value":"9783030387884"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-38788-4_3","type":"book-chapter","created":{"date-parts":[[2020,2,5]],"date-time":"2020-02-05T07:02:45Z","timestamp":1580886165000},"page":"33-60","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Discovering Malicious URLs Using Machine Learning Techniques"],"prefix":"10.1007","author":[{"given":"Bo","family":"Sun","sequence":"first","affiliation":[]},{"given":"Takeshi","family":"Takahashi","sequence":"additional","affiliation":[]},{"given":"Lei","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Tatsuya","family":"Mori","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,2,6]]},"reference":[{"key":"3_CR1","unstructured":"The high-interaction web client honeypot capture-hpc. \nhttps:\/\/github.com\/honeynet\/capture-hpc"},{"key":"3_CR2","unstructured":"The high-interaction web client honeypot pwnypot. \nhttps:\/\/github.com\/shjalayeri\/pwnypot"},{"key":"3_CR3","unstructured":"The low-interaction web client honeypot thug. \nhttps:\/\/github.com\/buffer\/thug"},{"key":"3_CR4","unstructured":"The low-interaction web client honeypot yalih. \nhttps:\/\/github.com\/Masood-M\/yalih"},{"issue":"5","key":"3_CR5","doi-asserted-by":"publisher","first-page":"1131","DOI":"10.1587\/transcom.E93.B.1131","volume":"E93-B","author":"Mitsuaki AKIYAMA","year":"2010","unstructured":"Akiyama M, Iwamura M, Kawakoya Y, Aoki K, Itoh M (2010) Design and implementation of high interaction client honeypot for drive-by-download attacks. IEICE Trans 93-B(5):1131\u20131139","journal-title":"IEICE Transactions on Communications"},{"key":"3_CR6","doi-asserted-by":"crossref","unstructured":"Akiyama M, Yagi T, Itoh M (2011) Searching structural neighborhood of malicious urls to improve blacklisting. In: 11th annual international symposium on applications and the internet, SAINT 2011, Munich, Germany, 18\u201321 July 2011, Proceedings, pp 1\u201310. \nhttp:\/\/doi.ieeecomputersociety.org\/10.1109\/SAINT.2011.11","DOI":"10.1109\/SAINT.2011.11"},{"key":"3_CR7","unstructured":"Antonakakis M, Perdisci R, Dagon D, Lee W, Feamster N (2010) Building a dynamic reputation system for DNS. In: 19th USENIX security symposium, Washington, DC, USA, 11\u201313 August 2010, Proceedings, pp 273\u2013290"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Aoki K, Yagi T, Iwamura M, Itoh M (2011) Controlling malware HTTP communications in dynamic analysis system using search engine. In: Proceedings of the IEEE CSS, pp 1\u20136","DOI":"10.1109\/CSS.2011.6058563"},{"key":"3_CR9","unstructured":"Barabosch T, Wichmann A, Leder F, and Gerhards-Padilla E (2012) Automatic extraction of domain name generation algorithms from current malware. In: Proceedings of the NATO symposium IST-111 on information assurance and cyber defence (2012)"},{"key":"3_CR10","doi-asserted-by":"crossref","unstructured":"Canali D, Cova M, Vigna G, Kruegel C (2011) Prophiler: a fast filter for the large-scale detection of malicious web pages. In: Proceedings of the WWW, pp 197\u2013206","DOI":"10.1145\/1963405.1963436"},{"issue":"3","key":"3_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1961189.1961199","volume":"2","author":"Chih-Chung Chang","year":"2011","unstructured":"Chang C, Lin C (2011) LIBSVM: a library for support vector machines. ACM TIST 2(3):27:1\u201327:27","journal-title":"ACM Transactions on Intelligent Systems and Technology"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Chiba D, Tobe K, Mori T, Goto S (2012) Detecting malicious websites by learning IP address features. In: 12th IEEE\/IPSJ international symposium on applications and the internet, SAINT 2012, Izmir, Turkey, 16\u201320 July 2012, pp 29\u201339. \nhttp:\/\/dx.doi.org\/10.1109\/SAINT.2012.14","DOI":"10.1109\/SAINT.2012.14"},{"key":"3_CR13","unstructured":"Choi H, Zhu BB, Lee H (2011) Detecting malicious web links and identifying their attack types. In: Proceedings of the USENIX WebApps"},{"key":"3_CR14","unstructured":"Curtsinger C, Livshits B, Zorn BG, Seifert C (2011) ZOZZLE: fast and precise in-browser javascript malware detection. In: 20th USENIX security symposium, San Francisco, CA, USA, 8\u201312 August 2011, Proceedings"},{"key":"3_CR15","first-page":"149","volume-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Birhanu Eshete","year":"2013","unstructured":"Eshete B, Villafiorita A, Weldemariam K (2012) Binspect: holistic analysis and detection of malicious web pages. In: Proceedings of the SecureComm, pp 149\u2013166"},{"key":"3_CR16","unstructured":"Ghahramani Z, Heller KA (2005) Bayesian sets. In: Proceedings of the NIPS"},{"key":"3_CR17","unstructured":"Internetlivestats (2019) Google search statistics-internet live stats. \nhttp:\/\/www.internetlivestats.com\/google-search-statistics\/"},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"Invernizzi L, Comparetti PM (2012) Evilseed: a guided approach to finding malicious web pages. In: Proceedings of the IEEE symposium on security and privacy, pp 428\u2013442","DOI":"10.1109\/SP.2012.33"},{"key":"3_CR19","unstructured":"Kaspersky Lab (2013) Kaspersky security bulletin 2013. \nhttps:\/\/report.kaspersky.com"},{"key":"3_CR20","doi-asserted-by":"crossref","unstructured":"Ma J, Saul LK, Savage S, Voelker GM (2009) Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: Proceedings of the KDD, pp 1245\u20131254","DOI":"10.1145\/1557019.1557153"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Mowbray M, Hagen J (2014) Finding domain-generation algorithms by looking at length distribution. In: 25th IEEE international symposium on software reliability engineering workshops, ISSRE Workshops, Naples, Italy, 3\u20136 November 2014, pp 395\u2013400","DOI":"10.1109\/ISSREW.2014.20"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Schiavoni S, Maggi F, Cavallaro L, Zanero S (2014) Phoenix: DGA-based botnet tracking and intelligence. In: 11th International conference on detection of intrusions and malware, and vulnerability assessment, DIMVA 2014, Egham, UK, 10\u201311 July 2014, Proceedings, pp 192\u2013211","DOI":"10.1007\/978-3-319-08509-8_11"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"Spooren J, Preuveneers D, Desmet L, Janssen P, Joosen W (2019) Detection of algorithmically generated domain names used by botnets: a dual arms race. In: Proceedings of the 34th ACM\/SIGAPP symposium on applied computing, SAC 2019, Limassol, Cyprus, 8\u201312 April 2019, pp 1916\u20131923","DOI":"10.1145\/3297280.3297467"},{"issue":"4","key":"3_CR24","doi-asserted-by":"publisher","first-page":"873","DOI":"10.1587\/transinf.2015ICP0027","volume":"E99.D","author":"Bo SUN","year":"2016","unstructured":"Sun B, Akiyama M, Yagi T, Hatada M, Mori T (2016) Automating URL blacklist generation with similarity search approach. IEICE Trans 99-D(4):873\u2013882","journal-title":"IEICE Transactions on Information and Systems"},{"key":"3_CR25","unstructured":"Xu W, Sanders K, Zhang Y (2014) We know it before you do: predicting malicious domains. In: Proceedings of the 24th virus bulletin conference (VB2014)"},{"key":"3_CR26","doi-asserted-by":"crossref","unstructured":"Xu L, Zhan Z, Xu S, Ye K (2013) Cross-layer detection of malicious websites. In: Proceedings of the CODASPY, pp 141\u2013152","DOI":"10.1145\/2435349.2435366"},{"key":"3_CR27","doi-asserted-by":"crossref","unstructured":"Yadav S, Reddy AKK, Reddy ALN, Ranjan S (2010) Detecting algorithmically generated malicious domain names. In: Proceedings of the 10th ACM SIGCOMM Internet measurement conference, IMC 2010, Melbourne, Australia, 1\u20133 November 2010, pp 48\u201361","DOI":"10.1145\/1879141.1879148"}],"container-title":["Intelligent Systems Reference Library","Data Science in Cybersecurity and Cyberthreat Intelligence"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-38788-4_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,5]],"date-time":"2020-02-05T07:03:25Z","timestamp":1580886205000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-38788-4_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030387877","9783030387884"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-38788-4_3","relation":{},"ISSN":["1868-4394","1868-4408"],"issn-type":[{"type":"print","value":"1868-4394"},{"type":"electronic","value":"1868-4408"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"6 February 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}