{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,4]],"date-time":"2025-09-04T14:33:55Z","timestamp":1756996435140,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030891367"},{"type":"electronic","value":"9783030891374"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-89137-4_6","type":"book-chapter","created":{"date-parts":[[2021,10,10]],"date-time":"2021-10-10T22:42:46Z","timestamp":1633905766000},"page":"77-92","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["A New Method for Inferring Ground-Truth Labels and Malware Detector Effectiveness Metrics"],"prefix":"10.1007","author":[{"given":"John","family":"Charlton","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pang","family":"Du","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shouhuai","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,10,10]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Charlton, J., Du, P., Cho, J.H., Xu, S.: Measuring relative accuracy of malware detectors in the absence of ground truth. In: Proceedings IEEE MILCOM, pp. 450\u2013455 (2018)","key":"6_CR1","DOI":"10.1109\/MILCOM.2018.8599730"},{"doi-asserted-by":"crossref","unstructured":"Chen, H., Cho, J., Xu, S.: Quantifying the security effectiveness of firewalls and dmzs. In: Proceedings HoTSoS 2018, pp. 9:1\u20139:11 (2018)","key":"6_CR2","DOI":"10.1145\/3190619.3190639"},{"doi-asserted-by":"crossref","unstructured":"Chen, H., Cho, J., Xu, S.: Quantifying the security effectiveness of network diversity. In: Proceedings HoTSoS 2018, p. 24:1 (2018)","key":"6_CR3","DOI":"10.1145\/3190619.3191680"},{"doi-asserted-by":"crossref","unstructured":"Cheng, Y., Deng, J., Li, J., DeLoach, S., Singhal, A., Ou, X.: Metrics of security. In: Cyber Defense and Situational Awareness, pp. 263\u2013295 (2014)","key":"6_CR4","DOI":"10.1007\/978-3-319-11391-3_13"},{"doi-asserted-by":"crossref","unstructured":"Cho, J., Hurley, P., Xu, S.: Metrics and measurement of trustworthy systems. In: IEEE Military Communication Conference (MILCOM 2016) (2016)","key":"6_CR5","DOI":"10.1109\/MILCOM.2016.7795500"},{"doi-asserted-by":"crossref","unstructured":"Cho, J., Xu, S., Hurley, P., Mackay, M., Benjamin, T., Beaumont, M.: Stram: measuring the trustworthiness of computer-based systems. ACM Comput. Surv. 51(6), 128:1\u2013128:47 (2019)","key":"6_CR6","DOI":"10.1145\/3277666"},{"issue":"12","key":"6_CR7","first-page":"2965","volume":"13","author":"P Du","year":"2018","unstructured":"Du, P., Sun, Z., Chen, H., Cho, J.H., Xu, S.: Statistical estimation of malware detection metrics in the absence of ground truth. IEEE T-IFS 13(12), 2965\u20132980 (2018)","journal-title":"IEEE T-IFS"},{"issue":"4","key":"6_CR8","doi-asserted-by":"publisher","first-page":"561","DOI":"10.3233\/JCS-130475","volume":"21","author":"J Homer","year":"2013","unstructured":"Homer, J., et al.: Aggregating vulnerability metrics in enterprise networks using attack graphs. J. Comput. Secur. 21(4), 561\u2013597 (2013)","journal-title":"J. Comput. Secur."},{"issue":"6","key":"6_CR9","doi-asserted-by":"publisher","first-page":"417","DOI":"10.1037\/h0071325","volume":"24","author":"H Hotelling","year":"1933","unstructured":"Hotelling, H.: Analysis of a complex of statistical variables into principal components. J. Educ. Psychol. 24(6), 417 (1933)","journal-title":"J. Educ. Psychol."},{"doi-asserted-by":"crossref","unstructured":"Invernizzi, L., Benvenuti, S., Cova, M., Comparetti, P.M., Kruegel, C., Vigna, G.: Evilseed: a guided approach to finding malicious web pages. In: IEEE Symposium on Security and Privacy, pp. 428\u2013442 (2012)","key":"6_CR10","DOI":"10.1109\/SP.2012.33"},{"key":"6_CR11","volume-title":"Matrix Analysis","author":"CR Johnson","year":"1985","unstructured":"Johnson, C.R., Horn, R.A.: Matrix Analysis. Cambridge University Press, Cambridge (1985)"},{"doi-asserted-by":"crossref","unstructured":"Kantchelian, A., et al.: Better malware ground truth: techniques for weighting anti-virus vendor labels. In: Proceedings 2015 ACM Workshop on Artificial Intelligence and Security, pp. 45\u201356 (2015)","key":"6_CR12","DOI":"10.1145\/2808769.2808780"},{"doi-asserted-by":"crossref","unstructured":"K\u00fchrer, M., Rossow, C., Holz, T.: Paint it black: evaluating the effectiveness of malware blacklists. In: Proceedings Research in Attacks, Intrusions and Defenses (RAID 2014), pp. 1\u201321 (2014)","key":"6_CR13","DOI":"10.1007\/978-3-319-11379-1_1"},{"issue":"12","key":"6_CR14","first-page":"3217","volume":"14","author":"J Mireles","year":"2019","unstructured":"Mireles, J., Ficke, E., Cho, J., Hurley, P., Xu, S.: Metrics towards measuring cyber agility. IEEE T-IFS 14(12), 3217\u20133232 (2019)","journal-title":"IEEE T-IFS"},{"doi-asserted-by":"crossref","unstructured":"Mohaisen, A., Alrawi, O.: Av-meter: an evaluation of antivirus scans and labels. In: Proceedings DIMVA, pp. 112\u2013131 (2014)","key":"6_CR15","DOI":"10.1007\/978-3-319-08509-8_7"},{"unstructured":"Morales, J., Xu, S., Sandhu, R.: Analyzing malware detection efficiency with multiple anti-malware programs. In: Proceedings CyberSecurity (2012)","key":"6_CR16"},{"key":"6_CR17","doi-asserted-by":"publisher","first-page":"141","DOI":"10.1007\/978-3-319-66505-4_7","volume-title":"Network Security Metrics","author":"S Noel","year":"2017","unstructured":"Noel, S., Jajodia, S.: A suite of metrics for network attack graph analytics. In: Network Security Metrics, pp. 141\u2013176. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66505-4_7"},{"doi-asserted-by":"crossref","unstructured":"Pendleton, M., Garcia-Lebron, R., Cho, J., Xu, S.: A survey on systems security metrics. ACM Comput. Surv. 49(4), 62:1\u201362:35 (2016)","key":"6_CR18","DOI":"10.1145\/3005714"},{"doi-asserted-by":"crossref","unstructured":"Perdisci, R., ManChon, U.: Vamo: Towards a fully automated malware clustering validity analysis. In: Proceedings. ACSAC, pp. 329\u2013338 (2012)","key":"6_CR19","DOI":"10.1145\/2420950.2420999"},{"unstructured":"Pritom, M., Schweitzer, K., Bateman, R., Xu, M., Xu, S.: Data-driven characterization and detection of COVID-19 themed malicious websites. In: IEEE ISI 2020 (2020)","key":"6_CR20"},{"issue":"4","key":"6_CR21","doi-asserted-by":"publisher","first-page":"2704","DOI":"10.1109\/COMST.2017.2745505","volume":"19","author":"A Ramos","year":"2017","unstructured":"Ramos, A., Lazar, M., Filho, R.H., Rodrigues, J.J.P.C.: Model-based quantitative network security metrics: a survey. IEEE Commun. Surv. Tutorials 19(4), 2704\u20132734 (2017)","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"6_CR22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66505-4","volume-title":"Network Security Metrics","author":"L Wang","year":"2017","unstructured":"Wang, L., Jajodia, S., Singhal, A.: Network Security Metrics. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66505-4"},{"issue":"1","key":"6_CR23","first-page":"30","volume":"11","author":"L Wang","year":"2014","unstructured":"Wang, L., Jajodia, S., Singhal, A., Cheng, P., Noel, S.: K-zero day safety: a network security metric for measuring the risk of unknown vulnerabilities. IEEE TDSC 11(1), 30\u201344 (2014)","journal-title":"IEEE TDSC"},{"doi-asserted-by":"crossref","unstructured":"Xu, L., Zhan, Z., Xu, S., Ye, K.: Cross-layer detection of malicious websites. In: ACM CODASPY, pp. 141\u2013152 (2013)","key":"6_CR24","DOI":"10.1145\/2435349.2435366"},{"doi-asserted-by":"crossref","unstructured":"Xu, L., Zhan, Z., Xu, S., Ye, K.: An evasion and counter-evasion study in malicious websites detection. In: IEEE CNS, pp. 265\u2013273 (2014)","key":"6_CR25","DOI":"10.1109\/CNS.2014.6997494"},{"doi-asserted-by":"crossref","unstructured":"Zhang, J., Durumeric, Z., Bailey, M., Liu, M., Karir, M.: On the mismanagement and maliciousness of networks. In: Proceedings NDSS 2014 (2014)","key":"6_CR26","DOI":"10.14722\/ndss.2014.23057"},{"issue":"5","key":"6_CR27","doi-asserted-by":"publisher","first-page":"1071","DOI":"10.1109\/TIFS.2016.2516916","volume":"11","author":"M Zhang","year":"2016","unstructured":"Zhang, M., Wang, L., Jajodia, S., Singhal, A., Albanese, M.: Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks. IEEE Trans. Inf. Forensics Secur. 11(5), 1071\u20131086 (2016)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"unstructured":"Zhu, S., et al.: Measuring and modeling the label dynamics of online anti-malware engines. In: 29th USENIX Security Symposium, USENIX Security 2020, 12\u201314, August 2020, pp. 2361\u20132378 (2020)","key":"6_CR28"}],"container-title":["Lecture Notes in Computer Science","Science of Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-89137-4_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T17:50:49Z","timestamp":1725904249000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-89137-4_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030891367","9783030891374"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-89137-4_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"10 October 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SciSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Science of Cyber Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Shanghai","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 August 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"scisec2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/scisec.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}