{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T14:47:46Z","timestamp":1743000466362,"version":"3.40.3"},"publisher-location":"Cham","reference-count":17,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031535543"},{"type":"electronic","value":"9783031535550"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-53555-0_8","type":"book-chapter","created":{"date-parts":[[2024,2,13]],"date-time":"2024-02-13T05:02:10Z","timestamp":1707800530000},"page":"75-86","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Graph-Based Detection of\u00a0Encrypted Malicious Traffic with\u00a0Spatio-Temporal Features"],"prefix":"10.1007","author":[{"given":"Qing","family":"Guo","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenchuan","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baojiang","family":"Cui","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,2,14]]},"reference":[{"key":"8_CR1","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Identifying encrypted malware traffic with contextual flow data. In: Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, pp. 35\u201346 (2016)","DOI":"10.1145\/2996758.2996768"},{"key":"8_CR2","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. In: Proceedings of the 23rd ACM SIGKDD International Conference on knowledge discovery and data mining, pp. 1723\u20131732 (2017)","DOI":"10.1145\/3097983.3098163"},{"key":"8_CR3","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/s11416-017-0306-6","volume":"14","author":"B Anderson","year":"2018","unstructured":"Anderson, B., Paul, S., McGrew, D.: Deciphering malware\u2019s use of TLS (without decryption). J. Comput. Virol. Hacking Tech. 14, 195\u2013211 (2018)","journal-title":"J. Comput. Virol. Hacking Tech."},{"issue":"4","key":"8_CR4","doi-asserted-by":"publisher","first-page":"807","DOI":"10.1109\/TC.2013.13","volume":"63","author":"G Creech","year":"2013","unstructured":"Creech, G., Hu, J.: A semantic approach to host-based intrusion detection systems using contiguousand discontiguous system call patterns. IEEE Trans. Comput. 63(4), 807\u2013819 (2013)","journal-title":"IEEE Trans. Comput."},{"key":"8_CR5","unstructured":"Duncan, B.: Malware traffic analysis (2023). https:\/\/malware-traffic-analysis.net\/"},{"issue":"1","key":"8_CR6","doi-asserted-by":"publisher","first-page":"452","DOI":"10.1109\/TNET.2022.3195871","volume":"31","author":"C Fu","year":"2022","unstructured":"Fu, C., Li, Q., Shen, M., Xu, K.: Frequency domain feature based robust malicious traffic detection. IEEE\/ACM Trans. Networking 31(1), 452\u2013467 (2022)","journal-title":"IEEE\/ACM Trans. Networking"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Fu, Z., et al.: Encrypted malware traffic detection via graph-based network analysis. In: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses, pp. 495\u2013509 (2022)","DOI":"10.1145\/3545948.3545983"},{"key":"8_CR8","unstructured":"Google: google transparency report (2023). https:\/\/transparencyreport.google.com\/"},{"key":"8_CR9","unstructured":"Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. arXiv preprint arXiv:1609.02907 (2016)"},{"key":"8_CR10","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1007\/978-3-658-32182-6_16","volume-title":"Data Science \u2013 Analytics and Applications","author":"G Mar\u00edn","year":"2021","unstructured":"Mar\u00edn, G., Caasas, P., Capdehourat, G.: DeepMAL - deep learning models for malware traffic detection and classification. In: Data Science \u2013 Analytics and Applications, pp. 105\u2013112. Springer, Wiesbaden (2021). https:\/\/doi.org\/10.1007\/978-3-658-32182-6_16"},{"key":"8_CR11","unstructured":"Ponemon: hidden threats in encrypted traffic (2016). https:\/\/www.ponemon.org\/local\/upload\/file\/A10%20Report%20Final.pdf"},{"key":"8_CR12","unstructured":"Project, Z.: Zeek (2023). https:\/\/zeek.org\/"},{"key":"8_CR13","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1016\/j.eswa.2019.01.064","volume":"125","author":"AS Shekhawat","year":"2019","unstructured":"Shekhawat, A.S., Di Troia, F., Stamp, M.: Feature analysis of encrypted malicious traffic. Expert Syst. Appl. 125, 130\u2013141 (2019)","journal-title":"Expert Syst. Appl."},{"key":"8_CR14","unstructured":"University, C.T.: Ctu-13 (2023). https:\/\/www.stratosphereips.org\/datasets-ctu13"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Wang, W., Zhu, M., Wang, J., Zeng, X., Yang, Z.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 43\u201348. IEEE (2017)","DOI":"10.1109\/ISI.2017.8004872"},{"key":"8_CR16","doi-asserted-by":"crossref","unstructured":"Zhang, H., Papadopoulos, C., Massey, D.: Detecting encrypted botnet traffic. In: 2013 Proceedings IEEE INFOCOM, pp. 3453\u20131358. IEEE (2013)","DOI":"10.1109\/INFCOM.2013.6567180"},{"key":"8_CR17","unstructured":"Zscaler ThreatLabz: State of encrypted attacks 2022 report (2022). https:\/\/www.zscaler.com\/blogs\/security-research\/2022-encrypted-attacks-report"}],"container-title":["Lecture Notes on Data Engineering and Communications Technologies","Advances in Internet, Data & Web Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-53555-0_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,13]],"date-time":"2024-02-13T05:05:18Z","timestamp":1707800718000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-53555-0_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031535543","9783031535550"],"references-count":17,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-53555-0_8","relation":{},"ISSN":["2367-4512","2367-4520"],"issn-type":[{"type":"print","value":"2367-4512"},{"type":"electronic","value":"2367-4520"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"14 February 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EIDWT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Emerging Internet, Data & Web Technologies","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Naples","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 February 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 February 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eidwt12024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/voyager.ce.fit.ac.jp\/conf\/eidwt\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}