{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T11:31:56Z","timestamp":1742988716487,"version":"3.40.3"},"publisher-location":"Cham","reference-count":74,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031565793"},{"type":"electronic","value":"9783031565809"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-56580-9_3","type":"book-chapter","created":{"date-parts":[[2024,4,2]],"date-time":"2024-04-02T05:02:23Z","timestamp":1712034143000},"page":"33-57","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Enhancing Incident Management by\u00a0an\u00a0Improved Understanding of\u00a0Data Exfiltration: Definition, Evaluation, Review"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5789-8558","authenticated-orcid":false,"given":"Michael","family":"Mundt","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9254-6398","authenticated-orcid":false,"given":"Harald","family":"Baier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,4,3]]},"reference":[{"key":"3_CR1","doi-asserted-by":"publisher","unstructured":"Ahmed, M., et al.: MITRE ATT &CK-driven cyber risk assessment (2022). https:\/\/doi.org\/10.1145\/3538969.3544420","DOI":"10.1145\/3538969.3544420"},{"key":"3_CR2","doi-asserted-by":"publisher","unstructured":"Alrehaili, M., Alshamrani, A., Eshmawi, A.: A hybrid deep learning approach for advanced persistent threat attack detection. In: The 5th International Conference on Future Networks & Distributed Systems, ICFNDS 2021, pp. 78\u201386. Association for Computing Machinery, New York (2022). ISBN: 9781450387347. https:\/\/doi.org\/10.1145\/3508072.3508085","DOI":"10.1145\/3508072.3508085"},{"key":"3_CR3","doi-asserted-by":"publisher","unstructured":"Ayinala, S., Murimi, R.: On a territorial notion of a smart home. In: Proceedings of the 1st Workshop on Cybersecurity and Social Sciences, CySSS 2022, pp. 33\u201337. Association for Computing Machinery, New York (2022). ISBN: 9781450391771. https:\/\/doi.org\/10.1145\/3494108.3522766","DOI":"10.1145\/3494108.3522766"},{"key":"3_CR4","doi-asserted-by":"publisher","unstructured":"Bhattarai, B., Huang, H.: SteinerLog: prize collecting the audit logs for threat hunting on enterprise network. In: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2022, pp. 97\u2013108. Association for Computing Machinery, New York (2022). ISBN: 9781450391405. https:\/\/doi.org\/10.1145\/3488932.3523261","DOI":"10.1145\/3488932.3523261"},{"key":"3_CR5","doi-asserted-by":"publisher","unstructured":"Birnbach, S., Eberz, S., Martinovic, I.: Haunted house: physical smart home event verification in the presence of compromised sensors. ACM Trans. Internet Things 3(3) (2022). ISSN: 2691-1914. https:\/\/doi.org\/10.1145\/3506859","DOI":"10.1145\/3506859"},{"key":"3_CR6","doi-asserted-by":"publisher","unstructured":"Botacin, M., et al.: Terminator: a secure coprocessor to accelerate real-time antiviruses using inspection breakpoints. ACM Trans. Priv. Secur. 25(2) (2022). ISSN: 2471-2566. https:\/\/doi.org\/10.1145\/3494535","DOI":"10.1145\/3494535"},{"key":"3_CR7","doi-asserted-by":"publisher","unstructured":"Carter, J., Mancoridis, S., Galinkin, E.: Fast, lightweight IoT anomaly detection using feature pruning and PCA. In: Proceedings of the 37th ACM\/SIGAPP Symposium on Applied Computing, SAC 2022, pp. 133\u2013138. Association for Computing Machinery, New York (2022). ISBN: 9781450387132. https:\/\/doi.org\/10.1145\/3477314.3508377","DOI":"10.1145\/3477314.3508377"},{"key":"3_CR8","doi-asserted-by":"publisher","unstructured":"Chen, Z., et al.: Machine learning-enabled IoT security: open issues and challenges under advanced persistent threats. ACM Comput. Surv. 55(5) (2022). ISSN: 0360-0300. https:\/\/doi.org\/10.1145\/3530812","DOI":"10.1145\/3530812"},{"key":"3_CR9","doi-asserted-by":"publisher","unstructured":"Chignell, M., et al.: The evolution of HCI and human factors: integrating human and artificial intelligence. ACM Trans. Comput.-Hum. Interact. (2022). ISSN: 1073-0516. https:\/\/doi.org\/10.1145\/3557891","DOI":"10.1145\/3557891"},{"key":"3_CR10","doi-asserted-by":"publisher","unstructured":"Clausen, H., Flood, R., Aspinall, D.: Traffic generation using containerization for machine learning. In: Proceedings of the 2019 Workshop on DYnamic and Novel Advances in Machine Learning and Intelligent Cyber Security, DYNAMICS 2019. Association for Computing Machinery, New York (2022). ISBN: 9781450384902. https:\/\/doi.org\/10.1145\/3464458.3464460","DOI":"10.1145\/3464458.3464460"},{"key":"3_CR11","unstructured":"MISP Community. Malware Information Sharing Platform (MISP) User Guide: A Threat Sharing Platform (2022). https:\/\/www.circl.lu\/doc\/misp\/book.pdf"},{"key":"3_CR12","unstructured":"MITRE Corporation. Cyber Threat Intelligence Repository Expressed in STIX 2.0 (2022). https:\/\/github.com\/mitre\/cti"},{"key":"3_CR13","unstructured":"MITRE Corporation. MITRE ATT &CK (2022). https:\/\/attack.mitre.org\/"},{"key":"3_CR14","unstructured":"MITRE Corporation. MITRE ATT &CK Navigator: Web app that provides basic navigation and annotation of ATT &CK matrices (2022). https:\/\/github.com\/mitre-attack\/attack-navigator"},{"key":"3_CR15","unstructured":"MITRE Corporation et al.: Finding Cyber Threats with ATT &CK Based Analytics (2017). https:\/\/www.mitre.org\/sites\/default\/files\/2021-11\/16-3713-finding-cyber-threats-with-attack-based-analytics.pdf"},{"key":"3_CR16","unstructured":"MITRE Corporation et al.: MITRE ATT &CK - Design and Philosophy (2020). https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf"},{"key":"3_CR17","unstructured":"MITRE Corporation et al.: MITRE ATT &CK for Industrial Control Systems: Design and Philosophy (2020). https:\/\/attack.mitre.org\/docs\/ATTACK_for_ICS_Philosophy_March_2020.pdf"},{"key":"3_CR18","doi-asserted-by":"publisher","unstructured":"Deochake, S., Channapattan, V.: Identity and access management framework for multi-tenant resources in hybrid cloud computing. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022. Association for Computing Machinery, New York (2022). ISBN: 9781450396707. https:\/\/doi.org\/10.1145\/3538969.3544896","DOI":"10.1145\/3538969.3544896"},{"key":"3_CR19","unstructured":"European Parliament. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation). European Parliament, Brussel (2016)"},{"key":"3_CR20","unstructured":"ExtraHop. How to Monitor Sensitive Data & Stop Exfiltration via the Network (2022). https:\/\/www.extrahop.com\/company\/blog\/2020\/monitor-sensitive-data-and-stop-exfiltration-via-the-network\/"},{"key":"3_CR21","doi-asserted-by":"publisher","unstructured":"Faulkenberry, A., et al.: View from above: exploring the malware ecosystem from the upper DNS hierarchy. In: Proceedings of the 38th Annual Computer Security Applications Conference, ACSAC 2022, pp. 240\u2013250. Association for Computing Machinery, New York (2022). ISBN: 9781450397599. https:\/\/doi.org\/10.1145\/3564625.3564646","DOI":"10.1145\/3564625.3564646"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Giani, A., Berk, V.H., Cybenko, G.V.: Data exfiltration and covert channels (2006). https:\/\/www.spiedigitallibrary.org\/conference-proceedings-of-spie\/6201\/620103\/Data-exfiltration-and-covert-channels\/10.1117\/12.670123.short","DOI":"10.1117\/12.670123"},{"key":"3_CR23","doi-asserted-by":"publisher","unstructured":"Gorbett, M., Shirazi, H., Ray, I.: WiP: the intrinsic dimensionality of IoT networks. In: Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies, SACMAT 2022, pp. 245\u2013250. Association for Computing Machinery, New York (2022). ISBN: 9781450393577. https:\/\/doi.org\/10.1145\/3532105.3535038","DOI":"10.1145\/3532105.3535038"},{"key":"3_CR24","doi-asserted-by":"publisher","unstructured":"de Gortari Briseno, J., Singh, A.D., Srivastava, M.: InkFiltration: using inkjet printers for acoustic data exfiltration from air-gapped networks. ACM Trans. Priv. Secur. 25(2) (2022). ISSN: 2471-2566. https:\/\/doi.org\/10.1145\/3510583","DOI":"10.1145\/3510583"},{"key":"3_CR25","doi-asserted-by":"publisher","unstructured":"Guan, Y., Li, Z., Xiong, G.: Research on novel TLS protocol network traffic management and monitoring method. In: Proceedings of the 7th International Conference on Cyber Security and Information Engineering, ICCSIE 2022, pp. 89\u201394. Association for Computing Machinery, New York (2022). ISBN: 9781450397414. https:\/\/doi.org\/10.1145\/3558819.3558835","DOI":"10.1145\/3558819.3558835"},{"key":"3_CR26","doi-asserted-by":"publisher","unstructured":"Guarascio, M., et al.: Revealing MageCart-like threats in favicons via artificial intelligence. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022. Association for Computing Machinery, New York (2022). ISBN: 9781450396707. https:\/\/doi.org\/10.1145\/3538969.3544437","DOI":"10.1145\/3538969.3544437"},{"key":"3_CR27","doi-asserted-by":"publisher","unstructured":"Hantke, F., Stock, B.: HTML violations and where to find them: a longitudinal analysis of specification violations in HTML. In: Proceedings of the 22nd ACM Internet Measurement Conference, IMC 2022, pp. 358\u2013373. Association for Computing Machinery, New York (2022). ISBN: 9781450392594. https:\/\/doi.org\/10.1145\/3517745.3561437","DOI":"10.1145\/3517745.3561437"},{"key":"3_CR28","unstructured":"Hernan, S., et al.: Uncover Security Design Flaws Using the STRIDE Approach (2019). https:\/\/learn.microsoft.com\/en-us\/archive\/msdn-magazine\/2006\/november\/uncover-security-design-flaws-using-the-stride-approach"},{"key":"3_CR29","doi-asserted-by":"publisher","unstructured":"Hittmeir, M., Mayer, R., Ekelhart, A.: Distance-based techniques for personal microbiome identification. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022. Association for Computing Machinery, New York (2022). ISBN: 9781450396707. https:\/\/doi.org\/10.1145\/3538969.3538985","DOI":"10.1145\/3538969.3538985"},{"key":"3_CR30","unstructured":"Illumio. Zero Trust Segmentation delivers Cyber Resilience (2022). https:\/\/www.illumio.com\/solutions\/cyber-resilience"},{"key":"3_CR31","doi-asserted-by":"publisher","unstructured":"Inam, M.A., et al.: FAuSt: striking a bargain between forensic auditing\u2019s security and throughput. In: Proceedings of the 38th Annual Computer Security Applications Conference, ACSAC 2022, pp. 813\u2013826. Association for Computing Machinery, New York (2022). ISBN: 9781450397599. https:\/\/doi.org\/10.1145\/3564625.3567990","DOI":"10.1145\/3564625.3567990"},{"key":"3_CR32","unstructured":"MISP Standard - Collaborative Intelligence. Malware Information Sharing Platform (MISP) Program (2022). https:\/\/www.misp-project.org\/"},{"key":"3_CR33","unstructured":"MISP Standard - Collaborative Intelligence. Python library using the MISP Rest API (2023). https:\/\/github.com\/MISP\/PyMISP"},{"key":"3_CR34","unstructured":"International Organization for Standardization. ISO\/IEC 27001:2022 Information security, cybersecurity and privacy protection\u2014Information security management systems\u2014Requirements (2022). https:\/\/www.iso.org\/standard\/82875.html"},{"key":"3_CR35","doi-asserted-by":"publisher","unstructured":"Joback, E., et al.: A statistical approach to detecting low-throughput exfiltration through the domain name system protocol. In: Proceedings of the 2020 Workshop on DYnamic and Novel Advances in Machine Learning and Intelligent Cyber Security, DYNAMICS 2020. Association for Computing Machinery, New York (2022). ISBN: 9781450387149. https:\/\/doi.org\/10.1145\/3477997.3478007","DOI":"10.1145\/3477997.3478007"},{"key":"3_CR36","doi-asserted-by":"publisher","unstructured":"Kalderemidis, I., et al.: GTM: game theoretic methodology for optimal cybersecurity defending strategies and investments. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022. Association for Computing Machinery, New York (2022). ISBN: 9781450396707. https:\/\/doi.org\/10.1145\/3538969.3544431","DOI":"10.1145\/3538969.3544431"},{"key":"3_CR37","doi-asserted-by":"publisher","unstructured":"Kapoor, M., et al.: Flurry: a fast framework for provenance graph generation for representation learning. In: Proceedings of the 31st ACM International Conference on Information & Knowledge Management, CIKM 2022, pp. 4887\u20134891. Association for Computing Machinery, New York (2022). ISBN: 9781450392365. https:\/\/doi.org\/10.1145\/3511808.3557200","DOI":"10.1145\/3511808.3557200"},{"key":"3_CR38","doi-asserted-by":"publisher","unstructured":"Karagiannis, S., et al.: A-DEMO: ATT &CK documentation, emulation and mitigation operations: deploying and documenting realistic cyberattack scenarios - a rootkit case study. In: 25th Pan-Hellenic Conference on Informatics, PCI 2021, pp. 328\u2013333. Association for Computing Machinery, New York (2022). ISBN: 9781450395557. https:\/\/doi.org\/10.1145\/3503823.3503884","DOI":"10.1145\/3503823.3503884"},{"key":"3_CR39","doi-asserted-by":"publisher","unstructured":"Kumar, N., Handa, A., Shukla, S.K.: RBMon: real time system behavior monitoring tool. In: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2022, pp. 1228\u20131230. Association for Computing Machinery, New York (2022). ISBN: 9781450391405. https:\/\/doi.org\/10.1145\/3488932.3527289","DOI":"10.1145\/3488932.3527289"},{"key":"3_CR40","doi-asserted-by":"publisher","unstructured":"Ladisa, P., et al.: Towards the detection of malicious Java packages. In: Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, SCORED 2022, pp. 63\u201372. Association for Computing Machinery, New York (2022). ISBN: 9781450398855. https:\/\/doi.org\/10.1145\/3560835.3564548","DOI":"10.1145\/3560835.3564548"},{"key":"3_CR41","doi-asserted-by":"publisher","unstructured":"Lamsh\u00f6ft, K., Dittmann, J.: Covert channels in network time security. In: Proceedings of the 2022 ACM Workshop on Information Hiding and Multimedia Security, IH & MMSec 2022, pp. 69\u201379. Association for Computing Machinery, New York (2022). ISBN: 9781450393553. https:\/\/doi.org\/10.1145\/3531536.3532947","DOI":"10.1145\/3531536.3532947"},{"key":"3_CR42","doi-asserted-by":"publisher","unstructured":"Landauer, M., et al.: A framework for automatic labeling of log datasets from model-driven testbeds for HIDS evaluation. In: Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, Sat-CPS 2022, pp. 77\u201386. Association for Computing Machinery, New York (2022). ISBN: 9781450392297. https:\/\/doi.org\/10.1145\/3510547.3517924","DOI":"10.1145\/3510547.3517924"},{"key":"3_CR43","doi-asserted-by":"publisher","unstructured":"Lang, M., et al.: The evolving menace of ransomware: a comparative analysis of pre-pandemic and mid-pandemic attacks. Digit. Threats (2022). ISSN: 2692-1626. https:\/\/doi.org\/10.1145\/3558006","DOI":"10.1145\/3558006"},{"key":"3_CR44","doi-asserted-by":"publisher","unstructured":"Liu, Y., et al.: RAPID: real-time alert investigation with context-aware prioritization for efficient threat discovery. In: Proceedings of the 38th Annual Computer Security Applications Conference, ACSAC 2022, pp. 827\u2013840. Association for Computing Machinery, New York (2022). ISBN: 9781450397599. https:\/\/doi.org\/10.1145\/3564625.3567997","DOI":"10.1145\/3564625.3567997"},{"key":"3_CR45","doi-asserted-by":"publisher","unstructured":"Lyu, M., Gharakheili, H.H., Sivaraman, V.: A survey on DNS encryption: current development, malware misuse, and inference techniques. ACM Comput. Surv. 55(8) (2022). ISSN: 0360-0300. https:\/\/doi.org\/10.1145\/3547331","DOI":"10.1145\/3547331"},{"key":"3_CR46","doi-asserted-by":"publisher","unstructured":"Mahdavifar, S., et al.: Lightweight hybrid detection of data exfiltration using DNS based on machine learning. In: 2021 the 11th International Conference on Communication and Network Security, ICCNS 2021, pp. 80\u201386. Association for Computing Machinery, New York (2022). ISBN: 9781450386425. https:\/\/doi.org\/10.1145\/3507509.3507520","DOI":"10.1145\/3507509.3507520"},{"key":"3_CR47","doi-asserted-by":"publisher","unstructured":"Mahmod, J., Hicks, M.: SRAM has no chill: exploiting power domain separation to steal on-chip secrets. In: Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2022, pp. 1043\u20131055. Association for Computing Machinery, New York (2022). ISBN: 9781450392051. https:\/\/doi.org\/10.1145\/3503222.3507710","DOI":"10.1145\/3503222.3507710"},{"key":"3_CR48","doi-asserted-by":"publisher","unstructured":"Martins, C., Medeiros, I.: Generating quality threat intelligence leveraging OSINT and a cyber threat unified taxonomy. ACM Trans. Priv. Secur. 25(3) (2022). ISSN: 2471-2566. https:\/\/doi.org\/10.1145\/3530977","DOI":"10.1145\/3530977"},{"key":"3_CR49","doi-asserted-by":"crossref","unstructured":"Mundt, M., Baier, H.: Towards Mitigation of Data Exfiltration Techniques using the MITRE ATT &CK Framework (2022). https:\/\/www.unibw.de\/digfor\/publikationen\/pdf\/2021-12-icdf2c-mundt-baier.pdf","DOI":"10.1007\/978-3-031-06365-7_9"},{"key":"3_CR50","unstructured":"Microsoft. Microsoft Threat Modeling Tool (2022). https:\/\/learn.microsoft.com\/en-us\/azure\/security\/develop\/threat-modeling-tool"},{"key":"3_CR51","unstructured":"Microsoft. Microsoft Threat Modeling Tool threats (2022). https:\/\/learn.microsoft.com\/en-us\/azure\/security\/develop\/threat-modeling-tool-threats"},{"key":"3_CR52","unstructured":"MITRE. MITRE ATT &CK framework (2021). https:\/\/attack.mitre.org\/"},{"key":"3_CR53","doi-asserted-by":"publisher","unstructured":"Mohammed, A.S., et al.: Cybersecurity challenges in the offshore oil and gas industry: an industrial cyber-physical systems (ICPS) perspective. ACM Trans. Cyber-Phys. Syst. 6(3) (2022). ISSN: 2378-962X. https:\/\/doi.org\/10.1145\/3548691","DOI":"10.1145\/3548691"},{"key":"3_CR54","doi-asserted-by":"publisher","unstructured":"Moiz, A., Alalfi, M.H.: A survey of security vulnerabilities in Android automotive apps. In: Proceedings of the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems, EnCyCriS 2022, pp. 17\u201324. Association for Computing Machinery, New York (2022). ISBN: 9781450392907. https:\/\/doi.org\/10.1145\/3524489.3527300","DOI":"10.1145\/3524489.3527300"},{"key":"3_CR55","doi-asserted-by":"publisher","unstructured":"Moure-Garrido, M., Campo, C., Garcia-Rubio, C.: Detecting malicious use of DOH tunnels using statistical traffic analysis. In: Proceedings of the 19th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, PE-WASUN 2022, pp. 25\u201332. Association for Computing Machinery, New York (2022). ISBN: 9781450394833. https:\/\/doi.org\/10.1145\/3551663.3558605","DOI":"10.1145\/3551663.3558605"},{"key":"3_CR56","first-page":"1","volume":"23","author":"M Mundt","year":"2022","unstructured":"Mundt, M., Baier, H.: Threat-based simulation of data exfiltration towards mitigating multiple ransomware extortion. Digit. Threats Res. Pract. 23, 1\u201323 (2022)","journal-title":"Digit. Threats Res. Pract."},{"key":"3_CR57","doi-asserted-by":"publisher","unstructured":"Mundt, M., Baier, H.: Threat-based simulation of data exfiltration towards mitigating multiple ransomware extortions. Digit. Threats (2022). ISSN: 2692-1626. https:\/\/doi.org\/10.1145\/3568993","DOI":"10.1145\/3568993"},{"key":"3_CR58","doi-asserted-by":"publisher","unstructured":"Oz, H., et al.: A survey on ransomware: evolution, taxonomy, and defense solutions. ACM Comput. Surv. 54(11s) (2022). ISSN: 0360-0300. https:\/\/doi.org\/10.1145\/3514229","DOI":"10.1145\/3514229"},{"key":"3_CR59","unstructured":"Payne, B., Mienie, E.: Multiple-extortion ransomware: the case for active cyber threat intelligence. In: ECCWS 2021 20th European Conference on Cyber Warfare and Security, vol. 6, pp. 331\u2013336 (2021)"},{"key":"3_CR60","doi-asserted-by":"publisher","unstructured":"P\u00f6hn, D., Hommel, W.: TaxidMA: towards a taxonomy for attacks related to identities. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022. Association for Computing Machinery, New York (2022). ISBN: 9781450396707. https:\/\/doi.org\/10.1145\/3538969.3544430","DOI":"10.1145\/3538969.3544430"},{"key":"3_CR61","doi-asserted-by":"publisher","unstructured":"Pradeep, A., et al.: A comparative analysis of certificate pinning in Android & iOS. In: Proceedings of the 22nd ACM Internet Measurement Conference, IMC 2022, pp. 605\u2013618. Association for Computing Machinery, New York (2022). ISBN: 9781450392594. https:\/\/doi.org\/10.1145\/3517745.3561439","DOI":"10.1145\/3517745.3561439"},{"key":"3_CR62","doi-asserted-by":"crossref","unstructured":"Sahu, I.K., Nene, M.J.: Model for IaaS Security Model: MISP Framework (2021). https:\/\/ieeexplore.ieee.org\/abstract\/document\/9498375","DOI":"10.3233\/APC210188"},{"key":"3_CR63","doi-asserted-by":"crossref","unstructured":"Scandariato, R., Wuyts, K., Joosen, W.: A descriptive study of Microsoft\u2019s threat modeling technique (2013). https:\/\/link.springer.com\/article\/10.1007\/s00766-013-0195-2","DOI":"10.1007\/s00766-013-0195-2"},{"key":"3_CR64","doi-asserted-by":"publisher","unstructured":"Shen, J., et al.: Gringotts: fast and accurate internal denial-of-wallet detection for serverless computing. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, pp. 2627\u20132641. Association for Computing Machinery, New York (2022). ISBN: 9781450394505. https:\/\/doi.org\/10.1145\/3548606.3560629","DOI":"10.1145\/3548606.3560629"},{"key":"3_CR65","doi-asserted-by":"publisher","unstructured":"Shreeve, B., et al.: Making sense of the unknown: how managers make cyber security decisions. ACM Trans. Softw. Eng. Methodol. (2022). ISSN: 1049-331X. https:\/\/doi.org\/10.1145\/3548682","DOI":"10.1145\/3548682"},{"key":"3_CR66","doi-asserted-by":"crossref","unstructured":"Stoleriu, R., Puncioiu, A., Bica, I.: Cyber attacks detection using open source ELK stack (2021). https:\/\/ieeexplore.ieee.org\/abstract\/document\/9515120","DOI":"10.1109\/ECAI52376.2021.9515120"},{"key":"3_CR67","doi-asserted-by":"publisher","unstructured":"Sun, Z., et al.: Recent advances in LoRa: a comprehensive survey. ACM Trans. Sen. Netw. 18(4) (2022). ISSN: 1550-4859. https:\/\/doi.org\/10.1145\/3543856","DOI":"10.1145\/3543856"},{"key":"3_CR68","first-page":"1","volume":"57","author":"F Ullah","year":"2018","unstructured":"Ullah, F., et al.: Data exfiltration: a review of external attack vectors and countermeasures. Univ. Bristol Bristol Res. 57, 1\u201357 (2018)","journal-title":"Univ. Bristol Bristol Res."},{"key":"3_CR69","doi-asserted-by":"crossref","unstructured":"Vaccari, I., et al.: Exploiting Internet of Things protocols for malicious data exfiltration activities (2021). https:\/\/ieeexplore.ieee.org\/abstract\/document\/9493887","DOI":"10.1109\/ACCESS.2021.3099642"},{"key":"3_CR70","unstructured":"Vandeplas, C., Iklody, A.: Malware information sharing platform core software - open source threat intelligence and sharing platform (2022). https:\/\/github.com\/MISP\/MISP"},{"key":"3_CR71","doi-asserted-by":"publisher","unstructured":"Wala, F.B., Cotton, C.: \u201coff-label\u201d use of DNS. Digit. Threats 3(3) (2022). ISSN: 2692-1626. https:\/\/doi.org\/10.1145\/3491261","DOI":"10.1145\/3491261"},{"key":"3_CR72","doi-asserted-by":"publisher","unstructured":"Zeng, J., Zhang, C., Liang, Z.: Palant\u00edr: optimizing attack provenance with hardware-enhanced system observability. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, pp. 3135\u20133149. Association for Computing Machinery, New York (2022). ISBN: 9781450394505. https:\/\/doi.org\/10.1145\/3548606.3560570","DOI":"10.1145\/3548606.3560570"},{"key":"3_CR73","doi-asserted-by":"publisher","unstructured":"Zeng, Z., Chung, C.-J., Xie, L.: Security challenges for modern data centers with IoT: a preliminary study. In: Companion Proceedings of the Web Conference 2022, WWW 2022, pp. 555\u2013562. Association for Computing Machinery, New York (2022). ISBN: 9781450391306. https:\/\/doi.org\/10.1145\/3487553.3524857","DOI":"10.1145\/3487553.3524857"},{"key":"3_CR74","doi-asserted-by":"publisher","unstructured":"Zipperle, M., et al.: Provenance-based intrusion detection systems: a survey. ACM Comput. Surv. 55(7) (2022). ISSN: 0360-0300. https:\/\/doi.org\/10.1145\/3539605","DOI":"10.1145\/3539605"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Digital Forensics and Cyber Crime"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-56580-9_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,2]],"date-time":"2024-04-02T05:07:00Z","timestamp":1712034420000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-56580-9_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031565793","9783031565809"],"references-count":74,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-56580-9_3","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"3 April 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICDF2C","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Digital Forensics and Cyber Crime","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New York, NY","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icdf2c2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Confy +","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"105","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"41","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"39% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}