{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T02:41:09Z","timestamp":1743043269228,"version":"3.40.3"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319123998"},{"type":"electronic","value":"9783319124001"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-12400-1_31","type":"book-chapter","created":{"date-parts":[[2014,10,28]],"date-time":"2014-10-28T15:15:00Z","timestamp":1414509300000},"page":"321-333","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["On the Reliability of Network Measurement Techniques Used for Malware Traffic Analysis"],"prefix":"10.1007","author":[{"given":"Joseph","family":"Gardiner","sequence":"first","affiliation":[]},{"given":"Shishir","family":"Nagaraja","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,10,29]]},"reference":[{"key":"31_CR1","unstructured":"AT&T global networking facts. http:\/\/www.corp.att.com\/gov\/about_ags\/fact_sheet"},{"key":"31_CR2","unstructured":"The CAIDA UCSD Anonymized Internet Traces 2012. http:\/\/www.caida.org\/data\/passive\/passive_2012_dataset.xml. Accessed 20 March 2013"},{"key":"31_CR3","doi-asserted-by":"crossref","unstructured":"Cantieni, G.R., Iannaccone, G., Barakat, C., Diot, C., Thiran, P.: Reformulating the monitor placement problem: Optimal network-wide sampling. In: Proceedings of the 2006 ACM CoNEXT Conference, CoNEXT \u201906, pp. 5:1\u20135:12. ACM, New York (2006)","DOI":"10.1145\/1368436.1368444"},{"key":"31_CR4","unstructured":"Cisco Systems Inc., Cisco IOS Netflow. http:\/\/www.cisco.com\/web\/go\/netflow"},{"key":"31_CR5","doi-asserted-by":"crossref","unstructured":"Cohen, E., Duffield, N.G., Kaplan, H., Lund, C., Thorup, M.: Stream sampling for variance-optimal estimation of subset sums. In: Mathieu, C. (ed.) Proceedings of ACM-SIAM Symposium on Discrete Algorithms, pp. 1255\u20131264. SIAM (2009)","DOI":"10.1137\/1.9781611973068.136"},{"key":"31_CR6","doi-asserted-by":"crossref","unstructured":"Cranor, C., Johnson, T., Spataschek, O., Shkapenyuk, V.: Gigascope: a stream database for network applications. In: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, SIGMOD \u201903, pp. 647\u2013651. ACM, New York (2003)","DOI":"10.1145\/872757.872838"},{"issue":"5","key":"31_CR7","doi-asserted-by":"publisher","first-page":"1756","DOI":"10.1109\/TIT.2005.846400","volume":"51","author":"N Duffield","year":"2005","unstructured":"Duffield, N., Lund, C., Thorup, M.: Learn more, sample less: control of volume and variance in network measurement. IEEE Trans. Inf. Theory 51(5), 1756\u20131775 (2005)","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"3","key":"31_CR8","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1145\/859716.859719","volume":"21","author":"C Estan","year":"2003","unstructured":"Estan, C., Varghese, G.: New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice. ACM Trans. Comput. Syst. 21(3), 270\u2013313 (2003)","journal-title":"ACM Trans. Comput. Syst."},{"key":"31_CR9","unstructured":"Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS \u201907, pp. 375\u2013388. ACM, New York (2007)"},{"issue":"260","key":"31_CR10","doi-asserted-by":"publisher","first-page":"663","DOI":"10.1080\/01621459.1952.10483446","volume":"47","author":"DG Horvitz","year":"1952","unstructured":"Horvitz, D.G., Thompson, D.J.: A generalization of sampling without replacement from a finite universe. J. Am. Stat. Assoc. 47(260), 663\u2013685 (1952)","journal-title":"J. Am. Stat. Assoc."},{"key":"31_CR11","unstructured":"Hutchins, E.M., Clopperty, M.J., Amin, R.M.: Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Technical report, Lockheed Martin Corporation, 2010. http:\/\/www.lockheedmartin.com\/content\/dam\/lockheed\/data\/corporate\/documents\/LM-White-Paper-Intel-Driven-Defense.pdf"},{"key":"31_CR12","unstructured":"Krebs, B.: Security Firm Bit9 Hacked, Used to Spread Malware. Krebs on Security, 13 Feb 2013. http:\/\/krebsonsecurity.com\/2013\/02\/security-firm-bit9-hacked-used-to-spread-malware\/"},{"key":"31_CR13","unstructured":"Mandiant. APT1: Exposing One of Chinas Cyber Espionage Units. Technical report, 2013. http:\/\/intelreport.mandiant.com\/Mandiant_APT1_Report.pdf"},{"key":"31_CR14","unstructured":"Nagaraja, S., Anderson, R.: The snooping dragon: social-malware surveillance of the tibetan movement. Technical Report UCAM-CL-TR-746, University of Cambridge, (2009)"},{"key":"31_CR15","unstructured":"Nakashima, E.: Confidential report lists U.S. weapons system designs compromised by Chinese cyberspies. The Washington Post, 27 May 2013. http:\/\/articles.washingtonpost.com\/2013-05-27\/world\/39554997_1_u-s-missile-defenses-weapons-combat-aircraft"},{"key":"31_CR16","unstructured":"Perlroth, N.: Hackers in China Attacked The Times for Last 4 Months. The New York Times, 30 January 2013. http:\/\/www.nytimes.com\/2013\/01\/31\/technology\/chinese-hackers-infiltrate-new-york-times-computers.html"},{"key":"31_CR17","unstructured":"Polychronakis, M., Mavrommatis, P., Provos, N.:. Ghost turns zombie: Exploring the life cycle of web-based malware. In: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, LEET\u201908, pp. 11:1\u201311:8. USENIX Association, Berkeley (2008)"},{"issue":"4","key":"31_CR18","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1145\/1498765.1498782","volume":"52","author":"N Provos","year":"2009","unstructured":"Provos, N., Rajab, M.A., Mavrommatis, P.: Cybercrime 2.0: When the cloud turns dark. Commun. ACM 52(4), 42\u201347 (2009)","journal-title":"Commun. ACM"},{"key":"31_CR19","unstructured":"Sekar, V., Reiter, M.K., Willinger, W., Zhang, H., Kompella, R.R., Andersen, D.G.: Csamp: a system for network-wide flow monitoring. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, NSDI\u201908, pp. 233\u2013246. USENIX Association, Berkeley (2008)"},{"key":"31_CR20","unstructured":"TrendLabs APT Research Team. Spear-Phishing Email: Most Favored APT Attack Bait. Technical report, Trend Micro Incorporated, 2012. http:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp-spear-phishing-email-most-favored-apt-attack-bait.pdf"},{"key":"31_CR21","unstructured":"Yu, M., Jose, L., Miao, R.: Software defined traffic measurement with opensketch. In: Proceedings of the 10th USENIX Conference on Networked Systems Design and Implementation, NSDI\u201913, pp. 29\u201342. USENIX Association, Berkeley (2013)"}],"container-title":["Lecture Notes in Computer Science","Security Protocols XXII"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-12400-1_31","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,31]],"date-time":"2023-01-31T01:18:25Z","timestamp":1675127905000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-12400-1_31"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319123998","9783319124001"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-12400-1_31","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]},"assertion":[{"value":"29 October 2014","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}