{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,28]],"date-time":"2025-08-28T12:52:23Z","timestamp":1756385543485,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319171715"},{"type":"electronic","value":"9783319171722"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-17172-2_11","type":"book-chapter","created":{"date-parts":[[2015,4,16]],"date-time":"2015-04-16T03:04:26Z","timestamp":1429153466000},"page":"158-172","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["How Dangerous Is Internet Scanning?"],"prefix":"10.1007","author":[{"given":"Elias","family":"Raftopoulos","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eduard","family":"Glatz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xenofontas","family":"Dimitropoulos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alberto","family":"Dainotti","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,4,17]]},"reference":[{"key":"11_CR1","unstructured":"Anonymous postmasters early warning system. \n http:\/\/www.apews.org"},{"key":"11_CR2","unstructured":"Dshield: Internet storm center (2014). \n http:\/\/www.dshield.org\/"},{"key":"11_CR3","unstructured":"Shadowserver foundation (2014). \n https:\/\/www.shadowserver.org\/"},{"key":"11_CR4","unstructured":"Threatexpert - automated threat analysis (2014). \n http:\/\/www.threatexpert.com\/"},{"key":"11_CR5","unstructured":"Bacher, P., Holz, T., Kotter, M., Wicherski, G.: Know your enemy: Tracking botnets (2008). \n http:\/\/www.honeynet.org\/papers\/bots"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Xu, Y., Karir, M.: A survey of botnet technology and defenses. In: CATCH 2009, Washington, District of Columbia, USA (2009)","DOI":"10.1109\/CATCH.2009.40"},{"key":"11_CR7","unstructured":"Barford, P., Yegneswaran, V.: An inside look at botnets. In: Malware Detection, Advances in Information Security, vol. 27 (2007)"},{"key":"11_CR8","unstructured":"Cooke, E., Jahanian, F., Mcpherson, D.: The zombie roundup: Understanding, detecting, and disrupting botnets, pp. 39\u201344 (2005)"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Dainotti, A., King, A., Claffy, K., Papale, F., Pescap, A.: Analysis of a \u201c\/0\u201d stealth scan from a botnet. In: ACM IMC 2012 (2012)","DOI":"10.1145\/2398776.2398778"},{"key":"11_CR10","unstructured":"Durumeric,Z., Wustrow, E., Halderman, J.A.: ZMap: fast internet-wide scanning and its securityapplications. In: USENIX 2013 (2013)"},{"key":"11_CR11","unstructured":"Dimitropoulos, X., Raftopoulos, E., Glatz, E., Dainotti, A.: The days after a \u201c\/0\" scan from the sality botnet (2014), Technical Report 358. \n http:\/\/www.csg.ethz.ch\/people\/rilias\/publications\/Sality_RaDi14.pdf"},{"key":"11_CR12","unstructured":"Falliere, N.: A distributed cracker for voip (2011)"},{"key":"11_CR13","unstructured":"Falliere, N.: Sality: Story of a peer-to-peer viral network (2011)"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Freiling, F.C., Holz, T., Wicherski, G.: Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks (2005)","DOI":"10.1007\/11555827_19"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Glatz, E., Dimitropoulos, X.: Classifying internet one-way traffic. In: Proc. of the 2012 ACM Conf. on Internet Measurement. ACM, NY (2012)","DOI":"10.1145\/2398776.2398781"},{"key":"11_CR16","unstructured":"Gu, G., Junjie, Z., Lee, W.: BotSniffer: detecting botnet command and control channels in network traffic. In: NSDI (2008)"},{"key":"11_CR17","unstructured":"Holz, T., Steiner, M., Dahl, F., Biersack, E., Freiling, F.: Measurements and mitigation of peer-to-peer-based botnets: a casestudy on storm worm. In: LEET 2008 (2008)"},{"key":"11_CR18","unstructured":"Julisch, K., Dacier, M.: Mining intrusion detection alarms for actionable knowledge. In: The 8th ACM Conference on Knowledge Discovery and Data Mining"},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Robertson, W.: Alert verification - determining the success of intrusion attempts. In: DIMVA (2004)","DOI":"10.1515\/PIKO.2004.219"},{"key":"11_CR20","unstructured":"Li, Z., Goyal, A., Chen, Y., Paxson, V.: Towards situational awareness of large-scale botnet probing events. Transactions on Information Forensics and Security"},{"key":"11_CR21","unstructured":"MaxMind Lite. \n http:\/\/dev.maxmind.com\/geoip\/legacy\/geolite\/"},{"key":"11_CR22","doi-asserted-by":"crossref","unstructured":"Raftopoulos, E., Dimitropoulos, X.: Detecting, validating and characterizing computer infections in the wild. In: Proceedings of IMC (2011)","DOI":"10.1145\/2068816.2068820"},{"key":"11_CR23","unstructured":"Raftopoulos, E., Dimitropoulos, X.: A quality metric for ids signatures: In the wild the size matters. EURASIP Journal on Information Security"},{"key":"11_CR24","unstructured":"Rajab, M.A., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: Proc. of the ACM IMC 2006 Conference (2006)"},{"key":"11_CR25","doi-asserted-by":"crossref","unstructured":"Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: Sip: Session initiation protocol (2002)","DOI":"10.17487\/rfc3261"},{"key":"11_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"242","DOI":"10.1007\/978-3-642-23644-0_13","volume-title":"Recent Advances in Intrusion Detection","author":"S Shin","year":"2011","unstructured":"Shin, S., Lin, R., Gu, G.: Cross-analysis of botnet victims: new insights and implications. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 242\u2013261. Springer, Heidelberg (2011)"},{"key":"11_CR27","unstructured":"Stone-gross, B., Cova, M., Cavallaro, L., Gilbert, B., Szydlowski, M., Kemmerer, R., Kruegel, C., Vigna, G.: Your botnet is my botnet: Analysis of a botnet takeover"},{"key":"11_CR28","unstructured":"Yegneswaran, V., Barford, P., Paxson, V.: Using honeynets for internet situational awareness. In: HotNets IV (2005)"}],"container-title":["Lecture Notes in Computer Science","Traffic Monitoring and Analysis"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-17172-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,19]],"date-time":"2019-05-19T23:40:39Z","timestamp":1558309239000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-17172-2_11"}},"subtitle":["A Measurement Study of the Aftermath of an Internet-Wide Scan"],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319171715","9783319171722"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-17172-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"17 April 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}