{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,2]],"date-time":"2025-06-02T04:05:58Z","timestamp":1748837158543,"version":"3.41.0"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319315492"},{"type":"electronic","value":"9783319315508"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-31550-8_6","type":"book-chapter","created":{"date-parts":[[2016,3,22]],"date-time":"2016-03-22T14:26:20Z","timestamp":1458656780000},"page":"84-96","source":"Crossref","is-referenced-by-count":1,"title":["A Signature Generation Approach Based on Clustering for Polymorphic Worm"],"prefix":"10.1007","author":[{"given":"Jie","family":"Wang","sequence":"first","affiliation":[]},{"given":"Xiaoxian","family":"He","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,3,16]]},"reference":[{"issue":"12","key":"6_CR1","doi-asserted-by":"publisher","first-page":"3471","DOI":"10.1016\/j.comnet.2007.02.006","volume":"51","author":"S Antonatos","year":"2007","unstructured":"Antonatos, S., Akritidis, P., Markatos, E.P., Anagnostakis, K.G.: Defending against hitlist worms using network address space randomization. Comput. Netw. 51(12), 3471\u20133490 (2007)","journal-title":"Comput. Netw."},{"doi-asserted-by":"crossref","unstructured":"Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of ACM Conference on Computer and Communications Security (CCS 2012), New Carolina, pp. 833\u2013844, October 2012","key":"6_CR2","DOI":"10.1145\/2382196.2382284"},{"issue":"3","key":"6_CR3","doi-asserted-by":"publisher","first-page":"4672","DOI":"10.1016\/j.eswa.2008.06.037","volume":"36","author":"WC Sun","year":"2009","unstructured":"Sun, W.C., Chen, Y.M.: A rough set approach for automatic key attributes indentification of zero-day polymorphic worms. Expert Syst. Appl. 36(3), 4672\u20134679 (2009)","journal-title":"Expert Syst. Appl."},{"unstructured":"Mohammed, M.M.Z.E., Chan, H.A., Ventura, N., Hashim, M., Bashier, E.: Fast and accurate detection for polymorphic worms. In: Proceedings of Internetional Conference for Internet Technology and Secured Transactions, pp. 1\u20136 (2010)","key":"6_CR4"},{"doi-asserted-by":"crossref","unstructured":"Comar, P.M., Liu, L., Saha, S., Tan, P.N., Nucci, A.: Combining supervised and unsupervised learning for zero-day malware detection. In: Proceedings of 32nd Annual IEEE International Conference on Computer Communications (INFOCOM 2013), Turin, Italy, pp. 2022\u20132030, April 2013","key":"6_CR5","DOI":"10.1109\/INFCOM.2013.6567003"},{"issue":"2","key":"6_CR6","doi-asserted-by":"publisher","first-page":"832","DOI":"10.1016\/j.comnet.2011.11.007","volume":"56","author":"B Bayoglu","year":"2012","unstructured":"Bayoglu, B., Sogukpinar, L.: Graph based signature classes for detecting polymorphic worms via content analysis. Comput. Netw. 56(2), 832\u2013844 (2012)","journal-title":"Comput. Netw."},{"issue":"4","key":"6_CR7","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1109\/TC.2010.130","volume":"60","author":"Y Tang","year":"2011","unstructured":"Tang, Y., Xiao, B., Lu, X.: Signature tree generation for polymorphic worms. IEEE Trans. Comput. 60(4), 565\u2013579 (2011)","journal-title":"IEEE Trans. Comput."},{"issue":"1","key":"6_CR8","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1016\/j.jnca.2012.05.003","volume":"36","author":"C Modi","year":"2013","unstructured":"Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., Rajarajan, M.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36(1), 42\u201357 (2013)","journal-title":"J. Netw. Comput. Appl."},{"issue":"2","key":"6_CR9","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1109\/TDSC.2007.1000","volume":"5","author":"M Cai","year":"2007","unstructured":"Cai, M., Hwang, K., Pan, J., Christos, P.: WormShield: fast worm signature generation with distributed fingerprint aggregation. IEEE Trans. Dependable Secure Comput. 5(2), 88\u2013104 (2007)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"doi-asserted-by":"crossref","unstructured":"Ranjan, S., Shah, S., Nucci, A., Munafo, M., Cruz, R., Muthukrishnan, S.: DoWitcher: effective worm detection and containment in the internet core. In: IEEE Infocom, Anchorage, Alaskapp, pp. 2541\u20132545 (2007)","key":"6_CR10","DOI":"10.1109\/INFCOM.2007.317"},{"issue":"11","key":"6_CR11","doi-asserted-by":"publisher","first-page":"1256","DOI":"10.1016\/j.comnet.2006.09.005","volume":"51","author":"G Portokalidis","year":"2007","unstructured":"Portokalidis, G., Bos, H.: SweetBait: zero-hour worm detection and containment using low- and high-interaction honeypots. Comput. Netw. 51(11), 1256\u20131274 (2007)","journal-title":"Comput. Netw."},{"doi-asserted-by":"crossref","unstructured":"Yegneswaran, V., et al.: An architecture for generating semantics-aware signatures. In: Proceedings of the 14th conference on USENIX Security Symposium. USENIX Association, Berkeley (2005)","key":"6_CR12","DOI":"10.21236\/ADA449063"},{"doi-asserted-by":"crossref","unstructured":"Newsome, J., Karp, B., Song, D.: Polygraph: automatically generation signatures for polymorphic worms. In: Proceedings of 2005 IEEE Symposium on Security and Privacy Symposium, Oakland, pp. 226\u2013241 (2005)","key":"6_CR13","DOI":"10.1109\/SP.2005.15"},{"unstructured":"Li, Z., Sanghi, M., Chen, Y., Kao, M., Chavez, B.: Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience. In: Proceedings of IEEE Symposium on Security and Privacy, Washington, DC, pp. 32\u201347 (2006)","key":"6_CR14"},{"doi-asserted-by":"crossref","unstructured":"Cavallaro, L., Lanzi, A., Mayer, L., Monga, M.: LISABETH: automatedcontent-based signature generator for zero-day polymorphic worms. In: Proceedings of the Fourth International Workshop on Software Engineering for Secure Systems, Leipzig, pp. 41\u201348 (2008)","key":"6_CR15","DOI":"10.1145\/1370905.1370911"},{"doi-asserted-by":"crossref","unstructured":"Bayoglu, B., Sogukpinar, L.: Polymorphic worm detection using token-pair signatures. In: Proceedings of the 4th International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, Sorrento, Italy, pp. 7\u201312 (2008)","key":"6_CR16","DOI":"10.1145\/1387329.1387331"},{"issue":"10","key":"6_CR17","first-page":"2599","volume":"21","author":"J Wang","year":"2010","unstructured":"Wang, J., Wang, J.X., Chen, J.E., Zhang, X.: An automated signature generation approach for polymorphic worm based on color coding. J. Softw. 21(10), 2599\u20132609 (2010)","journal-title":"J. Softw."},{"key":"6_CR18","doi-asserted-by":"publisher","first-page":"827","DOI":"10.1016\/j.cose.2009.06.003","volume":"288","author":"Y Tang","year":"2009","unstructured":"Tang, Y., Xiao, B., Lu, X.: Using a bioinformatics approach to generate accurate exploit-based signatures for polymorphic worms. Comput. Secur. 288, 827\u2013842 (2009)","journal-title":"Comput. Secur."},{"key":"6_CR19","doi-asserted-by":"publisher","first-page":"879","DOI":"10.1109\/TPDS.2007.1050","volume":"18","author":"Y Tang","year":"2007","unstructured":"Tang, Y., Chen, S.: An automated signature-based approach against polymorphic internet worms. IEEE Trans. Parallel Distrib. Syst. 18, 879\u2013892 (2007)","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"8","key":"6_CR20","first-page":"150","volume":"32","author":"J Wang","year":"2011","unstructured":"Wang, J., Wang, J.X., Sheng, Y., Chen, J.E.: Novel approach based on neighborhood relation signature against polymorphic internet worms. J. Commun. 32(8), 150\u2013158 (2011)","journal-title":"J. Commun."}],"container-title":["Lecture Notes in Computer Science","Trusted Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-31550-8_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T22:21:13Z","timestamp":1748816473000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-31550-8_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319315492","9783319315508"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-31550-8_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}