{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,23]],"date-time":"2025-07-23T12:26:04Z","timestamp":1753273564469,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319600796"},{"type":"electronic","value":"9783319600802"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-60080-2_3","type":"book-chapter","created":{"date-parts":[[2017,6,1]],"date-time":"2017-06-01T10:40:06Z","timestamp":1496313606000},"page":"34-49","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Supervised Detection of Infected Machines Using Anti-virus Induced Labels"],"prefix":"10.1007","author":[{"given":"Tomer","family":"Cohen","sequence":"first","affiliation":[]},{"given":"Danny","family":"Hendler","sequence":"additional","affiliation":[]},{"given":"Dennis","family":"Potashnik","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,6,2]]},"reference":[{"key":"3_CR1","unstructured":"Hadoop distributed file system. \n                    http:\/\/hadoop.apache.org\/"},{"key":"3_CR2","unstructured":"Spark cluster computing. \n                    http:\/\/spark.apache.org\/"},{"key":"3_CR3","unstructured":"Antonakakis, M., Perdisci, R., Nadji, Y., Vasiloglou II, N., Abu-Nimeh, S., Lee, W., Dagon, D.: From throw-away traffic to bots: Detecting the rise of DGA-based malware. In: USENIX Security Symposium, vol.12 (2012)"},{"key":"3_CR4","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1016\/j.comnet.2016.03.021","volume":"109","author":"E Bocchi","year":"2016","unstructured":"Bocchi, E., Grimaudo, L., Mellia, M., Baralis, E., Saha, S., Miskovic, S., Modelo-Howard, G., Lee, S.-J.: Magma network behavior classifier for malware traffic. Comput. Netw. 109, 142\u2013156 (2016)","journal-title":"Comput. Netw."},{"issue":"2","key":"3_CR5","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1016\/j.comnet.2012.06.019","volume":"57","author":"CJ Dietrich","year":"2013","unstructured":"Dietrich, C.J., Rossow, C., Pohlmann, N.: CoCoSpot: clustering and recognizing botnet command and control channels using traffic analysis. Comput. Netw. 57(2), 475\u2013486 (2013)","journal-title":"Comput. Netw."},{"key":"3_CR6","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W., et al.: BotMiner: clustering analysis of network traffic for protocol-and structure-independent botnet detection. In: USENIX Security Symposium, vol. 5, pp. 139\u2013154 (2008)"},{"key":"3_CR7","unstructured":"Gu, G., Zhang, J., Lee, W.: BotSniffer: detecting botnet command and control channels in network traffic (2008)"},{"key":"3_CR8","unstructured":"Hall, M.A., Smith, L.A.: Practical feature subset selection for machine learning (1998)"},{"key":"3_CR9","unstructured":"IBM: IBM Security QRadar SIEM. \n                    http:\/\/www-03.ibm.com\/software\/products\/en\/qradar-siem\/"},{"key":"3_CR10","unstructured":"iicybersecurity: International institute of cyber security. \n                    https:\/\/iicybersecurity.wordpress.com"},{"key":"3_CR11","doi-asserted-by":"crossref","unstructured":"Jiang, N., Cao, J., Jin, Y., Li, L.E., Zhang, Z.-L.: Identifying suspicious activities through DNS failure graph analysis. In: 2010 18th IEEE International Conference on Network Protocols (ICNP), pp. 144\u2013153. IEEE (2010)","DOI":"10.1109\/ICNP.2010.5762763"},{"issue":"1","key":"3_CR12","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1093\/biomet\/70.1.163","volume":"70","author":"JT Kent","year":"1983","unstructured":"Kent, J.T.: Information gain and a general measure of correlation. Biometrika 70(1), 163\u2013173 (1983)","journal-title":"Biometrika"},{"key":"3_CR13","unstructured":"Kira, K., Rendell, L.A.: The feature selection problem: traditional methods and a new algorithm. In: AAAI, vol. 2, pp. 129\u2013134 (1992)"},{"key":"3_CR14","doi-asserted-by":"crossref","unstructured":"Moskovitch, R., Stopel, D., Feher, C., Nissim, N., Elovici, Y.: Unknown malcode detection via text categorization and the imbalance problem. In: IEEE International Conference on Intelligence and Security Informatics, ISI 2008, pp. 156\u2013161. IEEE (2008)","DOI":"10.1109\/ISI.2008.4565046"},{"issue":"2","key":"3_CR15","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/s11416-014-0225-8","volume":"11","author":"M Musale","year":"2015","unstructured":"Musale, M., Austin, T.H., Stamp, M.: Hunting for metamorphic JavaScript malware. J. Comput. Virol. Hacking Tech. 11(2), 89\u2013102 (2015)","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Narang, P., Ray, S., Hota, C., Venkatakrishnan, V.: PeerShark: detecting peer-to-peer botnets by tracking conversations. In: 2014 IEEE Security and Privacy Workshops (SPW), pp. 108\u2013115. IEEE (2014)","DOI":"10.1109\/SPW.2014.25"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Nari, S., Ghorbani, A.A.: Automated malware classification based on network behavior. In: 2013 International Conference on Computing, Networking and Communications (ICNC), pp. 642\u2013647. IEEE (2013)","DOI":"10.1109\/ICCNC.2013.6504162"},{"key":"3_CR18","unstructured":"Deep Web News. \n                    https:\/\/darkwebnews.com"},{"key":"3_CR19","unstructured":"Weka 3: Data mining software in Java. University of Waikato. \n                    http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/"},{"key":"3_CR20","unstructured":"Perdisci, R., Lee, W., Feamster, N.: Behavioral clustering of http-based malware and signature generation using malicious network traces. In: NSDI, vol. 10, p. 14 (2010)"},{"key":"3_CR21","unstructured":"AV TEST: The independent it-security institute. \n                    https:\/\/www.av-test.org\/en\/statistics\/malware\/"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Yen, T.-F., Oprea, A., Onarlioglu, K., Leetham, T., Robertson, W., Juels, A., Kirda, E.: Beehive: Large-scale log analysis for detecting suspicious activity in enterprise networks. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 199\u2013208. ACM (2013)","DOI":"10.1145\/2523649.2523670"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: 2010 International Conference on Broadband, Wireless Computing, Communication and Applications (BWCCA), pp. 297\u2013300. IEEE (2010)","DOI":"10.1109\/BWCCA.2010.85"},{"key":"3_CR24","unstructured":"Yu, L., Liu, H.: Feature selection for high-dimensional data: a fast correlation-based filter solution. In: ICML, vol. 3, pp. 856\u2013863 (2003)"}],"container-title":["Lecture Notes in Computer Science","Cyber Security Cryptography and Machine Learning"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-60080-2_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,1,8]],"date-time":"2020-01-08T10:55:04Z","timestamp":1578480904000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-60080-2_3"}},"subtitle":["(Extended Abstract)"],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319600796","9783319600802"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-60080-2_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"2 June 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CSCML","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cyber Security Cryptography and Machine Learning","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Beer-Sheva","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Israel","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 June 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cscml2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.cs.bgu.ac.il\/~fradmin\/cscml17\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}