{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T18:55:33Z","timestamp":1725908133201},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319656359"},{"type":"electronic","value":"9783319656366"}],"license":[{"start":{"date-parts":[[2017,8,17]],"date-time":"2017-08-17T00:00:00Z","timestamp":1502928000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-65636-6_49","type":"book-chapter","created":{"date-parts":[[2017,8,16]],"date-time":"2017-08-16T00:13:28Z","timestamp":1502842408000},"page":"545-553","source":"Crossref","is-referenced-by-count":0,"title":["Mining Unknown Network Protocol\u2019s Stealth Attack Behavior"],"prefix":"10.1007","author":[{"given":"Yan-Jing","family":"Hu","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,17]]},"reference":[{"key":"49_CR1","first-page":"1","volume":"3","author":"STA Harale","year":"2017","unstructured":"Harale, S.T.A.: Detection and analysis of network & application layer attacks using honey pot with system security features. Int. J. Adv. Res. Ideas Innovations Technol. 3, 1\u20134 (2017)","journal-title":"Int. J. Adv. Res. Ideas Innovations Technol."},{"key":"49_CR2","doi-asserted-by":"crossref","unstructured":"Singh, S., Sharma, P.K., Moon, S.Y., et al.: A comprehensive study on APT attacks and countermeasures for future networks and communications: challenges and solutions. J. Supercomput., 1\u201332 (2016)","DOI":"10.1007\/s11227-016-1850-4"},{"key":"49_CR3","doi-asserted-by":"crossref","unstructured":"Albanese, M., Battista, E., Jajodia, S.: Deceiving attackers by creating a virtual attack surface. Cyber Deception. Building the Scientific Foundation, 167\u2013199 (2016)","DOI":"10.1007\/978-3-319-32699-3_8"},{"key":"49_CR4","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/978-3-642-21424-0_2","volume-title":"Future Challenges in Security and Privacy for Academia and Industry","author":"D Damopoulos","year":"2011","unstructured":"Damopoulos, D., Kambourakis, G., Gritzalis, S.: iSAM: an iPhone stealth airborne malware. In: Camenisch, J., Fischer-H\u00fcbner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IAICT, vol. 354, pp. 17\u201328. Springer, Heidelberg (2011). doi: 10.1007\/978-3-642-21424-0_2"},{"key":"49_CR5","doi-asserted-by":"crossref","unstructured":"Filiol. E.: Viruses and malware. In: Handbook of Information and Communication Security, pp. 747\u2013769 (2010)","DOI":"10.1007\/978-3-642-04117-4_34"},{"key":"49_CR6","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1007\/978-3-642-17604-3_33","volume-title":"Communication and Networking","author":"S Jung","year":"2010","unstructured":"Jung, S., Kim, J., Cagalaban, G., Lim, J.-h., Kim, S.: Design of cyber attack precursor symptom detection algorithm through system base behavior analysis and memory monitoring. In: Kim, T.-h., Vasilakos, T., Sakurai, K., Xiao, Y., Zhao, G., \u015al\u0119zak, D. (eds.) FGCN 2010. CCIS, vol. 120, pp. 276\u2013283. Springer, Heidelberg (2010). doi: 10.1007\/978-3-642-17604-3_33"},{"key":"49_CR7","doi-asserted-by":"crossref","unstructured":"Lee-Urban, S., Whitaker, E., Riley, M., et al.: Two complementary network modeling and simulation approaches to aid in understanding advanced cyber threats. In: Advances in Human Factors in Cybersecurity: Proceedings of the AHFE 2016 International Conference on Human Factors in Cybersecurity, pp. 401\u2013414, Walt Disney World\u00ae, Florida, USA, 27\u201331 July 2016","DOI":"10.1007\/978-3-319-41932-9_33"},{"key":"49_CR8","doi-asserted-by":"crossref","unstructured":"Ming, J., Xin, Z., Lan, P., et al.: Impeding behavior-based malware analysis via replacement attacks to malware specifications. J. Comput. Virol. Hacking Tech., 1\u201315 (2016)","DOI":"10.1007\/s11416-016-0281-3"},{"key":"49_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-319-40667-1_9","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"A Pawlowski","year":"2016","unstructured":"Pawlowski, A., Contag, M., Holz, T.: Probfuscation: an obfuscation approach using probabilistic control flows. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, Ricardo J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 165\u2013185. Springer, Cham (2016). doi: 10.1007\/978-3-319-40667-1_9"},{"key":"49_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1007\/978-3-319-30806-7_9","volume-title":"Engineering Secure Software and Systems","author":"M Payer","year":"2016","unstructured":"Payer, M.: HexPADS: a platform to detect \u201cstealth\u201d attacks. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds.) ESSoS 2016. LNCS, vol. 9639, pp. 138\u2013154. Springer, Cham (2016). doi: 10.1007\/978-3-319-30806-7_9"},{"issue":"1","key":"49_CR11","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1007\/s13173-012-0062-x","volume":"18","author":"L Teixeira d\u2019Aguiar Norton Brand\u00e3o","year":"2012","unstructured":"Teixeira d\u2019Aguiar Norton Brand\u00e3o, L., Neves Bessani, A.: On the reliability and availability of replicated and rejuvenating systems under stealth attacks and intrusions. J. Braz. Compu. Soc. 18(1), 61\u201380 (2012)","journal-title":"J. Braz. Compu. Soc."},{"key":"49_CR12","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1016\/j.future.2013.06.024","volume":"30","author":"TC Xiangjian He","year":"2014","unstructured":"Xiangjian He, T.C., Nanda, P., Tan, Z.: Improving cloud network security using the tree-rule firewall. Future Gener. Comput. Syst. 30, 116\u2013126 (2014)","journal-title":"Future Gener. Comput. Syst."},{"key":"49_CR13","doi-asserted-by":"crossref","unstructured":"Han, K., Kang, B., Im, E.G.: Malware analysis using visualized image matrices. Sci. World J. 2014 (2014). 132713","DOI":"10.1155\/2014\/132713"},{"key":"49_CR14","doi-asserted-by":"crossref","unstructured":"Santos, I., Brezo, F., Nieves, J., et al.: Idea: opcode-sequence-based malware detection. Eng. Secure Softw. Syst., 35\u201343 (2010)","DOI":"10.1007\/978-3-642-11747-3_3"},{"key":"49_CR15","doi-asserted-by":"crossref","unstructured":"Saxe, J., Mentis, D., Greamo, C.: Visualization of shared system call sequence relationships in large malware corpora. In: Proceedings of the Ninth International Symposium on Visualization for Cyber Security, pp. 33\u201340 (2012)","DOI":"10.1145\/2379690.2379695"},{"issue":"1","key":"49_CR16","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1007\/s11416-013-0189-0","volume":"10","author":"G Canfora","year":"2014","unstructured":"Canfora, G., Iannaccone, A., Visaggio, C.: Static analysis for the detection of metamorphic computer viruses using repeated-instructions counting heuristics. J. Comput. Virol. Hacking Tech. 10(1), 11\u201327 (2014)","journal-title":"J. Comput. Virol. Hacking Tech."},{"issue":"2","key":"49_CR17","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2089125.2089126","volume":"44","author":"M Egele","year":"2012","unstructured":"Egele, M., Scholte, T., Kirda, E., et al.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. 44(2), 1\u201342 (2012)","journal-title":"ACM Comput. Surv."},{"key":"49_CR18","doi-asserted-by":"crossref","unstructured":"Anderson, B., Storlie, C., Lane, T.: Improving malware classification: bridging the static\/dynamic gap. In: Proceedings of the 5th ACM workshop on Security and Artificial Intelligence, pp. 3\u201314 (2012)","DOI":"10.1145\/2381896.2381900"},{"key":"49_CR19","doi-asserted-by":"crossref","unstructured":"Hu, X., Shin, K.G.: DUET: integration of dynamic and static analyses for malware clustering with cluster ensembles. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 79\u201388 (2013)","DOI":"10.1145\/2523649.2523677"},{"key":"49_CR20","doi-asserted-by":"crossref","unstructured":"Kang, B., Kim, T., Kwon, H., et al.: Malware classification method via binary content comparison. In: Proceedings of the 2012 ACM Research in Applied Computation Symposium, pp. 316\u2013321 (2012)","DOI":"10.1145\/2401603.2401672"},{"key":"49_CR21","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721\u20132744 (2006)","journal-title":"J. Mach. Learn. Res."}],"container-title":["Lecture Notes on Data Engineering and Communications Technologies","Advances in Intelligent Networking and Collaborative Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-65636-6_49","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,2]],"date-time":"2019-10-02T08:43:02Z","timestamp":1570005782000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-65636-6_49"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,17]]},"ISBN":["9783319656359","9783319656366"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-65636-6_49","relation":{},"ISSN":["2367-4512","2367-4520"],"issn-type":[{"type":"print","value":"2367-4512"},{"type":"electronic","value":"2367-4520"}],"subject":[],"published":{"date-parts":[[2017,8,17]]}}}