{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,1,20]],"date-time":"2025-01-20T12:10:01Z","timestamp":1737375001225,"version":"3.33.0"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540743194"},{"type":"electronic","value":"9783540743200"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-74320-0_15","type":"book-chapter","created":{"date-parts":[[2007,8,16]],"date-time":"2007-08-16T13:47:48Z","timestamp":1187272068000},"page":"276-295","source":"Crossref","is-referenced-by-count":30,"title":["Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs"],"prefix":"10.1007","author":[{"given":"M. Patrick","family":"Collins","sequence":"first","affiliation":[]},{"given":"Michael K.","family":"Reiter","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"15_CR1","volume-title":"The Design and Analysis of Computer Algorithms","author":"A.V. Aho","year":"1975","unstructured":"Aho, A.V., Hopcroft, J.E., Ullman, J.D.: The Design and Analysis of Computer Algorithms. Addison-Wesley, Reading (1975)"},{"key":"15_CR2","first-page":"171","volume-title":"Proceedings of the 32nd ACM Symposium on Theory of Computing","author":"W. Aiello","year":"2000","unstructured":"Aiello, W., Chung, F., Lu, L.: A random graph model for massive graphs. In: Proceedings of the 32nd ACM Symposium on Theory of Computing, pp. 171\u2013180. ACM Press, New York (2000)"},{"key":"15_CR3","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/1103626.1103633","volume-title":"WORM 2005: Proceedings of the 2005 ACM Workshop on Rapid Malcode","author":"S. Antonatos","year":"2005","unstructured":"Antonatos, S., Akritidis, P., Markatos, E.P., Anagnostakis, K.G.: Defending against hitlist worms using network address space randomization. In: WORM 2005: Proceedings of the 2005 ACM Workshop on Rapid Malcode, New York, NY, USA, pp. 30\u201340. ACM Press, New York (2005)"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Broder, A., Kumar, R., Maghoul, F., Raghavan, P., Rajagopalan, S., Stata, R., Tomkins, A., Wiener, J.: Graph structure in the web. In: Proc. of the WWW9 Conference, Amsterdam, Holland, pp. 309\u2013320 (2000)","DOI":"10.1016\/S1389-1286(00)00083-9"},{"key":"15_CR5","doi-asserted-by":"crossref","unstructured":"Chen, S., Tang, Y.: Slowing down Internet worms. In: Proceedings of the 24th International Conference on Distributed Computing Systems, Tokyo, Japan, March 2004, pp. 312\u2013319 (2004)","DOI":"10.1109\/ICDCS.2004.1281596"},{"key":"15_CR6","unstructured":"Ellis, D., Aiken, J., McLeod, A., Keppler, D., Amman, P.: Graph-based worm detection on operational enterprise networks. Technical Report MTR-06W0000035, MITRE Corporation (April 2006)"},{"key":"15_CR7","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1145\/116873.116878","volume":"23","author":"Z. Galil","year":"1991","unstructured":"Galil, Z., Italiano, G.F.: Data structures and algorithms for disjoint set union problems. ACM Computing Surveys\u00a023, 319\u2013344 (1991)","journal-title":"ACM Computing Surveys"},{"key":"15_CR8","volume-title":"Proceedings of the 2004 IEEE Symposium on Security and Privacy","author":"J. Jung","year":"2004","unstructured":"Jung, J., Paxson, V., Berger, A.W., Balakrishnan, H.: Fast portscan detection using sequential hypothesis testing. In: Proceedings of the 2004 IEEE Symposium on Security and Privacy, May 2004, IEEE Computer Society Press, Los Alamitos (2004)"},{"key":"15_CR9","first-page":"229","volume-title":"Proceedings of ACM SIGCOMM 2005","author":"T. Karagiannis","year":"2005","unstructured":"Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: multilevel traffic classification in the dark. In: Proceedings of ACM SIGCOMM 2005, New York, NY, USA, pp. 229\u2013240. ACM Press, New York (2005)"},{"key":"15_CR10","volume-title":"Advanced Engineering Mathematics","author":"E. Kreyszig","year":"2005","unstructured":"Kreyszig, E.: Advanced Engineering Mathematics, 9th edn. J. Wiley and Sons, Chichester (2005)","edition":"9"},{"key":"15_CR11","volume-title":"Proceedings of the ACM Internet Measurement Conference","author":"A. Kumar","year":"2005","unstructured":"Kumar, A., Paxson, V., Weaver, N.: Exploiting underlying structure for detailed reconstruction of an Internet scale event. In: Proceedings of the ACM Internet Measurement Conference, New Orleans, LA, USA, October 2005, ACM Press, New York (2005)"},{"key":"15_CR12","doi-asserted-by":"crossref","unstructured":"Lakkaraju, K., Yurcik, W., Lee, A.: NVisionIP: NetFlow visualizations of system state for security situational awareness. In: Proceedings of the 2004 Workshop on Visualization for Computer Security (October 2006)","DOI":"10.1145\/1029208.1029219"},{"key":"15_CR13","unstructured":"Pouwelse, J., Garbacki, P., Epema, D., Sips, H.: A measurement study of the BitTorrent peer-to-peer file-sharing system. Technical Report PDS-2004-007, Delft University of Technology (April 2004)"},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Ripeanu, M., Foster, I., Iamnitchi, A.: Mapping the gnutella network: Properties of large-scale peer-to-peer systems and implications for system design. IEEE Internet Computing\u00a06(1) (2002)","DOI":"10.1007\/3-540-45748-8_8"},{"key":"15_CR15","doi-asserted-by":"crossref","unstructured":"Saroiu, S., Gummadi, P.K., Gribble, S.D.: A measurement study of peer-to-peer file sharing systems. In: Proceedings of Multimedia Computing and Networking 2002, San Jose, CA, USA (2002)","DOI":"10.1117\/12.449977"},{"key":"15_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1007\/978-3-540-30143-1_4","volume-title":"Recent Advances in Intrusion Detection","author":"S. Schechter","year":"2004","unstructured":"Schechter, S., Jung, J., Berger, A.: Fast detection of scanning worm infections. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 59\u201381. Springer, Heidelberg (2004)"},{"key":"15_CR17","doi-asserted-by":"crossref","unstructured":"Sekar, V., Xie, Y., Reiter, M.K., Zhang, H.: A multi-resolution approach to worm detection and containment. In: Proceedings of the 2006 International Conference on Dependable Systems and Networks, June 2006, pp. 189\u2013198 (2006)","DOI":"10.1109\/DSN.2006.6"},{"issue":"4","key":"15_CR18","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1109\/MSP.2004.59","volume":"2","author":"C. Shannon","year":"2004","unstructured":"Shannon, C., Moore, D.: The spread of the Witty worm. IEEE Security and Privacy\u00a02(4), 46\u201350 (2004)","journal-title":"IEEE Security and Privacy"},{"key":"15_CR19","volume-title":"Proceedings of the ACM\/USENIX Symposium on Operating System Design and Implementation","author":"S. Singh","year":"2005","unstructured":"Singh, S., Estan, C., Varghese, G., Savage, S.: Automated worm fingerprinting. In: Proceedings of the ACM\/USENIX Symposium on Operating System Design and Implementation, December 2005, ACM Press, New York (2005)"},{"key":"15_CR20","unstructured":"Staniford, S., Paxson, V., Weaver, N.: How to 0wn the Internet in your spare time. In: Proceedings of the 11th USENIX Security Symposium, August 2002, pp. 149\u2013167 (2002)"},{"key":"15_CR21","unstructured":"Staniford-Chen, S., Cheung, S., Crawford, R., Dilger, M., Frank, J., Hoagland, J., Levitt, K., Wee, C., Yip, R., Zerkle, D.: GrIDS \u2013 A graph-based intrusion detection system for large networks. In: Proceedings of the 19th National Information Systems Security Conference, pp. 361\u2013370 (1996)"},{"issue":"2","key":"15_CR22","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1145\/1149121.1149125","volume":"6","author":"S.J. Stolfo","year":"2006","unstructured":"Stolfo, S.J., Hershkop, S., Hu, C., Li, W., Nimeskern, O., Wang, K.: Behavior-based modeling and its application to email analysis. ACM Transactions on Internet Technology\u00a06(2), 187\u2013221 (2006)","journal-title":"ACM Transactions on Internet Technology"},{"key":"15_CR23","doi-asserted-by":"crossref","unstructured":"Tarjan, R.E.: Data Structures in Network Algorithms. In: Regional Conference Series in Applied Mathematics, Society for Industrial and Applied Mathematics, vol.\u00a044 (1983)","DOI":"10.1137\/1.9781611970265"},{"key":"15_CR24","doi-asserted-by":"crossref","unstructured":"Twycross, J., Williamson, M.W.: Implementing and testing a virus throttle. In: Proceedings of the 12th USENIX Security Symposium, August 2003, pp. 285\u2013294 (2003)","DOI":"10.1109\/CSAC.2003.1254312"},{"key":"15_CR25","doi-asserted-by":"crossref","unstructured":"Wright, C., Monrose, F., Masson, G.: Using visual motifs to classify encrypted traffic. In: Proceedings of the 2006 Workshop on Visualization for Computer Security (November 2006)","DOI":"10.1145\/1179576.1179584"},{"key":"15_CR26","doi-asserted-by":"crossref","unstructured":"Yin, X., Yurcik, W., Treaster, M.: VisFlowConnect: NetFlow visualizations of link relationships for security situational awareness. In: Proceedings of the 2004 Workshop on Visualization for Computer Security (October 2006)","DOI":"10.1145\/1029208.1029214"},{"key":"15_CR27","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1145\/948109.948136","volume-title":"Proceedings of the 10th ACM Conference on Computer and Communications Security","author":"C. Zou","year":"2003","unstructured":"Zou, C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for Internet worms. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, New York, NY, USA, pp. 190\u2013199. ACM Press, New York (2003)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-74320-0_15.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,20]],"date-time":"2025-01-20T11:48:29Z","timestamp":1737373709000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-74320-0_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540743194","9783540743200"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-74320-0_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}