{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T23:11:27Z","timestamp":1725491487277},"publisher-location":"Berlin, Heidelberg","reference-count":14,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540754756"},{"type":"electronic","value":"9783540754763"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-75476-3_36","type":"book-chapter","created":{"date-parts":[[2007,9,17]],"date-time":"2007-09-17T12:37:49Z","timestamp":1190032669000},"page":"354-363","source":"Crossref","is-referenced-by-count":0,"title":["A Practical Approach for Detecting Executable Codes in Network Traffic"],"prefix":"10.1007","author":[{"given":"Ikkyun","family":"Kim","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Koohong","family":"Kang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"YangSeo","family":"Choi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daewon","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jintae","family":"Oh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kijun","family":"Han","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"36_CR1","doi-asserted-by":"crossref","unstructured":"Kreibich, C., Crowcroft, J.: Honeycomb - Creating Intrusion Detection Signatures Using Honeypots. In: Proceedings of the Second Workshop on Hot Topics in Networks (Hotnets II), Boston (2003)","DOI":"10.1145\/972374.972384"},{"key":"36_CR2","first-page":"226","volume-title":"IEEE Symposium on Security and Privacy","author":"J. Newsome","year":"2005","unstructured":"Newsome, J., Karp, B., Song, D.X.: Polygraph: Automatically generating signatures for polymorphic worms. In: IEEE Symposium on Security and Privacy, pp. 226\u2013241. IEEE Computer Society, Los Alamitos (2005)"},{"key":"36_CR3","unstructured":"Singh, S., Estan, C., Varghese, G., Savage, S.: Automated worm fingerprinting. In: OSDI, pp. 45\u201360 (2004)"},{"key":"36_CR4","unstructured":"Singh, S., Estan, C., Varghese, G., Savage, S.: The EarlyBird system for realtime detection of unknown worms. Technical Report CS2003-0761, UC San Diego (2003)"},{"key":"36_CR5","unstructured":"Li, Z., Sanghi, M., Chen, Y., Kao, M.Y., Chavez, B.: Hamsa: Fast signature generation for zero-day polymorphicworms with provable attack resilience. In: S&P, pp. 32\u201347 (2006)"},{"key":"36_CR6","first-page":"289","volume-title":"ACSAC 2006","author":"P. Royal","year":"2006","unstructured":"Royal, P., Halpin, M., Dagon, D., Edmonds, R., Lee, W.: Polyunpack: Automating the hidden-code extraction of unpack-executing malware. In: ACSAC 2006. Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference, pp. 289\u2013300. IEEE Computer Society, Washington (2006)"},{"key":"36_CR7","first-page":"32","volume-title":"IEEE Symposium on Security and Privacy","author":"M. Christodorescu","year":"2005","unstructured":"Christodorescu, M., Jha, S., Seshia, S.A., Song, D.X., Bryant, R.E.: Semantics-aware malware detection. In: IEEE Symposium on Security and Privacy, pp. 32\u201346. IEEE Computer Society Press, Los Alamitos (2005)"},{"key":"36_CR8","unstructured":"Kruegel, C., Robertson, W., Valeur, F., Vigna, G.: Static disassembly of obfuscated binaries. In: SSYM\u201904. Proceedings of the 13th conference on USENIX Security Symposium, Berkeley, CA, USA, p. 18. USENIX Association (2004)"},{"key":"36_CR9","doi-asserted-by":"crossref","unstructured":"Akritidis, P., Markatos, E.P., Polychronakis, M., Anagnostakis, K.G.: Stride: Polymorphic sled detection through instruction sequence analysis. In: SEC, pp. 375\u2013392 (2005)","DOI":"10.1007\/0-387-25660-1_25"},{"key":"36_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1007\/11663812_15","volume-title":"Recent Advances in Intrusion Detection","author":"R. Chinchani","year":"2006","unstructured":"Chinchani, R., van den Berg, E.: A fast static analysis approach to detect exploit code inside network flows. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol.\u00a03858, pp. 284\u2013308. Springer, Heidelberg (2006)"},{"key":"36_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1007\/3-540-36084-0_15","volume-title":"Recent Advances in Intrusion Detection","author":"T. Toth","year":"2002","unstructured":"Toth, T., Kr\u00fcgel, C.: Accurate buffer overflow detection via abstract payload execution. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, pp. 274\u2013291. Springer, Heidelberg (2002)"},{"key":"36_CR12","unstructured":"Wang, X., Pan, C.-C., Liu, P., Zhu, S.: Sigfree: a signature-free buffer overflow attack blocker. In: USENIX-SS 2006. Proceedings of the 15th conference on USENIX Security Symposium, Berkeley, CA, USA, p. -16. USENIX Association (2006)"},{"key":"36_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/11790754_4","volume-title":"Detection of Intrusions and Malware & Vulnerability Assessment","author":"M. Polychronakis","year":"2006","unstructured":"Polychronakis, M., Anagnostakis, K.G., Markatos, E.P.: Network-level polymorphic shellcode detection using emulation. In: B\u00fcschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol.\u00a04064, pp. 54\u201373. Springer, Heidelberg (2006)"},{"key":"36_CR14","unstructured":"jt: Libdasm. http:\/\/www.klake.org\/jt\/misc\/libdasm-1.4.tar.gz"}],"container-title":["Lecture Notes in Computer Science","Managing Next Generation Networks and Services"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-75476-3_36.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T07:02:28Z","timestamp":1619506948000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-75476-3_36"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540754756","9783540754763"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-75476-3_36","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}