{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:11:14Z","timestamp":1763467874779},"publisher-location":"Berlin, Heidelberg","reference-count":28,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540874027"},{"type":"electronic","value":"9783540874034"}],"license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008]]},"DOI":"10.1007\/978-3-540-87403-4_20","type":"book-chapter","created":{"date-parts":[[2008,9,17]],"date-time":"2008-09-17T11:42:05Z","timestamp":1221651725000},"page":"372-389","source":"Crossref","is-referenced-by-count":13,"title":["Advanced Network Fingerprinting"],"prefix":"10.1007","author":[{"given":"Humberto J.","family":"Abdelnur","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Radu","family":"State","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Olivier","family":"Festor","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"20_CR1","doi-asserted-by":"crossref","unstructured":"Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol (2002)","DOI":"10.17487\/rfc3261"},{"key":"20_CR2","doi-asserted-by":"crossref","unstructured":"Crocker, D.H., Overell, P.: Augmented BNF for Syntax Specifications: ABNF (1997)","DOI":"10.17487\/rfc2234"},{"key":"20_CR3","unstructured":"Buttler, D.: A Short Survey of Document Structure Similarity Algorithms. In: Arabnia, H.R., Droegehorn, O. (eds.) International Conference on Internet Computing, pp. 3\u20139. CSREA Press (2004)"},{"key":"20_CR4","first-page":"21","volume-title":"SEQUENCES 1997: Proceedings of the Compression and Complexity of Sequences 1997","author":"A.Z. Broder","year":"1997","unstructured":"Broder, A.Z.: On the Resemblance and Containment of Documents. In: SEQUENCES 1997: Proceedings of the Compression and Complexity of Sequences 1997, Washington, DC, USA, p. 21. IEEE Computer Society, Los Alamitos (1997)"},{"issue":"2","key":"20_CR5","doi-asserted-by":"publisher","first-page":"286","DOI":"10.2307\/1969529","volume":"54","author":"J.F. Nash","year":"1951","unstructured":"Nash, J.F.: Non-Cooperative Games. The Annals of Mathematics\u00a054(2), 286\u2013295 (1951)","journal-title":"The Annals of Mathematics"},{"key":"20_CR6","unstructured":"Caballero, J., Venkataraman, S., Poosankam, P., Kang, M.G., Song, D., Blum, A.: FiG: Automatic Fingerprint Generation. In: The 14th Annual Network & Distributed System Security Conference (NDSS 2007) (February 2007)"},{"key":"20_CR7","unstructured":"DParser, \n                    \n                      http:\/\/dparser.sourceforge.net\/"},{"key":"20_CR8","unstructured":"Comer, D., Lin, J.C.: Probing TCP Implementations. In: USENIX Summer, pp. 245\u2013255 (1994)"},{"key":"20_CR9","unstructured":"Nmap, \n                    \n                      http:\/\/www.insecure.org\/nmap\/"},{"key":"20_CR10","unstructured":"P0f, \n                    \n                      http:\/\/lcamtuf.coredump.cx\/p0f.shtml"},{"key":"20_CR11","unstructured":"Yan, H., Sripanidkulchai, K., Zhang, H.: Incorporating Active Fingerprinting into SPIT Prevention Systems. In: Third Annual VoIP Security Workshop (June 2006)"},{"key":"20_CR12","unstructured":"Scholz, H.: SIP Stack Fingerprinting and Stack Difference Attacks. Black Hat Briefings (2006)"},{"issue":"2","key":"20_CR13","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1109\/TNET.2003.822645","volume":"12","author":"D. Watson","year":"2004","unstructured":"Watson, D., Smart, M., Malan, G.R., Jahanian, F.: Protocol scrubbing: network security through transparent flow modification. IEEE\/ACM Trans. Netw.\u00a012(2), 261\u2013273 (2004)","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"20_CR14","unstructured":"Open Source FastTrack P2P Protocol (2007), \n                    \n                      http:\/\/gift-fasttrack.berlios.de\/"},{"key":"20_CR15","unstructured":"Fritzler, A.: UnOfficial AIM\/OSCAR Protocol Specification (2007), \n                    \n                      http:\/\/www.oilcan.org\/oscar\/"},{"key":"20_CR16","unstructured":"Beddoe, M.: The Protocol Informatics Project. Toorcon (2004)"},{"key":"20_CR17","unstructured":"Gopalratnam, K., Basu, S., Dunagan, J., Wang, H.J.: Automatically Extracting Fields from Unknown Network Protocols. In: Systems and Machine Learning Workshop 2006 (2006)"},{"key":"20_CR18","unstructured":"Wondracek, G., Comparetti, P.M., Kruegel, C., Kirda, E.: Automatic Network Protocol Analysis. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008) (2008)"},{"key":"20_CR19","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1145\/1180405.1180444","volume-title":"CCS 2006: Proceedings of the 13th ACM conference on Computer and communications security","author":"J. Newsome","year":"2006","unstructured":"Newsome, J., Brumley, D., Franklin, J., Song, D.: Replayer: automatic protocol replay by binary analysis. In: CCS 2006: Proceedings of the 13th ACM conference on Computer and communications security, pp. 311\u2013321. ACM, New York (2006)"},{"key":"20_CR20","unstructured":"Cui, W., Kannan, J., Wang, H.J.: Discoverer: automatic protocol reverse engineering from network traces. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, Berkeley, CA, USA, pp. 1\u201314. USENIX Association (2007)"},{"key":"20_CR21","unstructured":"Brumley, D., Caballero, J., Liang, Z., Newsome, J., Song, D.: Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, Berkeley, CA, USA, pp. 1\u201316. USENIX Association (2007)"},{"key":"20_CR22","unstructured":"Lin, Z., Jiang, X., Xu, D., Zhang, X.: Automatic Protocol Format Reverse Engineering through Context-Aware Monitored Execution. In: 15th Symposium on Network and Distributed System Security (2008)"},{"issue":"4","key":"20_CR23","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1145\/1282427.1282386","volume":"37","author":"D. Bonfiglio","year":"2007","unstructured":"Bonfiglio, D., Mellia, M., Meo, M., Rossi, D., Tofanelli, P.: Revealing skype traffic: when randomness plays with you. SIGCOMM Comput. Commun. Rev.\u00a037(4), 37\u201348 (2007)","journal-title":"SIGCOMM Comput. Commun. Rev."},{"key":"20_CR24","unstructured":"Wright, C.V., Ballard, L., Monrose, F., Masson, G.M.: Language identification of encrypted VoIP traffic: Alejandra y Roberto or Alice and Bob? In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, Berkeley, CA, USA, pp. 1\u201312. USENIX Association (2007)"},{"key":"20_CR25","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"crossref","first-page":"641","DOI":"10.1007\/11425274_66","volume-title":"Foundations of Intelligent Systems","author":"M. Chang","year":"2005","unstructured":"Chang, M., Poon, C.K.: Catching the Picospams. In: Hacid, M.-S., Murray, N.V., Ra\u015b, Z.W., Tsumoto, S. (eds.) ISMIS 2005. LNCS (LNAI), vol.\u00a03488, pp. 641\u2013649. Springer, Heidelberg (2005)"},{"key":"20_CR26","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1145\/1080173.1080183","volume-title":"MineNet 2005: Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data","author":"P. Haffner","year":"2005","unstructured":"Haffner, P., Sen, S., Spatscheck, O., Wang, D.: ACAS: automated construction of application signatures. In: MineNet 2005: Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data, pp. 197\u2013202. ACM, New York (2005)"},{"key":"20_CR27","unstructured":"Borisov, N., Brumley, D.J., Wang, H.J.: Generic Application-Level Protocol Analyzer and its Language. In: 14th Symposium on Network and Distributed System Security (2007)"},{"key":"20_CR28","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1145\/1177080.1177123","volume-title":"IMC 2006: Proceedings of the 6th ACM SIGCOMM conference on Internet measurement","author":"J. Ma","year":"2006","unstructured":"Ma, J., Levchenko, K., Kreibich, C., Savage, S., Voelker, G.M.: Unexpected means of protocol inference. In: IMC 2006: Proceedings of the 6th ACM SIGCOMM conference on Internet measurement, pp. 313\u2013326. ACM, New York (2006)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-87403-4_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,19]],"date-time":"2019-05-19T15:45:46Z","timestamp":1558280746000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-87403-4_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008]]},"ISBN":["9783540874027","9783540874034"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-87403-4_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2008]]}}}