{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:16:05Z","timestamp":1742912165645,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":42,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642028113"},{"type":"electronic","value":"9783642028120"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-02812-0_17","type":"book-chapter","created":{"date-parts":[[2009,7,14]],"date-time":"2009-07-14T11:12:00Z","timestamp":1247569920000},"page":"138-147","source":"Crossref","is-referenced-by-count":4,"title":["Use of Deception to Improve Client Honeypot Detection of Drive-by-Download Attacks"],"prefix":"10.1007","author":[{"given":"Barbara","family":"Endicott-Popovsky","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Julia","family":"Narvaez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christian","family":"Seifert","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Deborah A.","family":"Frincke","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lori Ross","family":"O\u2019Neil","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chiraag","family":"Aval","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"17_CR1","unstructured":"Finisterre, K.: The Five Ws of Citect ODBC Vulnerability CVE-2008-2639 (2008), http:\/\/www.milw0rm.com\/papers\/221"},{"key":"17_CR2","volume-title":"Virtual Honeypots: From Botnet Tracking to Intrusion Detection","author":"N. Provos","year":"2008","unstructured":"Provos, N., Holz, T.: Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Pearson Education, Boston (2008)"},{"issue":"1","key":"17_CR3","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1023\/A:1013228602957","volume":"6","author":"P. Tan","year":"2002","unstructured":"Tan, P., Kumar, V.: Discovery of Web Robot Sessions Based on their Navigational Patterns. Data Mining and Knowledge Discovery\u00a06(1), 9\u201335 (2002)","journal-title":"Data Mining and Knowledge Discovery"},{"key":"17_CR4","volume-title":"Honeypots: Tracking Hackers","author":"L. Spitzner","year":"2003","unstructured":"Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley, Boston (2003)"},{"key":"17_CR5","first-page":"646","volume-title":"Handbook of Information Security","author":"F. Cohen","year":"2006","unstructured":"Cohen, F.: The Use of Deception Techniques: Honeypots and Decoys. In: Bidgoli, H. (ed.) Handbook of Information Security, vol.\u00a03, pp. 646\u2013655. John Wiley & Sons, Chichester (2006)"},{"key":"17_CR6","unstructured":"Cheswick, B.: An Evening with Berferd in which a Cracker is Lured, Endured, and Studied (1991), http:\/\/www.cheswick.com\/ches\/cv\/main.html"},{"key":"17_CR7","unstructured":"Riden J., Seifert C.: A Guide to Different Kinds of Honeypots. Security Focus (2008), http:\/\/www.securityfocus.com\/infocus\/1897\/3"},{"key":"17_CR8","unstructured":"Seifert, C., Steenson, R.: Capture - Honeypot Client. Honeynet Project (2006), https:\/\/projects.honeynet.org\/capture-hpc"},{"key":"17_CR9","volume-title":"13th Annual Network and Distributed System Security Symposium","author":"A. Moshchuk","year":"2006","unstructured":"Moshchuk, A., Bragin, T., Gribble, S.D., Levy, H.M.: A Crawler-based Study of Spyware on the Web. In: 13th Annual Network and Distributed System Security Symposium, The Internet Society, San Diego (2006)"},{"key":"17_CR10","unstructured":"Seifert, C., Welch, I., Komisarczuk, P.: HoneyC - The Low-Interaction Client Honeypot. In: NZCSRCS, Hamilton (2007), http:\/\/www.mcs.vuw.ac.nz\/~cseifert\/blog\/images\/seifert-honeyc.pdf"},{"key":"17_CR11","unstructured":"Ikinci, A., Holz, T., Freiling, F.: Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients. In: Sicherheit, Saarbruecken (2008)"},{"issue":"3","key":"17_CR12","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/MSP.2007.63","volume":"5","author":"M. Carpenter","year":"2007","unstructured":"Carpenter, M., Liston, T., Skoudis, E.: Hiding Virtualization from Attackers and Malware. IEEE Security & Privacy\u00a05(3), 62\u201365 (2007)","journal-title":"IEEE Security & Privacy"},{"key":"17_CR13","unstructured":"Longman: Dictionary of American English. Longman, White Plains (1983)"},{"key":"17_CR14","volume-title":"Cheating and Deception","author":"J.B. Bell","year":"1991","unstructured":"Bell, J.B., Whaley, B.: Cheating and Deception. Transaction Publishers, Edison (1991)"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"Rowe, N.C.: Measuring the Effectiveness of Honeypot Counter-Counterdeception. In: Proc. of the 39th Hawaii International Conference on System Sciences, vol.\u00a06, p. 129c. IEEE Xplore (2006)","DOI":"10.1109\/HICSS.2006.269"},{"key":"17_CR16","unstructured":"The Honeynet Project: Know Your Enemy: Learning About Security Threats. Pearson Education, Boston (2004)"},{"key":"17_CR17","unstructured":"Spitzner, L.: Honeypots: Catching the Insider Threat. In: Proc of the 19th Annual- Computer Security Applications Conference, pp. 170\u2013179. IEEE Xplore (2003)"},{"key":"17_CR18","unstructured":"Lakhani, A.D.: A dissertation on Deception Techniques Using Honeypots. Information Security Group, Royal Holloway, University of London"},{"key":"17_CR19","first-page":"328","volume-title":"Proc. of the 24th ICDCS 2004","author":"S.M. Khattab","year":"2004","unstructured":"Khattab, S.M., Sangpachatanaruk, C., Moss, D., Melhem, R., Znati, T.: Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks. In: Proc. of the 24th ICDCS 2004, pp. 328\u2013337. IEEE Computer Society, Washington (2004)"},{"key":"17_CR20","first-page":"171","volume-title":"Advances in Information Security","author":"P. Barford","year":"2007","unstructured":"Barford, P., Yegneswaran, V.: An Inside Look at Botnets. In: Christodorescu, M., Jha, S., Maughan, D., Song, D., Wang, C. (eds.) Advances in Information Security, vol.\u00a027, pp. 171\u2013191. Springer, US (2007)"},{"key":"17_CR21","volume-title":"Gray Hat Hacking","author":"S. Harris","year":"2007","unstructured":"Harris, S., Harper, A., Eagle, C., Ness, J.: Gray Hat Hacking. McGraw-Hill, New York (2007)"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Dornseif, M., Holz, T., Klein, C.N.: NoSEBrEaK - Attacking Honeynets. In: Proc. of the IEEE Workshop on Information Assurance and Security, pp. 123\u2013129. IEEE Xplore (2004)","DOI":"10.1109\/IAW.2004.1437807"},{"key":"17_CR23","unstructured":"Dittrich, D.: VMWare Detection?. Virus.org (2004), http:\/\/lists.virus.org\/honeypots-0411\/msg00044.html"},{"key":"17_CR24","unstructured":"Zdrnja, B.: More Tricks from Conficker and VM Detection. SANS Internet Storm Center (2009), http:\/\/isc.sans.org\/diary.html?storyid=5842"},{"key":"17_CR25","unstructured":"Spitzner, L.: Sebek. The Honeynet Project, http:\/\/www.honeynet.org\/project\/sebek"},{"key":"17_CR26","unstructured":"Quist, D., Smith, V.: Detecting the Presence of Virtual Machines Using the Local Data Table. Offensive Computing, http:\/\/www.offensivecomputing.net"},{"key":"17_CR27","unstructured":"Lallous: The Code Project. Detect if Your Program Is Running Inside a Virtual Machine (2005), http:\/\/www.codeproject.com\/KB\/system\/VmDetect.aspx?display=Print"},{"key":"17_CR28","unstructured":"Rutkowska, J.: Red Pill or How to Detect VMM Using (Almost) One CPU (2004), http:\/\/invisiblethings.org\/papers\/redpill.html"},{"key":"17_CR29","unstructured":"Kato, K.: VM Back, http:\/\/chitchat.at.infoseek.co.jp\/vmware\/vmtools.html"},{"key":"17_CR30","first-page":"130","volume-title":"Proc. SPIE the International Society for Optical Engineering","author":"E. Santos","year":"2004","unstructured":"Santos, E., Johnson, G.: Toward Detecting Deception in Intelligent Systems. In: Proc. SPIE the International Society for Optical Engineering, vol.\u00a05423, pp. 130\u2013141. SPIE, Bellingham (2004)"},{"key":"17_CR31","unstructured":"Garfinkel, T., Adams, K., Warfield, A., Franklin, J.: Compatibility Is Not Transparency: VMM Detection Myths and Realities. In: Proceedings of the 11th USENIX workshop on hot topics in operating systems (2007), http:\/\/www.usenix.org\/event\/hotos07\/tech\/full_papers\/garfinkel\/garfinkel_html"},{"key":"17_CR32","unstructured":"Zalewski, M.: The New p0f: 2.0.8 (2006-09-06), http:\/\/lcamtuf.coredump.cx\/p0f.shtml"},{"key":"17_CR33","unstructured":"Ruef, M.: Browserrecon Project, http:\/\/www.computec.ch\/projekte\/browserrecon"},{"key":"17_CR34","unstructured":"Hoffman, B.: Circumventing Automated JavaScript Analysis. In Black Hat USA, Las Vegas (2008), www.blackhat.com\/presentations\/bh-usa-08\/Hoffman\/Hoffman-BH2008-CircumventingJavaScript.ppt"},{"key":"17_CR35","unstructured":"Seifert, C., Welch, I., Komisarczuk, P.: Taxonomy of Honeypots. Technical Report CS-TR-0. School of Mathematical and Computing Sciences. Victoria University of Wellington (2006)"},{"key":"17_CR36","doi-asserted-by":"crossref","unstructured":"Pejovic, V., Kovacevic, I., Bojanic, S., Leita, C., Popovic, J., Nieto-Taladriz, O.: Migrating a HoneyDepot to Hardware. In: The International Conference on Emerging Security Information, Systems, and Technologies, pp. 151\u2013156. IEEE Xplore (2007)","DOI":"10.1109\/SECUREWARE.2007.4385326"},{"key":"17_CR37","first-page":"97","volume-title":"Cyber Warfare and Cyber Terrorism","author":"N.C. Rowe","year":"2008","unstructured":"Rowe, N.C.: Deception in Defense of Computer Systems from Cyber Attack. In: Janczewski, L.J., Colarik, A.M. (eds.) Cyber Warfare and Cyber Terrorism, pp. 97\u2013104. IGI Global, Hershey (2008)"},{"key":"17_CR38","doi-asserted-by":"crossref","unstructured":"Rowe, N.C., Goh, H.C.: Thwarting Cyber-Attack Reconnaissance with Inconsistency and Deception. In: Proc. of the IEEE Workshop on Information Assurance United States Military Academy, West Point, NY, pp. 151\u2013158. IEEE Xplore (2007)","DOI":"10.1109\/IAW.2007.381927"},{"key":"17_CR39","unstructured":"Watson, D.: GDH Global Distributed Honeynet. The Honeynet Project (2007), http:\/\/www.ukhoneynet.org\/PacSec07_David_Watson_Global_Distributed_Honeynet.pdf"},{"key":"17_CR40","unstructured":"European Network of Affined Honeypots: About NoAH, http:\/\/www.fp6-noah.org\/about"},{"key":"17_CR41","unstructured":"European Network of Affined Honeypots: honey@home, http:\/\/www.honeyathome.org"},{"key":"17_CR42","unstructured":"Cohen, F.: The Use of Deception Techniques: Honeypots and Decoys, http:\/\/all.net\/journal\/deception\/Deception_Techniques_.pdf"}],"container-title":["Lecture Notes in Computer Science","Foundations of Augmented Cognition. Neuroergonomics and Operational Neuroscience"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-02812-0_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,11]],"date-time":"2025-02-11T00:03:48Z","timestamp":1739232228000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-02812-0_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642028113","9783642028120"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-02812-0_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}