{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T18:56:07Z","timestamp":1725562567201},"publisher-location":"Berlin, Heidelberg","reference-count":18,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642147050"},{"type":"electronic","value":"9783642147067"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-14706-7_18","type":"book-chapter","created":{"date-parts":[[2010,8,11]],"date-time":"2010-08-11T09:14:43Z","timestamp":1281518083000},"page":"229-241","source":"Crossref","is-referenced-by-count":4,"title":["Symptoms-Based Detection of Bot Processes"],"prefix":"10.1007","author":[{"given":"Jose Andre","family":"Morales","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Erhan","family":"Kartaltepe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shouhuai","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ravi","family":"Sandhu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"18_CR1","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1145\/1298306.1298319","volume-title":"IMC 2007: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement","author":"M.P. Collins","year":"2007","unstructured":"Collins, M.P., Shimeall, T.J., Faber, S., Janies, J., Weaver, R., De Shon, M., Kadane, J.: Using uncleanliness to predict future botnet addresses. In: IMC 2007: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, pp. 93\u2013104. ACM, New York (2007)"},{"key":"18_CR2","doi-asserted-by":"crossref","unstructured":"Dagon, D., Gu, G., Lee, C.P., Lee, W.: A taxonomy of botnet structures. In: Computer Security Applications Conference, Annual, pp. 325\u2013339 (2007)","DOI":"10.1109\/ACSAC.2007.44"},{"key":"18_CR3","series-title":"IRIS International series","volume-title":"Computer Viruses: from Theory to Applications","author":"E. Filiol","year":"2005","unstructured":"Filiol, E.: Computer Viruses: from Theory to Applications. IRIS International series. Springer, Heidelberg (2005), iSBN 2-287-23939-1"},{"key":"18_CR4","first-page":"8","volume-title":"HotBots 2007: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets","author":"J. Goebel","year":"2007","unstructured":"Goebel, J., Holz, T.: Rishi: identify bot contaminated hosts by irc nickname evaluation. In: HotBots 2007: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, p. 8. USENIX Association, Berkeley (2007)"},{"key":"18_CR5","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnet detection. In: Proceedings of the 17th USENIX Security Symposium, Security 2008 (2008)"},{"key":"18_CR6","unstructured":"Gu, G., Zhang, J., Lee, W.: BotSniffer: Detecting botnet command and control channels in network traffic. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008) (February 2008)"},{"key":"18_CR7","first-page":"1","volume-title":"LEET 2008: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats","author":"T. Holz","year":"2008","unstructured":"Holz, T., Steiner, M., Dahl, F., Biersack, E., Freiling, F.: Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. In: LEET 2008: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, pp. 1\u20139. USENIX Association, Berkeley (2008)"},{"key":"18_CR8","unstructured":"Hu, X., Knysz, M., Shin, K.G.: Rb-seeker: Auto-detection of redirection botnets. In: 16th Annual Network and Distributed System Security Symposium (2009)"},{"key":"18_CR9","unstructured":"Husse, C.: Easyhook 2.6, http:\/\/www.codeplex.com\/easyhook"},{"key":"18_CR10","unstructured":"Mamaladze, G.: Globalhook, http:\/\/www.codeproject.com\/KB\/cs\/globalhook.aspx"},{"key":"18_CR11","doi-asserted-by":"crossref","unstructured":"Morales, J.A., Clarke, P.J., Deng, Y., Kibria, B.G.: Identification of file infecting viruses through detection of self-reference replication. Journal in Computer Virology Special EICAR Conference Invited Paper Issue (2008)","DOI":"10.1007\/s11416-008-0101-5"},{"key":"18_CR12","doi-asserted-by":"crossref","unstructured":"Nazario, J., Holz, T.: As the net churns: Fast-flux botnet observations. In: 3rd International Conference on Malicious and Unwanted Software, MALWARE 2008, pp. 24\u201331 (2008)","DOI":"10.1109\/MALWARE.2008.4690854"},{"key":"18_CR13","unstructured":"Remote dll injection application, http:\/\/www.novell.com\/coolsolutions\/tools\/17354.html"},{"key":"18_CR14","unstructured":"Sigcheck 1.6, http:\/\/technet.microsoft.com\/en-us\/sysinternals\/bb897441.aspx"},{"key":"18_CR15","unstructured":"Sun, H.M., Tseng, Y.T., Lin, Y.H., Chiang, T.J.: Detecting the code injection by hooking system calls in windows kernel mode. In: 2006 International Computer Symposium, ICS 2006 (2006)"},{"key":"18_CR16","unstructured":"Szor, P.: The Art of Computer Virus Research and Defense. Symantec Press & Addison-Wesley (2005)"},{"key":"18_CR17","volume-title":"Data Mining: Practical machine learning tools and techniques","author":"I.H. Witten","year":"2005","unstructured":"Witten, I.H., Frank, E.: Data Mining: Practical machine learning tools and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)","edition":"2"},{"key":"18_CR18","doi-asserted-by":"crossref","unstructured":"Zhu, Z., Yegneswaran, V., Chen, Y.: Using failure information analysis to detect enterprise zombies. In: 5th International ICST Conference on Security and Privacy in Communication Networks, Securecomm 2009 (2009)","DOI":"10.1007\/978-3-642-05284-2_11"}],"container-title":["Lecture Notes in Computer Science","Computer Network Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-14706-7_18.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:56:34Z","timestamp":1606186594000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-14706-7_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642147050","9783642147067"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-14706-7_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}