{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,20]],"date-time":"2026-03-20T16:03:50Z","timestamp":1774022630343,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642215537","type":"print"},{"value":"9783642215544","type":"electronic"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-21554-4_1","type":"book-chapter","created":{"date-parts":[[2011,6,13]],"date-time":"2011-06-13T07:29:53Z","timestamp":1307950193000},"page":"1-18","source":"Crossref","is-referenced-by-count":48,"title":["Inferring Protocol State Machine from Network Traces: A Probabilistic Approach"],"prefix":"10.1007","author":[{"given":"Yipeng","family":"Wang","sequence":"first","affiliation":[]},{"given":"Zhibin","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Danfeng","family":"Yao","sequence":"additional","affiliation":[]},{"given":"Buyun","family":"Qu","sequence":"additional","affiliation":[]},{"given":"Li","family":"Guo","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Lim, J., Reps, T., Liblit, B.: Extracting Output Formats from Executables. In: WCRE 2006: Proceedings of the 13th Working Conference on Reverse Engineering (2006)","DOI":"10.1109\/WCRE.2006.29"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Gringoli, F., Salgarelli, L., Dusi, M., Cascarano, N., Risso, F., Claffy, K.C.: GT: picking up the truth from the ground for internet traffic. In: SIGCOMM Comput. Commun. Rev. (2009)","DOI":"10.1145\/1629607.1629610"},{"key":"1_CR3","doi-asserted-by":"crossref","unstructured":"Comparetti, P.M., Wondracek, G., Kruegel, C., Kirda, E.: Prospex: Protocol Specification Extraction. In: SP 2009: Proceedings of the 2009 30th IEEE Symposium on Security and Privacy (2009)","DOI":"10.1109\/SP.2009.14"},{"key":"1_CR4","unstructured":"Leita, C., Mermoud, K., Dacier, M.: Scriptgen: an automated script generation tool for honeyd. In: Annual Computer Security Applications Conference (2005)"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: CCS 2007: Proceedings of the 14th ACM conference on Computer and Communications Security (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"1_CR6","unstructured":"Cui, W., Kannan, J., Wang, H.J.: Discoverer: automatic protocol reverse engineering from network traces. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium (2007)"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Haffner, P., Sen, S., Spatscheck, O., Wang, D.: ACAS: automated construction of application signatures. In: MineNet 2005: Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data (2005)","DOI":"10.1145\/1080173.1080183"},{"key":"1_CR8","doi-asserted-by":"crossref","unstructured":"Kannan, J., Jung, J., Paxson, V., Koksal, C.E.: Semi-automated discovery of application session structure. In: IMC 2006: Proceedings of the 6th ACM SIGCOMM conference on Internet measurement (2006)","DOI":"10.1145\/1177080.1177096"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Ma, J., Levchenko, K., Kreibich, C., Savage, S., Voelker, G.M.: Unexpected means of protocol inference. In: IMC 2006: Proceedings of the 6th ACM SIGCOMM conference on Internet measurement (2006)","DOI":"10.1145\/1177080.1177123"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Vidal, E., Thollard, F., de la Higuera, C., Casacuberta, F., Carrasco, R.C.: Probabilistic Finite-State Machines-Part I. IEEE Trans. Pattern Anal. Mach. Intell. (2005)","DOI":"10.1109\/TPAMI.2005.148"},{"key":"1_CR11","volume-title":"Kendall\u2019s advanced theory of statistics","author":"M.G. Kendall","year":"1987","unstructured":"Kendall, M.G., Stuart, A., Ord, J.K.: Kendall\u2019s advanced theory of statistics. Oxford University Press, Inc., Oxford (1987)"},{"key":"1_CR12","doi-asserted-by":"publisher","DOI":"10.1002\/9780470316801","volume-title":"Finding Groups in Data: An Introduction to Cluster Analysis","author":"L. Kaufman","year":"1990","unstructured":"Kaufman, L., Rousseeuw, P.: Finding Groups in Data: An Introduction to Cluster Analysis. Wiley, Chichester (1990)"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Jaccard, P.: The distribution of the flora in the alpine zone. The New Phytologist (1912)","DOI":"10.1111\/j.1469-8137.1912.tb05611.x"},{"key":"1_CR14","unstructured":"Brumley, D., Caballero, J., Liang, Z., Newsome, J., Song, D.: Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium (2007)"},{"key":"1_CR15","unstructured":"Caballero, J., Venkataraman, S., Poosankam, P., Kang, M.G., Song, D., Blum, A.: FiG: Automatic Fingerprint Generation. In: Annual Network and Distributed System Security Symposium (2007)"},{"key":"1_CR16","unstructured":"Dreger, H., Feldmann, A., Mai, M., Paxson, V., Sommer, R.: Dynamic application-layer protocol analysis for network intrusion detection. In: USENIX-SS 2006: Proceedings of the 15th conference on USENIX Security Symposium (2006)"},{"key":"1_CR17","unstructured":"Borisov, N., Brumley, D.J., Wang, H.J.: A Generic Application-Level Protocol Analyzer and its Language. In: Network and Distributed System Security Symposium (2007)"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Dunn, J.C.: Well separated clusters and optimal fuzzy-partitions. Journal of Cybernetics (1974)","DOI":"10.1080\/01969727408546059"},{"key":"1_CR19","unstructured":"Internet2 netflow statistics, \n                    \n                      http:\/\/netflow.internet2.edu"},{"key":"1_CR20","unstructured":"XUNLEI, \n                    \n                      http:\/\/www.xunlei.com\/"},{"key":"1_CR21","unstructured":"PPLIVE, \n                    \n                      http:\/\/www.pptv.com\/"},{"key":"1_CR22","unstructured":"How Samba Was Written, \n                    \n                      http:\/\/samba.org\/ftp\/tridge\/misc\/french_cafe.txt"},{"key":"1_CR23","unstructured":"Gaim Instant Messaging Client, \n                    \n                      http:\/\/gaim.sourceforge.net\/"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-21554-4_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,19]],"date-time":"2019-05-19T20:08:41Z","timestamp":1558296521000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-21554-4_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642215537","9783642215544"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-21554-4_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011]]}}}