{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T16:52:42Z","timestamp":1743094362210,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":28,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642236433"},{"type":"electronic","value":"9783642236440"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-23644-0_13","type":"book-chapter","created":{"date-parts":[[2012,2,11]],"date-time":"2012-02-11T05:06:20Z","timestamp":1328936780000},"page":"242-261","source":"Crossref","is-referenced-by-count":7,"title":["Cross-Analysis of Botnet Victims: New Insights and Implications"],"prefix":"10.1007","author":[{"given":"Seungwon","family":"Shin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Raymond","family":"Lin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guofei","family":"Gu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"13_CR1","unstructured":"Pauli, D.: Srizbi Botnet Sets New Records for Spam: PC World (retrieved 2008-07-20)"},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Shin, S., Gu, G.: Conficker and Beyond: A Large-Scale Empirical Study. In: Proceedings of 2010 Annual Computer Security Applications Conference, ACSAC 2010 (2010)","DOI":"10.1145\/1920261.1920285"},{"key":"13_CR3","unstructured":"Microsoft Security Techcenter, Conficker Worm, http:\/\/technet.microsoft.com\/en-us\/security\/dd452420.aspx"},{"key":"13_CR4","unstructured":"UPI, Virus strikes 15 million PCs, http:\/\/www.upi.com\/Top_News\/2009\/01\/26\/Virus-strikes-15-million-PCs\/UPI-19421232924206\/"},{"key":"13_CR5","unstructured":"Symantec, Trojan.Srizbi, http:\/\/www.symantec.com\/security_response\/writeup.jsp?docid=2007-062007-0946-99"},{"key":"13_CR6","unstructured":"McAfee, Srizbi Infection, http:\/\/www.mcafee.com\/threat-intelligence\/malware\/default.aspx?id=142902"},{"key":"13_CR7","unstructured":"SecureWorks, Ozdok\/Mega-D Trojan Analysis, http:\/\/www.secureworks.com\/research\/threats\/ozdok\/?threat=ozdok"},{"key":"13_CR8","unstructured":"m86security, Mega-d, http:\/\/www.m86security.com\/trace\/i\/Mega-D,spambot.896.asp."},{"key":"13_CR9","unstructured":"Chien, E., Downadup.: Attempts at Smart Network Scanning, http:\/\/www.symantec.com\/connect\/blogs\/downadup-attempts-smart-network-scanning"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Xie, Y., Yu, F., Achan, K., Gillum, E., Goldzmidt, M., Wobber, T.: How Dynamic are IP Addresses?. In: Proceedings of ACM Special Interest Group on Data Communication, SIGCOMM (2007)","DOI":"10.1145\/1282380.1282415"},{"key":"13_CR11","unstructured":"Rajab, M.A., Zarfoss, J., Monrose, F., Terzis, A.: My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging. In: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets (2007)"},{"key":"13_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1007\/978-3-642-02918-9_6","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"M. Egele","year":"2009","unstructured":"Egele, M., Wurzinger, P., Kruegel, C., Kirda, E.: Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol.\u00a05587, pp. 88\u2013106. Springer, Heidelberg (2009)"},{"key":"13_CR13","unstructured":"Krishnan, S., Kim, Y.: Passive identification of Conficker nodes on the Internet. University of Minnesota - Technical Document (2009)"},{"key":"13_CR14","unstructured":"CAIDA, Conficker\/Conflicker\/Downadup as seen from the UCSD Network Telescope, http:\/\/www.caida.org\/research\/security\/ms08-067\/conficker.xml"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"Weaver, R.: A Probabilistic Population Study of the Conficker-C Botnet. In: Proceedings of the Passive and Active Measurement Conference (2010)","DOI":"10.1007\/978-3-642-12334-4_19"},{"key":"13_CR16","unstructured":"John, J.P., Moshchuk, A., Gribble, S.D., Krishnamurthy, A.: Studying Spamming Botnets Using Botlab. In: Proceedings of the Annual Network and Distributed System Security, NDSS (2009)"},{"key":"13_CR17","unstructured":"Cho, C.Y., Caballero, J., Grier, C., Paxson, V., Song, D.: Insights from the Inside: A View of Botnet Management from Infiltration. In: Proceedings of the USENIX Workshop on Large-Scale Exploits and Emergent Threats, LEET (2010)"},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Caballero, J., Poosankam, P., Kreibich, C., Song, D.: Dispatcher: Enabling active botnet infiltration using automatic protocol reverse-engineering. In: Proceedings of ACM Computer and Communications Security, CCS (2009)","DOI":"10.1145\/1653662.1653737"},{"key":"13_CR19","unstructured":"BOTLAB, A Study in Spam, http:\/\/botlab.org\/"},{"key":"13_CR20","unstructured":"Shadowserver, Botnet Measurement and Study, http:\/\/shadowserver.org\/wiki\/"},{"key":"13_CR21","unstructured":"IP2Location, IP2Location Internet IP Address 2009 Report, http:\/\/www.ip2location.com\/"},{"key":"13_CR22","unstructured":"IANA, IANA IPv4 Address Space Registry, http:\/\/www.iana.org\/assignments\/ipv4-address-space\/ipv4-address-space.xml"},{"key":"13_CR23","doi-asserted-by":"crossref","unstructured":"Cai, X., Heidenmann, J.: Understanding Address Usage in the Visible Internet: USC\/ISI Technical Report ISI-TR-656 (2009)","DOI":"10.1145\/1851182.1851196"},{"key":"13_CR24","volume-title":"Information Policy Country Report","author":"H. Alderfer","year":"2009","unstructured":"Alderfer, H., Flynn, S., Birchmeier, B., Schulz, E.: Information Policy Country Report. University of Michigan School of Information Report, Turkey (2009)"},{"key":"13_CR25","doi-asserted-by":"crossref","unstructured":"Ianelli, N., Hackworth, A.: Botnets as a Vehicle for Online Crime: CERT\/CC Technical Report (2005)","DOI":"10.5769\/C2006003"},{"key":"13_CR26","unstructured":"Uri Raz, How do spammers harvest email addresses ?, http:\/\/www.private.org.il\/harvest.html"},{"key":"13_CR27","unstructured":"FAQs.org, FAQ: How do spammers get people\u2019s email addresses ?, http:\/\/www.faqs.org\/faqs\/net-abuse-faq\/harvest\/"},{"key":"13_CR28","unstructured":"Caballero, J., Grier, C., Kreibich, C., Paxson, V.: Measuring Pay-per-Install: The Commoditization of Malware Distribution. In: Proceedings of USENIX Security Symposium (2011)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-23644-0_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,14]],"date-time":"2023-06-14T15:48:45Z","timestamp":1686757725000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-23644-0_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642236433","9783642236440"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-23644-0_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}