{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:14:33Z","timestamp":1763507673948,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":28,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642333378"},{"type":"electronic","value":"9783642333385"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-33338-5_10","type":"book-chapter","created":{"date-parts":[[2012,9,26]],"date-time":"2012-09-26T01:17:07Z","timestamp":1348622227000},"page":"190-209","source":"Crossref","is-referenced-by-count":25,"title":["Proactive Discovery of Phishing Related Domain Names"],"prefix":"10.1007","author":[{"given":"Samuel","family":"Marchal","sequence":"first","affiliation":[]},{"given":"J\u00e9r\u00f4me","family":"Fran\u00e7ois","sequence":"additional","affiliation":[]},{"given":"Radu","family":"State","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Engel","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"10_CR1","unstructured":"Anti-Phishing Working Group and others: Phishing Activity Trends Report - 1H2011. Anti-Phishing Working Group (2011)"},{"key":"10_CR2","first-page":"18","volume-title":"Proceedings of the 19th USENIX Conference on Security, USENIX Security 2010","author":"M. Antonakakis","year":"2010","unstructured":"Antonakakis, M., Perdisci, R., Dagon, D., Lee, W., Feamster, N.: Building a dynamic reputation system for dns. In: Proceedings of the 19th USENIX Conference on Security, USENIX Security 2010, p. 18. USENIX Association, Berkeley (2010)"},{"key":"10_CR3","first-page":"27","volume-title":"Proceedings of the 20th USENIX Conference on Security, SEC 2011","author":"M. Antonakakis","year":"2011","unstructured":"Antonakakis, M., Perdisci, R., Lee, W., Vasiloglou II, N., Dagon, D.: Detecting malware domains at the upper dns hierarchy. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 27. USENIX Association, Berkeley (2011)"},{"key":"10_CR4","unstructured":"Bilge, L., Kirda, E., Kruegel, C., Balduzz, M.: EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. In: NDSS 2011. Internet Society (February 2011)"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Blum, A., Wardman, B., Solorio, T., Warner, G.: Lexical feature based phishing url detection using online learning. In: Proceedings of the 3rd ACM Workshop on Artificial Intelligence and Security, pp. 54\u201360. ACM (2010)","DOI":"10.1145\/1866423.1866434"},{"key":"10_CR6","first-page":"1004","volume":"arXiv","author":"K. Born","year":"2010","unstructured":"Born, K., Gustafson, D.: Detecting dns tunnels using character frequency analysis. Arxiv preprint arXiv:1004.4358 (2010)","journal-title":"Arxiv preprint"},{"key":"10_CR7","unstructured":"Felegyhazi, M., Kreibich, C., Paxson, V.: On the potential of proactive domain blacklisting. In: Proceedings of the 3rd USENIX Conference on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More, p. 6. USENIX Association (2010)"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Garera, S., Provos, N., Chew, M., Rubin, A.D.: A framework for detection and measurement of phishing attacks. In: Proceedings of the 2007 ACM Workshop on Recurring Malcode, pp. 1\u20138. ACM (2007)","DOI":"10.1145\/1314389.1314391"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Gyawali, B., Solorio, T., Wardman, B., Warner, G., et al.: Evaluating a semisupervised approach to phishing url identification in a realistic scenario. In: Proceedings of the 8th Annual Collaboration, Electronic Messaging, Anti-Abuse and Spam Conference, pp. 176\u2013183. ACM (2011)","DOI":"10.1145\/2030376.2030397"},{"key":"10_CR10","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1145\/2068816.2068842","volume-title":"Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC 2011","author":"S. Hao","year":"2011","unstructured":"Hao, S., Feamster, N., Pandrangi, R.: Monitoring the initial DNS behavior of malicious domains. In: Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC 2011, pp. 269\u2013278. ACM, New York (2011)"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Khonji, M., Iraqi, Y., Jones, A.: Lexical url analysis for discriminating phishing and legitimate websites. In: Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference, pp. 109\u2013115. ACM (2011)","DOI":"10.1145\/2030376.2030389"},{"key":"10_CR12","unstructured":"Kolb, P.: DISCO: A Multilingual Database of Distributionally Similar Words. In: Storrer, A., Geyken, A., Siebert, A., W\u00fcrzner, K.-M. (eds.) KONVENS 2008 \u2013 Erg\u00e4nzungsband: Textressourcen und Lexikalisches Wissen, pp. 37\u201344 (2008)"},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Le, A., Markopoulou, A., Faloutsos, M.: Phishdef: Url names say it all. In: INFOCOM, 2011 Proceedings IEEE, pp. 191\u2013195. IEEE (2011)","DOI":"10.1109\/INFCOM.2011.5934995"},{"key":"10_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1007\/978-3-540-73614-1_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"C. Ludl","year":"2007","unstructured":"Ludl, C., Mcallister, S., Kirda, E., Kruegel, C.: On the Effectiveness of Techniques to Detect Phishing Sites. In: H\u00e4mmerli, B.M., Sommer, R. (eds.) DIMVA 2007. LNCS, vol.\u00a04579, pp. 20\u201339. Springer, Heidelberg (2007)"},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"Ma, J., Saul, L., Savage, S., Voelker, G.: Identifying suspicious urls: an application of large-scale online learning. In: Proceedings of the 26th Annual International Conference on Machine Learning, pp. 681\u2013688. ACM (2009)","DOI":"10.1145\/1553374.1553462"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1007\/978-3-642-30045-5_28","volume-title":"NETWORKING 2012","author":"S. Marchal","year":"2012","unstructured":"Marchal, S., Fran\u00e7ois, J., Wagner, C., Engel, T.: Semantic Exploration of DNS. In: Bestak, R., Kencl, L., Li, L.E., Widmer, J., Yin, H. (eds.) NETWORKING 2012, Part I. LNCS, vol.\u00a07289, pp. 370\u2013384. Springer, Heidelberg (2012)"},{"key":"10_CR17","unstructured":"Mockapetris, P.: Rfc 1035: Domain names - implementation and specification"},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"Mockapetris, P.: Rfc 1034: Domain names - concepts and facilities (1987)","DOI":"10.17487\/rfc1034"},{"key":"10_CR19","first-page":"123","volume-title":"Proceedings of the 1988 ACM SIGCOMM","author":"P. Mockapetris","year":"1988","unstructured":"Mockapetris, P., Dunlap, K.: Development of the domain name system. In: Proceedings of the 1988 ACM SIGCOMM, pp. 123\u2013133. IEEE Computer Society, Stanford (1988)"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"Prakash, P., Kumar, M., Kompella, R., Gupta, M.: Phishnet: predictive blacklisting to detect phishing attacks. In: INFOCOM, 2010 Proceedings IEEE, pp. 1\u20135. IEEE (2010)","DOI":"10.1109\/INFCOM.2010.5462216"},{"key":"10_CR21","unstructured":"Rasmussen, R., Aaron, G.: Global phishing survey: trends and domain name use in 1h2011. Anti-Phishing Working Group (2011)"},{"key":"10_CR22","unstructured":"Segaran, T., Hammerbacher, J.: Beautiful Data: The Stories Behind Elegant Data Solutions, ch.\u00a014. O\u2019Reilly Media (2009)"},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Soldo, F., Le, A., Markopoulou, A.: Predictive blacklisting as an implicit recommendation system. In: INFOCOM, 2010 Proceedings IEEE, pp. 1\u20139. IEEE (2010)","DOI":"10.1109\/INFCOM.2010.5461982"},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"Wagner, C., Fran\u00e7ois, J., State, R., Engel, T., Dulaunoy, A., Wagener, G.: SDBF: Smart DNS Brute-Forcer. In: Proceedings of IEEE\/IFIP Network Operations and Management Symposium - NOMS. IEEE Computer Society (2012)","DOI":"10.1109\/NOMS.2012.6212021"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Xiang, G., Hong, J.: A hybrid phish detection approach by identity discovery and keywords retrieval. In: Proceedings of the 18th International Conference on World Wide Web, pp. 571\u2013580. ACM (2009)","DOI":"10.1145\/1526709.1526786"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Xie, Y., Yu, F., Achan, K., Panigrahy, R., Hulten, G., Osipkov, I.: Spamming botnets: signatures and characteristics. In: ACM SIGCOMM Computer Communication Review, vol.\u00a038, pp. 171\u2013182. ACM (2008)","DOI":"10.1145\/1402946.1402979"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Yadav, S., Reddy, A.K.K., Reddy, AL, Ranjan, S.: Detecting algorithmically generated malicious domain names. In: Proceedings of the 10th Annual Conference on Internet Measurement, pp. 48\u201361. ACM (2010)","DOI":"10.1145\/1879141.1879148"},{"key":"10_CR28","unstructured":"Zhang, J., Porras, P., Ullrich, J.: Highly predictive blacklisting. In: Proceedings of the 17th Conference on Security Symposium, pp. 107\u2013122. USENIX Association (2008)"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-33338-5_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T19:07:11Z","timestamp":1628536031000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-33338-5_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642333378","9783642333385"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-33338-5_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}