{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T20:57:00Z","timestamp":1768424220221,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":18,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642344992","type":"print"},{"value":"9783642345005","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-34500-5_73","type":"book-chapter","created":{"date-parts":[[2012,11,5]],"date-time":"2012-11-05T09:27:50Z","timestamp":1352107670000},"page":"620-628","source":"Crossref","is-referenced-by-count":9,"title":["Behavior Analysis of Long-term Cyber Attacks in the Darknet"],"prefix":"10.1007","author":[{"given":"Tao","family":"Ban","sequence":"first","affiliation":[]},{"given":"Lei","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Junpei","family":"Shimamura","sequence":"additional","affiliation":[]},{"given":"Shaoning","family":"Pang","sequence":"additional","affiliation":[]},{"given":"Daisuke","family":"Inoue","sequence":"additional","affiliation":[]},{"given":"Koji","family":"Nakao","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"8","key":"73_CR1","doi-asserted-by":"publisher","first-page":"805","DOI":"10.1016\/S1389-1286(98)00017-6","volume":"31","author":"D. Herve","year":"1999","unstructured":"Herve, D., Marc, D., Andrea, W.: Towards a taxonomy of intrusion-detection systems. Computer Networks\u00a031(8), 805\u2013822 (1999)","journal-title":"Computer Networks"},{"key":"73_CR2","unstructured":"Nakao, K., Yoshioka, K., Inoue, D., Eto, M.: A novel concept of network incident analysis based on multi-layer ovservation of malware activities. In: The 2nd Joint Workshop on Information Security (JWIS 2007), pp. 267\u2013279 (2007)"},{"key":"73_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"579","DOI":"10.1007\/978-3-642-02490-0_71","volume-title":"Advances in Neuro-Information Processing","author":"D. Inoue","year":"2009","unstructured":"Inoue, D., Yoshioka, K., Eto, M., Yamagata, M., Nishino, E., Takeuchi, J., Ohkouchi, K., Nakao, K.: An Incident Analysis System NICTER and Its Analysis Engines Based on Data Mining Techniques. In: K\u00f6ppen, M., Kasabov, N., Coghill, G. (eds.) ICONIP 2008, Part I. LNCS, vol.\u00a05506, pp. 579\u2013586. Springer, Heidelberg (2009)"},{"key":"73_CR4","doi-asserted-by":"crossref","unstructured":"Harrop, W., Armitage, G.J.: Defining and evaluating greynets (sparse darknets). In: LCN 2005 (2005)","DOI":"10.1145\/1080173.1080177"},{"key":"73_CR5","unstructured":"Markoff, J.: Worms infects millions of computers worldwide. New York Times (2009)"},{"key":"73_CR6","first-page":"21","volume-title":"Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement, IMC 2005","author":"M. Bailey","year":"2005","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Provos, N., Rosaen, K., Watson, D.: Data reduction for the scalable automated analysis of distributed darknet traffic. In: Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement, IMC 2005, p. 21. USENIX Association, Berkeley (2005)"},{"key":"73_CR7","doi-asserted-by":"crossref","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Myrick, A., Sinha, S.: Practical darknet measurement. In: 2006 40th Annual Conference on Information Sciences and Systems, pp. 1496\u20131501 (March 2006)","DOI":"10.1109\/CISS.2006.286376"},{"key":"73_CR8","doi-asserted-by":"crossref","unstructured":"Song, J., Shimamura, J., Eto, M., Inoue, D., Nakao, K.: Correlation analysis between spamming botnets and malware infected hosts. In: 2011 IEEE\/IPSJ 11th International Symposium on Applications and the Internet (SAINT), pp. 372\u2013375 (July 2011)","DOI":"10.1109\/SAINT.2011.71"},{"key":"73_CR9","doi-asserted-by":"crossref","unstructured":"Fukuda, K., Hirotsu, T., Akashi, O., Sugawara, T.: Correlation among piecewise unwanted traffic time series. In: IEEE Global Telecommunications Conference, GLOBECOM 2008, November 30-December 4, pp. 1\u20135 (2008)","DOI":"10.1109\/GLOCOM.2008.ECP.314"},{"key":"73_CR10","doi-asserted-by":"crossref","unstructured":"Fukuda, K., Hirotsu, T., Akashi, O., Sugawara, T.: A pca analysis of daily unwanted traffic. In: 2010 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), pp. 377\u2013384 (April 2010)","DOI":"10.1109\/AINA.2010.79"},{"key":"73_CR11","doi-asserted-by":"crossref","unstructured":"Vinu, J., Theepak, T.: Realization of comprehensive botnet inquisitive actions. In: 2012 International Conference on Computing, Electronics and Electrical Technologies (ICCEET), pp. 915\u2013921 (March 2012)","DOI":"10.1109\/ICCEET.2012.6203760"},{"key":"73_CR12","doi-asserted-by":"crossref","unstructured":"Limthong, K., Kensuke, F., Watanapongse, P.: Wavelet-based unwanted traffic time series analysis. In: International Conference on Computer and Electrical Engineering, ICCEE 2008, pp. 445\u2013449 (December 2008)","DOI":"10.1109\/ICCEE.2008.106"},{"key":"73_CR13","unstructured":"McManamon, C., Mtenzi, F.: Defending privacy: The development and deployment of a darknet. In: 2010 International Conference for Internet Technology and Secured Transactions (ICITST), pp. 1\u20136 (Novemeber 2010)"},{"key":"73_CR14","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1109\/TIFS.2010.2086445","volume":"6","author":"Z. Li","year":"2011","unstructured":"Li, Z., Goyal, A., Chen, Y., Paxson, V.: Towards situational awareness of large-scale botnet probing events. IEEE Transactions on Information Forensics and Security\u00a06, 175\u2013188 (2011)","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"73_CR15","doi-asserted-by":"crossref","unstructured":"Ahmed, E., Clark, A., Mohay, G.: A novel sliding window based change detection algorithm for asymmetric traffic. In: IFIP International Conference on Network and Parallel Computing, NPC 2008, pp. 168\u2013175 (October 2008)","DOI":"10.1109\/NPC.2008.81"},{"key":"73_CR16","doi-asserted-by":"crossref","unstructured":"Kalakota, P., Huang, C.-T.: On the benefits of early filtering of botnet unwanted traffic. In: Proceedings of 18th International Conference on Computer Communications and Networks, ICCCN 2009, pp. 1\u20136 (August 2009)","DOI":"10.1109\/ICCCN.2009.5235325"},{"key":"73_CR17","doi-asserted-by":"crossref","unstructured":"Vapnik, V.N.: The Nature of Statistical Learning Theory. Springer (1995)","DOI":"10.1007\/978-1-4757-2440-0"},{"key":"73_CR18","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1961189.1961199","volume":"2","author":"C.-C. Chang","year":"2011","unstructured":"Chang, C.-C., Lin, C.-J.: Libsvm: A library for support vector machines. ACM Transactions on Intelligent Systems and Technology\u00a02, 27:1\u201327:27 (2011), Software available at \n                    \n                      http:\/\/www.csie.ntu.edu.tw\/~cjlin\/libsvm","journal-title":"ACM Transactions on Intelligent Systems and Technology"}],"container-title":["Lecture Notes in Computer Science","Neural Information Processing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-34500-5_73.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T12:56:38Z","timestamp":1620132998000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-34500-5_73"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642344992","9783642345005"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-34500-5_73","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012]]}}}