{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T14:04:41Z","timestamp":1725890681246},"publisher-location":"Berlin, Heidelberg","reference-count":30,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642372995"},{"type":"electronic","value":"9783642373008"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-37300-8_10","type":"book-chapter","created":{"date-parts":[[2013,3,13]],"date-time":"2013-03-13T08:53:59Z","timestamp":1363164839000},"page":"164-183","source":"Crossref","is-referenced-by-count":3,"title":["NetGator: Malware Detection Using Program Interactive Challenges"],"prefix":"10.1007","author":[{"given":"Brian","family":"Schulte","sequence":"first","affiliation":[]},{"given":"Haris","family":"Andrianakis","sequence":"additional","affiliation":[]},{"given":"Kun","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Angelos","family":"Stavrou","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"10_CR1","unstructured":"Anti-Phishing Working Group, ADWG 2011 Trends Report, \n                    \n                      http:\/\/apwg.org\/reports\/apwg_trends_report_h1_2011.pdf"},{"key":"10_CR2","unstructured":"Greasyspoon, \n                    \n                      http:\/\/greasyspoon.sourceforge.net\/"},{"key":"10_CR3","unstructured":"Javascript encryption, \n                    \n                      http:\/\/javascript.about.com\/library\/blencrypt.html"},{"key":"10_CR4","unstructured":"Planetlab, \n                    \n                      http:\/\/planet-lab.org\/"},{"key":"10_CR5","unstructured":"Squid, \n                    \n                      http:\/\/www.squid-cache.org\/"},{"key":"10_CR6","unstructured":"Tcpflow, \n                    \n                      http:\/\/afflib.org\/software\/tcpflow"},{"key":"10_CR7","unstructured":"Wireshark, \n                    \n                      http:\/\/www.wireshark.org\/"},{"issue":"1","key":"10_CR8","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1109\/MNET.2009.4804318","volume":"23","author":"G. Androulidakis","year":"2009","unstructured":"Androulidakis, G., Chatzigiannakis, V., Papavassiliou, S.: Network anomaly detection and classification via opportunistic sampling. IEEE Network\u00a023(1), 6\u201312 (2009)","journal-title":"IEEE Network"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"AsSadhan, B., Moura, J., Lapsley, D., Jones, C., Strayer, W.: Detecting Botnets Using Command and Control Traffic. In: Proceedings of the 2009 Eighth IEEE International Symposium on Network Computing and Applications, pp. 156\u2013162. IEEE Computer Society (2009)","DOI":"10.1109\/NCA.2009.56"},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Xu, Y., Karir, M.: A survey of botnet technology and defenses. In: Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security, pp. 299\u2013304. IEEE Computer Society (2009)","DOI":"10.1109\/CATCH.2009.40"},{"key":"10_CR11","unstructured":"Cyveillance. Malware detection rates for leading av solutions (2010), \n                    \n                      http:\/\/www.cyveillance.com\/web\/docs\/WP_MalwareDetectionRates.pdf"},{"key":"10_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-14527-8_1","volume-title":"Privacy Enhancing Technologies","author":"P. Eckersley","year":"2010","unstructured":"Eckersley, P.: How Unique Is Your Web Browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol.\u00a06205, pp. 1\u201318. Springer, Heidelberg (2010)"},{"issue":"1-2","key":"10_CR13","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","volume":"28","author":"P. Garcia-Teodoro","year":"2009","unstructured":"Garcia-Teodoro, P., Diaz-Verdejo, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security\u00a028(1-2), 18\u201328 (2009)","journal-title":"Computers & Security"},{"key":"10_CR14","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. In: Proceedings of the 17th Conference on Security Symposium, pp. 139\u2013154. USENIX Association (2008)"},{"key":"10_CR15","first-page":"1","volume-title":"SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium","author":"G. Gu","year":"2007","unstructured":"Gu, G., Porras, P., Yegneswaran, V., Fong, M., Lee, W.: Bothunter: detecting malware infection through ids-driven dialog correlation. In: SS 2007: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp. 1\u201316. USENIX Association, Berkeley (2007)"},{"key":"10_CR16","doi-asserted-by":"crossref","unstructured":"Gu, G., Yegneswaran, V., Porras, P., Stoll, J., Lee, W.: Active botnet probing to identify obscure command and control channels. In: Computer Security Applications Conference, ACSAC (2009)","DOI":"10.1109\/ACSAC.2009.30"},{"key":"10_CR17","unstructured":"Gu, G., Zhang, J., Lee, W.: BotSniffer: Detecting botnet command and control channels in network traffic. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium, NDSS 2008. Citeseer (2008)"},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"Inoue, D., Yoshioka, K., Eto, M., Hoshizawa, Y., Nakao, K.: Malware Behavior Analysis in Isolated Miniature Network for Revealing Malware\u2019s Network Activity. In: IEEE International Conference on Communications, ICC 2008, pp. 1715\u20131721. IEEE (2008)","DOI":"10.1109\/ICC.2008.330"},{"key":"10_CR19","unstructured":"Karasaridis, A., Rexroad, B., Hoeflin, D.: Wide-scale botnet detection and characterization. In: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, p. 7. USENIX Association (2007)"},{"key":"10_CR20","unstructured":"Lin, Z., Jiang, X., Xu, D., Zhang, X.: Automatic protocol format reverse engineering through conectect-aware monitored execution. In: 15th Symposium on Network and Distributed System Security, NDSS (2008)"},{"key":"10_CR21","unstructured":"Lyon, G.: Nmap security scanner (2010)"},{"key":"10_CR22","unstructured":"McKinley, K.: Cleaning Up After Cookies (2008)"},{"key":"10_CR23","unstructured":"Microsoft Developer Network: How to: Detect browser types and browser capabilities in asp.net web pages (2010)"},{"key":"10_CR24","unstructured":"Perdisci, R., Lee, W., Feamster, N.: Behavioral clustering of http-based malware and signature generation using malicious network traces. In: Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation, p. 26. USENIX Association (2010)"},{"key":"10_CR25","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/s11416-006-0031-z","volume":"2","author":"M. Polychronakis","year":"2007","unstructured":"Polychronakis, M., Anagnostakis, K., Markatos, E.: Network-level polymorphic shellcode detection using emulation. Journal in Computer Virology\u00a02, 257\u2013274 (2007) 10.1007\/s11416-006-0031-z","journal-title":"Journal in Computer Virology"},{"key":"10_CR26","unstructured":"Schools, W.: Javascript browser detection (2010), \n                    \n                      http:\/\/www.w3schools.com\/js\/js_browser.asp"},{"issue":"18","key":"10_CR27","doi-asserted-by":"publisher","first-page":"3799","DOI":"10.1016\/j.ins.2007.03.025","volume":"177","author":"T. Shon","year":"2007","unstructured":"Shon, T., Moon, J.: A hybrid machine learning approach to network anomaly detection. Information Sciences\u00a0177(18), 3799\u20133821 (2007)","journal-title":"Information Sciences"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Thorat, S., Khandelwal, A., Bruhadeshwar, B., Kishore, K.: Payload content based network anomaly detection. In: First International Conference on the Applications of Digital Information and Web Technologies, ICADIWT 2008, pp. 127\u2013132 (August 2008)","DOI":"10.1109\/ICADIWT.2008.4664331"},{"key":"10_CR29","unstructured":"Wondracek, G., Comparetti, P.M., Kruegel, C., Kirda, E.: Automatic network protocol analysis. In: 15th Symposium on Network and Distributed System Security, NDSS (2008)"},{"key":"10_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1007\/978-3-642-02918-9_10","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"T.-F. Yen","year":"2009","unstructured":"Yen, T.-F., Huang, X., Monrose, F., Reiter, M.K.: Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol.\u00a05587, pp. 157\u2013175. Springer, Heidelberg (2009)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-37300-8_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,11]],"date-time":"2019-05-11T18:52:10Z","timestamp":1557600730000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-37300-8_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642372995","9783642373008"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-37300-8_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}