{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T15:29:27Z","timestamp":1773761367801,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":22,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642392344","type":"print"},{"value":"9783642392351","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-39235-1_2","type":"book-chapter","created":{"date-parts":[[2013,7,13]],"date-time":"2013-07-13T04:07:36Z","timestamp":1373688456000},"page":"21-40","source":"Crossref","is-referenced-by-count":29,"title":["ProVeX: Detecting Botnets with Encrypted Command and Control Channels"],"prefix":"10.1007","author":[{"given":"Christian","family":"Rossow","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christian J.","family":"Dietrich","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"2_CR1","doi-asserted-by":"crossref","unstructured":"Caballero, J., Johnson, N.M., McCamant, S., Song, D.: Binary Code Extraction and Interface Identification for Security Applications. In: Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (February 2010)","DOI":"10.21236\/ADA538737"},{"key":"2_CR2","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.X.: Polyglot: Automatic Extraction of Protocol Message Format Using Dynamic Binary Analysis. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (November 2007)","DOI":"10.1145\/1315245.1315286"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Comparetti, P.M., Wondracek, G., Kruegel, C., Kirda, E.: Prospex: Protocol Specification Extraction. In: Proceedings of the 30th IEEE Symposium on Security and Privacy (S&P) (May 2009)","DOI":"10.1109\/SP.2009.14"},{"key":"2_CR4","unstructured":"Cui, W.: Discoverer: Automatic Protocol Reverse Engineering from Network Traces. In: Proceedings of the 16th USENIX Security Symposium (August 2007)"},{"key":"2_CR5","doi-asserted-by":"crossref","unstructured":"Dietrich, C.J., Rossow, C., Freiling, F.C., Bos, H., van Steen, M., Pohlmann, N.: On Botnets that Use DNS for Command and Control. In: Proceedings of European Conference on Computer Network Defense (EC2ND) (September 2011)","DOI":"10.1109\/EC2ND.2011.16"},{"key":"2_CR6","doi-asserted-by":"crossref","unstructured":"Dietrich, C.J., Rossow, C., Pohlmann, N.: CoCoSpot: Clustering and Recognizing Botnet Command and Control Channels Using Traffic Analysis. A Special Issue of Computer Networks On Botnet Activity: Analysis, Detection and Shutdown (July 2012)","DOI":"10.1016\/j.comnet.2012.06.019"},{"key":"2_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-23644-0_3","volume-title":"Recent Advances in Intrusion Detection","author":"F. Gr\u00f6bert","year":"2011","unstructured":"Gr\u00f6bert, F., Willems, C., Holz, T.: Automated Identification of Cryptographic Primitives in Binary Programs. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol.\u00a06961, pp. 41\u201360. Springer, Heidelberg (2011)"},{"key":"2_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-642-33338-5_18","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"D. Had\u017eiosmanovi\u0107","year":"2012","unstructured":"Had\u017eiosmanovi\u0107, D., Simionato, L., Bolzoni, D., Zambon, E., Etalle, S.: N-gram Against the Machine: On the Feasibility of the N-gram Network Analysis for Binary Protocols. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol.\u00a07462, pp. 354\u2013373. Springer, Heidelberg (2012)"},{"key":"2_CR9","doi-asserted-by":"crossref","unstructured":"Kolbitsch, C., Holz, T., Kruegel, C., Kirda, E.: Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries. In: Proceedings of the 30th IEEE Symposium on Security & Privacy (S&P) (May 2009)","DOI":"10.1109\/SP.2010.10"},{"key":"2_CR10","doi-asserted-by":"crossref","unstructured":"Krueger, T., Gascon, H., Kr\u00e4mer, N., Rieck, K.: Learning Stateful Models for Network Honeypots. In: Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISec) (October 2012)","DOI":"10.1145\/2381896.2381904"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Leder, F., Martini, P., Wichmann, A.: Finding and Extracting Crypto Routines from Malware. In: Proceedings of the International Performance Computing and Communications Conference (IPCCC) (December 2009)","DOI":"10.1109\/PCCC.2009.5403858"},{"issue":"3","key":"2_CR12","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1016\/0022-2836(70)90057-4","volume":"48","author":"S.B. Needleman","year":"1970","unstructured":"Needleman, S.B., Wunsch, C.D.: A General Method Applicable to the Search for Similarities in the Amino Acid Sequence of Two Proteins. Journal of Molecular Biology\u00a048(3), 443\u2013453 (1970)","journal-title":"Journal of Molecular Biology"},{"key":"2_CR13","doi-asserted-by":"crossref","unstructured":"Newsome, J., Brumley, D., Franklin, J., Song, D.: Replayer: Automatic Protocol Replay by Binary Analysis. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS (November 2006)","DOI":"10.1145\/1180405.1180444"},{"key":"2_CR14","unstructured":"Newsome, J., Karp, B., Song, D.: Polygraph: Automatically Generating Signatures for Polymorphic Worms. In: Proceedings of the 26th IEEE Symposium on Security & Privacy (S&P) (May 2005)"},{"key":"2_CR15","unstructured":"Olivain, J., Goubault-Larrecq, J.: Detecting Subverted Cryptographic Protocols by Entropy Checking. Research Report LSV-06-13, Laboratoire Sp\u00e9cification et V\u00e9rification, ENS Cachan, France (June 2006)"},{"key":"2_CR16","unstructured":"Perdisci, R., Lee, W., Feamster, N.: Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces. In: Proceedings of the USENIX Symposium on Networked Systems Designs and Implementation (NSDI) (April 2010)"},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Rieck, K., Schwenk, G., Limmer, T., Holz, T., Laskov, P.: Botzilla: Detecting the \u201cPhoning Home\u201d of Malicious Software. In: Proceedings of the 25th ACM Symposium on Applied Computing (SAC) (March 2010)","DOI":"10.1145\/1774088.1774506"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"Rossow, C., Andriesse, D., Werner, T., Stone-Gross, B., Plohmann, D., Dietrich, C.J., Bos, H.: P2PWNED: Modeling and Evaluating the Resilience of Peer-to-Peer Botnets. In: Proceedings of the 34th IEEE Symposium on Security and Privacy (S&P), San Francisco, CA (May 2013)","DOI":"10.1109\/SP.2013.17"},{"key":"2_CR19","doi-asserted-by":"crossref","unstructured":"Rossow, C., Dietrich, C.J., Bos, H., Cavallaro, L., van Steen, M., Freiling, F.C., Pohlmann, N.: Sandnet: Network Traffic Analysis of Malicious Software. In: Proceedings of ACM EuroSys BADGERS (April 2011)","DOI":"10.1145\/1978672.1978682"},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"Rossow, C., Dietrich, C.J., Kreibich, C., Grier, C., Paxson, V., Pohlmann, N., Bos, H., van Steen, M.: Prudent Practices for Designing Malware Experiments: Status Quo and Outlook. In: Proceedings of the 33rd IEEE Symposium on Security and Privacy (S&P), San Francisco, CA (May 2012)","DOI":"10.1109\/SP.2012.14"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. In: Proceedings of the 31st IEEE Symposium on Security & Privacy (May 2010)","DOI":"10.1109\/SP.2010.25"},{"key":"2_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1007\/978-3-642-04444-1_13","volume-title":"Computer Security \u2013 ESORICS 2009","author":"Z. Wang","year":"2009","unstructured":"Wang, Z., Jiang, X., Cui, W., Wang, X., Grace, M.: ReFormat: Automatic Reverse Engineering of Encrypted Messages. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol.\u00a05789, pp. 200\u2013215. Springer, Heidelberg (2009)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-39235-1_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,15]],"date-time":"2019-05-15T21:13:01Z","timestamp":1557954781000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-39235-1_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642392344","9783642392351"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-39235-1_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}