{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:06:41Z","timestamp":1740096401656,"version":"3.37.3"},"publisher-location":"Berlin, Heidelberg","reference-count":40,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642405877"},{"type":"electronic","value":"9783642405884"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-40588-4_17","type":"book-chapter","created":{"date-parts":[[2013,8,9]],"date-time":"2013-08-09T01:54:24Z","timestamp":1376013264000},"page":"236-252","source":"Crossref","is-referenced-by-count":3,"title":["Cyber Threats Monitoring: Experimental Analysis of Malware Behavior in Cyberspace"],"prefix":"10.1007","author":[{"given":"Clara Maria","family":"Colombini","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antonio","family":"Colella","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marco","family":"Mattiucci","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aniello","family":"Castiglione","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"unstructured":"U.S. Department of Defense: Joint Publication 1-02, Dictionary of Military and Associated Terms, http:\/\/www.dtic.mil\/doctrine\/new_pubs\/jp1_02.pdf (November 2010)","key":"17_CR1"},{"unstructured":"Fahrenkrug, D.T.: Countering the Offensive Advantage in Cyber-space: An Integrated Defensive Strategy. In: 4th International Conference on Cyber Conflict, NATO CCD COE Publications, Tallinn, pp. 197\u2013207 (2012)","key":"17_CR2"},{"unstructured":"Klimburg, A.: National Cyber Security Framework Manual. NATO CCD COE Publications (December 2012), http:\/\/www.ccdcoe.org\/369.html","key":"17_CR3"},{"unstructured":"Saalbach, K.: Cyber-war. Methods and Practice, version 6.0 (January 2013), http:\/\/www.dirk-koentopp.com\/downloads\/saalbach-cyberwar-methods-and-practice.pdf","key":"17_CR4"},{"unstructured":"Colombini, C., Colella, A., Mattiucci, M.: Cyber-war Profiling, a new Method for the Analysis of a Cyber-Conflict. To appear on NATO CCD COE, Tallinn (January 2013)","key":"17_CR5"},{"issue":"1-2","key":"17_CR6","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1016\/j.cose.2007.11.001","volume":"27","author":"F. Palmieri","year":"2008","unstructured":"Palmieri, F., Fiore, U.: Containing large-scale worm spreading in the Internet by cooperative distribution of traffic filtering policies. Computers & Security\u00a027(1-2), 48\u201362 (2008)","journal-title":"Computers & Security"},{"issue":"3","key":"17_CR7","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1155\/2011\/404328","volume":"7","author":"F. Palmieri","year":"2011","unstructured":"Palmieri, F., Fiore, U., Castiglione, A.: Automatic security assessment for next generation wireless mobile networks. Mobile Information Systems\u00a07(3), 217\u2013239 (2011)","journal-title":"Mobile Information Systems"},{"key":"17_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"537","DOI":"10.1007\/11751595_57","volume-title":"Computational Science and Its Applications - ICCSA 2006","author":"F. Palmieri","year":"2006","unstructured":"Palmieri, F., Fiore, U.: Audit-Based Access Control in Nomadic Wireless Environments. In: Gavrilova, M., Gervasi, O., Kumar, V., Tan, C.J.K., Taniar, D., Lagan\u00e1, A., Mun, Y., Choo, H. (eds.) ICCSA 2006. LNCS, vol.\u00a03982, pp. 537\u2013545. Springer, Heidelberg (2006)"},{"issue":"7","key":"17_CR9","doi-asserted-by":"publisher","first-page":"737","DOI":"10.1016\/j.cose.2010.05.002","volume":"29","author":"F. Palmieri","year":"2010","unstructured":"Palmieri, F., Fiore, U.: Network anomaly detection through nonlinear analysis. Computers & Security\u00a029(7), 737\u2013755 (2010)","journal-title":"Computers & Security"},{"doi-asserted-by":"crossref","unstructured":"Fiore, U., Palmieri, F., Castiglione, A., De Santis, A.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing (2013), http:\/\/dx.doi.org\/10.1016\/j.neucom.2012.11.050 , doi:10.1016\/j.neucom.2012.11.050","key":"17_CR10","DOI":"10.1016\/j.neucom.2012.11.050"},{"doi-asserted-by":"crossref","unstructured":"Vidulich, M., Dominguez, C., Vogel, E., McMillian, G.: Situation Awareness: Papers and Annotated Bibliography, U.S. Department of Defense, Defense Technical Information Center (DTIC) (June 1994), http:\/\/www.dtic.mil\/dtic\/tr\/fulltext\/u2\/a284752.pdf","key":"17_CR11","DOI":"10.21236\/ADA284752"},{"key":"17_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"330","DOI":"10.1007\/978-3-642-23300-5_26","volume-title":"Availability, Reliability and Security for Business, Enterprise and Health Information Systems","author":"C.M. Colombini","year":"2011","unstructured":"Colombini, C.M., Colella, A.: Digital Profiling: A Computer Forensics Approach. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) ARES 2011. LNCS, vol.\u00a06908, pp. 330\u2013343. Springer, Heidelberg (2011)"},{"doi-asserted-by":"crossref","unstructured":"Colombini, C., Colella, A., Castiglione, A., Scognamiglio, V.: The Digital Profiling Techniques Applied to the Analysis of a GPS Navigation Device. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 591\u2013596 (2012)","key":"17_CR13","DOI":"10.1109\/IMIS.2012.202"},{"doi-asserted-by":"crossref","unstructured":"Castiglione, A., De Santis, A., Fiore, U., Palmieri, F.: Device Tracking in Private Networks via NAPT Log Analysis. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 603\u2013608 (2012)","key":"17_CR14","DOI":"10.1109\/IMIS.2012.125"},{"key":"17_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"416","DOI":"10.1007\/978-3-642-32498-7_31","volume-title":"Multidisciplinary Research and Practice for Information Systems","author":"C.M. Colombini","year":"2012","unstructured":"Colombini, C.M., Colella, A., Mattiucci, M., Castiglione, A.: Network Profiling: Content Analysis of Users Behavior in Digital Communication Channel. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds.) CD-ARES 2012. LNCS, vol.\u00a07465, pp. 416\u2013429. Springer, Heidelberg (2012)"},{"unstructured":"Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet Under the Microscope, rev. 1.31, ESET LLC (2012), http:\/\/ece.wpi.edu\/~dchasaki\/papers\/Stuxnet_Under_the_Microscope.pdf","key":"17_CR16"},{"doi-asserted-by":"crossref","unstructured":"Castiglione, A., De Prisco, R., De Santis, A., Fiore, U., Palmieri, F.: A botnet-based command and control approach relying on swarm intelligence. Journal of Network and Computer Applications (2013), http:\/\/dx.doi.org\/10.1016\/j.jnca.2013.05.002 , doi:10.1016\/j.jnca.2013.05.002","key":"17_CR17","DOI":"10.1016\/j.jnca.2013.05.002"},{"unstructured":"Ziolkowski, K.: Ius ad bellum in Cyberspace - Some Thoughts on the \u201cSchmitt-Criteria\u201d for Use of Force. In: 4th International Conference on Cyber Conflict, NATO CCD COE Publications, Tallinn, pp. 295\u2013309 (2012)","key":"17_CR18"},{"unstructured":"Fanelli, R., Conti, G.: A methodology for cyber operations targeting and control of collateral damage in the context of lawful armed conflict. In: 2012 4th International Conference on Cyber Conflict (CYCON), pp. 1\u201313 (2012)","key":"17_CR19"},{"unstructured":"CrySyS Lab: sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks (May 2012), http:\/\/www.crysys.hu\/skywiper\/skywiper.pdf","key":"17_CR20"},{"unstructured":"Bencs\u00e1th, B., P\u00e9k, G., Butty\u00e1n, L., F\u00e9legyh\u00e1zi, M.: Duqu: A Stuxnet-like malware found in the wild (October 2011), http:\/\/www.crysys.hu\/publications\/files\/bencsathPBF11duqu.pdf","key":"17_CR21"},{"unstructured":"Kaspersky Lab, Global Research and Analysis Team: Gauss: Abnormal Distribution (August 2012), http:\/\/www.securelist.com\/en\/analysis\/204792238\/","key":"17_CR22"},{"unstructured":"Kaspersky Lab, Global Research and Analysis Team: The Mahdi Campaign (July 2012), http:\/\/www.securelist.com\/en\/blog\/208193691\/The_Madi_Campaign_Part_II","key":"17_CR23"},{"unstructured":"Infosec Institute: Honeypots Resources (October 2012), http:\/\/resources.infosecinstitute.com\/honeypots\/","key":"17_CR24"},{"unstructured":"Moore, J.: Mercury Live DVD (2013), http:\/\/mercurylivedvd.sourceforge.net\/","key":"17_CR25"},{"key":"17_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"430","DOI":"10.1007\/978-3-642-32498-7_32","volume-title":"Multidisciplinary Research and Practice for Information Systems","author":"A. Castiglione","year":"2012","unstructured":"Castiglione, A., Cattaneo, G., De Prisco, R., De Santis, A., Yim, K.: How to Forge a Digital Alibi on Mac\u00a0OS\u00a0X. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds.) CD-ARES 2012. LNCS, vol.\u00a07465, pp. 430\u2013444. Springer, Heidelberg (2012)"},{"doi-asserted-by":"crossref","unstructured":"Albano, P., Castiglione, A., Cattaneo, G., De Maio, G., De Santis, A.: On the Construction of a False Digital Alibi on the Android OS. In: Xhafa, F., Barolli, L., K\u00f6ppen, M. (eds.) INCoS, pp. 685\u2013690. IEEE (2011)","key":"17_CR27","DOI":"10.1109\/INCoS.2011.129"},{"key":"17_CR28","doi-asserted-by":"publisher","first-page":"216","DOI":"10.1109\/ACCESS.2013.2260817","volume":"1","author":"A. Castiglione","year":"2013","unstructured":"Castiglione, A., Cattaneo, G., De Maio, G., De Santis, A.: Automated Production of Predetermined Digital Evidence. IEEE Access\u00a01, 216\u2013231 (2013)","journal-title":"IEEE Access"},{"key":"17_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"359","DOI":"10.1007\/978-3-642-23300-5_28","volume-title":"Availability, Reliability and Security for Business, Enterprise and Health Information Systems","author":"A. De Santis","year":"2011","unstructured":"De Santis, A., Castiglione, A., Cattaneo, G., De Maio, G., Ianulardo, M.: Automated Construction of a False Digital Alibi. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) ARES 2011. LNCS, vol.\u00a06908, pp. 359\u2013373. Springer, Heidelberg (2011)"},{"doi-asserted-by":"crossref","unstructured":"Castiglione, A., Cattaneo, G., De Maio, G., De Santis, A., Costabile, G., Epifani, M.: The Forensic Analysis of a False Digital Alibi. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 114\u2013121 (2012)","key":"17_CR30","DOI":"10.1109\/IMIS.2012.127"},{"issue":"2","key":"17_CR31","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/s11416-010-0144-2","volume":"7","author":"V. Nicomette","year":"2011","unstructured":"Nicomette, V., Ka\u00e2niche, M., Alata, E., Herrb, M.: Set-up and deployment of a high-interaction honeypot: experiment and lessons learned. Journal in Computer Virology\u00a07(2), 143\u2013157 (2011)","journal-title":"Journal in Computer Virology"},{"unstructured":"Li, C., Parsioan, T.: Profiling Honeynet Attackers. In: Proceedings of the Class of 2006 Senior Conference, pp. 19\u201326 (2005)","key":"17_CR32"},{"unstructured":"Seifert, C.: Analyzing Malicious SSH Login Attempts (November 2010), http:\/\/www.symantec.com\/connect\/articles\/analyzing-malicious-ssh-login-attempts","key":"17_CR33"},{"unstructured":"Threat Expert Ltd.: Backdoor:Win32\/Ixeshe.E (2013), http:\/\/www.threatexpert.com\/report.aspx?md5=d1e7c8a8d857e097eef8922f41074e80","key":"17_CR34"},{"unstructured":"Sancho, D., dela Torre, J., Bakuei, M., Villeneuve, N., McArdle, R.: IXESHE An APT Campaign (2012), http:\/\/www.trendmicro.com\/cloud-content\/us\/pdfs\/security-intelligence\/white-papers\/wp_ixeshe.pdf","key":"17_CR35"},{"unstructured":"Tyugu, E.: Command and control of cyber weapons. In: 2012 4th International Conference on Cyber Conflict (CYCON), pp. 1\u201311 (2012)","key":"17_CR36"},{"issue":"10","key":"17_CR37","doi-asserted-by":"publisher","first-page":"1813","DOI":"10.1016\/j.jss.2010.04.062","volume":"83","author":"A. Castiglione","year":"2010","unstructured":"Castiglione, A., De Santis, A., Soriente, C.: Security and privacy issues in the Portable Document Format. Journal of Systems and Software\u00a083(10), 1813\u20131822 (2010)","journal-title":"Journal of Systems and Software"},{"key":"17_CR38","series-title":"IFIP AICT","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/978-3-642-30436-1_2","volume-title":"Information Security and Privacy Research","author":"A. Armando","year":"2012","unstructured":"Armando, A., Merlo, A., Migliardi, M., Verderame, L.: Would You Mind Forking This Process? A Denial of Service Attack on Android (and Some Countermeasures). In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol.\u00a0376, pp. 13\u201324. Springer, Heidelberg (2012)"},{"doi-asserted-by":"crossref","unstructured":"Armando, A., Merlo, A., Migliardi, M., Verderame, L.: Breaking and fixing the Android Launching Flow. Computers & Security (2013)","key":"17_CR39","DOI":"10.1016\/j.cose.2013.03.009"},{"doi-asserted-by":"crossref","unstructured":"Castiglione, A., Cattaneo, G., De Maio, G., De Santis, A.: Forensically-Sound Methods to Collect Live Network Evidence. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 405\u2013412 (2013)","key":"17_CR40","DOI":"10.1109\/AINA.2013.133"}],"container-title":["Lecture Notes in Computer Science","Security Engineering and Intelligence Informatics"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-40588-4_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,16]],"date-time":"2024-05-16T08:15:16Z","timestamp":1715847316000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-40588-4_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642405877","9783642405884"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-40588-4_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}