{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T11:01:10Z","timestamp":1725793270301},"publisher-location":"Berlin, Heidelberg","reference-count":22,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642554148"},{"type":"electronic","value":"9783642554155"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-642-55415-5_1","type":"book-chapter","created":{"date-parts":[[2014,5,11]],"date-time":"2014-05-11T22:18:10Z","timestamp":1399846690000},"page":"1-14","source":"Crossref","is-referenced-by-count":17,"title":["Mentor: Positive DNS Reputation to Skim-Off Benign Domains in Botnet C&C Blacklists"],"prefix":"10.1007","author":[{"given":"Nizar","family":"Kheir","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fr\u00e9d\u00e9ric","family":"Tran","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pierre","family":"Caron","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nicolas","family":"Deschamps","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"1_CR1","unstructured":"Alexa web information company (2013), \n                    \n                      http:\/\/www.alexa.com\/topsites\/"},{"key":"1_CR2","unstructured":"Antonakakis, M., Perdisci, R., Dagon, D., Lee, W., Feamster, N.: Building a dynamic reputation system for dns. In: Usenix Security Symposium (2010)"},{"key":"1_CR3","unstructured":"Antonakakis, M., Perdisci, R., Nadji, Y., Vasiloglou, N., Abu-Nimeh, S., Lee, W., Dagon, D.: From throw-away traffic to bots: Detecting the rise of dga-based malware. In: USENIX Security Symposium (2012)"},{"key":"1_CR4","unstructured":"Balzarotti, D., Cova, M., Karlberger, C., Kruegel, C., Kirda, E., Vigna, G.: Efficient detection of split personalities in malware. In: International Symposium on Network and Distributed System Security, NDSS (2010)"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Bilge, L., Balzarotti, D., Robertson, W., Kirda, E., Kruegel, C.: Disclosure: detecting botnet command and control servers through large-scale netflow analysis. In: Int. Annual Computer Security Applications Conference, ACSAC (2012)","DOI":"10.1145\/2420950.2420969"},{"key":"1_CR6","unstructured":"Bilge, L., Kirda, E., Kruegel, C., Balduzzi, M.: Exposure: Finding malicious domains using passive dns analysis. In: Symposium on Network and Distributed System Security (2011)"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Choi, H., Lee, H., Lee, H., Kim, H.: Botnet detection by monitoring group activities in dns traffic. In: Seventh International Conference on Computer and Information Technology (2007)","DOI":"10.1109\/CIT.2007.90"},{"key":"1_CR8","doi-asserted-by":"crossref","unstructured":"Cristianini, N., Shawe-Taylor, J.: An introduction to support vector machines and other kernel-based learning methods. Cambridge University Press (2000)","DOI":"10.1017\/CBO9780511801389"},{"key":"1_CR9","unstructured":"Felegyhazi, M., Kreibich, C., Paxson, V.: On the potential of proactive domain blacklisting. In: Third USENIX LEET Workshop (2010)"},{"key":"1_CR10","unstructured":"Holz, T., Gorecki, C., Rieck, K., Freiling, F.C.: Measuring and detecting fast-flux service networks. In: Symp. on Network and Distributed System Security (2008)"},{"key":"1_CR11","unstructured":"Jacob, G., Hund, R., Kruegel, C., Holz, T.: Jackstraws: Picking command and control connections from bot traffic. In: USENIX Security Symposium (2011)"},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-319-03584-0_21","volume-title":"Cyberspace Safety and Security","author":"N. Kheir","year":"2013","unstructured":"Kheir, N., Han, X.: Peerviewer: Behavioral tracking and classification of P2P malware. In: Wang, G., Ray, I., Feng, D., Rajarajan, M. (eds.) CSS 2013. LNCS, vol.\u00a08300, pp. 282\u2013298. Springer, Heidelberg (2013)"},{"key":"1_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-319-02937-5_9","volume-title":"Cryptology and Network Security","author":"N. Kheir","year":"2013","unstructured":"Kheir, N., Wolley, C.: BotSuer: Suing stealthy P2P bots in network traffic through netflow analysis. In: Abdalla, M., Nita-Rotaru, C., Dahab, R. (eds.) CANS 2013. LNCS, vol.\u00a08257, pp. 162\u2013178. Springer, Heidelberg (2013)"},{"key":"1_CR14","doi-asserted-by":"crossref","unstructured":"Langley, P., Sage, S.: Induction of selective bayesian classifiers. In: 10th International Conference on Uncertainty in Artificial Intelligence, pp. 399\u2013406 (1994)","DOI":"10.1016\/B978-1-55860-332-5.50055-9"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Mockapetris, P.: Dns encoding of network names and other types. RFC 1101 (April 1989)","DOI":"10.17487\/rfc1101"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Exploring multiple execution paths for malware analysis. In: International Symposium on Security and Privacy (2007)","DOI":"10.1109\/SP.2007.17"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Postel, J.: Domain name system structure and delegation. In: RFC 1591 (1994)","DOI":"10.17487\/rfc1591"},{"key":"1_CR18","unstructured":"Quinlan, J.R.: C4.5: Programs for machine learning. Morgan Kaufmann Publishers (1993)"},{"key":"1_CR19","unstructured":"Rajab, M.A., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: 6th ACM SIGCOMM Conference on Internet Measurement (2006)"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"Sinha, S., Bailey, M., Jahanian, F.: Shades of grey: On the effectiveness of reputation-based \u201cblacklists\u201d. In: International Conference on Malicious and Unwared Software, Malware (2008)","DOI":"10.1109\/MALWARE.2008.4690858"},{"key":"1_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/978-3-642-04444-1_15","volume-title":"Computer Security \u2013 ESORICS 2009","author":"P. Wurzinger","year":"2009","unstructured":"Wurzinger, P., Bilge, L., Holz, T., Goebel, J., Kruegel, C., Kirda, E.: Automatically generating models for botnet detection. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol.\u00a05789, pp. 232\u2013249. Springer, Heidelberg (2009)"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Yadav, S., Reddy, A.K., Reddy, A.N., Ranjan, S.: Detecting algorithmically generated malicious domain names. In: 10th ACM SIGCOMM Conference on Internet Measurement (2010)","DOI":"10.1145\/1879141.1879148"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-55415-5_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,26]],"date-time":"2019-05-26T16:02:37Z","timestamp":1558886557000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-55415-5_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783642554148","9783642554155"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-55415-5_1","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2014]]}}}