{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,29]],"date-time":"2025-10-29T03:37:13Z","timestamp":1761709033768,"version":"3.40.5"},"reference-count":28,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,10]]},"DOI":"10.1109\/ccst.2014.6986998","type":"proceedings-article","created":{"date-parts":[[2014,12,30]],"date-time":"2014-12-30T19:57:56Z","timestamp":1419969476000},"page":"1-6","source":"Crossref","is-referenced-by-count":6,"title":["Characteristics of buffer overflow attacks tunneled in HTTP traffic"],"prefix":"10.1109","author":[{"given":"Ivan","family":"Homoliak","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Ovsonka","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Karel","family":"Koranda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Petr","family":"Hanacek","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","article-title":"Toward instrumenting network warfare competitions to generate labeled datasets","author":"sangster","year":"2009","journal-title":"Proc 2nd Workshop Cyber Security Experimentation Test"},{"key":"ref11","article-title":"Discriminators for use in flow-based classification","author":"moore","year":"2005","journal-title":"Tech Rep"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2007.4317620"},{"year":"0","key":"ref13","article-title":"7 (51) September 01, 1997, article 06 of 17 [LOKI2 (the implementation)]"},{"article-title":"Skeeveicmp bounce tunnel","year":"2004","author":"zelenchuk","key":"ref14"},{"article-title":"Corkscrew","year":"2001","author":"padgett","key":"ref15"},{"article-title":"Firepass - is a tunneling tool","year":"2003","author":"dyatlov","key":"ref16"},{"article-title":"Httunnel","year":"2005","author":"leboutillier","key":"ref17"},{"article-title":"Mailtunnel","year":"2010","author":"lundstrm","key":"ref18"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2007.1020"},{"year":"0","key":"ref28","article-title":"RapidMiner Studio"},{"year":"0","key":"ref4","article-title":"How to write Buffer Overflows"},{"year":"0","key":"ref27","article-title":"SNORT intrusion detection system"},{"journal-title":"Securiteam com ? - Writing Buffer Overflow Exploits - A Tutorial for Beginners","year":"0","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"journal-title":"Rapid Communications","article-title":"Metasploit project","year":"0","key":"ref5"},{"article-title":"Metrics for intrusion detection in network traffic","year":"2011","author":"homoliak","key":"ref8"},{"key":"ref7","first-page":"829","article-title":"Behavioral signature generation using shadow honeypot","author":"barabas","year":"2012","journal-title":"World Academy of Science Engineering and Technology"},{"key":"ref2","first-page":"14","article-title":"Smashing the stack for fun and profit","volume":"7","author":"one","year":"1996","journal-title":"Phrack Magazine"},{"key":"ref9","first-page":"350","article-title":"ASNM: Advanced security network metrics for attack vector de-scription","author":"homoliak","year":"2013","journal-title":"Proceedings of the 2013 International Conference on Security & Management"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2000.821514"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030100"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-39737-3_103"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2008.09.010"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"ref23","article-title":"Detecting http tunneling activities","author":"pack","year":"2002","journal-title":"DTIC Document Tech Rep"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180414"},{"key":"ref25","first-page":"241","article-title":"Polymor-phic blending attacks","author":"fogla","year":"2006","journal-title":"Proceedings of the 15th USENIX Security Symposium"}],"event":{"name":"2014 International Carnahan Conference on Security Technology (ICCST)","start":{"date-parts":[[2014,10,13]]},"location":"Rome, Italy","end":{"date-parts":[[2014,10,16]]}},"container-title":["2014 International Carnahan Conference on Security Technology (ICCST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6961037\/6986962\/06986998.pdf?arnumber=6986998","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,23]],"date-time":"2017-03-23T20:45:22Z","timestamp":1490301922000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6986998\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,10]]},"references-count":28,"URL":"https:\/\/doi.org\/10.1109\/ccst.2014.6986998","relation":{},"subject":[],"published":{"date-parts":[[2014,10]]}}}