{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,29]],"date-time":"2025-04-29T17:03:34Z","timestamp":1745946214123,"version":"3.28.0"},"reference-count":43,"publisher":"IEEE","license":[{"start":{"date-parts":[[2020,6,1]],"date-time":"2020-06-01T00:00:00Z","timestamp":1590969600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,6,1]],"date-time":"2020-06-01T00:00:00Z","timestamp":1590969600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,6,1]],"date-time":"2020-06-01T00:00:00Z","timestamp":1590969600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,6]]},"DOI":"10.1109\/cns48642.2020.9162304","type":"proceedings-article","created":{"date-parts":[[2020,8,7]],"date-time":"2020-08-07T21:54:40Z","timestamp":1596837280000},"page":"1-9","source":"Crossref","is-referenced-by-count":2,"title":["REdiREKT: Extracting Malicious Redirections from Exploit Kit Traffic"],"prefix":"10.1109","author":[{"given":"Jonah","family":"Burgess","sequence":"first","affiliation":[]},{"given":"Domhnall","family":"Carlin","sequence":"additional","affiliation":[]},{"given":"Philip","family":"O'Kane","sequence":"additional","affiliation":[]},{"given":"Sakir","family":"Sezer","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"journal-title":"VirusTotal","year":"2019","key":"ref39"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813703"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046762"},{"key":"ref32","first-page":"1","article-title":"Warningbird: Detecting suspicious urls in twitter stream","volume":"12","author":"lee","year":"2012","journal-title":"NDSS"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382267"},{"key":"ref30","first-page":"1025","article-title":"Webwitness: Investigating, categorizing, and mitigating malware download paths","author":"nelms","year":"2015","journal-title":"24th fUSENIXg Security Symposium 15"},{"journal-title":"Broad analysis","year":"2020","author":"analysis","key":"ref37"},{"journal-title":"Python anytree module","year":"2020","key":"ref36"},{"journal-title":"The Zeek Network Security Monitor","year":"2020","key":"ref35"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/CompComm.2018.8780783"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23427"},{"journal-title":"The decline of exploit kits as an exploitation strategy","year":"2018","author":"ma","key":"ref40"},{"key":"ref11","article-title":"Manufacturing compromise: the emergence of exploit-as-a-service","author":"chris","year":"2012","journal-title":"Proceedings of the 2012 ACM Conference on Computer and Communications Security"},{"key":"ref12","first-page":"24","article-title":"Know your ek: A content and workflow analysis approach for exploit kits","volume":"9","author":"suren","year":"2019","journal-title":"J Internet Serv Inf Security"},{"journal-title":"Blackhole exploit kit author gets 7 years","year":"2016","author":"krebs","key":"ref13"},{"journal-title":"Where have all the eks gone?","year":"2017","author":"spring","key":"ref14"},{"journal-title":"Fluctuation in the exploit kit market – temporary blip or long-term trend?","year":"2017","author":"team","key":"ref15"},{"journal-title":"Why exploit kits are going dark?","year":"2017","author":"kaplan","key":"ref16"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2017ICP0005"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/3033288.3033354"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.3906\/elk-1810-199"},{"key":"ref28","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1145\/2857705.2857718","article-title":"Detecting malicious exploit kits using tree-based similarity searches","author":"taylor","year":"2016","journal-title":"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557575"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2014.6848047"},{"key":"ref3","first-page":"132","article-title":"Pexy: The other side of exploit kits","author":"de maio","year":"2014","journal-title":"Detection of Intrusions and Malware and Vulnerability Assessment"},{"journal-title":"Threat spotlight Cisco talos thwarts access to massive international exploit kit generating 60m annually from ransomware alone","year":"2015","author":"biasini","key":"ref6"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2018OFP0010"},{"journal-title":"Amj An analyzer for malicious javascript","year":"2018","author":"li","key":"ref5"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36563-8_13"},{"journal-title":"Threat spotlight Angler lurking in the domain shadows","year":"2015","author":"nick biasini","key":"ref7"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecPODS.2019.8885003"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2016OFK0001"},{"volume":"24","journal-title":"Internet Security Threat Report","year":"2019","key":"ref1"},{"journal-title":"Malware Traffic Analysis","year":"2020","author":"duncan","key":"ref20"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2015.76"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.23919\/ICACT.2018.8323798"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435364"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516682"},{"key":"ref41","article-title":"Next generation of exploit kit detection by building simulated obfuscators","author":"luo","year":"2016","journal-title":"Black Hat Conference"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2016ICP0011"},{"key":"ref26","first-page":"19","article-title":"An approach to detect driveby download by observing the web page transition behaviors","author":"matsunaka","year":"2014","journal-title":"Asia Joint Conference on Information Security"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313752"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2018FCP0007"}],"event":{"name":"2020 IEEE Conference on Communications and Network Security (CNS)","start":{"date-parts":[[2020,6,29]]},"location":"Avignon, France","end":{"date-parts":[[2020,7,1]]}},"container-title":["2020 IEEE Conference on Communications and Network Security (CNS)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9153729\/9162157\/09162304.pdf?arnumber=9162304","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,27]],"date-time":"2022-06-27T15:58:43Z","timestamp":1656345523000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9162304\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,6]]},"references-count":43,"URL":"https:\/\/doi.org\/10.1109\/cns48642.2020.9162304","relation":{},"subject":[],"published":{"date-parts":[[2020,6]]}}}