{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,5]],"date-time":"2025-12-05T12:10:52Z","timestamp":1764936652717,"version":"3.28.0"},"reference-count":30,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,10]]},"DOI":"10.1109\/crisis.2012.6378947","type":"proceedings-article","created":{"date-parts":[[2012,12,18]],"date-time":"2012-12-18T16:54:22Z","timestamp":1355849662000},"page":"1-8","source":"Crossref","is-referenced-by-count":21,"title":["Investigating the dark cyberspace: Profiling, threat-based analysis and correlation"],"prefix":"10.1109","author":[{"given":"Claude","family":"Fachkha","sequence":"first","affiliation":[]},{"given":"Elias","family":"Bou-Harb","sequence":"additional","affiliation":[]},{"given":"Amine","family":"Boukhtouta","sequence":"additional","affiliation":[]},{"given":"Son","family":"Dinh","sequence":"additional","affiliation":[]},{"given":"Farkhund","family":"Iqbal","sequence":"additional","affiliation":[]},{"given":"Mourad","family":"Debbabi","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"journal-title":"MS Terminal Service Cracking","year":"0","key":"19"},{"journal-title":"Microsoft Security Bulletin Ms09-018 - Critical","year":"0","key":"17"},{"journal-title":"Top Ten Web Attacks","year":"0","author":"shah","key":"18"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2006.1705880"},{"journal-title":"Global Phishing Survey trends and Domain Name Use in 2H2011","year":"0","key":"16"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2008.ECP.314"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879149"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1145\/1132026.1132027"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298316"},{"journal-title":"The Bro Network Security Monitor","year":"0","key":"21"},{"year":"0","key":"20"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1109\/ISIAS.2010.5604064"},{"journal-title":"Vulnerability Summary for Cve-2007-2931","year":"2011","key":"23"},{"journal-title":"Sourcefire-Snort","year":"2011","key":"24"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1145\/170036.170072"},{"key":"26","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1145\/380995.381002","article-title":"Mining frequent patterns by pattern-growth: Methodology and implications","author":"han","year":"2000","journal-title":"ACM SIGKDD Explorations Newsletter"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1109\/69.846291"},{"key":"28","doi-asserted-by":"publisher","DOI":"10.1145\/319950.319981"},{"journal-title":"Data Mining Concepts and Techniques (The Morgan Kaufmann Series in Data Management Systems)","year":"2006","author":"han","key":"29"},{"key":"3","first-page":"1","article-title":"A virtual honeypot framework","volume":"13","author":"provos","year":"2004","journal-title":"Proceedings of the 13th conference on USENIX Security Symposium"},{"journal-title":"Canada's Cyber Security Strategy","year":"2009","key":"2"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219056"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(03)00203-7"},{"journal-title":"Data Mining Practical Machine Learning Tools and Techniques","year":"2011","author":"hall","key":"30"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/1028788.1028794"},{"key":"6","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1007\/978-3-540-30143-1_8","article-title":"On the design and use of internet sinks for network abuse monitoring","author":"yegneswaran","year":"2004","journal-title":"Proceedings of the 7 th International Symposium on Recent Advances in Intrusion Detection (RAID)"},{"key":"5","first-page":"1","article-title":"The Internet motion sensor: A distributed blackhole monitoring system","author":"bailey","year":"2005","journal-title":"Proceedings of Network and Distributed System Security Symposium (NDSS'05)"},{"key":"4","first-page":"1","author":"moore","year":"2004","journal-title":"Network Telescopes Technical Report"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2003.1258993"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879149"}],"event":{"name":"2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS)","start":{"date-parts":[[2012,10,10]]},"location":"Cork, Ireland","end":{"date-parts":[[2012,10,12]]}},"container-title":["2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/6362373\/6378933\/06378947.pdf?arnumber=6378947","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,21]],"date-time":"2017-06-21T00:23:31Z","timestamp":1498004611000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6378947\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,10]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/crisis.2012.6378947","relation":{},"subject":[],"published":{"date-parts":[[2012,10]]}}}