{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T15:58:40Z","timestamp":1729612720433,"version":"3.28.0"},"reference-count":49,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,5]]},"DOI":"10.1109\/cycon.2016.7529434","type":"proceedings-article","created":{"date-parts":[[2016,8,4]],"date-time":"2016-08-04T20:28:26Z","timestamp":1470342506000},"page":"175-190","source":"Crossref","is-referenced-by-count":6,"title":["Malware counter-proliferation and the Wassenaar Arrangement"],"prefix":"10.1109","author":[{"given":"Trey","family":"Herr","sequence":"first","affiliation":[]}],"member":"263","reference":[{"key":"ref39","article-title":"Citing Wassenaar, HP Pulls out of Mobile Pwn2Own","author":"mimoso","year":"2015","journal-title":"Threatpost"},{"key":"ref38","article-title":"Evasion Techniques Keep Angler EK's Cryptowall Business Thriving","author":"mimoso","year":"2015","journal-title":"Threatpost"},{"year":"2015","key":"ref33","article-title":"Comments on BIS Implementation of the Wassenaar Arrangement 2013 Plenary Agreements on Intrusion and Surveillance Items"},{"key":"ref32","article-title":"Egypt, FinFisher Intrusion Tools and Ethics","author":"hypponen","year":"2011","journal-title":"F-Secure Labs"},{"article-title":"Framing Dependencies Introduced by Underground Commoditization","year":"2015","author":"huang","key":"ref31"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1177\/0894439312452998"},{"key":"ref37","article-title":"Of TrueType Font Vulnerabilities and the Windows Kernel","author":"mimoso","year":"2013","journal-title":"Threatpost"},{"key":"ref36","article-title":"Against Hypocrisy: Updating Export Controls for the Digital Age","author":"maurer","year":"2014","journal-title":"Cyber Dialogue Conference May 2"},{"key":"ref35","article-title":"For Their Eyes Only: The Commercialization of Digital Spying","author":"marquis-boire","year":"2013","journal-title":"Citizen Lab"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1080\/10736709908436748"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2841113.2841116"},{"key":"ref27","first-page":"87","article-title":"PrEP: A Framework for Malware & Cyber Weapons","volume":"13","author":"herr","year":"2014","journal-title":"J Information Warfare"},{"key":"ref29","article-title":"Cyber Weapons and Export Control: Incorporating Dual Use with the PrEP Model | Journal of National Security Law & Policy","volume":"8","author":"herr","year":"2015","journal-title":"National Security Law & Policy"},{"key":"ref2","article-title":"Security Research under the DMCA: A Quest for Flexibility and Certainty","author":"adams","year":"2015","journal-title":"Center for Democracy &Technology"},{"key":"ref1","doi-asserted-by":"crossref","DOI":"10.7249\/RR610","author":"ablon","year":"2014","journal-title":"Markets for Cybercrime Tools and Stolen Data Hackers’ Bazaar"},{"key":"ref20","article-title":"Zeus Source Code Leaked","author":"fisher","year":"2011","journal-title":"Threatpost| The First Stop for Security News"},{"key":"ref22","article-title":"The NSA Hacks Other Countries by Buying Millions of Dollars’ Worth of Computer Vulnerabilities","author":"fung","year":"2013","journal-title":"The Washington Post"},{"key":"ref21","article-title":"The Known Unknowns","author":"frei","year":"2013","journal-title":"NSS Labs"},{"key":"ref24","article-title":"All Four Major Browsers Take a Stomping at Pwn2Own Hacking Competition","author":"goodin","year":"2015","journal-title":"ARS Technica"},{"journal-title":"Reporters Without Borders","article-title":"Gamma International","year":"2013","key":"ref23"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382283"},{"key":"ref25","article-title":"Changes to Export Control Arrangement Apply to Computer Exploits and More","author":"granick","year":"2014","journal-title":"CyberLaw - Stanford"},{"key":"ref10","article-title":"Researcher Finds Over 20 Vulnerabilities in SCADA Software","author":"constantin","year":"2012","journal-title":"CIO"},{"key":"ref11","article-title":"A Detailed Look at Hacking Team's Emails About Its Repressive Clients","author":"currier","year":"2015","journal-title":"Interceptors"},{"key":"ref40","article-title":"Recycle, Reuse, Reharm: How Hackers Use Variants of Known Malware to Victimize Companies and What PayPal Is Doing to Eradicate That Capability | 1PayPal Engineering Blog.’","author":"moshe","year":"2015","journal-title":"PayPal Engineering"},{"key":"ref12","article-title":"First Zeus, Now SpyEye. Look at the Source Code Now!","author":"damballa","year":"2011","journal-title":"Day Before Zero"},{"key":"ref13","article-title":"ADD\/XOR\/ROL: Why Changes to Wassenaar Make Oppression and Surveillance Easier, Not Harder","author":"dullien","year":"2015","journal-title":"ADD\/XOR\/ROL"},{"key":"ref14","article-title":"Surveillance, Software, Security, and Export Controls","author":"dullien","year":"2015","journal-title":"Public Commun"},{"key":"ref15","first-page":"1079","article-title":"From Containment to Cooperation: Collective Action and the Wassenaar Arrangement","volume":"19","author":"dursht","year":"1997","journal-title":"Cardozo Law Review"},{"key":"ref16","article-title":"New DMCA Exemption Is a Positive Step for Security Researchers","author":"ellis","year":"2015","journal-title":"Rapid7 - Information Security"},{"key":"ref17","article-title":"Penetration Testing Market Analysis: Where Is All the Revenue?","author":"ellsmore","year":"2013","journal-title":"Delling Advisory"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1146\/annurev.polisci.9.060804.162744"},{"key":"ref19","article-title":"Proposed U.S. Export Controls: Implications for Zero-Day Vulnerabilities and Exploits","author":"fidler","year":"2015","journal-title":"Lawfare"},{"key":"ref4","article-title":"Comments on the Implementation of 2013 Wassenaar Arrangement","author":"anderson","year":"2015","journal-title":"RIN 0694-AG49"},{"article-title":"Considerations on Wassenaar Arrangement Control List Additions for Surveillance Technologies","year":"2015","author":"anderson","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2013.6703692"},{"key":"ref5","article-title":"The Laws of Full Disclosure","author":"biancuzzi","year":"2008","journal-title":"Security Focus"},{"journal-title":"Federal Register","article-title":"Wassenaar Arrangement 2013 Plenary Agreements Implementation: Intrusion and Surveillance Items","year":"2015","key":"ref8"},{"key":"ref7","article-title":"Why Wassenaar Arrangement's Definitions of Intrusion Software and Controlled Items Put Security Research and Defense At Risk-And How To Fix It","author":"bratus","year":"2014","journal-title":"Public Commun"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1080\/10439463.2013.780227"},{"article-title":"The Underground Hacking Economy is Alive and Well I Security & Compliance Blog Dell Secure Works","year":"2013","author":"clarke","key":"ref9"},{"year":"2011","key":"ref46","article-title":"A Criminal Perspective on Exploit Packs"},{"key":"ref45","article-title":"Vulnerability Disclosure: How Do We Define Responsible Disclosure?","volume":"9","author":"shepherd","year":"2003","journal-title":"GIAC SEC Practical Repository SANS Inst"},{"key":"ref48","article-title":"CVE-2011-3402 - Windows Kernel TrueType Font Engine Vulnerability (MSll-087)","author":"wolf","year":"0","journal-title":"CanSecWest March 8"},{"year":"2015","key":"ref47","article-title":"The Wassenaar Arrangement On Export Controls For Conventional Arms And Dual- Use Goods And Technologies List Of Dual-Use Goods And Technologies And Munitions List"},{"key":"ref42","article-title":"A New Breed of Startups Is Helping Hackers Make Millions — Legally","author":"popper","year":"2015","journal-title":"The Verge"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068824"},{"key":"ref44","first-page":"271","article-title":"Wassenaar Arrangement and Encryption Exports: An Ineffective Export Control Regime That Compromises United States Economic Interests, The","volume":"15","author":"shehadeh","year":"1999","journal-title":"Am U Int'l L Rev"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1126\/science.1063764"}],"event":{"name":"2016 8th International Conference on Cyber Conflict (CyCon)","start":{"date-parts":[[2016,5,31]]},"location":"Tallinn, Estonia","end":{"date-parts":[[2016,6,3]]}},"container-title":["2016 8th International Conference on Cyber Conflict (CyCon)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7524181\/7529414\/07529434.pdf?arnumber=7529434","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,4]],"date-time":"2022-07-04T23:55:49Z","timestamp":1656978949000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7529434\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,5]]},"references-count":49,"URL":"https:\/\/doi.org\/10.1109\/cycon.2016.7529434","relation":{},"subject":[],"published":{"date-parts":[[2016,5]]}}}