{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,17]],"date-time":"2025-04-17T15:49:33Z","timestamp":1744904973054,"version":"3.28.0"},"reference-count":32,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,6]]},"DOI":"10.1109\/dsn.2013.6575364","type":"proceedings-article","created":{"date-parts":[[2013,8,14]],"date-time":"2013-08-14T12:18:36Z","timestamp":1376482716000},"page":"1-12","source":"Crossref","is-referenced-by-count":15,"title":["Crossing the threshold: Detecting network malfeasance via sequential hypothesis testing"],"prefix":"10.1109","author":[{"given":"Srinivas","family":"Krishnan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Teryl","family":"Taylor","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fabian","family":"Monrose","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John","family":"McHugh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"journal-title":"Pattern Classification","year":"2007","author":"duda","key":"19"},{"journal-title":"Black Ops 200S-its the End of the Cache As We Know It","year":"2008","author":"kaminsky","key":"17"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177729694"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2004.1301325"},{"key":"16","doi-asserted-by":"crossref","first-page":"197","DOI":"10.1007\/s11416-007-0080-y","article-title":"On the adaptive real-time detection of fast-propagating network worms","volume":"4","author":"lung","year":"2008","journal-title":"Journal in Computer Virology"},{"year":"0","key":"13"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2010.5762763"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068842"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2010.213"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.1422"},{"key":"20","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1007\/978-3-540-30143-1_4","article-title":"Fast detection of scanning worm infections","author":"schechter","year":"2004","journal-title":"Recent Advances Intrusion Detection"},{"key":"22","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-642-16161-2_27","article-title":"The hitchhiker's guide to dns cache poisoning","author":"son","year":"2010","journal-title":"International Conference on Security and Privacy in Communication Networks"},{"year":"0","key":"23"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653738"},{"year":"2012","key":"25"},{"key":"26","first-page":"64","article-title":"Implementing lock-free queues","author":"valois","year":"1994","journal-title":"International Conference on Parallel and Distributed Computing Systems"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1109\/ccnc08.2007.112"},{"journal-title":"Sequential Analysis","year":"1947","author":"waldo","key":"28"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-44599-1_6"},{"journal-title":"From ThrowAway Traffic to Bots Detecting the Rise of DGAbased Malware","year":"2012","author":"antonakakis","key":"3"},{"journal-title":"Detecting Malware Domains at the Upper DNS Hierarchy","year":"2011","author":"antonakakis","key":"2"},{"journal-title":"TDL4 Top Bot See","year":"2011","author":"golovanov","key":"10"},{"journal-title":"Building A Dynamic Reputation System for DNS","year":"2010","author":"antonakakis","key":"1"},{"key":"30","article-title":"Clear and present data: Opaque traffic and its security implications for the future","author":"white","year":"2013","journal-title":"Symposium on Network and Distributed System Security"},{"journal-title":"Massive Italian Typosquatting Ring Foists Malware on Users","year":"2007","author":"eckelberry","key":"7"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2002.1036038"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879148"},{"key":"5","article-title":"Detecting dns tunnels using character frequency analysis","author":"born","year":"2010","journal-title":"Proc of Computer Security Conference"},{"key":"31","article-title":"Winning with dns failures: Strategies for faster botnet detection","author":"yadav","year":"2011","journal-title":"International Conference on Security and Privacy in Communication Networks"},{"journal-title":"EXPOSURE Finding Malicious Domains Using Passive DNS Analysis","year":"2011","author":"bilge","key":"4"},{"key":"9","article-title":"On the potential of proactive domain blacklisting","author":"felegyhazi","year":"2010","journal-title":"USENIX Conference on Large-Scale Exploits and Emergent Threats"},{"key":"8","doi-asserted-by":"crossref","DOI":"10.1002\/9780470977811","author":"everitt","year":"2011","journal-title":"Cluster Analysis"}],"event":{"name":"2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)","start":{"date-parts":[[2013,6,24]]},"location":"Budapest, Hungary","end":{"date-parts":[[2013,6,27]]}},"container-title":["2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6569391\/6575287\/06575364.pdf?arnumber=6575364","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,21]],"date-time":"2017-06-21T13:50:18Z","timestamp":1498053018000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6575364\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,6]]},"references-count":32,"URL":"https:\/\/doi.org\/10.1109\/dsn.2013.6575364","relation":{},"subject":[],"published":{"date-parts":[[2013,6]]}}}