{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:17:41Z","timestamp":1763468261875,"version":"3.28.0"},"reference-count":101,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,5]]},"DOI":"10.1109\/ecrime.2015.7120797","type":"proceedings-article","created":{"date-parts":[[2015,6,12]],"date-time":"2015-06-12T11:04:50Z","timestamp":1434107090000},"page":"1-21","source":"Crossref","is-referenced-by-count":4,"title":["Global adversarial capability modeling"],"prefix":"10.1109","author":[{"given":"Jonathan","family":"Spring","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sarah","family":"Kern","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alec","family":"Summers","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"article-title":"W32\/blaster worm","year":"2003","author":"dougherty","key":"ref39"},{"key":"ref38","article-title":"Mapping the russian business network","author":"krebs","year":"2007","journal-title":"Washington Post"},{"key":"ref33","article-title":"Vulnerability Note VU#411059: Microsoft windows universal plug and play (upnp) fails to limit the data returned in response to a notify message","author":"hernan","year":"2001","journal-title":"Software Engineering Institute Technical Report"},{"article-title":"Microsoft has 97% of os market, says onestat","year":"2006","author":"macmanus","key":"ref32"},{"journal-title":"Netcraft","article-title":"May 2014 web server survey","year":"2014","key":"ref31"},{"journal-title":"Strategy Analytics","article-title":"Wireless smartphone strategies reports","year":"2014","key":"ref30"},{"key":"ref37","doi-asserted-by":"crossref","DOI":"10.1201\/9781420091281","author":"howard","year":"2009","journal-title":"Cyber Fraud Tactics Techniques and Procedures CRC Press"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(06)70306-2"},{"journal-title":"F-secure","article-title":"Threat description: Worm: W32\/goner","year":"2001","key":"ref35"},{"journal-title":"Securiteam","article-title":"Upnp exploit code released","year":"2002","key":"ref34"},{"journal-title":"Gartner","article-title":"Gartner says worldwide mobile device sales grew 12.8 percent in second quarter of 2010","year":"2010","key":"ref28"},{"journal-title":"Canalys","article-title":"Google's android becomes the world's leading smart phone platform","year":"2011","key":"ref27"},{"article-title":"It's official: Apple is just a niche player in smartphones now","year":"2012","author":"yarow","key":"ref29"},{"journal-title":"MITRE","article-title":"Common weakness enumeration: A community-developed dictionary of software weakness types","year":"2014","key":"ref20"},{"journal-title":"Oxford English Dictionary","article-title":"material","year":"2014","key":"ref22"},{"key":"ref21","article-title":"Guide for conducting risk assessments","author":"ross","year":"2012","journal-title":"Tech rep National Institute of Standards and Technology"},{"journal-title":"OneStat","article-title":"Microsoft's global usage share","year":"2008","key":"ref24"},{"journal-title":"Lyle","article-title":"Windows xp market share","year":"2005","key":"ref23"},{"journal-title":"ICS-CERT","article-title":"Internet accessible control systems at risk","year":"2014","key":"ref101"},{"year":"2011","key":"ref26","article-title":"Net applications"},{"article-title":"W32.stuxnet dossier","year":"2011","author":"falliere","key":"ref100"},{"journal-title":"Gartner","article-title":"Desktop operating system market share","year":"2014","key":"ref25"},{"key":"ref50","article-title":"The next big thing? crimeware-as-a-service","author":"dignan","year":"2008","journal-title":"ZDNet"},{"key":"ref51","article-title":"Spyeye trojan stole $3.2 million from us victims","author":"dunn","year":"2011","journal-title":"Technology World"},{"key":"ref59","article-title":"Google scrambles to patch buffer overrun exploit in android gl","author":"boulton","year":"2008","journal-title":"eWeek"},{"key":"ref58","article-title":"The unlocked door: End-of-support for windows xp","author":"o'flaherty","year":"2014","journal-title":"SC Magazine"},{"year":"2011","key":"ref57","article-title":"20111205000001"},{"key":"ref56","article-title":"Zeus source code leaked","author":"fisher","year":"2011","journal-title":"Threat Post"},{"key":"ref55","article-title":"Complete zeus sourcecode has been leaked to the masses","author":"kruse","year":"0","journal-title":"CISIS 2011"},{"article-title":"Six months after black-hole: Passing the exploit kit torch","year":"2014","author":"larson","key":"ref54"},{"key":"ref53","article-title":"Blackhole exploit kit","author":"gololobov","year":"2011","journal-title":"Sensor Web"},{"article-title":"The conficker worm","year":"2010","author":"burton","key":"ref52"},{"key":"ref40","article-title":"The invasion of the chinese cyber-spies (and the man who tried to stop them)","author":"thornburgh","year":"2005","journal-title":"TIME Magazine"},{"journal-title":"CERT Resilience Management Model A Maturity Model for Managing Operational Resilience","year":"2010","author":"caralli","key":"ref4"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/s13347-014-0164-9"},{"key":"ref6","article-title":"Modeling malicious domain name takedown dynamics: Why eCrime pays","author":"spring","year":"2013","journal-title":"Proc Anti-Phishing Working Group eCrime Researchers Summit"},{"article-title":"Risk communication: A mental models approach","year":"2002","author":"morgan","key":"ref5"},{"key":"ref8","article-title":"Blacklist ecosystem analysis update: 2014","author":"metcalf","year":"2014","journal-title":"Tech Rep CERTCC-2014–82 Software Engineering Institute CERT Coordination Center"},{"key":"ref49","article-title":"Media alert: Rsa afcc detects‘ All-in-one’ zeus trojan package for sale","author":"noble","year":"2008","journal-title":"CIO Magazine"},{"key":"ref7","first-page":"2","article-title":"Toward realistic modeling criteria of games in internet security","volume":"2","author":"spring","year":"2014","journal-title":"Journal of Cyber Security & Information Systems"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1108\/13685201211266015"},{"key":"ref46","article-title":"Investigating advanced persistent threat 1 (apt1)","author":"shick","year":"2014","journal-title":"Tech rep CERT Division Software Engineering Institute"},{"key":"ref45","article-title":"Hacking made easy","author":"krebs","year":"2006","journal-title":"Washington Post"},{"key":"ref48","article-title":"Shadowy russian firm seen as conduit for cybercrime","author":"krebs","year":"2007","journal-title":"Washington Post"},{"journal-title":"Mandiant","article-title":"Apt1: Exposing one of china's cyber espionage units","year":"2013","key":"ref47"},{"year":"2006","key":"ref42","article-title":"The case of the “Zombie King”: Hacker sentenced for hijacking computers for profit"},{"journal-title":"United States Department of the Army","article-title":"Memo: Army golden master waiver process","year":"2006","key":"ref41"},{"key":"ref44","article-title":"The lifecycle of peer-to-peer (gameover) zeus","author":"stone-gross","year":"2012","journal-title":"Tech rep Dell Secure Works"},{"article-title":"Suspected bot master busted","year":"2005","author":"lemos","key":"ref43"},{"key":"ref73","article-title":"Zeus banking trojan comes to android phones","author":"roberts","year":"2011","journal-title":"Threat Post"},{"journal-title":"F-secure","article-title":"Trojan: Symbos\/spitmo.a","year":"2011","key":"ref72"},{"article-title":"Security alert: New sophisticated android malware droidkungfu found in alternative chinese app markets","year":"2011","author":"jiang","key":"ref71"},{"article-title":"Security alert: New android malware gold-dream found in alternative app markets","year":"2011","author":"jiang","key":"ref70"},{"key":"ref76","article-title":"Remote access tool takes aim with android apk binder","author":"lelli","year":"2013","journal-title":"Symantec"},{"article-title":"Android.dandro","year":"2013","author":"neville","key":"ref77"},{"article-title":"Zitmo hits android","year":"2011","author":"roberts","key":"ref74"},{"year":"2011","key":"ref75","article-title":"Issue 21681: Cve-2011–3874 -libsysutils rooting vulnerability (zergrush)"},{"key":"ref78","article-title":"Android framework for exploitation","author":"gupta","year":"2013","journal-title":"Club Hack Mag"},{"year":"2013","key":"ref79","article-title":"Android framework for exploitation, is a framework for exploiting android based devices"},{"key":"ref60","article-title":"Google patches android dos vulnerabilities","author":"naraine","year":"2009","journal-title":"ZDNet"},{"key":"ref62","article-title":"Google gets serious about android security, now auto-scans app market for malware","author":"greenberg","year":"2012","journal-title":"Forbes"},{"article-title":"Symbos.commwarrior.a","year":"2005","author":"liu","key":"ref61"},{"key":"ref63","article-title":"When angry birds attack: New android bug lets spoofed apps run wild","author":"greenberg","year":"2010","journal-title":"Forbes"},{"journal-title":"Team 10CH vs Android The Ultimate Showdown","year":"2011","key":"ref64"},{"article-title":"#2009–014 android denial-of-seurvice issues","year":"2009","author":"miller","key":"ref65"},{"key":"ref66","article-title":"Andosid the dos tool for android","author":"kumar","year":"2011","journal-title":"Hacker News"},{"article-title":"First sms trojan detected for smart-phones running android","year":"2010","author":"kaspersky","key":"ref67"},{"journal-title":"Info Security","article-title":"Droiddream trojan is a nightmare for thousands of android users","year":"2011","key":"ref68"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1086\/425063"},{"article-title":"Update: Android malware droiddream: How it works","year":"2011","author":"strazzere","key":"ref69"},{"key":"ref1","first-page":"80","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"hutchins","year":"2011","journal-title":"Leading Issues in Information Warfare & Security Research"},{"article-title":"Linux\/cdorked.a: New apache backdoor being used in the wild to serve blackhole","year":"2013","author":"bureau","key":"ref95"},{"article-title":"Apache Killeer Killed: Zero Day Exploit, Zero Day Fix","year":"2011","author":"prince","key":"ref94"},{"journal-title":"Symantec","article-title":"Trojan.apmod","year":"2011","key":"ref93"},{"article-title":"Dell SecureWorks Discovers Protection Against Massive Website Attack Infecting 10,000 Linux\/Apache Servers","year":"2008","author":"jackson","key":"ref92"},{"article-title":"Mystery infestation strikers linux\/apache web sites","year":"2008","author":"barr","key":"ref91"},{"year":"2002","key":"ref90","article-title":"Virus profile: Bsd\/scalper.worm"},{"article-title":"A survey of vulnerability markets","year":"2014","author":"manion","key":"ref98"},{"article-title":"Vulnerability Note VU#308556","year":"2008","author":"taschner","key":"ref99"},{"article-title":"Shellshock attacks spotted in wild","year":"2014","author":"desaie","key":"ref96"},{"key":"ref97","article-title":"The scada patch problem","author":"higgins","year":"2013","journal-title":"Dark Reading"},{"key":"ref10","first-page":"370","article-title":"Attack plan recognition and prediction using causal networks","author":"qin","year":"2004","journal-title":"Computer Security Applications Conference 2004 20th Annual"},{"article-title":"Exploit this: Evaluating the exploit skills of malware groups","year":"2015","author":"szappanos","key":"ref11"},{"key":"ref12","article-title":"A common language for computer security incidents","author":"howard","year":"1998","journal-title":"Technical Report SAND98-8667 Sandia National Laboratories"},{"key":"ref13","article-title":"The diamond model of intrusion analysis","author":"caltagirone","year":"2013","journal-title":"Tech rep Center for Cyber Intelligence Analysis and Threat Research"},{"key":"ref14","first-page":"341","article-title":"Case studies of most common and severe types of software system failure","volume":"2","author":"dalal","year":"2012","journal-title":"International Journal of Advanced Research in Computer Science and Softare Engineering"},{"key":"ref15","first-page":"1143","article-title":"Cataloguing most severe causes that lead software projects to fail","author":"chomal","year":"2014","journal-title":"International Journal on Recent and Innovation Trends in Computing and Communication"},{"journal-title":"What Is Software International Computer Science Series","year":"2007","author":"sommerville","key":"ref16"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298316"},{"journal-title":"Install or Uninstall Internet Explorer","year":"0","key":"ref17"},{"year":"0","key":"ref81","article-title":"Vulnerability in ncsa\/apache cgi example code"},{"article-title":"Method of relocating the stack in a computer system for preventing overrate by an exploit program","year":"1999","author":"yuval","key":"ref18"},{"journal-title":"F-secure","article-title":"Threat description: Scalper","year":"2002","key":"ref84"},{"journal-title":"Microsoft","article-title":"A detailed description of the data execution prevention (dep) feature in windows xp service pack 2, windows xp tablet pc edition 2005, and windows server 2003","year":"2013","key":"ref19"},{"journal-title":"Nmap Network Scanning The Official Nmap Project Guide To Network Discovery And Security Scanning Nmap Project","year":"2011","author":"lyon","key":"ref83"},{"year":"1996","key":"ref80","article-title":"test-cgi vulnerability"},{"key":"ref89","article-title":"Websites' servers hacked to host child abuse images","author":"deahl","year":"2013","journal-title":"BBC News"},{"journal-title":"F-secure","article-title":"Threat description: Worm: Linux\/slapper","year":"2002","key":"ref85"},{"journal-title":"Gobbles","article-title":"apache-nosejob.c-now with freebsd & netbsd targets","year":"2002","key":"ref86"},{"key":"ref87","article-title":"Gobbles releases apache exploit","author":"mcwilliams","year":"2002","journal-title":"Security Focus"},{"key":"ref88","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/978-3-642-03549-4_16","article-title":"Evil searching: Compromise and recompromise of internet hosts for phishing","author":"moore","year":"2009","journal-title":"Financial Cryptography and Data Security"}],"event":{"name":"2015 APWG Symposium on Electronic Crime Research (eCrime)","start":{"date-parts":[[2015,5,26]]},"location":"Barcelona","end":{"date-parts":[[2015,5,29]]}},"container-title":["2015 APWG Symposium on Electronic Crime Research (eCrime)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7118853\/7120794\/07120797.pdf?arnumber=7120797","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,5]],"date-time":"2020-02-05T18:01:49Z","timestamp":1580925709000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/7120797\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,5]]},"references-count":101,"URL":"https:\/\/doi.org\/10.1109\/ecrime.2015.7120797","relation":{},"subject":[],"published":{"date-parts":[[2015,5]]}}}