{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T16:04:09Z","timestamp":1774195449280,"version":"3.50.1"},"reference-count":29,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008,10]]},"DOI":"10.1109\/lcn.2008.4664306","type":"proceedings-article","created":{"date-parts":[[2008,11,5]],"date-time":"2008-11-05T14:49:04Z","timestamp":1225896544000},"page":"935-941","source":"Crossref","is-referenced-by-count":12,"title":["Identification of malicious web pages through analysis of underlying DNS and web server relationships"],"prefix":"10.1109","author":[{"given":"Christian","family":"Seifert","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ian","family":"Welch","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peter","family":"Komisarczuk","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chiraag Uday","family":"Aval","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Barbara","family":"Endicott-Popovsky","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","first-page":"2002","year":"0","journal-title":"Maxmind geolite country"},{"key":"17","year":"0"},{"key":"18","year":"0"},{"key":"15","author":"file","year":"0"},{"key":"16","first-page":"1994","author":"van noord","year":"0","journal-title":"Textcat language guesser"},{"key":"13","year":"2007","journal-title":"Know Your Enemy Fast-Flux Service Networks"},{"key":"14","first-page":"1998","year":"0","journal-title":"DMOZ open directory project"},{"key":"11","author":"seifert","year":"2007","journal-title":"Know your enemy Behind the scenes of malicious web servers"},{"key":"12","article-title":"justifying the need for forensically ready protocols: a case study of identifying malicious web servers using client honeypots","author":"seifert","year":"2008","journal-title":"4th Annual IFIP WG 11 9 International Conference on Digital Forensics"},{"key":"21","author":"quinlan","year":"1993","journal-title":"C4 5 Programs for Machine Learning"},{"key":"20","author":"witten","year":"2005","journal-title":"Data Mining Practical Machine Learning Tools and Techniques"},{"key":"22","article-title":"the base-rate fallacy and its implications for the difficulty of intrusion detection","author":"axelsson","year":"1999","journal-title":"6th ACM Conference on Computer and Communications Security"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1109\/SECURWARE.2009.17"},{"key":"24","first-page":"231","article-title":"client honeypots","author":"provos","year":"2007","journal-title":"Virtual Honeypots From Botnet Tracking to Intrusion Detection"},{"key":"25","article-title":"caffeine monkey: automated collection, detection and analysis of malicious javascript","author":"feinstein","year":"2007","journal-title":"Black Hat USA 2007"},{"key":"26","article-title":"the ghost in the browser: analysis of web-based malware","author":"provos","year":"2007","journal-title":"Hot-Bots'07"},{"key":"27","article-title":"browsershield: vulnerability-driven filtering of dynamic html","author":"reis","year":"2006","journal-title":"7th USENIX Symposium on Operating Systems Design and Implementation"},{"key":"28","author":"ernst","year":"2008","journal-title":"Self-defending software Collaborative learning for security"},{"key":"29","article-title":"detecting targeted attacks using shadow honeypots","author":"anagnostakis","year":"2005","journal-title":"14th USENIX Security Symposium"},{"key":"3","author":"seifert","year":"2007","journal-title":"Know Your Enemy Malicious Web Servers"},{"key":"2","year":"0","journal-title":"Blogs - security labs"},{"key":"10","author":"zhuge","year":"2007","journal-title":"Studying malicious websites and the underground economy on the Chinese web"},{"key":"1","author":"danchev","year":"0","journal-title":"Dancho danchev's blog - mind streams of information security knowledge"},{"key":"7","author":"seifert","year":"2006","journal-title":"Capture - honeypot client"},{"key":"6","article-title":"a crawler-based study of spyware on the web","author":"moshchuk","year":"2006","journal-title":"13th Annual Network and Distributed System Security Symposium"},{"key":"5","article-title":"automated web patrol with strider honeymonkeys: finding web sites that exploit browser vulnerabilities","author":"wang","year":"2006","journal-title":"13th Annual Network and Distributed System Security Symposium"},{"key":"4","volume":"2007","author":"wang","year":"2005","journal-title":"Honeyclient"},{"key":"9","year":"0"},{"key":"8","author":"seifert","year":"0","journal-title":"Improving detection accuracy and speed with hybrid client honeypots phd proposal"}],"event":{"name":"2008 33rd IEEE Conference on Local Computer Networks (LCN 2008)","location":"Montreal, QB, Canada","start":{"date-parts":[[2008,10,14]]},"end":{"date-parts":[[2008,10,17]]}},"container-title":["2008 33rd IEEE Conference on Local Computer Networks (LCN)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/4656373\/4664131\/04664306.pdf?arnumber=4664306","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,16]],"date-time":"2017-03-16T12:20:13Z","timestamp":1489666813000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/4664306\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,10]]},"references-count":29,"URL":"https:\/\/doi.org\/10.1109\/lcn.2008.4664306","relation":{},"subject":[],"published":{"date-parts":[[2008,10]]}}}