{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,24]],"date-time":"2025-08-24T00:01:29Z","timestamp":1755993689755,"version":"3.44.0"},"reference-count":31,"publisher":"IEEE","license":[{"start":{"date-parts":[[2016,10,1]],"date-time":"2016-10-01T00:00:00Z","timestamp":1475280000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2016,10,1]],"date-time":"2016-10-01T00:00:00Z","timestamp":1475280000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,10]]},"DOI":"10.1109\/malware.2016.7888733","type":"proceedings-article","created":{"date-parts":[[2017,3,31]],"date-time":"2017-03-31T00:55:59Z","timestamp":1490921759000},"page":"1-8","source":"Crossref","is-referenced-by-count":4,"title":["On periodic behavior of malware: experiments, opportunities and challenges"],"prefix":"10.1109","author":[{"given":"Ngoc Anh","family":"Huynh","sequence":"first","affiliation":[{"name":"School of Computer Engineering Nanyang Technological University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wee Keong","family":"Ng","sequence":"additional","affiliation":[{"name":"School of Computer Engineering Nanyang Technological University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hoang Giang","family":"Do","sequence":"additional","affiliation":[{"name":"School of Computer Engineering Nanyang Technological University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"year":"2014","author":"garca","journal-title":"Identifying and modeling botnet command and control behaviors","key":"ref31"},{"doi-asserted-by":"publisher","key":"ref30","DOI":"10.1631\/jzus.C1300053"},{"year":"2015","author":"khandhar","journal-title":"Banking botnets persist despite takedowns","key":"ref10"},{"year":"2015","article-title":"Internet security threat report","key":"ref11"},{"year":"2006","author":"liston","journal-title":"On the cutting edge Thwarting virtual machine detection","key":"ref12"},{"doi-asserted-by":"publisher","key":"ref13","DOI":"10.1109\/MSP.2011.67"},{"year":"2012","author":"bencsath","journal-title":"Duqu Analysis Detection and Lessons Learned","key":"ref14"},{"year":"0","journal-title":"Darkcomet rat v4 2","key":"ref15"},{"year":"2012","journal-title":"Darkcomet rat used in new attack on syrian activists","key":"ref16"},{"year":"2015","journal-title":"Criminals exploited je suis charlie to spread darkcomet malware","key":"ref17"},{"year":"0","author":"xylibox","journal-title":"Neutrino Bot","key":"ref18"},{"year":"0","journal-title":"Wireshark Go deep","key":"ref19"},{"key":"ref28","article-title":"Slow-paced persistent network attacks analysis and detection using spectrum analysis","author":"chen","year":"2014","journal-title":"IEEE Systems Journal"},{"doi-asserted-by":"publisher","key":"ref4","DOI":"10.1109\/INFCOMW.2011.5928922"},{"doi-asserted-by":"publisher","key":"ref27","DOI":"10.1145\/1879141.1879148"},{"year":"2009","author":"falliere","journal-title":"Zeus King of the Bots","key":"ref3"},{"doi-asserted-by":"publisher","key":"ref6","DOI":"10.1109\/GLOCOM.2009.5426172"},{"doi-asserted-by":"publisher","key":"ref29","DOI":"10.1109\/SP.2010.25"},{"doi-asserted-by":"publisher","key":"ref5","DOI":"10.1007\/978-3-642-45062-4_98"},{"year":"0","journal-title":"Interesting malwares","key":"ref8"},{"doi-asserted-by":"publisher","key":"ref7","DOI":"10.1007\/978-3-642-04342-0_17"},{"year":"2015","author":"miguel","journal-title":"Travelling to the far side of Andromeda","key":"ref2"},{"year":"0","journal-title":"All remote administration tools - paid and free","key":"ref9"},{"year":"2012","author":"kujawa","journal-title":"You dirty rat! part 1-darkcomet","key":"ref1"},{"year":"0","journal-title":"Deep freeze - faronics","key":"ref20"},{"year":"0","journal-title":"A Case Study of the Rustock Rootkit and Spam Bot","key":"ref22"},{"year":"0","key":"ref21"},{"key":"ref24","article-title":"Snort: Lightweight intrusion detection for networks","author":"roesch","year":"1999","journal-title":"LISA"},{"year":"0","journal-title":"Threat spotlight Dyre\/dyreza An analysis to discover the DGA","key":"ref23"},{"doi-asserted-by":"publisher","key":"ref26","DOI":"10.1631\/jzus.C1300242"},{"year":"0","journal-title":"Suricata","key":"ref25"}],"event":{"name":"2016 11th International Conference on Malicious and Unwanted Software (MALWARE)","start":{"date-parts":[[2016,10,18]]},"location":"Fajardo, PR, USA","end":{"date-parts":[[2016,10,21]]}},"container-title":["2016 11th International Conference on Malicious and Unwanted Software (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7884714\/7888717\/07888733.pdf?arnumber=7888733","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T00:34:43Z","timestamp":1755909283000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/7888733\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,10]]},"references-count":31,"URL":"https:\/\/doi.org\/10.1109\/malware.2016.7888733","relation":{},"subject":[],"published":{"date-parts":[[2016,10]]}}}