{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T16:58:05Z","timestamp":1770224285225,"version":"3.49.0"},"reference-count":31,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,10]]},"DOI":"10.1109\/malware.2017.8323951","type":"proceedings-article","created":{"date-parts":[[2018,3,26]],"date-time":"2018-03-26T21:04:19Z","timestamp":1522098259000},"page":"3-10","source":"Crossref","is-referenced-by-count":2,"title":["Kali: Scalable encryption fingerprinting in dynamic malware traces"],"prefix":"10.1109","author":[{"given":"Lorenzo","family":"De Carli","sequence":"first","affiliation":[]},{"given":"Ruben","family":"Torres","sequence":"additional","affiliation":[]},{"given":"Gaspar","family":"Modelo-Howard","sequence":"additional","affiliation":[]},{"given":"Alok","family":"Tongaonkar","sequence":"additional","affiliation":[]},{"given":"Somesh","family":"Jha","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053035"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/HPCC-CSS-ICESS.2015.39"},{"key":"ref10","first-page":"15","article-title":"Lempel-Ziv Factorization Revisited","author":"ohlebusch","year":"2011","journal-title":"Combinatorial Pattern Matching Ser Lecture Notes in Computer Science"},{"key":"ref11","author":"calvet","year":"2015","journal-title":"Aligot source code"},{"key":"ref12","author":"molfetas","year":"2017","journal-title":"dstsc Data Structures and related algorithms (C\/C++ implementation)"},{"key":"ref13","author":"mori","year":"2016","journal-title":"SAIS library"},{"key":"ref14","article-title":"Sality: Story of a peer-to-peer viral network","author":"falliere","year":"2011","journal-title":"Symantec Tech Rep"},{"key":"ref15","article-title":"W.32 Ramnit Analysis","year":"2015","journal-title":"Symantec Tech Rep"},{"key":"ref16","year":"2016","journal-title":"Cuckoo Sandbox"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"ref18","article-title":"Towards revealing attackers intent by automatically decrypting network traffic","author":"lutz","year":"2008","journal-title":"ETH Z&#x00FC;rich"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653737"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2016.46"},{"key":"ref4","article-title":"Internet Security Threat Report","year":"2017","journal-title":"Tech Rep"},{"key":"ref27","article-title":"Unveil: A large-scale, automated approach to detecting ransomware","author":"kharraz","year":"2016","journal-title":"USENIX Security Symposium"},{"key":"ref3","author":"newman","year":"2017","journal-title":"The Ransomware Meltdown Experts Warned About Is Here"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SFFCS.1999.814634"},{"key":"ref29","article-title":"HelDroid: Dissecting and Detecting Mobile Ransomware","author":"andronio","year":"2015","journal-title":"RAID"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382217"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/0166-218X(89)90051-6"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2017.8057064"},{"key":"ref2","author":"kessem","year":"2016","journal-title":"Ramnit Rears Its Ugly Head Again Targets Major UK Banks"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781107341005"},{"key":"ref1","article-title":"The ZeroAccess Botnet - Mining and Fraud for Massive Financial Gain","author":"wyke","year":"2012","journal-title":"Sophos Tech Rep"},{"key":"ref20","article-title":"ReFormat: Automatic reverse engineering of encrypted messages","author":"wang","year":"2009","journal-title":"ESORICS"},{"key":"ref22","article-title":"Automatic detection and analysis of encrypted messages in malware","author":"zhao","year":"2013","journal-title":"International Conference on Information Security and Cryptology"},{"key":"ref21","doi-asserted-by":"crossref","DOI":"10.1145\/2714576.2714639","article-title":"Automated Identification of Cryptographic Primitives in Binary Code with Data Flow Graph Isomorphism","author":"lestringant","year":"2015","journal-title":"Asia CCS"},{"key":"ref24","article-title":"Provex: Detecting botnets with encrypted command and control channels","author":"rossow","year":"2013","journal-title":"DIMVA"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.56"},{"key":"ref26","author":"deign","year":"2017","journal-title":"Seeing threats hidden in encrypted traffic"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.06.019"}],"event":{"name":"2017 12th International Conference on Malicious and Unwanted Software (MALWARE)","location":"Fajardo","start":{"date-parts":[[2017,10,11]]},"end":{"date-parts":[[2017,10,14]]}},"container-title":["2017 12th International Conference on Malicious and Unwanted Software (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8318523\/8323944\/08323951.pdf?arnumber=8323951","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,26]],"date-time":"2022-01-26T06:59:04Z","timestamp":1643180344000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/8323951\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,10]]},"references-count":31,"URL":"https:\/\/doi.org\/10.1109\/malware.2017.8323951","relation":{},"subject":[],"published":{"date-parts":[[2017,10]]}}}