{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T08:28:21Z","timestamp":1770539301125,"version":"3.49.0"},"reference-count":32,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,7]]},"DOI":"10.1109\/pst.2014.6890946","type":"proceedings-article","created":{"date-parts":[[2014,9,10]],"date-time":"2014-09-10T15:43:34Z","timestamp":1410363814000},"page":"249-256","source":"Crossref","is-referenced-by-count":26,"title":["Automated generation of models for fast and precise detection of HTTP-based malware"],"prefix":"10.1109","author":[{"given":"Apostolis","family":"Zarras","sequence":"first","affiliation":[]},{"given":"Antonis","family":"Papadogiannakis","sequence":"additional","affiliation":[]},{"given":"Robert","family":"Gawlik","sequence":"additional","affiliation":[]},{"given":"Thorsten","family":"Holz","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"19","article-title":"Studying spamming botnets using botlab","author":"john","year":"2009","journal-title":"USENIX Symposium on Networked Systems Design and Implementation (NSDI)"},{"key":"17","year":"2012","journal-title":"Internet World Stats Internet Usage Statistics World Internet Users and Population Stats"},{"key":"18","article-title":"Jackstraws: Picking command and control connections from bot traffic","author":"jacob","year":"2011","journal-title":"USENIX Security Symposium"},{"key":"15","article-title":"BotHunter: Detecting malware infection through IDS-driven dialog correlation","author":"gu","year":"2007","journal-title":"USENIX Security Symposium"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.5769\/C2006003"},{"key":"13","article-title":"Peer-to-peer botnets: Overview and case study","author":"grizzard","year":"2007","journal-title":"USENIX Workshop on Hot Topics in Understanding Botnets (HotBots'07)"},{"key":"14","article-title":"BotMiner: Clustering analysis of network traffic for protocol-and structure-independent botnet detection","author":"gu","year":"2008","journal-title":"USENIX Security Symposium"},{"key":"11","article-title":"Rishi: Identify bot contaminated hosts by IRC nickname evaluation","author":"goebel","year":"2007","journal-title":"USENIX Workshop on Hot Topics in Understanding Botnets (HotBots'07)"},{"key":"12","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-73614-1_7","article-title":"Measurement and analysis of autonomous spreading malware in a university environment","author":"goebel","year":"2007","journal-title":"Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)"},{"key":"21","article-title":"Hamsa: Fast signature generation for zero-day polymorphicworms with provable attack resilience","author":"li","year":"2006","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"20","year":"2012","journal-title":"Kaspersky Lab Kaspersky Lab Report 23% of Users Are Running Old or Outdated Web Browsers"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1145\/997150.997156"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"25","article-title":"Behavioral clustering of HTTPBased malware and signature generation using malicious network traces","author":"perdisci","year":"2010","journal-title":"USENIX Symposium on Networked Systems Design and Implementation (NSDI)"},{"key":"26","article-title":"Botnet judo: Fighting spam with itself","author":"pitsillidis","year":"2010","journal-title":"ISOC Network and Distributed System Security Symposium (NDSS)"},{"key":"27","article-title":"Snort: Lightweight intrusion detection for networks","author":"roesch","year":"1999","journal-title":"USENIX Large Installation System Administration Conference"},{"key":"28","article-title":"Automated worm fingerprinting","author":"singh","year":"2004","journal-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI'02)"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068843"},{"key":"3","article-title":"From throw-away traffic to bots: Detecting the rise of dga-based malware","author":"antonakakis","year":"2012","journal-title":"USENIX Security Symposium"},{"key":"2","article-title":"Spamscatter: Characterizing internet scam hosting infrastructure","author":"anderson","year":"2007","journal-title":"USENIX Security Symposium"},{"key":"10","article-title":"Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks","author":"freiling","year":"2005","journal-title":"European Symposium on Research in Computer Security (ESORICS)"},{"key":"1","doi-asserted-by":"crossref","DOI":"10.1145\/1177080.1177086","article-title":"A multifaceted approach to understanding the botnet phenomenon","author":"rajab","year":"2006","journal-title":"ACM SIGCOMM Conference on Internet Measurement (IMC)"},{"key":"30","article-title":"B@bel: Leveraging email delivery for spam mitigation","author":"stringhini","year":"2012","journal-title":"USENIX Security Symposium"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920283"},{"key":"6","article-title":"The zombie roundup: Understanding, detecting, and disrupting botnets","author":"cooke","year":"2005","journal-title":"Proc USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402979"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.12"},{"key":"31","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MSP.2007.45","article-title":"Toward automated dynamic malware analysis using CWSandbox","volume":"5","author":"willems","year":"2007","journal-title":"Security &Privacy IEEE"},{"key":"4","article-title":"TTAnalyze: A tool for analyzing malware","author":"bayer","year":"2006","journal-title":"Annual Conference of European Institute for Computer Antivirus Research (EICAR)"},{"key":"9","article-title":"BotTrack: Tracking botnets using netflow and pagerank","author":"francois","year":"2011","journal-title":"IFIP Networking Conference"},{"key":"8","year":"2013","journal-title":"Cuckoo Sandbox Automated Malware Analysis"}],"event":{"name":"2014 Twelfth Annual Conference on Privacy, Security and Trust (PST)","location":"Toronto, ON, Canada","start":{"date-parts":[[2014,7,23]]},"end":{"date-parts":[[2014,7,24]]}},"container-title":["2014 Twelfth Annual International Conference on Privacy, Security and Trust"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6883276\/6890911\/06890946.pdf?arnumber=6890946","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,16]],"date-time":"2022-04-16T20:06:41Z","timestamp":1650139601000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6890946\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,7]]},"references-count":32,"URL":"https:\/\/doi.org\/10.1109\/pst.2014.6890946","relation":{},"subject":[],"published":{"date-parts":[[2014,7]]}}}