{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:50:28Z","timestamp":1759092628761},"reference-count":32,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,5]]},"DOI":"10.1109\/spw.2012.15","type":"proceedings-article","created":{"date-parts":[[2012,7,10]],"date-time":"2012-07-10T21:39:25Z","timestamp":1341956365000},"page":"104-112","source":"Crossref","is-referenced-by-count":12,"title":["User Intention-Based Traffic Dependence Analysis for Anomaly Detection"],"prefix":"10.1109","author":[{"given":"Hao","family":"Zhang","sequence":"first","affiliation":[]},{"given":"William","family":"Banick","sequence":"additional","affiliation":[]},{"given":"Danfeng","family":"Yao","sequence":"additional","affiliation":[]},{"given":"Naren","family":"Ramakrishnan","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1007\/s10115-010-0344-6"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1109\/POLICY.2008.51"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2008.32"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1990.63859"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455806"},{"journal-title":"Hypertext Transfer Protocol - HTTP\/1 1","year":"1999","key":"13"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1145\/1629080.1629082"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"12","article-title":"Not-a-Bot: Improving service availability in the face of botnet attacks","author":"gummadi","year":"0","journal-title":"Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation (NDSI) 2009"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1145\/353323.353382"},{"journal-title":"An SSL Proxying Technique to Sniff HTTPs Packets","year":"0","key":"20"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1109\/69.617059"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1109\/CMPCON.1991.128802"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_6"},{"key":"25","article-title":"Cryptographic provenance verification for the integrity of keystrokes and outbound network traffic","author":"stefan","year":"0","journal-title":"Proceedings of the 8th International Conference on Applied Cryptography and Network Security (ACNS) June 2010"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1990.63857"},{"journal-title":"TLogger - An Firefox Extension","year":"0","key":"27"},{"key":"28","first-page":"10","article-title":"A semantic framework for data analysis in networked systems","author":"viswanathan","year":"2011","journal-title":"Proceedings of the 8th USENIX Conference on Networked Systems Design and Implementation NSDI'11"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.50"},{"journal-title":"Top 10 Blocked URLs and Domains","year":"0","key":"3"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1145\/1151454.1151493"},{"key":"10","first-page":"4","article-title":"Binder: An extrusionbased breakin detector for personal computers","author":"cui","year":"2005","journal-title":"Proceedings USENIX Annual Technical Conference"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1145\/2133601.2133635"},{"key":"30","article-title":"Detecting infection onset with behavior-based policies","author":"xu","year":"0","journal-title":"Proceedings of the Fifth International Conference on Network and System Security (NSS) September 2011"},{"key":"7","first-page":"212","article-title":"A logical framework for evaluating network resilience against faults and attacks","author":"bursztein","year":"2007","journal-title":"Computer and Network Security 12th Asian Computing Science Conference (ASIAN)"},{"journal-title":"Technical Details about Trojan Brojack","year":"0","key":"6"},{"journal-title":"User Intentionbased Traffic Dependence Analysis for Anomaly Detection","year":"2012","author":"zhang","key":"32"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.9"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1145\/1081870.1081912"},{"key":"4","doi-asserted-by":"crossref","first-page":"110","DOI":"10.1145\/1030083.1030100","article-title":"Web Tap: Detecting covert web traffic","author":"borders","year":"2004","journal-title":"Proceedings of the 11th ACM conference on Computer and Communication Security"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1145\/1342211.1342215"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2010.235"}],"event":{"name":"2012 IEEE Security and Privacy Workshops (SPW)","start":{"date-parts":[[2012,5,24]]},"location":"San Francisco, CA, USA","end":{"date-parts":[[2012,5,25]]}},"container-title":["2012 IEEE Symposium on Security and Privacy Workshops"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/6226981\/6227677\/06227692.pdf?arnumber=6227692","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,20]],"date-time":"2022-01-20T21:01:18Z","timestamp":1642712478000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6227692\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,5]]},"references-count":32,"URL":"https:\/\/doi.org\/10.1109\/spw.2012.15","relation":{},"subject":[],"published":{"date-parts":[[2012,5]]}}}