{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:41:29Z","timestamp":1750308089293,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":63,"publisher":"ACM","license":[{"start":{"date-parts":[[2005,11,11]],"date-time":"2005-11-11T00:00:00Z","timestamp":1131667200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2005,11,11]]},"DOI":"10.1145\/1103626.1103629","type":"proceedings-article","created":{"date-parts":[[2006,2,6]],"date-time":"2006-02-06T15:52:40Z","timestamp":1139241160000},"page":"2-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":32,"title":["On instant messaging worms, analysis and countermeasures"],"prefix":"10.1145","author":[{"given":"Mohammad","family":"Mannan","sequence":"first","affiliation":[{"name":"Carleton University, Ottawa, Ontario, Canada"}]},{"given":"Paul C.","family":"van Oorschot","sequence":"additional","affiliation":[{"name":"Carleton University, Ottawa, Ontario, Canada"}]}],"member":"320","published-online":{"date-parts":[[2005,11,11]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1038\/43601"},{"key":"e_1_3_2_1_2_1","unstructured":"AmericaOnline Inc. AOL Instant Messenger. http:\/\/www.aim.com\/ {Accessed: Mar. 22 2005}.  AmericaOnline Inc. AOL Instant Messenger. http:\/\/www.aim.com\/ {Accessed: Mar. 22 2005}."},{"key":"e_1_3_2_1_3_1","volume-title":"Feb.","author":"Anti-Phishing Working Group","year":"2005","unstructured":"Anti-Phishing Working Group . Phishing activity trends report , Feb. 2005 . http:\/\/www.antiphishing.org\/APWGPhishingActivityReportFeb05.pdf {Accessed: Mar.31, 2005}. Anti-Phishing Working Group. Phishing activity trends report, Feb. 2005. http:\/\/www.antiphishing.org\/APWGPhishingActivityReportFeb05.pdf {Accessed: Mar.31, 2005}."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1126\/science.286.5439.509"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1038\/scientificamerican0503-60"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029179.1029200"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.65.055103"},{"key":"e_1_3_2_1_8_1","unstructured":"Eyeball Networks Inc. Eyeball Chat-Free video Instant Messenger. http:\/\/www.eyeballchat.com {Accessed: June15 2005}.  Eyeball Networks Inc. Eyeball Chat-Free video Instant Messenger. http:\/\/www.eyeballchat.com {Accessed: June15 2005}."},{"key":"e_1_3_2_1_9_1","volume-title":"http:\/\/www.facetime.com\/impactcenter\/default. aspx {Accessed","author":"Face Time. IMPact Center","year":"2005","unstructured":"Face Time. IMPact Center - IM & P2P Threats . http:\/\/www.facetime.com\/impactcenter\/default. aspx {Accessed : Aug. 17, 2005 }. Face Time. IMPact Center-IM & P2P Threats. http:\/\/www.facetime.com\/impactcenter\/default. aspx {Accessed: Aug. 17, 2005}."},{"key":"e_1_3_2_1_10_1","volume-title":"Malware evolution: January-March","author":"Gostev A.","year":"2005","unstructured":"A. Gostev . Malware evolution: January-March 2005 . Kasper skyLab. http:\/\/www.viruslist.com\/en\/analysis {Accessed: Apr. 27, 2005}. A. Gostev. Malware evolution: January-March 2005. Kasper skyLab. http:\/\/www.viruslist.com\/en\/analysis {Accessed: Apr. 27, 2005}."},{"key":"e_1_3_2_1_11_1","volume-title":"Threats to Instant Messaging","author":"Hindocha N.","year":"2003","unstructured":"N. Hindocha . Threats to Instant Messaging , 2003 . Symantec Security Response . http:\/\/securityresponse.symantec.com\/avcenter\/reference\/threats. to.instant.messaging.pdf {Accessed: Dec. 7, 2003}. N. Hindocha. Threats to Instant Messaging, 2003. Symantec Security Response. http:\/\/securityresponse.symantec.com\/avcenter\/reference\/threats. to.instant.messaging.pdf {Accessed: Dec. 7, 2003}."},{"key":"e_1_3_2_1_12_1","volume-title":"Virus Bullet in Conference, vb2003","author":"Hindocha N.","year":"2003","unstructured":"N. Hindocha and E. Chien . Malicious threats and vulnerabilities in InstantMessaging . In Virus Bullet in Conference, vb2003 , Sept. 2003 . N. Hindocha and E. Chien. Malicious threats and vulnerabilities in InstantMessaging. In Virus Bullet in Conference, vb2003, Sept. 2003."},{"key":"e_1_3_2_1_13_1","volume-title":"http:\/\/www.icq.com\/ {Accessed: Mar.22","author":"ICQ Inc. ICQ Pro 2003b.","year":"2005","unstructured":"ICQ Inc. ICQ Pro 2003b. http:\/\/www.icq.com\/ {Accessed: Mar.22 , 2005 }. ICQ Inc. ICQ Pro 2003b. http:\/\/www.icq.com\/ {Accessed: Mar.22, 2005}."},{"key":"e_1_3_2_1_14_1","unstructured":"IMlogic. IM logic Threat Center. http:\/\/www.imlogic.com\/imthreatcenter\/index.asp {Accessed: Mar. 17 2005}.  IMlogic. IM logic Threat Center. http:\/\/www.imlogic.com\/imthreatcenter\/index.asp {Accessed: Mar. 17 2005}."},{"key":"e_1_3_2_1_15_1","first-page":"C2810","article-title":"Internet Relay Chat","author":"Kalt C.","year":"2000","unstructured":"C. Kalt . Internet Relay Chat : Architecture , Apr. 2000 . RF C2810 , Status: Informational. http:\/\/www.faqs.org\/rfcs\/rfc2810.html {Accessed: June22, 2004}. C. Kalt. Internet Relay Chat: Architecture, Apr. 2000. RFC2810, Status: Informational. http:\/\/www.faqs.org\/rfcs\/rfc2810.html {Accessed: June22, 2004}.","journal-title":"Architecture"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948189"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2005.234"},{"key":"e_1_3_2_1_18_1","volume-title":"Aug.","author":"Mannan M.","year":"2005","unstructured":"M. Mannan . Secure Public Instant Messaging , Aug. 2005 . Masters Thesis(ComputerScience) . http:\/\/www.scs.carleton.ca\/?mmannan\/publications\/msthesis.pdf{Accessed: Aug. 21, 2005}. M. Mannan. Secure Public Instant Messaging, Aug. 2005. Masters Thesis(ComputerScience). http:\/\/www.scs.carleton.ca\/?mmannan\/publications\/msthesis.pdf{Accessed: Aug. 21, 2005}."},{"key":"e_1_3_2_1_19_1","first-page":"69","volume-title":"Proceedings of the 2nd Annual Conference on Privacy, Security and Trust(PST'04)","author":"Mannan M.","year":"2004","unstructured":"M. Mannan and P. C. van Oorschot . Secure public Instant Messaging: Asurvey . In Proceedings of the 2nd Annual Conference on Privacy, Security and Trust(PST'04) , pages 69 -- 77 , Fredericton, NB, Canada , Oct. 2004 . http:\/\/www.scs.carleton.ca\/?mmannan\/publications\/pst04.pdf {Accessed: June 23, 2005}. M. Mannan and P. C. van Oorschot. Secure public Instant Messaging: Asurvey. In Proceedings of the 2nd Annual Conference on Privacy, Security and Trust(PST'04), pages 69--77, Fredericton, NB, Canada, Oct. 2004. http:\/\/www.scs.carleton.ca\/?mmannan\/publications\/pst04.pdf {Accessed: June 23, 2005}."},{"key":"e_1_3_2_1_20_1","volume-title":"http:\/\/messenger.msn.com\/ {Accessed","author":"Messenger MSN","year":"2005","unstructured":"Microsoft. MSN Messenger . http:\/\/messenger.msn.com\/ {Accessed : Mar. 22, 2005 }. Microsoft. MSN Messenger. http:\/\/messenger.msn.com\/ {Accessed: Mar. 22, 2005}."},{"key":"e_1_3_2_1_21_1","unstructured":"Microsoft. MSN Messenger for Mac. http:\/\/www.microsoft.com\/mac\/default.aspx?pid=msnmessenger {Accessed: May 3 2005}.  Microsoft. MSN Messenger for Mac. http:\/\/www.microsoft.com\/mac\/default.aspx?pid=msnmessenger {Accessed: May 3 2005}."},{"key":"e_1_3_2_1_22_1","unstructured":"Microsoft. Office live communications server. http:\/\/www.microsoft.com\/office\/livecomm\/prodinfo\/default.mspx {Accessed: Mar.18 2005}.  Microsoft. Office live communications server. http:\/\/www.microsoft.com\/office\/livecomm\/prodinfo\/default.mspx {Accessed: Mar.18 2005}."},{"key":"e_1_3_2_1_23_1","volume-title":"July","author":"Pass Microsoft Press","year":"2004","unstructured":"Microsoft Press Pass . Flirting's moved online! New research from MSN reveals millions swap IM addresses with potential dates , July 2004 . http:\/\/www.microsoft.com\/presspass\/press\/2004\/jul04\/07-08FlirtingPR.asp {Accessed: Mar. 17, 2005}. Microsoft Press Pass. Flirting's moved online! New research from MSN reveals millions swap IM addresses with potential dates, July 2004. http:\/\/www.microsoft.com\/presspass\/press\/2004\/jul04\/07-08FlirtingPR.asp {Accessed: Mar. 17, 2005}."},{"key":"e_1_3_2_1_24_1","unstructured":"Microsoft TechNet. Microsoft security bullet in MS05-009: Vulnerability in PNG processing could allow remote code execution(890261). http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS05-009.mspx {Accessed: Mar. 18 2005}.  Microsoft TechNet. Microsoft security bullet in MS05-009: Vulnerability in PNG processing could allow remote code execution(890261). http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS05-009.mspx {Accessed: Mar. 18 2005}."},{"key":"e_1_3_2_1_25_1","unstructured":"Microsoft TechNet. Microsoft security bullet in MS05-022: Vulnerability in MSN Messenger could lead to remote code execution(896597). http:\/\/www.microsoft.com\/technet\/security\/Bulletin\/MS05-022.mspx {Accessed: June 20 2005}.  Microsoft TechNet. Microsoft security bullet in MS05-022: Vulnerability in MSN Messenger could lead to remote code execution(896597). http:\/\/www.microsoft.com\/technet\/security\/Bulletin\/MS05-022.mspx {Accessed: June 20 2005}."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1965841.1965858"},{"volume-title":"Aug.","year":"2005","key":"e_1_3_2_1_27_1","unstructured":"News.com Staff. IM worm speaks your language , Aug. 2005 . Newsarticle , http:\/\/news.com.com\/{Accessed:Aug.24, 2005}. News.com Staff. IM worm speaks your language, Aug. 2005. Newsarticle, http:\/\/news.com.com\/{Accessed:Aug.24, 2005}."},{"volume-title":"Mar.","year":"2005","key":"e_1_3_2_1_28_1","unstructured":"News.com Staff. Phishers target Yahoo Messenger , Mar. 2005 . Newsarticle , http:\/\/news.com.com\/ {Accessed: Mar. 27, 2005}. News.com Staff. Phishers target Yahoo Messenger, Mar. 2005. Newsarticle, http:\/\/news.com.com\/ {Accessed: Mar. 27, 2005}."},{"volume-title":"Mar.","year":"2005","key":"e_1_3_2_1_29_1","unstructured":"News.com Staff. Trillian IM flaw exposed , Mar. 2005 . Newsarticle , http:\/\/news.com.com\/{Accessed:Mar.25, 2005}. News.com Staff. Trillian IM flaw exposed, Mar. 2005. Newsarticle, http:\/\/news.com.com\/{Accessed:Mar.25, 2005}."},{"volume-title":"Apr.","year":"2005","key":"e_1_3_2_1_30_1","unstructured":"News.com Staff. Worm attack forces Reuters IM offine , Apr. 2005 . Newsarticle , http:\/\/news.com.com\/ {Accessed: Apr. 15, 2005}. News.com Staff. Worm attack forces Reuters IM offine, Apr. 2005. Newsarticle, http:\/\/news.com.com\/ {Accessed: Apr. 15, 2005}."},{"key":"e_1_3_2_1_31_1","volume-title":"http:\/\/news.com.com\/ {Accessed","author":"Yahoo","year":"2005","unstructured":"News.com Staff. Yahoo fills in Messenger hole, May 2005. Newsarticle , http:\/\/news.com.com\/ {Accessed : June 17, 2005 }. News.com Staff.Yahoo fills in Messenger hole, May 2005. Newsarticle, http:\/\/news.com.com\/ {Accessed: June 17, 2005}."},{"key":"e_1_3_2_1_32_1","first-page":"1459","author":"Oikarinen J.","year":"1993","unstructured":"J. Oikarinen and D. Reed . Internet Relay Chatprotocol , May 1993 . RFC 1459 , Status: Experimental. http:\/\/www.faqs.org\/rfcs\/rfc1459.html{Accessed: June 10, 2004}. J. Oikarinen and D. Reed. Internet Relay Chatprotocol, May 1993. RFC 1459, Status: Experimental. http:\/\/www.faqs.org\/rfcs\/rfc1459.html{Accessed: June 10, 2004}.","journal-title":"Internet Relay Chatprotocol"},{"key":"e_1_3_2_1_33_1","unstructured":"Open Source. aMSN: Alvaro's Messenger. http:\/\/amsn.sourceforge.net\/index.php {Accessed: May 3 2005}.  Open Source. aMSN: Alvaro's Messenger. http:\/\/amsn.sourceforge.net\/index.php {Accessed: May 3 2005}."},{"key":"e_1_3_2_1_34_1","unstructured":"Open Source. eMule Project. http:\/\/www.emule-project.net\/ {Accessed: Aug. 21 2005}.  Open Source. eMule Project. http:\/\/www.emule-project.net\/ {Accessed: Aug. 21 2005}."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevLett.86.3200"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029618"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586133"},{"key":"e_1_3_2_1_38_1","first-page":"3920","article-title":"Extensible messaging and presence protocol(XMPP)","author":"Saint-Andre P.","year":"2004","unstructured":"P. Saint-Andre . Extensible messaging and presence protocol(XMPP) : Core , Oct. 2004 . RFC 3920 , Status: Standards Track. http:\/\/www.ietf.org\/rfc\/rfc3920.txt {Accessed: Mar. 2, 2005}. P. Saint-Andre. Extensible messaging and presence protocol(XMPP): Core, Oct. 2004. RFC 3920, Status: Standards Track. http:\/\/www.ietf.org\/rfc\/rfc3920.txt {Accessed: Mar. 2, 2005}.","journal-title":"Core"},{"key":"e_1_3_2_1_39_1","volume-title":"Oct.","author":"Saint-Andre P.","year":"2004","unstructured":"P. Saint-Andre . Extensible messaging and presence protocol (XMPP): Instant Messaging and presence , Oct. 2004 . RFC 3921, Status : Standards Track . http:\/\/www.ietf.org\/rfc\/rfc3921.txt {Accessed: Mar. 3, 2005}. P. Saint-Andre. Extensible messaging and presence protocol (XMPP): Instant Messaging and presence, Oct. 2004. RFC 3921, Status: Standards Track. http:\/\/www.ietf.org\/rfc\/rfc3921.txt {Accessed: Mar. 3, 2005}."},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the 2003 ACM Workshopon Rapid Malcode(WORM'03)","author":"Savage S.","year":"2003","unstructured":"S. Savage , editor. Proceedings of the 2003 ACM Workshopon Rapid Malcode(WORM'03) , Washington, DC, USA , Oct. 2003 . ACM Press. S. Savage, editor. Proceedings of the 2003 ACM Workshopon Rapid Malcode(WORM'03), Washington, DC, USA, Oct. 2003. ACM Press."},{"volume-title":"Feb.","year":"2004","key":"e_1_3_2_1_41_1","unstructured":"Secunia. ICQ predictable file location weakness , Feb. 2004 . Secunia Advisory SA 10970, http:\/\/secunia.com\/advisories\/10970\/ {Accessed: June 17, 2005}. Secunia. ICQ predictable file location weakness, Feb. 2004. Secunia Advisory SA 10970, http:\/\/secunia.com\/advisories\/10970\/ {Accessed: June 17, 2005}."},{"key":"e_1_3_2_1_42_1","volume-title":"June","author":"Smith R. D.","year":"2005","unstructured":"R. D. Smith . Instant Messaging as a scale-free network , June 2005 . cond-mat\/0206378, http:\/\/arxiv.org\/abs\/cond-mat\/0206378 {Accessed: June 20, 2005}. R. D. Smith. Instant Messaging as a scale-free network, June 2005. cond-mat\/0206378, http:\/\/arxiv.org\/abs\/cond-mat\/0206378 {Accessed: June 20, 2005}."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.720288"},{"key":"e_1_3_2_1_44_1","unstructured":"Symantec. Search and latest virus threat spage. http:\/\/www.symantec.com\/avcenter\/vinfodb.html {Accessed: Mar. 18 2005}.  Symantec. Search and latest virus threat spage. http:\/\/www.symantec.com\/avcenter\/vinfodb.html {Accessed: Mar. 18 2005}."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"crossref","unstructured":"Symantec. Securing Instant Messaging. http:\/\/securityresponse.symantec.com\/avcenter\/reference\/secure.instant.messaging.pdf {Accessed: June 27 2004}.  Symantec. Securing Instant Messaging. http:\/\/securityresponse.symantec.com\/avcenter\/reference\/secure.instant.messaging.pdf {Accessed: June 27 2004}.","DOI":"10.1016\/S0140-3664(03)00128-2"},{"volume-title":"http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.bizex.worm.html {Accessed","year":"2005","key":"e_1_3_2_1_46_1","unstructured":"Symantec. W32. Bizex. Worm. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.bizex.worm.html {Accessed : June 21, 2005 }. Symantec. W32. Bizex. Worm. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.bizex.worm.html {Accessed: June 21, 2005}."},{"key":"e_1_3_2_1_47_1","volume-title":"http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.bropia.m.html {Accessed","author":"M.","year":"2005","unstructured":"Symantec. W32. Bropia. M. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.bropia.m.html {Accessed : June 21, 2005 }. Symantec. W32. Bropia. M. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.bropia.m.html {Accessed: June 21, 2005}."},{"volume-title":"http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.choke.worm.html {Accessed","year":"2005","key":"e_1_3_2_1_48_1","unstructured":"Symantec. W32. Choke. Worm. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.choke.worm.html {Accessed : June 21, 2005 }. Symantec. W32. Choke. Worm. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.choke.worm.html {Accessed: June 21, 2005}."},{"key":"e_1_3_2_1_49_1","volume-title":"http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.kelvir.hi.html {Accessed","author":"HI.","year":"2005","unstructured":"Symantec. W32. Kelvir. HI. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.kelvir.hi.html {Accessed : Aug. 25, 2005 }. Symantec. W32. Kelvir. HI. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.kelvir.hi.html {Accessed: Aug. 25, 2005}."},{"key":"e_1_3_2_1_50_1","volume-title":"http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.serflog.a.html {Accessed","author":"A.","year":"2005","unstructured":"Symantec. W32. Serflog. A. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.serflog.a.html {Accessed : June 21, 2005 }. Symantec. W32. Serflog. A. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w32.serflog.a.html {Accessed: June 21, 2005}."},{"volume-title":"http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w95.sofunny.worm@m.html {Accessed","year":"2005","key":"e_1_3_2_1_51_1","unstructured":"Symantec. W95.SoFunny.Worm@m. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w95.sofunny.worm@m.html {Accessed : June 21, 2005 }. Symantec. W95.SoFunny.Worm@m. http:\/\/securityresponse.symantec.com\/avcenter\/venc\/data\/w95.sofunny.worm@m.html {Accessed: June 21, 2005}."},{"volume-title":"Mar.","year":"2005","key":"e_1_3_2_1_52_1","unstructured":"TechWeb. comStaff. IMthreats growing 50% per month , Mar. 2005 . TechWeb . comnewsarticle, http:\/\/informationweek.com {Accessed: Mar. 25, 2005}. TechWeb. comStaff. IMthreats growing 50% per month, Mar. 2005. TechWeb. comnewsarticle, http:\/\/informationweek.com {Accessed: Mar. 25, 2005}."},{"key":"e_1_3_2_1_53_1","unstructured":"The CAPTCHA Project. Telling humans and computer apart(automatically). http:\/\/www.captcha.net\/{Accessed: Mar. 19 2005}.  The CAPTCHA Project. Telling humans and computer apart(automatically). http:\/\/www.captcha.net\/{Accessed: Mar. 19 2005}."},{"key":"e_1_3_2_1_54_1","volume-title":"http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=JSMENGER.GEN {Accessed","author":"Micro Trend","year":"2005","unstructured":"Trend Micro . JS_MENGER. GEN. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=JSMENGER.GEN {Accessed : June 21, 2005 }. Trend Micro. JS_MENGER.GEN. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=JSMENGER.GEN {Accessed: June 21, 2005}."},{"key":"e_1_3_2_1_55_1","unstructured":"Trend Micro. Virus encyclopedia. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/{Accessed: Mar. 18 2005}.  Trend Micro. Virus encyclopedia. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/{Accessed: Mar. 18 2005}."},{"key":"e_1_3_2_1_56_1","volume-title":"http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=WORMAGOBOT_AJC {Accessed","author":"Micro Trend","year":"2005","unstructured":"Trend Micro . WORM_AGOBOT. AJC. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=WORMAGOBOT_AJC {Accessed : June 21, 2005 }. Trend Micro. WORM_AGOBOT.AJC. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=WORMAGOBOT_AJC {Accessed: June 21, 2005}."},{"key":"e_1_3_2_1_57_1","volume-title":"http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=WORM_BROPIA.F {Accessed","author":"Micro Trend","year":"2005","unstructured":"Trend Micro . WORM_BROPIA. F. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=WORM_BROPIA.F {Accessed : June 21, 2005 }. Trend Micro. WORM_BROPIA.F. http:\/\/www.trendmicro.com\/vinfo\/virusencyclo\/default5.asp?VName=WORM_BROPIA.F {Accessed: June 21, 2005}."},{"key":"e_1_3_2_1_58_1","volume-title":"Aug.","author":"Today Staff USA","year":"2001","unstructured":"USA Today Staff . IM viruses opening a new can of worms , Aug. 2001 . Newsarticle , http:\/\/www.usatoday.com {Accessed: Mar. 17, 2005}. USA Today Staff. IM viruses opening a new can of worms, Aug. 2001. Newsarticle, http:\/\/www.usatoday.com {Accessed: Mar. 17, 2005}."},{"key":"e_1_3_2_1_59_1","first-page":"29","volume-title":"Proceedings of the 13th USENIX Security Symposium","author":"Weaver N.","year":"2004","unstructured":"N. Weaver , S. Staniford , and V. Paxson . Very fast containment of scanning worms . In Proceedings of the 13th USENIX Security Symposium , pages 29 -- 44 , Aug. 2004 . N. Weaver, S. Staniford, and V. Paxson. Very fast containment of scanning worms. In Proceedings of the 13th USENIX Security Symposium, pages29--44, Aug. 2004."},{"key":"e_1_3_2_1_60_1","volume-title":"In Proceedings of the Network and Distributed System Security Symposium (NDSS)","author":"Whyte D.","year":"2005","unstructured":"D. Whyte , E. Kranakis , and P. C. van Oorschot . DNS-based detection of scanning worms in an enterprise network . In In Proceedings of the Network and Distributed System Security Symposium (NDSS) , Feb. 2005 . D. Whyte, E. Kranakis, and P. C. van Oorschot. DNS-based detection of scanning worms in an enterprise network. In In Proceedings of the Network and Distributed System Security Symposium (NDSS), Feb. 2005."},{"key":"e_1_3_2_1_61_1","first-page":"61","volume-title":"Proceedings of the 18th Annual Computer Security Applications Conference(ACSAC)","author":"Williamson M.","year":"2002","unstructured":"M. Williamson . Throttling viruses : Restricting propagation to defeat malicious mobile code . In Proceedings of the 18th Annual Computer Security Applications Conference(ACSAC) , pages 61 -- 68 , Dec. 2002 . M. Williamson. Throttling viruses: Restricting propagation to defeat malicious mobile code. In Proceedings of the 18th Annual Computer Security Applications Conference(ACSAC), pages 61--68, Dec. 2002."},{"key":"e_1_3_2_1_62_1","volume-title":"Virus Bullet in Conference, vb2004","author":"Williamson M.","year":"2004","unstructured":"M. Williamson and A. Parry . Virus throttling for Instant Messaging . In Virus Bullet in Conference, vb2004 , Sept. 2004 . M. Williamson and A. Parry. Virus throttling for Instant Messaging. In Virus Bullet in Conference, vb2004, Sept. 2004."},{"key":"e_1_3_2_1_63_1","volume-title":"http:\/\/messenger.yahoo.com\/ {Accessed","author":"Yahoo! Inc. Yahoo! Messenger.","year":"2005","unstructured":"Yahoo! Inc. Yahoo! Messenger. http:\/\/messenger.yahoo.com\/ {Accessed : Mar. 22, 2005 }. Yahoo! Inc. Yahoo! Messenger. http:\/\/messenger.yahoo.com\/ {Accessed: Mar. 22, 2005}."}],"event":{"name":"CCS05: 12th ACM Conference on Computer and Communications Security 2005","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","ACM Association for Computing Machinery"],"location":"Fairfax VA USA","acronym":"CCS05"},"container-title":["Proceedings of the 2005 ACM workshop on Rapid malcode"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1103626.1103629","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1103626.1103629","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:07:52Z","timestamp":1750262872000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1103626.1103629"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,11,11]]},"references-count":63,"alternative-id":["10.1145\/1103626.1103629","10.1145\/1103626"],"URL":"https:\/\/doi.org\/10.1145\/1103626.1103629","relation":{},"subject":[],"published":{"date-parts":[[2005,11,11]]},"assertion":[{"value":"2005-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}