{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:41:28Z","timestamp":1750308088686,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2005,11,11]],"date-time":"2005-11-11T00:00:00Z","timestamp":1131667200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2005,11,11]]},"DOI":"10.1145\/1103626.1103637","type":"proceedings-article","created":{"date-parts":[[2006,2,6]],"date-time":"2006-02-06T15:52:40Z","timestamp":1139241160000},"page":"52-59","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Worm evolution tracking via timing analysis"],"prefix":"10.1145","author":[{"given":"Moheeb","family":"Abu Rajab","sequence":"first","affiliation":[{"name":"Johns Hopkins University"}]},{"given":"Fabian","family":"Monrose","sequence":"additional","affiliation":[{"name":"Johns Hopkins University"}]},{"given":"Andreas","family":"Terzis","sequence":"additional","affiliation":[{"name":"Johns Hopkins University"}]}],"member":"320","published-online":{"date-parts":[[2005,11,11]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)","author":"Bailey Michael","year":"2005","unstructured":"Michael Bailey and Evan Cooke and Farnam Jahanian and Jose Nazario and David Watson , Internet Motion Sensor : A Distributed Blackhole Monitoring System , in Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS) , 2005 . Michael Bailey and Evan Cooke and Farnam Jahanian and Jose Nazario and David Watson, Internet Motion Sensor: A Distributed Blackhole Monitoring System, in Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS), 2005."},{"key":"e_1_3_2_1_2_1","unstructured":"CAIDA http:\/\/www.caida.org  CAIDA http:\/\/www.caida.org"},{"key":"e_1_3_2_1_3_1","unstructured":"CERT CERT Advisory CA-2001-26 Nimda Worm http:\/\/www.cert.org\/advisories\/ca-2001-26.html  CERT CERT Advisory CA-2001-26 Nimda Worm http:\/\/www.cert.org\/advisories\/ca-2001-26.html"},{"key":"e_1_3_2_1_4_1","unstructured":"CERT Code Red II: Another Worm Exploiting Buffer Overflow in IIS Indexing Service DLL http:\/\/www.cert.org\/incident_notes\/in-2001-09.html  CERT Code Red II: Another Worm Exploiting Buffer Overflow in IIS Indexing Service DLL http:\/\/www.cert.org\/incident_notes\/in-2001-09.html"},{"key":"e_1_3_2_1_5_1","first-page":"1890","volume-title":"Modeling the Spread of Active Worms in Proceedings of IEEE INFOCOMM","volume":"3","author":"Chen Zesheng","year":"2003","unstructured":"Zesheng Chen , Lixin Gao and Kevin Kwiat , Modeling the Spread of Active Worms in Proceedings of IEEE INFOCOMM , pages 1890 - 1900 , volume 3 , 2003 Zesheng Chen, Lixin Gao and Kevin Kwiat, Modeling the Spread of Active Worms in Proceedings of IEEE INFOCOMM, pages 1890-1900, volume 3, 2003"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1137\/S0036144500371907"},{"key":"e_1_3_2_1_7_1","unstructured":"iSink- University of Wisconsin http:\/\/wail.cs.wisc.edu\/  iSink- University of Wisconsin http:\/\/wail.cs.wisc.edu\/"},{"key":"e_1_3_2_1_9_1","volume-title":"11th USENIX Security Symposium, Invited Talk","author":"Moore David","year":"2002","unstructured":"David Moore , Network Telescopes : Observing Small or Distant Security Events , in 11th USENIX Security Symposium, Invited Talk , August , 2002 David Moore, Network Telescopes: Observing Small or Distant Security Events, in 11th USENIX Security Symposium, Invited Talk, August, 2002"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219056"},{"key":"e_1_3_2_1_11_1","volume-title":"Internet Quarantine: Requirements for Containing Self-Propagating Code in Proceedings of IEEE INFOCOM","author":"Moore David","year":"2003","unstructured":"David Moore , Colleen Shannon , Geoffrey M. Voelker and Stefan Savage , Internet Quarantine: Requirements for Containing Self-Propagating Code in Proceedings of IEEE INFOCOM , April 2003 David Moore, Colleen Shannon, Geoffrey M. Voelker and Stefan Savage, Internet Quarantine: Requirements for Containing Self-Propagating Code in Proceedings of IEEE INFOCOM, April 2003"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/637201.637244"},{"volume-title":"Geoffrey M. Voelker and Stefan Savage Inferring Internet Denial of Service Activity in Proceedings of 10th USENIX Security Symposium, August,2001","author":"Moore David","key":"e_1_3_2_1_13_1","unstructured":"David Moore , Geoffrey M. Voelker and Stefan Savage Inferring Internet Denial of Service Activity in Proceedings of 10th USENIX Security Symposium, August,2001 David Moore, Geoffrey M. Voelker and Stefan Savage Inferring Internet Denial of Service Activity in Proceedings of 10th USENIX Security Symposium, August,2001"},{"key":"e_1_3_2_1_14_1","first-page":"225","volume-title":"Fabian Monrose and Andreas Terzis On the Effectiveness of Distributed Worm Monitoring in Proceedings of the 14th USENIX Security Symposium","author":"Rajab Moheeb Abu","year":"2005","unstructured":"Moheeb Abu Rajab , Fabian Monrose and Andreas Terzis On the Effectiveness of Distributed Worm Monitoring in Proceedings of the 14th USENIX Security Symposium , pages 225 -- 237 , August 2005 Moheeb Abu Rajab, Fabian Monrose and Andreas Terzis On the Effectiveness of Distributed Worm Monitoring in Proceedings of the 14th USENIX Security Symposium, pages 225--237, August 2005"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.59"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.720288"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.720288"},{"volume-title":"Williamson, Implementing and Testing a Virus Throttle in Proceedings of the 12th USENIX Security Symposium,August 2003","author":"Twycross Jamie","key":"e_1_3_2_1_18_1","unstructured":"Jamie Twycross and Matthew M . Williamson, Implementing and Testing a Virus Throttle in Proceedings of the 12th USENIX Security Symposium,August 2003 Jamie Twycross and Matthew M. Williamson, Implementing and Testing a Virus Throttle in Proceedings of the 12th USENIX Security Symposium,August 2003"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948190"},{"key":"e_1_3_2_1_20_1","volume-title":"Stuart Staniford and Vern Paxson Very Fast Containment of Scanning Worms in Proceedings of the 13th USENIX Security Symposium","author":"Weaver Nicholas","year":"2004","unstructured":"Nicholas Weaver , Stuart Staniford and Vern Paxson Very Fast Containment of Scanning Worms in Proceedings of the 13th USENIX Security Symposium , August 2004 Nicholas Weaver, Stuart Staniford and Vern Paxson Very Fast Containment of Scanning Worms in Proceedings of the 13th USENIX Security Symposium, August 2004"},{"key":"e_1_3_2_1_21_1","first-page":"61","volume-title":"Proceedings of the 18th Annual Computer Security Conference","author":"Williamson Matthew M.","year":"2002","unstructured":"Matthew M. Williamson . Throttling Viruses : Restricting Propagation to Defeat Malicious Mobile Code . In Proceedings of the 18th Annual Computer Security Conference , pages 61 -- 68 , December 2002 . Matthew M. Williamson. Throttling Viruses: Restricting Propagation to Defeat Malicious Mobile Code. In Proceedings of the 18th Annual Computer Security Conference, pages 61--68, December 2002."},{"key":"e_1_3_2_1_22_1","unstructured":"The CAIDAD dataset on the Witty Worm-March 19-24 2004 Colleen Shannonand David Moore http:\/\/www.caida.org\/passive\/witty\/. Support for the Witty Worm dataset and the UCSD Network Telescope are provided by Cisco Systems Limelight Networks DHS NSF CAIDA DARPA Digital Envoy and CAIDA Members.  The CAIDAD dataset on the Witty Worm-March 19-24 2004 Colleen Shannonand David Moore http:\/\/www.caida.org\/passive\/witty\/. Support for the Witty Worm dataset and the UCSD Network Telescope are provided by Cisco Systems Limelight Networks DHS NSF CAIDA DARPA Digital Envoy and CAIDA Members."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.23"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586130"}],"event":{"name":"CCS05: 12th ACM Conference on Computer and Communications Security 2005","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","ACM Association for Computing Machinery"],"location":"Fairfax VA USA","acronym":"CCS05"},"container-title":["Proceedings of the 2005 ACM workshop on Rapid malcode"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1103626.1103637","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1103626.1103637","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:07:52Z","timestamp":1750262872000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1103626.1103637"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,11,11]]},"references-count":23,"alternative-id":["10.1145\/1103626.1103637","10.1145\/1103626"],"URL":"https:\/\/doi.org\/10.1145\/1103626.1103637","relation":{},"subject":[],"published":{"date-parts":[[2005,11,11]]},"assertion":[{"value":"2005-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}