{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:53:04Z","timestamp":1750308784547,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2006,11,3]],"date-time":"2006-11-03T00:00:00Z","timestamp":1162512000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2006,11,3]]},"DOI":"10.1145\/1179542.1179547","type":"proceedings-article","created":{"date-parts":[[2007,1,17]],"date-time":"2007-01-17T01:15:56Z","timestamp":1168996556000},"page":"17-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Profiling self-propagating worms via behavioral footprinting"],"prefix":"10.1145","author":[{"given":"Xuxian","family":"Jiang","sequence":"first","affiliation":[{"name":"George Mason University, Fairfax, VA"}]},{"given":"Dongyan","family":"Xu","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, IN"}]}],"member":"320","published-online":{"date-parts":[[2006,11,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Snort. http:\/\/www.snort.org.  Snort. http:\/\/www.snort.org."},{"key":"e_1_3_2_1_2_1","volume-title":"http:\/\/www.sans.org\/y2k\/lion.htm","author":"Worms Lion","year":"2001","unstructured":"Lion Worms . http:\/\/www.sans.org\/y2k\/lion.htm , 2001 . Lion Worms. http:\/\/www.sans.org\/y2k\/lion.htm, 2001."},{"key":"e_1_3_2_1_3_1","volume-title":"http:\/\/www.cert.org\/advisories\/CA-2003-20.html","author":"Worms Blaster","year":"2003","unstructured":"MS Blaster Worms . http:\/\/www.cert.org\/advisories\/CA-2003-20.html , 2003 . MSBlaster Worms. http:\/\/www.cert.org\/advisories\/CA-2003-20.html, 2003."},{"key":"e_1_3_2_1_4_1","volume-title":"http:\/\/www.microsoft.com\/security\/incident\/sasser.asp","author":"Worms Sasser","year":"2004","unstructured":"Sasser Worms . http:\/\/www.microsoft.com\/security\/incident\/sasser.asp , 2004 . Sasser Worms. http:\/\/www.microsoft.com\/security\/incident\/sasser.asp, 2004."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.41"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095824"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2004.26"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30143-1_3"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9780511790492","volume-title":"Biological Sequence Analysis","author":"Durbin R.","year":"1998","unstructured":"R. Durbin , S. Eddy , and A. Krogh . Biological Sequence Analysis . Cambridge University Press , ISBN : 0521629713, 1998 . R. Durbin, S. Eddy, and A. Krogh. Biological Sequence Analysis. Cambridge University Press, ISBN: 0521629713, 1998."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029618.1029625"},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the 1999 Workshop on Intrusion Detection and Network Monitoring","author":"Ghosh A. K.","year":"1999","unstructured":"A. K. Ghosh , A. Schwartzbard , and M. Schatz . Learning Program Behavior Profiles for Intrusion Detection . Proceedings of the 1999 Workshop on Intrusion Detection and Network Monitoring , Apr. 1999 . A. K. Ghosh, A. Schwartzbard, and M. Schatz. Learning Program Behavior Profiles for Intrusion Detection. Proceedings of the 1999 Workshop on Intrusion Detection and Network Monitoring, Apr. 1999."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 13th USENIX Security Symposium","author":"Jiang X.","year":"2004","unstructured":"X. Jiang and D. Xu . Collapsar: A VM-Based Architecture for Network Attack Detention Center . Proceedings of the 13th USENIX Security Symposium , Aug. 2004 . X. Jiang and D. Xu. Collapsar: A VM-Based Architecture for Network Attack Detention Center. Proceedings of the 13th USENIX Security Symposium, Aug. 2004."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_1"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2004.1301325"},{"key":"e_1_3_2_1_16_1","volume-title":"Distributed Worm Signature Detection. Proceedings of the 13th Usenix Security Symposium","author":"Kim H. A.","year":"2004","unstructured":"H. A. Kim and B. Karp . Autograph: Toward Automated , Distributed Worm Signature Detection. Proceedings of the 13th Usenix Security Symposium , Aug. 2004 . H. A. Kim and B. Karp. Autograph: Toward Automated, Distributed Worm Signature Detection. Proceedings of the 13th Usenix Security Symposium, Aug. 2004."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/972374.972384"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/IAW.2005.1495971"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of NDSS 2005","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. Song . Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software . Proceedings of NDSS 2005 , Feb. 2005 . J. Newsome and D. Song. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. Proceedings of NDSS 2005, Feb. 2005."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2004.2"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 6th ACM\/USENIX Symposium on Operating Systems Design & Implementation","author":"Singh S.","year":"2004","unstructured":"S. Singh , C. Estan , G. Varghese , and S. Savage . Automated Worm Fingerprinting . Proceedings of the 6th ACM\/USENIX Symposium on Operating Systems Design & Implementation , Dec. 2004 . S. Singh, C. Estan, G. Varghese, and S. Savage. Automated Worm Fingerprinting. Proceedings of the 6th ACM\/USENIX Symposium on Operating Systems Design & Implementation, Dec. 2004."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1024393.1024404"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030088"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1015467.1015489"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"crossref","unstructured":"K. Wang and S. J. Stolfo. Anomalous Payload-based Network Intrusion Detection. Proceedings of RAID 2004 2004","DOI":"10.1007\/978-3-540-30143-1_11"}],"event":{"name":"CCS06: 13th ACM Conference on Computer and Communications Security 2006","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","ACM Association for Computing Machinery"],"location":"Alexandria Virginia USA","acronym":"CCS06"},"container-title":["Proceedings of the 4th ACM workshop on Recurring malcode"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1179542.1179547","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1179542.1179547","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T20:22:46Z","timestamp":1750278166000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1179542.1179547"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,11,3]]},"references-count":25,"alternative-id":["10.1145\/1179542.1179547","10.1145\/1179542"],"URL":"https:\/\/doi.org\/10.1145\/1179542.1179547","relation":{},"subject":[],"published":{"date-parts":[[2006,11,3]]},"assertion":[{"value":"2006-11-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}