{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T13:10:33Z","timestamp":1771679433772,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2006,10,30]],"date-time":"2006-10-30T00:00:00Z","timestamp":1162166400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2006,10,30]]},"DOI":"10.1145\/1180405.1180414","type":"proceedings-article","created":{"date-parts":[[2007,1,17]],"date-time":"2007-01-17T01:15:56Z","timestamp":1168996556000},"page":"59-68","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":81,"title":["Evading network anomaly detection systems"],"prefix":"10.1145","author":[{"given":"Prahlad","family":"Fogla","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, Georgia"}]},{"given":"Wenke","family":"Lee","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, Georgia"}]}],"member":"320","published-online":{"date-parts":[[2006,10,30]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-25660-1_25"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1128817.1128824"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"e_1_3_2_1_4_1","volume-title":"Introduction to algorithms","author":"Cormen T. H.","year":"1990","unstructured":"T. H. Cormen , C. E. Leiserson , and R. L. Rivest . Introduction to algorithms . The MIT Press\/McGraw-Hill , 1990 . T. H. Cormen, C. E. Leiserson, and R. L. Rivest. Introduction to algorithms. The MIT Press\/McGraw-Hill, 1990."},{"key":"e_1_3_2_1_5_1","volume-title":"Polymorphic shellcode engine using spectrum analysis. Phrack Issue 0x3d","author":"Detristan T.","year":"2003","unstructured":"T. Detristan , T. Ulenspiegel , Y. Malcom , and M. Underduk . Polymorphic shellcode engine using spectrum analysis. Phrack Issue 0x3d , 2003 . T. Detristan, T. Ulenspiegel, Y. Malcom, and M. Underduk. Polymorphic shellcode engine using spectrum analysis. Phrack Issue 0x3d, 2003."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/597917.597921"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"Feng H.","year":"2004","unstructured":"H. Feng , J. Giffin , Y. Huang , S. Jha , W. Lee , and B. Miller . Formalizing sensitivity in static analysis for intrusion detection . In Proceedings of the IEEE Symposium on Security and Privacy , 2004 . H. Feng, J. Giffin, Y. Huang, S. Jha, W. Lee, and B. Miller. Formalizing sensitivity in static analysis for intrusion detection. In Proceedings of the IEEE Symposium on Security and Privacy, 2004."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/829515.830554"},{"key":"e_1_3_2_1_9_1","unstructured":"Firew0rker. Windows media services remote command execution exploit. http:\/\/www.k-otik.com\/exploits\/07.01.nsiilog-titbit.cpp.php 2003.  Firew0rker. Windows media services remote command execution exploit. http:\/\/www.k-otik.com\/exploits\/07.01.nsiilog-titbit.cpp.php 2003."},{"key":"e_1_3_2_1_10_1","volume-title":"15th USENIX Security Symposium","author":"Fogla P.","year":"2006","unstructured":"P. Fogla , M. Sharif , R. Perdisci , O. M. Kolesnikov , and W. Lee . Polymorphic blending attacks . In 15th USENIX Security Symposium , 2006 . P. Fogla, M. Sharif, R. Perdisci, O. M. Kolesnikov, and W. Lee. Polymorphic blending attacks. In 15th USENIX Security Symposium, 2006."},{"key":"e_1_3_2_1_11_1","volume-title":"Network security: Private communication in a public world","author":"Kaufman C.","year":"2002","unstructured":"C. Kaufman , R. Perlman , and M. Speciner . Network security: Private communication in a public world . Prentice Hall , 2002 . C. Kaufman, R. Perlman, and M. Speciner. Network security: Private communication in a public world. Prentice Hall, 2002."},{"key":"e_1_3_2_1_12_1","volume-title":"14th Usenix Security Symposium","author":"Kruegel C.","year":"2005","unstructured":"C. Kruegel , E. Kirda , D. Mutz , W. Robertson , and G. Vigna . Automating mimicry attacks using static binary analysis . In 14th Usenix Security Symposium , 2005 . C. Kruegel, E. Kirda, D. Mutz, W. Robertson, and G. Vigna. Automating mimicry attacks using static binary analysis. In 14th Usenix Security Symposium, 2005."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_11"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/508791.508835"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948144"},{"key":"e_1_3_2_1_16_1","unstructured":"Ktwo. Admmutate: Shellcode mutation engine. http:\/\/www.ktwo.ca\/ADMmutate-0.8.4.tar.gz 2001.  Ktwo. Admmutate: Shellcode mutation engine. http:\/\/www.ktwo.ca\/ADMmutate-0.8.4.tar.gz 2001."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102150"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/952532.952601"},{"key":"e_1_3_2_1_19_1","unstructured":"M. Mahoney and P.K. Chan. Learning nonstationary models of normal network traffic for detecting novel attacks.  M. Mahoney and P.K. Chan. Learning nonstationary models of normal network traffic for detecting novel attacks."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/1039834.1039864"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.10"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2004.9"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884433"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586146"},{"key":"e_1_3_2_1_26_1","first-page":"827","volume-title":"Principles and Practice of Constraint Programming","author":"Sinz C.","year":"2005","unstructured":"C. Sinz . Towards an optimal cnf encoding of boolean cardinality constraints . In Principles and Practice of Constraint Programming , pages 827 -- 831 , 2005 . C. Sinz. Towards an optimal cnf encoding of boolean cardinality constraints. In Principles and Practice of Constraint Programming, pages 827--831, 2005."},{"key":"e_1_3_2_1_27_1","volume-title":"The Art of Computer Virus Research and Defense","author":"Szor P.","year":"2005","unstructured":"P. Szor . Advanced code evolution techniques and computer virus generator kits . The Art of Computer Virus Research and Defense , 2005 . P. Szor. Advanced code evolution techniques and computer virus generator kits. The Art of Computer Virus Research and Defense, 2005."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.5555\/1754701.1754723"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030088"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30143-1_11"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_12"}],"event":{"name":"CCS06: 13th ACM Conference on Computer and Communications Security 2006","location":"Alexandria Virginia USA","acronym":"CCS06","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 13th ACM conference on Computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1180405.1180414","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,7]],"date-time":"2023-01-07T09:13:46Z","timestamp":1673082826000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1180405.1180414"}},"subtitle":["formal reasoning and practical techniques"],"short-title":[],"issued":{"date-parts":[[2006,10,30]]},"references-count":32,"alternative-id":["10.1145\/1180405.1180414","10.1145\/1180405"],"URL":"https:\/\/doi.org\/10.1145\/1180405.1180414","relation":{},"subject":[],"published":{"date-parts":[[2006,10,30]]},"assertion":[{"value":"2006-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}