{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:38:41Z","timestamp":1750307921091,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2007,3,20]],"date-time":"2007-03-20T00:00:00Z","timestamp":1174348800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2007,3,20]]},"DOI":"10.1145\/1229285.1229291","type":"proceedings-article","created":{"date-parts":[[2007,4,5]],"date-time":"2007-04-05T19:41:00Z","timestamp":1175802060000},"page":"4-12","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":25,"title":["Analyzing network traffic to detect self-decrypting exploit code"],"prefix":"10.1145","author":[{"given":"Qinghua","family":"Zhang","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Douglas S.","family":"Reeves","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Peng","family":"Ning","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"S. Purushothaman","family":"Iyer","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]}],"member":"320","published-online":{"date-parts":[[2007,3,20]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/cve\/downloads\/full-cve.csv.  Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/cve\/downloads\/full-cve.csv."},{"key":"e_1_3_2_1_2_1","unstructured":"Computer Economics. http:\/\/www.computereconomics.com.  Computer Economics. http:\/\/www.computereconomics.com."},{"key":"e_1_3_2_1_3_1","unstructured":"Intel Architecture Software Developers Manual. Volume 2: Instruction Set Reference.  Intel Architecture Software Developers Manual. Volume 2: Instruction Set Reference."},{"key":"e_1_3_2_1_4_1","unstructured":"Metasploit project. http:\/\/www.metasploit.org.  Metasploit project. http:\/\/www.metasploit.org."},{"key":"e_1_3_2_1_5_1","unstructured":"The ADMmutate polymorphic engine. http:\/\/www.ktwo.ca\/ADMmutate-0.8.4.tar.gz.  The ADMmutate polymorphic engine. http:\/\/www.ktwo.ca\/ADMmutate-0.8.4.tar.gz."},{"key":"e_1_3_2_1_6_1","unstructured":"The CLET polymorphism engine. http:\/\/www.phrack.org\/show.php?p=61&a=9.  The CLET polymorphism engine. http:\/\/www.phrack.org\/show.php?p=61&a=9."},{"key":"e_1_3_2_1_7_1","unstructured":"Bro Intrusion Detection System 2003. http:\/\/www.bro-ids.org.  Bro Intrusion Detection System 2003. http:\/\/www.bro-ids.org."},{"volume-title":"an open source network intrusion prevention and detection system","year":"2005","key":"e_1_3_2_1_8_1","unstructured":"Snort : an open source network intrusion prevention and detection system , 2005 . http:\/\/www.snort.org. Snort: an open source network intrusion prevention and detection system, 2005. http:\/\/www.snort.org."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-25660-1_25"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_15"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"e_1_3_2_1_12_1","volume-title":"Shellcode, Porting, &amp","author":"Foster J. C","year":"2005","unstructured":"J. C Foster and M. Price . Sockets , Shellcode, Porting, &amp ; Coding : Reverse Engineering Exploits and Tool Coding for Security Professionals. Syngress Publishing , USA, 2005 . J. C Foster and M. Price. Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals. Syngress Publishing, USA, 2005."},{"key":"e_1_3_2_1_13_1","first-page":"255","volume-title":"Proceedings of the 13th USENIX Security Symposium","author":"Kruegel C.","year":"2004","unstructured":"C. Kruegel , W. Robertson , F. Valeur , and G. Vigna . Static Disassembly of Obfuscated Binaries . In Proceedings of the 13th USENIX Security Symposium , pages 255 -- 270 , Auguest 2004 . C. Kruegel, W. Robertson, F. Valeur, and G. Vigna. Static Disassembly of Obfuscated Binaries. In Proceedings of the 13th USENIX Security Symposium, pages 255--270, Auguest 2004."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.18"},{"key":"e_1_3_2_1_15_1","volume-title":"Advanced Comiler Design Implementation","author":"Muchnick S. S.","year":"1997","unstructured":"S. S. Muchnick . Advanced Comiler Design Implementation . Morgan Kaufmann Publisher , CA , USA, 1997 . S. S. Muchnick. Advanced Comiler Design Implementation. Morgan Kaufmann Publisher, CA, USA, 1997."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_5"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/11506881_2"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/11790754_4"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.38"},{"key":"e_1_3_2_1_21_1","volume-title":"Research Report","author":"Sidiroglou S.","year":"2003","unstructured":"S. Sidiroglou and A. Keromytis . Countering Network Worms Through Automatic Patch Generation . In Research Report , 2003 . S. Sidiroglou and A. Keromytis. Countering Network Worms Through Automatic Patch Generation. In Research Report, 2003."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/1754701.1754723"},{"key":"e_1_3_2_1_23_1","first-page":"225","volume-title":"Proceedings of the 15th USENIX Security Symposium","author":"Wang X.","year":"2006","unstructured":"X. Wang , C. Pan , P. Liu , and S. Zhu . SigFree: A Signature-free Buffer Overflow Attack Blocker . In Proceedings of the 15th USENIX Security Symposium , pages 225 -- 240 , July 2006 . X. Wang, C. Pan, P. Liu, and S. Zhu. SigFree: A Signature-free Buffer Overflow Attack Blocker. In Proceedings of the 15th USENIX Security Symposium, pages 225--240, July 2006."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"crossref","first-page":"260","DOI":"10.1109\/RELDIS.2003.1238076","volume-title":"Proceedings of the 22th International Symposium on Reliable Distributed Systems (SRDS'03)","author":"Xu J.","year":"2003","unstructured":"J. Xu , Z. Kalbarczyk , and R. K. Iyer . Transparent runtime randomization for security . In Proceedings of the 22th International Symposium on Reliable Distributed Systems (SRDS'03) , pages 260 -- 269 , October 2003 . J. Xu, Z. Kalbarczyk, and R. K. Iyer. Transparent runtime randomization for security. In Proceedings of the 22th International Symposium on Reliable Distributed Systems (SRDS'03), pages 260--269, October 2003."},{"key":"e_1_3_2_1_25_1","first-page":"97","volume-title":"Proceedings of the 14th USENIX Security Symposium","author":"Yegneswaran V.","year":"2005","unstructured":"V. Yegneswaran , J. Giffin , P. Barford , and S. Jha . An architecture for generating semantic-aware signatures . In Proceedings of the 14th USENIX Security Symposium , pages 97 -- 112 , August 2005 . V. Yegneswaran, J. Giffin, P. Barford, and S. Jha. An architecture for generating semantic-aware signatures. In Proceedings of the 14th USENIX Security Symposium, pages 97--112, August 2005."}],"event":{"name":"Asia CCS07: Asia CCS'07 ACM Symposium on Information, Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Singapore","acronym":"Asia CCS07"},"container-title":["Proceedings of the 2nd ACM symposium on Information, computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1229285.1229291","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1229285.1229291","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T14:51:36Z","timestamp":1750258296000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1229285.1229291"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,3,20]]},"references-count":25,"alternative-id":["10.1145\/1229285.1229291","10.1145\/1229285"],"URL":"https:\/\/doi.org\/10.1145\/1229285.1229291","relation":{},"subject":[],"published":{"date-parts":[[2007,3,20]]},"assertion":[{"value":"2007-03-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}