{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:10:28Z","timestamp":1763467828442,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2007,10,24]],"date-time":"2007-10-24T00:00:00Z","timestamp":1193184000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2007,10,24]]},"DOI":"10.1145\/1298306.1298319","type":"proceedings-article","created":{"date-parts":[[2007,11,15]],"date-time":"2007-11-15T14:30:20Z","timestamp":1195137020000},"page":"93-104","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":69,"title":["Using uncleanliness to predict future botnet addresses"],"prefix":"10.1145","author":[{"given":"M. Patrick","family":"Collins","sequence":"first","affiliation":[{"name":"CERT, Pittsburgh, PA"}]},{"given":"Timothy J.","family":"Shimeall","sequence":"additional","affiliation":[{"name":"CERT, Pittsburgh, PA"}]},{"given":"Sidney","family":"Faber","sequence":"additional","affiliation":[{"name":"CERT, Pittsburgh, PA"}]},{"given":"Jeff","family":"Janies","sequence":"additional","affiliation":[{"name":"CERT, Pittsburgh, PA"}]},{"given":"Rhiannon","family":"Weaver","sequence":"additional","affiliation":[{"name":"CERT, Pittsburgh, PA"}]},{"given":"Markus","family":"De Shon","sequence":"additional","affiliation":[{"name":"CERT, Pittsburgh, PA"}]},{"given":"Joseph","family":"Kadane","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]}],"member":"320","published-online":{"date-parts":[[2007,10,24]]},"reference":[{"volume-title":"Castlecops phishing incident reporting &amp","year":"2007","key":"e_1_3_2_1_1_1","unstructured":"CastleCops. Castlecops phishing incident reporting &amp ; termination (PIRT) squad. Accessible at http:\/\/www.castlecops.com\/pirt, fetched on January 29th, 2007 . CastleCops. Castlecops phishing incident reporting & termination (PIRT) squad. Accessible at http:\/\/www.castlecops.com\/pirt, fetched on January 29th, 2007."},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 2006 Workshop on Economics and Information Security","author":"Collins M.","year":"2006","unstructured":"M. Collins , C. Gates , and G. Kataria . A model for opportunistic network exploits: The case of P2P worms . In Proceedings of the 2006 Workshop on Economics and Information Security , 2006 . M. Collins, C. Gates, and G. Kataria. A model for opportunistic network exploits: The case of P2P worms. In Proceedings of the 2006 Workshop on Economics and Information Security, 2006."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2004.1301318"},{"key":"e_1_3_2_1_4_1","volume-title":"ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research","author":"Cook D.","year":"2006","unstructured":"D. Cook , J. Hartnett , K. Manderson , and J. Scanlan . Catching spam before it arrives: domain specific dynamic blacklists . In ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research , Darlinghurst, Australia, Australia , 2006 . D. Cook, J. Hartnett, K. Manderson, and J. Scanlan. Catching spam before it arrives: domain specific dynamic blacklists. In ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research, Darlinghurst, Australia, Australia, 2006."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/11555827_19"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2006.142"},{"key":"e_1_3_2_1_8_1","volume-title":"Sicherheit 2006: Sicherheit - Schutz und Zuverl\u00e4ssigkeit, Beitr\u00e4ge der 3. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f\u00fcr Informatik e.v. (GI), 20.--22. Februar 2006 in Magdeburg","author":"Holz T.","year":"2006","unstructured":"T. Holz . Learning more about attack patterns with honeypots . In Sicherheit 2006: Sicherheit - Schutz und Zuverl\u00e4ssigkeit, Beitr\u00e4ge der 3. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f\u00fcr Informatik e.v. (GI), 20.--22. Februar 2006 in Magdeburg , 2006 . T. Holz. Learning more about attack patterns with honeypots. In Sicherheit 2006: Sicherheit - Schutz und Zuverl\u00e4ssigkeit, Beitr\u00e4ge der 3. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f\u00fcr Informatik e.v. (GI), 20.--22. Februar 2006 in Magdeburg, 2006."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2006.46"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/511446.511485"},{"key":"e_1_3_2_1_11_1","volume-title":"Fast Portscan Detection Using Sequential Hypothesis Testing. In IEEE Symposium on Security and Privacy 2004","author":"Jung J.","year":"2004","unstructured":"J. Jung , V. Paxson , A. Berger , and H. Balakrishnan . Fast Portscan Detection Using Sequential Hypothesis Testing. In IEEE Symposium on Security and Privacy 2004 , Oakland, CA , May 2004 . J. Jung, V. Paxson, A. Berger, and H. Balakrishnan. Fast Portscan Detection Using Sequential Hypothesis Testing. In IEEE Symposium on Security and Privacy 2004, Oakland, CA, May 2004."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1028788.1028838"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2006.886288"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/347059.347412"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 2004 Workshop on Economics and Information Security","author":"Laurie B.","year":"2004","unstructured":"B. Laurie and R. Clayton . Proof-of-work proves not to work . In Proceedings of the 2004 Workshop on Economics and Information Security , 2004 . B. Laurie and R. Clayton. Proof-of-work proves not to work. In Proceedings of the 2004 Workshop on Economics and Information Security, 2004."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219071"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/986655.986657"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/645532.656169"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/11537878_3"},{"volume-title":"Fetched on January 29th,2007.","author":"Project The Spamhaus","key":"e_1_3_2_1_20_1","unstructured":"The Spamhaus Project . Zen blocklist. Available at http:\/\/www.spamhaus.org\/zen , Fetched on January 29th,2007. The Spamhaus Project. Zen blocklist. Available at http:\/\/www.spamhaus.org\/zen, Fetched on January 29th,2007."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1177080.1177086"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 2006 USENIX workshop on steps for reducing unwanted traffic on the internet (SRUTI)","author":"Ramachandran A.","year":"2006","unstructured":"A. Ramachandran , N. Feamster , and D. Dagon . Revealing botnet membership using DNSBL counter-intelligence . In Proceedings of the 2006 USENIX workshop on steps for reducing unwanted traffic on the internet (SRUTI) , 2006 . A. Ramachandran, N. Feamster, and D. Dagon. Revealing botnet membership using DNSBL counter-intelligence. In Proceedings of the 2006 USENIX workshop on steps for reducing unwanted traffic on the internet (SRUTI), 2006."},{"key":"e_1_3_2_1_23_1","volume-title":"Fetched on January 29th","author":"Threats Bleeding Edge","year":"2007","unstructured":"Bleeding Edge Threats . Bleeding snort ruleset. Available at http:\/\/www.bleedingsnort.com\/index.php\/about-bleeding-edge-threats\/all-bleeding-edge-threats-signatures\/, Fetched on January 29th , 2007 . Bleeding Edge Threats. Bleeding snort ruleset. Available at http:\/\/www.bleedingsnort.com\/index.php\/about-bleeding-edge-threats\/all-bleeding-edge-threats-signatures\/, Fetched on January 29th, 2007."},{"key":"e_1_3_2_1_24_1","volume-title":"Government Computer News","author":"Walt P.","year":"2007","unstructured":"P. Walt . Agencies feel botnets' light footprint . Government Computer News , January 2007 . P. Walt. Agencies feel botnets' light footprint. Government Computer News, January 2007."}],"event":{"name":"IMC07: Internet Measurement Conference","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication","ACM Association for Computing Machinery"],"location":"San Diego California USA","acronym":"IMC07"},"container-title":["Proceedings of the 7th ACM SIGCOMM conference on Internet measurement"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1298306.1298319","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1298306.1298319","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:56:08Z","timestamp":1750254968000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1298306.1298319"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,10,24]]},"references-count":23,"alternative-id":["10.1145\/1298306.1298319","10.1145\/1298306"],"URL":"https:\/\/doi.org\/10.1145\/1298306.1298319","relation":{},"subject":[],"published":{"date-parts":[[2007,10,24]]},"assertion":[{"value":"2007-10-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}