{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T07:59:26Z","timestamp":1772783966985,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,5,17]],"date-time":"2008-05-17T00:00:00Z","timestamp":1210982400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,5,17]]},"DOI":"10.1145\/1370905.1370911","type":"proceedings-article","created":{"date-parts":[[2008,5,15]],"date-time":"2008-05-15T18:36:48Z","timestamp":1210876608000},"page":"41-48","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":35,"title":["LISABETH"],"prefix":"10.1145","author":[{"given":"Lorenzo","family":"Cavallaro","sequence":"first","affiliation":[{"name":"Universita degli Studi di Milano, Milan, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andrea","family":"Lanzi","sequence":"additional","affiliation":[{"name":"Universita degli Studi di Milano, Milan, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Luca","family":"Mayer","sequence":"additional","affiliation":[{"name":"Universita degli Studi di Milano, Milan, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mattia","family":"Monga","sequence":"additional","affiliation":[{"name":"Universita degli Studi di Milano, Milan, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2008,5,17]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Technical report","author":"Kolesnikov Aleg","year":"2004","unstructured":"Aleg Kolesnikov and Wenke Lee . Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Technical report , Georgia Tech College of Computing , 2004 . Aleg Kolesnikov and Wenke Lee. Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Technical report, Georgia Tech College of Computing, 2004."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_11"},{"key":"e_1_3_2_1_4_1","volume-title":"Proc. of the Second Workshop on Hot Topics in Networks (Hotnets II)","author":"Kreibich Christian","year":"2003","unstructured":"Christian Kreibich and Jon Crowcroft . Honeycomb -- Creating Intrusion Detection Signatures Using Honeypots . In Proc. of the Second Workshop on Hot Topics in Networks (Hotnets II) , Boston , November 2003 . Christian Kreibich and Jon Crowcroft. Honeycomb -- Creating Intrusion Detection Signatures Using Honeypots. In Proc. of the Second Workshop on Hot Topics in Networks (Hotnets II), Boston, November 2003."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948136"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2003.1209212"},{"key":"e_1_3_2_1_7_1","volume-title":"May","author":"Raynal Frederic","year":"2006","unstructured":"Frederic Raynal . Malicious Cryptography , May 2006 . Frederic Raynal. Malicious Cryptography, May 2006."},{"key":"e_1_3_2_1_8_1","volume-title":"Distributed Worm Signature Detection. In Proc. of the USENIX Security Conference","author":"Kim Hyang-Ah","year":"2004","unstructured":"Hyang-Ah Kim and Brad Karp . Autograph : Toward Automated , Distributed Worm Signature Detection. In Proc. of the USENIX Security Conference , 2004 . Hyang-Ah Kim and Brad Karp. Autograph: Toward Automated, Distributed Worm Signature Detection. In Proc. of the USENIX Security Conference, 2004."},{"key":"e_1_3_2_1_9_1","volume":"2007","author":"James","unstructured":"James Newsome. Polygraph. {Online; last access 2007 january 28}. James Newsome. Polygraph. {Online; last access 2007 january 28}.","journal-title":"Newsome. Polygraph. {Online; last access"},{"key":"e_1_3_2_1_10_1","volume-title":"The 12th Annual Network and Distributed System Security Symposium","author":"Newsome James","year":"2005","unstructured":"James Newsome and Dawn Song . Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software . In The 12th Annual Network and Distributed System Security Symposium , February 2005 . James Newsome and Dawn Song. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. In The 12th Annual Network and Distributed System Security Symposium, February 2005."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_5"},{"key":"e_1_3_2_1_13_1","volume-title":"Defense and Detection Strategies against Internet Worms","author":"Nazario Jose","year":"2004","unstructured":"Jose Nazario . Defense and Detection Strategies against Internet Worms . Artech House , 2004 . Jose Nazario. Defense and Detection Strategies against Internet Worms. Artech House, 2004."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/1039834.1039864"},{"key":"e_1_3_2_1_15_1","first-page":"169","volume-title":"Proceedings of the 12th USENIX Security Symposium (Security'03)","author":"Christodorescu Mihai","year":"2003","unstructured":"Mihai Christodorescu and Somesh Jha . Static Analysis of Executables to Detect Malicious Patterns . In Proceedings of the 12th USENIX Security Symposium (Security'03) , pages 169 -- 186 , Washington, DC, USA , August 2003 . USENIX Association, USENIX Association. Mihai Christodorescu and Somesh Jha. Static Analysis of Executables to Detect Malicious Patterns. In Proceedings of the 12th USENIX Security Symposium (Security'03), pages 169--186, Washington, DC, USA, August 2003. USENIX Association, USENIX Association."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"e_1_3_2_1_17_1","volume-title":"December","author":"Ferrie Peter","year":"2004","unstructured":"Peter Ferrie and Frederic Perriot . Detecting Complex Viruses , December 2004 . Peter Ferrie and Frederic Perriot. Detecting Complex Viruses, December 2004."},{"key":"e_1_3_2_1_18_1","volume-title":"Szor and Peter Ferrie. Hunting for Metamorphic. In Virus Bulletin Conference","author":"Peter","year":"2001","unstructured":"Peter Szor and Peter Ferrie. Hunting for Metamorphic. In Virus Bulletin Conference , September 2001 . Peter Szor and Peter Ferrie. Hunting for Metamorphic. In Virus Bulletin Conference, September 2001."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.26"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.720288"},{"key":"e_1_3_2_1_22_1","volume-title":"George Varghese and Stefan Savage. Automated Worm Fingerprinting. In Proc. of Symposium on Operating Systems Design and Implementation (OSDI)","author":"Singh Sumeet","year":"2004","unstructured":"Sumeet Singh , Cristian Estan , George Varghese and Stefan Savage. Automated Worm Fingerprinting. In Proc. of Symposium on Operating Systems Design and Implementation (OSDI) , 2004 . Sumeet Singh, Cristian Estan, George Varghese and Stefan Savage. Automated Worm Fingerprinting. In Proc. of Symposium on Operating Systems Design and Implementation (OSDI), 2004."},{"key":"e_1_3_2_1_23_1","unstructured":"N. Tuck T. Sherwood B. Calder and G. Varghese. Deterministic memory efficient string matching algorithms fo intrusion detection.  N. Tuck T. Sherwood B. Calder and G. Varghese. Deterministic memory efficient string matching algorithms fo intrusion detection."},{"key":"e_1_3_2_1_24_1","volume-title":"Paxson. Bro: A System for Detecting Network Intruders in Real-Time. In Proc. of the 7th USENIX Security Symposium","author":"Vern","year":"1998","unstructured":"Vern Paxson. Bro: A System for Detecting Network Intruders in Real-Time. In Proc. of the 7th USENIX Security Symposium , San Antonio, Texas , January 1998 . Vern Paxson. Bro: A System for Detecting Network Intruders in Real-Time. In Proc. of the 7th USENIX Security Symposium, San Antonio, Texas, January 1998."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.18"}],"event":{"name":"ICSE '08: International Conference on Software Engineering","location":"Leipzig Germany","acronym":"ICSE '08","sponsor":["ACM Association for Computing Machinery","SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the fourth international workshop on Software engineering for secure systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1370905.1370911","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1370905.1370911","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:57:53Z","timestamp":1750255073000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1370905.1370911"}},"subtitle":["automated content-based signature generator for zero-day polymorphic worms"],"short-title":[],"issued":{"date-parts":[[2008,5,17]]},"references-count":23,"alternative-id":["10.1145\/1370905.1370911","10.1145\/1370905"],"URL":"https:\/\/doi.org\/10.1145\/1370905.1370911","relation":{},"subject":[],"published":{"date-parts":[[2008,5,17]]},"assertion":[{"value":"2008-05-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}