{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:35:32Z","timestamp":1750307732441,"version":"3.41.0"},"reference-count":14,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2009,2,1]],"date-time":"2009-02-01T00:00:00Z","timestamp":1233446400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Queue"],"published-print":{"date-parts":[[2009,2]]},"abstract":"<jats:p>As the Web has become vital for day-to-day transactions, it has also become an attractive avenue for cybercrime. Financially motivated, the crime we see on the Web today is quite different from the more traditional network attacks. A few years ago Internet attackers relied heavily on remotely exploiting servers identified by scanning the Internet for vulnerable network services. Autonomously spreading computer worms such as Code Red and SQLSlammer were examples of such scanning attacks. Their huge scale put even the Internet at large at risk; for example, SQLSlammer generated traffic sufficient to melt down backbones.<\/jats:p>","DOI":"10.1145\/1515964.1517412","type":"journal-article","created":{"date-parts":[[2009,4,21]],"date-time":"2009-04-21T14:14:44Z","timestamp":1240323284000},"page":"46-47","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Cybercrime 2.0: When the Cloud Turns Dark"],"prefix":"10.1145","volume":"7","author":[{"given":"Niels","family":"Provos","sequence":"first","affiliation":[{"name":"Google"}]},{"given":"Moheeb Abu","family":"Rajab","sequence":"additional","affiliation":[{"name":"Google"}]},{"given":"Panayiotis","family":"Mavrommatis","sequence":"additional","affiliation":[{"name":"Google"}]}],"member":"320","published-online":{"date-parts":[[2009,2]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"Barth A. Jackson C. Reis C. 2008. The security architecture of the Chromium browser; http:\/\/ crypto.stanford.edu\/websec\/chromium\/ chromium-security-architecture.pdf.  Barth A. Jackson C. Reis C. 2008. The security architecture of the Chromium browser; http:\/\/ crypto.stanford.edu\/websec\/chromium\/ chromium-security-architecture.pdf."},{"key":"e_1_2_1_3_1","unstructured":"Federal Trade Commission. 2008. Court halts bogus computer scans (December); www.ftc.gov\/ opa\/2008\/12\/winsoftware.shtm.  Federal Trade Commission. 2008. Court halts bogus computer scans (December); www.ftc.gov\/ opa\/2008\/12\/winsoftware.shtm."},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.19"},{"key":"e_1_2_1_5_1","unstructured":"Krebs B. 2007. Internet Explorer unsafe for 284 days in 2006. Washington Post Online blog (January).  Krebs B. 2007. Internet Explorer unsafe for 284 days in 2006. Washington Post Online blog (January)."},{"volume-title":"Blogfight: IE vs. Firefox security. Washington Post Online blog (January).","year":"2009","author":"Krebs B.","key":"e_1_2_1_6_1"},{"key":"e_1_2_1_7_1","unstructured":"Microsoft Security Advisory (935423). 2007. Vulnerability in Windows animated cursor handling; http:\/\/www.microsoft.com\/TechNet\/security\/ advisory\/935423.mspx.  Microsoft Security Advisory (935423). 2007. Vulnerability in Windows animated cursor handling; http:\/\/www.microsoft.com\/TechNet\/security\/ advisory\/935423.mspx."},{"key":"e_1_2_1_8_1","unstructured":"Microsoft Security Bulletin MS06-014. 2006. Vulnerability in the Microsoft Data Access Components (MDAC) function could allow code execution; http:\/\/ www.microsoft.com\/technet\/security\/Bulletin\/ ms06-014.mspx.  Microsoft Security Bulletin MS06-014. 2006. Vulnerability in the Microsoft Data Access Components (MDAC) function could allow code execution; http:\/\/ www.microsoft.com\/technet\/security\/Bulletin\/ ms06-014.mspx."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"volume-title":"Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (April).","year":"2008","author":"Polychronakis M.","key":"e_1_2_1_10_1"},{"key":"e_1_2_1_11_1","unstructured":"Provos N. 2008. Using htaccess to distribute malware (December); www.provos.org\/index.php?\/archives\/ 55-Using-htaccess-To-Distribute-Malware.html.  Provos N. 2008. Using htaccess to distribute malware (December); www.provos.org\/index.php?\/archives\/ 55-Using-htaccess-To-Distribute-Malware.html."},{"volume-title":"Usenix Security Symposium: 1-16","year":"2008","author":"Provos N.","key":"e_1_2_1_12_1"},{"key":"e_1_2_1_13_1","unstructured":"Raz R. 2008. Asprox silent defacement. Chapters in Web Security (December); http:\/\/ chaptersinWebsecurity.blogspot.com\/ 2008\/07\/asprox-silent-defacement.html.  Raz R. 2008. Asprox silent defacement. Chapters in Web Security (December); http:\/\/ chaptersinWebsecurity.blogspot.com\/ 2008\/07\/asprox-silent-defacement.html."},{"volume-title":"Usenix Security Symposium: 171-184","year":"2008","author":"Small S.","key":"e_1_2_1_14_1"},{"key":"e_1_2_1_15_1","unstructured":"Stewart J. 2008. Danmec\/Asprox SQL injection attack tool analysis. Secure Works Online (May); www. secureworks.com\/research\/threats\/danmecasprox.  Stewart J. 2008. Danmec\/Asprox SQL injection attack tool analysis. Secure Works Online (May); www. secureworks.com\/research\/threats\/danmecasprox."}],"container-title":["Queue"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1515964.1517412","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1515964.1517412","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:38:44Z","timestamp":1750253924000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1515964.1517412"}},"subtitle":["Web-based malware attacks are more insidious than ever. What can be done to stem the tide?"],"short-title":[],"issued":{"date-parts":[[2009,2]]},"references-count":14,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2009,2]]}},"alternative-id":["10.1145\/1515964.1517412"],"URL":"https:\/\/doi.org\/10.1145\/1515964.1517412","relation":{},"ISSN":["1542-7730","1542-7749"],"issn-type":[{"type":"print","value":"1542-7730"},{"type":"electronic","value":"1542-7749"}],"subject":[],"published":{"date-parts":[[2009,2]]},"assertion":[{"value":"2009-02-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}