{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:31:55Z","timestamp":1750307515569,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2009,6,28]],"date-time":"2009-06-28T00:00:00Z","timestamp":1246147200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["FP7-ICT-216026-WOMBAT"],"award-info":[{"award-number":["FP7-ICT-216026-WOMBAT"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2009,6,28]]},"DOI":"10.1145\/1599272.1599277","type":"proceedings-article","created":{"date-parts":[[2009,9,8]],"date-time":"2009-09-08T12:53:09Z","timestamp":1252414389000},"page":"11-21","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Addressing the attack attribution problem using knowledge discovery and multi-criteria fuzzy decision-making"],"prefix":"10.1145","author":[{"given":"Olivier","family":"Thonnard","sequence":"first","affiliation":[{"name":"Royal Military Academy, Brussels, Belgium"}]},{"given":"Wim","family":"Mees","sequence":"additional","affiliation":[{"name":"Royal Military Academy, Brussels, Belgium"}]},{"given":"Marc","family":"Dacier","sequence":"additional","affiliation":[{"name":"Symantec Research, Sophia Antipolis, France"}]}],"member":"320","published-online":{"date-parts":[[2009,6,28]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/505202.505211"},{"volume-title":"Advances in Information Security. Springer","year":"2006","author":"Barford Paul","key":"e_1_3_2_1_2_1"},{"volume-title":"European Network and Information Security Agency (ENISA)","year":"2007","author":"Barroso David","key":"e_1_3_2_1_3_1"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2008.299"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298319"},{"volume-title":"Proceedings of the Steps to Reducing Unwanted Traffic on the Internet (SRUTI 2005 Workshop)","year":"2005","author":"Cooke Evan","key":"e_1_3_2_1_6_1"},{"key":"e_1_3_2_1_7_1","unstructured":"B. Fuglede and F. Topsoe. Jensen-shannon divergence and hilbert space embedding. pages 31-- June-2 July 2004.  B. Fuglede and F. Topsoe. Jensen-shannon divergence and hilbert space embedding. pages 31-- June-2 July 2004."},{"volume-title":"Proceedings of the 17th USENIX Security Symposium","year":"2008","author":"Gu G.","key":"e_1_3_2_1_8_1"},{"volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08)","year":"2008","author":"Gu Guofei","key":"e_1_3_2_1_9_1"},{"key":"e_1_3_2_1_10_1","first-page":"833","volume-title":"Advances in Neural Information Processing Systems 15","volume":"15","author":"Hinton Geoffrey","year":"2003"},{"key":"e_1_3_2_1_11_1","unstructured":"A. K. Jain and R. C. Dubes. Algorithms for Clustering Data. Prentice-Hall advanced reference series 1988.   A. K. Jain and R. C. Dubes. Algorithms for Clustering Data . Prentice-Hall advanced reference series 1988."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177729694"},{"key":"e_1_3_2_1_13_1","unstructured":"Wenke\n       \n      Lee Cliff\n       \n      Wang and \n      \n      \n      David\n       \n      Dagon editors\n  . \n  Botnet Detection\n  : Countering the Largest Security Threat volume \n  36\n   of \n  Advances in Information Security\n  . \n  Springer 2008\n  .  Wenke Lee Cliff Wang and David Dagon editors. Botnet Detection: Countering the Largest Security Threat volume 36 of Advances in Information Security . Springer 2008."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/WISTDCS.2008.8"},{"issue":"1","key":"e_1_3_2_1_15_1","first-page":"145","article-title":"Divergence measures based on the shannon entropy. Information Theory","volume":"37","author":"Lin J.","year":"1991","journal-title":"IEEE Transactions on"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1006\/ijhc.1973.0303"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1028788.1028794"},{"key":"e_1_3_2_1_18_1","unstructured":"Markus K\u00f6tter Georg Wicherski Paul B\u00e4cher Thorsten Holz. Know your enemy: Tracking botnets. In http:\/\/www.honeynet.org\/papers\/bots\/.  Markus K\u00f6tter Georg Wicherski Paul B\u00e4cher Thorsten Holz. Know your enemy: Tracking botnets. In http:\/\/www.honeynet.org\/papers\/bots\/."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1965841.1965859"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_13"},{"volume-title":"Brisbane","year":"2004","author":"Pouget F.","key":"e_1_3_2_1_21_1"},{"key":"e_1_3_2_1_22_1","unstructured":"The Leurre.com Project. http:\/\/www.leurrecom.org.  The Leurre.com Project. http:\/\/www.leurrecom.org."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1177080.1177086"},{"key":"e_1_3_2_1_24_1","unstructured":"Symantec Security Response. W32.rahack.h {april 2009}.  Symantec Security Response. W32.rahack.h {april 2009}."},{"volume-title":"Elsevier Science Inc.","year":"1985","author":"Sugeno Michio","key":"e_1_3_2_1_25_1"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2008.05.012"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDMW.2008.78"},{"key":"e_1_3_2_1_28_1","first-page":"2579","article-title":"Visualizing data using t-sne","volume":"9","author":"van der Maaten Laurens","year":"2008","journal-title":"Journal of Machine Learning Research"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/21.87068"},{"volume-title":"Fourth ACM Sigcomm Workshop on Hot Topics in Networking (Hotnets IV)","year":"2005","author":"Yegneswaran V","key":"e_1_3_2_1_30_1"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/781027.781045"}],"event":{"name":"KDD09: The 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining","sponsor":["SIGMOD ACM Special Interest Group on Management of Data","SIGKDD ACM Special Interest Group on Knowledge Discovery in Data"],"location":"Paris France","acronym":"KDD09"},"container-title":["Proceedings of the ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1599272.1599277","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1599272.1599277","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:18:09Z","timestamp":1750249089000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1599272.1599277"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,6,28]]},"references-count":31,"alternative-id":["10.1145\/1599272.1599277","10.1145\/1599272"],"URL":"https:\/\/doi.org\/10.1145\/1599272.1599277","relation":{},"subject":[],"published":{"date-parts":[[2009,6,28]]},"assertion":[{"value":"2009-06-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}