{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:32:15Z","timestamp":1772119935676,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":21,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,12,6]],"date-time":"2010-12-06T00:00:00Z","timestamp":1291593600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,12,6]]},"DOI":"10.1145\/1920261.1920267","type":"proceedings-article","created":{"date-parts":[[2010,12,20]],"date-time":"2010-12-20T16:13:47Z","timestamp":1292861627000},"page":"31-39","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":128,"title":["Cujo"],"prefix":"10.1145","author":[{"given":"Konrad","family":"Rieck","sequence":"first","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Germany"}]},{"given":"Tammo","family":"Krueger","sequence":"additional","affiliation":[{"name":"Fraunhofer Institute FIRST, Germany"}]},{"given":"Andreas","family":"Dewald","sequence":"additional","affiliation":[{"name":"University of Mannheim, Germany"}]}],"member":"320","published-online":{"date-parts":[[2010,12,6]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"ECMAScript Language Specification (JavaScript)","author":"Standard","year":"1999","unstructured":"Standard ECMA-262 : ECMAScript Language Specification (JavaScript) . 3 rd Edition, ECMA International , 1999 . Standard ECMA-262: ECMAScript Language Specification (JavaScript). 3rd Edition, ECMA International, 1999.","edition":"3"},{"key":"e_1_3_2_1_2_1","volume-title":"Trends for","author":"Internet Security Threat Report Symantec Global","year":"2009","unstructured":"Symantec Global Internet Security Threat Report : Trends for 2009 . Vol. XIV , Symantec, Inc. , 2010. Symantec Global Internet Security Threat Report: Trends for 2009. Vol. XIV, Symantec, Inc., 2010."},{"key":"e_1_3_2_1_3_1","volume-title":"Compilers Principles, Techniques, and Tools","author":"Aho A.","year":"1985","unstructured":"A. Aho , R. Sethi , and J. Ullman . Compilers Principles, Techniques, and Tools . Addison-Wesley , 1985 . A. Aho, R. Sethi, and J. Ullman. Compilers Principles, Techniques, and Tools. Addison-Wesley, 1985."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496702.1496703"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774482"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-05437-2_5"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/1390681.1442794"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/1947337.1947356"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-007-0076-7"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1141277.1141357"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/72.914517"},{"key":"e_1_3_2_1_14_1","volume-title":"Proc. of USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)","author":"Nazario J.","year":"2009","unstructured":"J. Nazario . A virtual client honeypot . In Proc. of USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) , 2009 . J. Nazario. A virtual client honeypot. In Proc. of USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2009."},{"key":"e_1_3_2_1_15_1","volume-title":"Proc. of USENIX Security Symposium","author":"Provos N.","year":"2008","unstructured":"N. Provos , P. Mavrommatis , M. Rajab , and F. Monrose . All your iframes point to us . In Proc. of USENIX Security Symposium , 2008 . N. Provos, P. Mavrommatis, M. Rajab, and F. Monrose. All your iframes point to us. In Proc. of USENIX Security Symposium, 2008."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/1323128.1323132"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/11790754_5"},{"key":"e_1_3_2_1_19_1","volume-title":"Linear-time computation of similarity measures for sequential data. Journal of Machine Learning Research, 9(Jan):23--48","author":"Rieck K.","year":"2008","unstructured":"K. Rieck and P. Laskov . Linear-time computation of similarity measures for sequential data. Journal of Machine Learning Research, 9(Jan):23--48 , 2008 . K. Rieck and P. Laskov. Linear-time computation of similarity measures for sequential data. Journal of Machine Learning Research, 9(Jan):23--48, 2008."},{"key":"e_1_3_2_1_20_1","volume-title":"Learning with Kernels","author":"Sch\u00f6lkopf B.","year":"2002","unstructured":"B. Sch\u00f6lkopf and A. Smola . Learning with Kernels . MIT Press , Cambridge, MA , 2002 . B. Sch\u00f6lkopf and A. Smola. Learning with Kernels. MIT Press, Cambridge, MA, 2002."},{"key":"e_1_3_2_1_21_1","volume-title":"Capture -- honeypot client (Capture-HPC)","author":"Seifert C.","year":"2006","unstructured":"C. Seifert and R. Steenson . Capture -- honeypot client (Capture-HPC) . Victoria University of Wellington , NZ , https:\/\/projects.honeynet.org\/capture-hpc, 2006 . C. Seifert and R. Steenson. Capture -- honeypot client (Capture-HPC). Victoria University of Wellington, NZ, https:\/\/projects.honeynet.org\/capture-hpc, 2006."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_12"}],"event":{"name":"ACSAC '10: 2010 Annual Computer Security Applications Conference","location":"Austin Texas USA","acronym":"ACSAC '10","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 26th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1920261.1920267","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1920261.1920267","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T20:22:43Z","timestamp":1750278163000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1920261.1920267"}},"subtitle":["efficient detection and prevention of drive-by-download attacks"],"short-title":[],"issued":{"date-parts":[[2010,12,6]]},"references-count":21,"alternative-id":["10.1145\/1920261.1920267","10.1145\/1920261"],"URL":"https:\/\/doi.org\/10.1145\/1920261.1920267","relation":{},"subject":[],"published":{"date-parts":[[2010,12,6]]},"assertion":[{"value":"2010-12-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}