{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:27:35Z","timestamp":1750307255570,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":20,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,3,22]],"date-time":"2011-03-22T00:00:00Z","timestamp":1300752000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Doctoral Program of Higher Education of China","award":["2.01E+11"],"award-info":[{"award-number":["2.01E+11"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,3,22]]},"DOI":"10.1145\/1966913.1966938","type":"proceedings-article","created":{"date-parts":[[2011,4,7]],"date-time":"2011-04-07T09:36:11Z","timestamp":1302168971000},"page":"186-195","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["WebPatrol"],"prefix":"10.1145","author":[{"given":"Kevin Zhijie","family":"Chen","sequence":"first","affiliation":[{"name":"Peking University and UC Berkeley"}]},{"given":"Guofei","family":"Gu","sequence":"additional","affiliation":[{"name":"Texas A&M University"}]},{"given":"Jianwei","family":"Zhuge","sequence":"additional","affiliation":[{"name":"Tsinghua University"}]},{"given":"Jose","family":"Nazario","sequence":"additional","affiliation":[{"name":"Arbor Networks"}]},{"given":"Xinhui","family":"Han","sequence":"additional","affiliation":[{"name":"Peking University"}]}],"member":"320","published-online":{"date-parts":[[2011,3,22]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Capture-HPC. https:\/\/projects.honeynet.org\/capture-hpc.  Capture-HPC. https:\/\/projects.honeynet.org\/capture-hpc."},{"key":"e_1_3_2_1_2_1","unstructured":"libemu: x86 shellcode detection and emulation. http:\/\/libemu.carnivore.it\/.  libemu: x86 shellcode detection and emulation. http:\/\/libemu.carnivore.it\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Malzilla: Malware hunting tool. http:\/\/malzilla.sourceforge.net\/.  Malzilla: Malware hunting tool. http:\/\/malzilla.sourceforge.net\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Polipo: a caching web proxy. http:\/\/www.pps.jussieu.fr\/~jch\/software\/polipo\/.  Polipo: a caching web proxy. http:\/\/www.pps.jussieu.fr\/~jch\/software\/polipo\/."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_9"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_7_1","unstructured":"CVE-2007-4105. Baidu soba remote code execute vulnerability. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=2007-4105.  CVE-2007-4105. Baidu soba remote code execute vulnerability. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=2007-4105."},{"key":"e_1_3_2_1_8_1","volume-title":"Black Hat USA","author":"Feinstein B.","year":"2007","unstructured":"B. Feinstein , D. Peck , and I. SecureWorks . Caffeine monkey: Automated collection, detection and analysis of malicious javascript . Black Hat USA , 2007 . B. Feinstein, D. Peck, and I. SecureWorks. Caffeine monkey: Automated collection, detection and analysis of malicious javascript. Black Hat USA, 2007."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.41"},{"key":"e_1_3_2_1_10_1","volume-title":"new botnet framework in-the-wild","author":"Mieres J.","year":"2009","unstructured":"J. Mieres . Fragus. new botnet framework in-the-wild , 2009 . http:\/\/evilfingers.blogspot.com\/2009\/08\/fragus-new-botnet-framework-in-wild.html. J. Mieres. Fragus. new botnet framework in-the-wild, 2009. http:\/\/evilfingers.blogspot.com\/2009\/08\/fragus-new-botnet-framework-in-wild.html."},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threat","author":"Nazario J.","year":"2009","unstructured":"J. Nazario . PhoneyC : a virtual client honeypot . In Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threat , 2009 . J. Nazario. PhoneyC: a virtual client honeypot. In Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threat, 2009."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 1st USENIX Workshop on Large-scale Exploits and Emergent Threats","author":"Polychronakis M.","year":"2008","unstructured":"M. Polychronakis , P. Mavrommatis , and N. Provos . Ghost turns zombie: exploring the life cycle of web-based malware . In Proceedings of the 1st USENIX Workshop on Large-scale Exploits and Emergent Threats , 2008 . M. Polychronakis, P. Mavrommatis, and N. Provos. Ghost turns zombie: exploring the life cycle of web-based malware. In Proceedings of the 1st USENIX Workshop on Large-scale Exploits and Emergent Threats, 2008."},{"key":"e_1_3_2_1_13_1","first-page":"1","volume-title":"Proceedings of the 17th USENIX Security Symposium","author":"Provos N.","year":"2008","unstructured":"N. Provos , P. Mavrommatis , M. A. Rajab , and F. Monrose . All your iFRAMEs point to us . In Proceedings of the 17th USENIX Security Symposium , pages 1 -- 15 , 2008 . N. Provos, P. Mavrommatis, M. A. Rajab, and F. Monrose. All your iFRAMEs point to us. In Proceedings of the 17th USENIX Security Symposium, pages 1--15, 2008."},{"key":"e_1_3_2_1_14_1","volume-title":"The Ghost In The Browser. In First Workshop on Hot Topics in Understanding Botnets","author":"Provos N.","year":"2007","unstructured":"N. Provos , D. McNamee , P. Mavrommatis , K. Wang , and N. Modadugu . The Ghost In The Browser. In First Workshop on Hot Topics in Understanding Botnets , 2007 . N. Provos, D. McNamee, P. Mavrommatis, K. Wang, and N. Modadugu. The Ghost In The Browser. In First Workshop on Hot Topics in Understanding Botnets, 2007."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02620-1_2"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755688.1755705"},{"key":"e_1_3_2_1_17_1","unstructured":"W3C. XMLHttpRequest. http:\/\/www.w3.org\/TR\/XMLHttpRequest\/.  W3C. XMLHttpRequest. http:\/\/www.w3.org\/TR\/XMLHttpRequest\/."},{"key":"e_1_3_2_1_18_1","volume-title":"Part of Works in Progress at the 14th USENIX Security Symposium","author":"Wang Y. M.","year":"2007","unstructured":"Y. M. Wang . Strider HoneyMonkeys: active Client-Side honeypots for finding web sites that exploit browser vulnerabilities . In Part of Works in Progress at the 14th USENIX Security Symposium , 2007 . Y. M. Wang. Strider HoneyMonkeys: active Client-Side honeypots for finding web sites that exploit browser vulnerabilities. In Part of Works in Progress at the 14th USENIX Security Symposium, 2007."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1785001.1785045"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the 7th Workshop on the Economics of Information Security","author":"Zhuge J.","year":"2007","unstructured":"J. Zhuge , T. Holz , C. Song , J. Guo , X. Han , and W. Zou . Studying malicious websites and the underground economy on the chinese web . In Proceedings of the 7th Workshop on the Economics of Information Security , 2007 . J. Zhuge, T. Holz, C. Song, J. Guo, X. Han, and W. Zou. Studying malicious websites and the underground economy on the chinese web. In Proceedings of the 7th Workshop on the Economics of Information Security, 2007."}],"event":{"name":"ASIA CCS '11: 6th ACM Symposium on Information, Compuer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Hong Kong China","acronym":"ASIA CCS '11"},"container-title":["Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1966913.1966938","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1966913.1966938","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T10:52:25Z","timestamp":1750243945000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1966913.1966938"}},"subtitle":["automated collection and replay of web-based malware scenarios"],"short-title":[],"issued":{"date-parts":[[2011,3,22]]},"references-count":20,"alternative-id":["10.1145\/1966913.1966938","10.1145\/1966913"],"URL":"https:\/\/doi.org\/10.1145\/1966913.1966938","relation":{},"subject":[],"published":{"date-parts":[[2011,3,22]]},"assertion":[{"value":"2011-03-22","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}