{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:15:09Z","timestamp":1763468109330,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":39,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,9,18]],"date-time":"2012-09-18T00:00:00Z","timestamp":1347926400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,9,18]]},"DOI":"10.1145\/2413296.2413302","type":"proceedings-article","created":{"date-parts":[[2012,12,17]],"date-time":"2012-12-17T15:12:21Z","timestamp":1355757141000},"page":"53-66","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Beyond the blacklist"],"prefix":"10.1145","author":[{"given":"Benjamin","family":"Edwards","sequence":"first","affiliation":[{"name":"University of New Mexico, Albuquerque, NM, USA"}]},{"given":"Tyler","family":"Moore","sequence":"additional","affiliation":[{"name":"Southern Methodist University, Dallas, TX, USA"}]},{"given":"George","family":"Stelle","sequence":"additional","affiliation":[{"name":"University of New Mexico, Albuquerque, NM, USA"}]},{"given":"Steven","family":"Hofmeyr","sequence":"additional","affiliation":[{"name":"Lawrence Berkley National Laboratory, Berkley, CA, USA"}]},{"given":"Stephanie","family":"Forrest","sequence":"additional","affiliation":[{"name":"University of New Mexico, Albuquerque, NM, USA"}]}],"member":"320","published-online":{"date-parts":[[2012,9,18]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1126\/science.287.5461.2115a"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1137\/070710111"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_4_1","volume-title":"Proc. 20th USENIX Security Symp.","author":"Curtsinger C.","year":"2011","unstructured":"C. Curtsinger , B. Livshits , B. Zorgn , and C. Seifert . ZOZZLE: Fast and precise in-browser JavaScript malware detection . In Proc. 20th USENIX Security Symp. , Aug. 2011 . C. Curtsinger, B. Livshits, B. Zorgn, and C. Seifert. ZOZZLE: Fast and precise in-browser JavaScript malware detection. In Proc. 20th USENIX Security Symp., Aug. 2011."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357219"},{"key":"e_1_3_2_1_6_1","unstructured":"J. Erasmus. Compromised ftp details being exploited by in the wild malware June 2009. http:\/\/www.prevx.com\/blog\/132\/Compromised.html.  J. Erasmus. Compromised ftp details being exploited by in the wild malware June 2009. http:\/\/www.prevx.com\/blog\/132\/Compromised.html."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"e_1_3_2_1_8_1","volume-title":"Proc. USENIX Security Symp.","author":"Ghosh A.","year":"1999","unstructured":"A. Ghosh and A. Schwartzbard . A study in using neural networks for anomaly and misuse detection . In Proc. USENIX Security Symp. , 1999 . A. Ghosh and A. Schwartzbard. A study in using neural networks for anomaly and misuse detection. In Proc. USENIX Security Symp., 1999."},{"key":"e_1_3_2_1_9_1","volume-title":"Limit distributions for sums of independent random variables","author":"Gnedenko B.","year":"1968","unstructured":"B. Gnedenko , A. Kolmogorov , K. Chung , and J. Doob . Limit distributions for sums of independent random variables , volume 195 . Addison-Wesley Reading , MA :, 1968 . B. Gnedenko, A. Kolmogorov, K. Chung, and J. Doob. Limit distributions for sums of independent random variables, volume 195. Addison-Wesley Reading, MA:, 1968."},{"key":"e_1_3_2_1_10_1","unstructured":"Google. Safe browsing api. http:\/\/code.google.com\/apis\/safebrowsing\/.  Google. Safe browsing api. http:\/\/code.google.com\/apis\/safebrowsing\/."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2003.1214281"},{"key":"e_1_3_2_1_12_1","volume-title":"Proc. 10th Workshop on the Economics of Information Security","author":"Hofmeyr S.","year":"2011","unstructured":"S. Hofmeyr , T. Moore , B. Edwards , S. Forrest , and G. Stelle . Modeling Internet-scale policies for cleaning up malware . In Proc. 10th Workshop on the Economics of Information Security , 2011 . S. Hofmeyr, T. Moore, B. Edwards, S. Forrest, and G. Stelle. Modeling Internet-scale policies for cleaning up malware. In Proc. 10th Workshop on the Economics of Information Security, 2011."},{"key":"e_1_3_2_1_13_1","unstructured":"HP. Immunity manager. Website. http:\/\/www.hp.com\/rnd\/pdfs\/ProCurve_Network_Immunity_Manager1_0.pdf.  HP. Immunity manager. Website. http:\/\/www.hp.com\/rnd\/pdfs\/ProCurve_Network_Immunity_Manager1_0.pdf."},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the USENIX Security Symposium 2011","author":"John J.","year":"2011","unstructured":"J. John , F. Yu , Y. Xie , M. Abadi , and A. Krishnamurthy . deSEO: Combating search-result poisoning . In Proceedings of the USENIX Security Symposium 2011 , San Francisco, CA , 2011 . J. John, F. Yu, Y. Xie, M. Abadi, and A. Krishnamurthy. deSEO: Combating search-result poisoning. In Proceedings of the USENIX Security Symposium 2011, San Francisco, CA, 2011."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2006.320179"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2005.07.009"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.24"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979244"},{"key":"e_1_3_2_1_19_1","volume-title":"Proc. USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET)","author":"Liu H.","year":"2011","unstructured":"H. Liu , K. Levchenko , M. F\u00e9legyh\u00e1zi , C. Kreibich , G. Maier , G. M. Voelker , and S. Savage . On the effects of registrar-level intervention . In Proc. USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET) , Boston, MA , March 2011 . H. Liu, K. Levchenko, M. F\u00e9legyh\u00e1zi, C. Kreibich, G. Maier, G. M. Voelker, and S. Savage. On the effects of registrar-level intervention. In Proc. USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866356"},{"key":"e_1_3_2_1_21_1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1007\/978-3-642-18009-5_6","volume-title":"Algorithms and Models for the Web-Graph","author":"Meiss M.","year":"2010","unstructured":"M. Meiss , B. Gon\u00e7alves , J. Ramasco , A. Flammini , and F. Menczer . Modeling traffic on the web graph . In R. Kumar and D. Sivakumar, editors, Algorithms and Models for the Web-Graph , volume 6516 of Lecture Notes in Computer Science , pages 50 -- 61 . Springer Berlin \/ Heidelberg , 2010 . M. Meiss, B. Gon\u00e7alves, J. Ramasco, A. Flammini, and F. Menczer. Modeling traffic on the web graph. In R. Kumar and D. Sivakumar, editors, Algorithms and Models for the Web-Graph, volume 6516 of Lecture Notes in Computer Science, pages 50--61. Springer Berlin \/ Heidelberg, 2010."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046761"},{"key":"e_1_3_2_1_23_1","volume-title":"NDSS","author":"Moshchuk A.","year":"2006","unstructured":"A. Moshchuk , T. Bragin , S. D. Gribble , and H. M. Levy . A crawler-based study of spyware in the web . In NDSS , 2006 . A. Moshchuk, T. Bragin, S. D. Gribble, and H. M. Levy. A crawler-based study of spyware in the web. In NDSS, 2006."},{"key":"e_1_3_2_1_24_1","unstructured":"Niels Provos. Safe browsing - protecting web users for 5 years and counting. http:\/\/googleonlinesecurity.blogspot.com\/2012\/06\/safe-browsing-protecti%ng-web-users-for.html.  Niels Provos. Safe browsing - protecting web users for 5 years and counting. http:\/\/googleonlinesecurity.blogspot.com\/2012\/06\/safe-browsing-protecti%ng-web-users-for.html."},{"key":"e_1_3_2_1_25_1","unstructured":"U. Parasites. Practical guide to dealing with Google's malware warnings. http:\/\/www.unmaskparasites.com\/malware-warning-guide\/.  U. Parasites. Practical guide to dealing with Google's malware warnings. http:\/\/www.unmaskparasites.com\/malware-warning-guide\/."},{"key":"e_1_3_2_1_26_1","volume-title":"Proc. 17th USENIX Security Symp.","author":"Provos N.","year":"2008","unstructured":"N. Provos , P. Mavrommatis , M. Rajab , and F. Monrose . All your iFrames point to us . In Proc. 17th USENIX Security Symp. , Aug. 2008 . N. Provos, P. Mavrommatis, M. Rajab, and F. Monrose. All your iFrames point to us. In Proc. 17th USENIX Security Symp., Aug. 2008."},{"key":"e_1_3_2_1_27_1","volume-title":"Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots'07)","author":"Provos N.","year":"2007","unstructured":"N. Provos , D. McNamee , P. Mavrommatis , K. Wang , and N. Modadugu . The ghost in the browser: Analysis of web-based malware . In Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots'07) , Cambridge, MA , Apr. 2007 . N. Provos, D. McNamee, P. Mavrommatis, K. Wang, and N. Modadugu. The ghost in the browser: Analysis of web-based malware. In Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots'07), Cambridge, MA, Apr. 2007."},{"key":"e_1_3_2_1_28_1","volume-title":"Google","author":"Rajab M.","year":"2011","unstructured":"M. Rajab , L. Ballard , N. Jagpal , P. Mavrommatis , D. Nojiri , N. Provos , and L. Schmidt . Trends in circumventing web-malware detection. Technical report , Google , July 2011 . http:\/\/static.googleusercontent.com\/external_content\/untrusted_dlcp\/research.google.com\/en\/us\/archive\/papers\/rajab-2011a.pdf. M. Rajab, L. Ballard, N. Jagpal, P. Mavrommatis, D. Nojiri, N. Provos, and L. Schmidt. Trends in circumventing web-malware detection. Technical report, Google, July 2011. http:\/\/static.googleusercontent.com\/external_content\/untrusted_dlcp\/research.google.com\/en\/us\/archive\/papers\/rajab-2011a.pdf."},{"key":"e_1_3_2_1_29_1","first-page":"185","volume-title":"In Proceedings of the 9th USENIX Security Symposium","author":"Somayaji A.","year":"2000","unstructured":"A. Somayaji and S. Forrest . Automated response using system-call delays . In In Proceedings of the 9th USENIX Security Symposium , pages 185 -- 197 , 2000 . A. Somayaji and S. Forrest. Automated response using system-call delays. In In Proceedings of the 9th USENIX Security Symposium, pages 185--197, 2000."},{"key":"e_1_3_2_1_30_1","volume-title":"SOUPS Usable Security Experiment Reports (USER) Workshop","author":"Sotirakopoulos A.","year":"2010","unstructured":"A. Sotirakopoulos , K. Hawkey , and K. Beznosov . I did it because i trusted you: Challenges with the study environment biasing participant behaviours . In SOUPS Usable Security Experiment Reports (USER) Workshop , 2010 . A. Sotirakopoulos, K. Hawkey, and K. Beznosov. I did it because i trusted you: Challenges with the study environment biasing participant behaviours. In SOUPS Usable Security Experiment Reports (USER) Workshop, 2010."},{"key":"e_1_3_2_1_31_1","first-page":"399","volume-title":"Proceedings of the 18th conference on USENIX security symposium, SSYM'09","author":"Sunshine J.","year":"2009","unstructured":"J. Sunshine , S. Egelman , H. Almuhimedi , N. Atri , and L. F. Cranor . Crying wolf: an empirical study of ssl warning effectiveness . In Proceedings of the 18th conference on USENIX security symposium, SSYM'09 , pages 399 -- 416 , Berkeley, CA, USA , 2009 . USENIX Association. J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, and L. F. Cranor. Crying wolf: an empirical study of ssl warning effectiveness. In Proceedings of the 18th conference on USENIX security symposium, SSYM'09, pages 399--416, Berkeley, CA, USA, 2009. USENIX Association."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/2372336.2372344"},{"key":"e_1_3_2_1_33_1","volume-title":"The statistical mechanics of financial markets","author":"Voit J.","year":"2005","unstructured":"J. Voit . The statistical mechanics of financial markets . Springer Verlag , 2005 . J. Voit. The statistical mechanics of financial markets. Springer Verlag, 2005."},{"key":"e_1_3_2_1_34_1","volume-title":"NDSS","author":"Wang Y.-M.","year":"2006","unstructured":"Y.-M. Wang , D. Beck , X. Jiang , R. Roussev , C. Verbowski , S. Chen , and S. T. King . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In NDSS , 2006 . Y.-M. Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen, and S. T. King. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In NDSS, 2006."},{"key":"e_1_3_2_1_35_1","volume-title":"Whitehat website security statistic report","author":"Security WhiteHat","year":"2011","unstructured":"WhiteHat Security . Whitehat website security statistic report : Winter 2011 , 11 th edition. Technical report, 2011. https:\/\/www.whitehatsec.com\/assets\/WPstats_winter11_11th.pdf?doc=WPstats_fall10_10th. WhiteHat Security. Whitehat website security statistic report: Winter 2011, 11th edition. Technical report, 2011. https:\/\/www.whitehatsec.com\/assets\/WPstats_winter11_11th.pdf?doc=WPstats_fall10_10th.","edition":"11"},{"key":"e_1_3_2_1_36_1","volume-title":"Proc. ACSAC '02","author":"Williamson M. M.","year":"2002","unstructured":"M. M. Williamson . Throttling viruses : Restricting propagation to defeat malicous mobile code . In Proc. ACSAC '02 , Las Vegas, Nevada , Dec. 2002 . M. M. Williamson. Throttling viruses: Restricting propagation to defeat malicous mobile code. In Proc. ACSAC '02, Las Vegas, Nevada, Dec. 2002."},{"key":"e_1_3_2_1_37_1","volume-title":"Proc. RAID '05","author":"Wong C.","year":"2005","unstructured":"C. Wong , S. Bielski , A. Studer , and C. Wang . On the effectiveness of rate limiting mechanisms . In Proc. RAID '05 , 2005 . C. Wong, S. Bielski, A. Studer, and C. Wang. On the effectiveness of rate limiting mechanisms. In Proc. RAID '05, 2005."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00024-004-2666-3"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586130"}],"event":{"name":"NSPW '12: The New Security Paradigms Workshop","sponsor":["ACSA Applied Computing Security Assoc","ACM Association for Computing Machinery","Microsoft Microsoft","CA Labs CA Labs"],"location":"Bertinoro Italy","acronym":"NSPW '12"},"container-title":["Proceedings of the 2012 New Security Paradigms Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2413296.2413302","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2413296.2413302","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:21:09Z","timestamp":1750238469000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2413296.2413302"}},"subtitle":["modeling malware spread and the effect of interventions"],"short-title":[],"issued":{"date-parts":[[2012,9,18]]},"references-count":39,"alternative-id":["10.1145\/2413296.2413302","10.1145\/2413296"],"URL":"https:\/\/doi.org\/10.1145\/2413296.2413302","relation":{},"subject":[],"published":{"date-parts":[[2012,9,18]]},"assertion":[{"value":"2012-09-18","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}