{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T20:14:54Z","timestamp":1768421694953,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,28]],"date-time":"2015-10-28T00:00:00Z","timestamp":1445990400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,28]]},"DOI":"10.1145\/2815675.2815682","type":"proceedings-article","created":{"date-parts":[[2015,10,27]],"date-time":"2015-10-27T12:37:04Z","timestamp":1445949424000},"page":"129-140","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["Reliable Recon in Adversarial Peer-to-Peer Botnets"],"prefix":"10.1145","author":[{"given":"Dennis","family":"Andriesse","sequence":"first","affiliation":[{"name":"VU University Amsterdam, Amsterdam, Netherlands"}]},{"given":"Christian","family":"Rossow","sequence":"additional","affiliation":[{"name":"Saarland University, Saarbr\u00fccken, Germany"}]},{"given":"Herbert","family":"Bos","sequence":"additional","affiliation":[{"name":"VU University Amsterdam, Amsterdam, Netherlands"}]}],"member":"320","published-online":{"date-parts":[[2015,10,28]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"D. Andriesse C. Rossow and H. Bos. Distributed Crawler Detection in Peer-to-Peer Botnets 2015. http:\/\/www.few.vu.nl\/~da.andriesse\/papers\/imc-2015-addendum.pdf.  D. Andriesse C. Rossow and H. Bos. Distributed Crawler Detection in Peer-to-Peer Botnets 2015. http:\/\/www.few.vu.nl\/~da.andriesse\/papers\/imc-2015-addendum.pdf."},{"key":"e_1_3_2_1_2_1","volume-title":"Highly Resilient Peer-to-Peer Botnets Are Here: An Analysis of Gameover Zeus. In MALWARE'13","author":"Andriesse D.","year":"2013"},{"key":"e_1_3_2_1_3_1","volume-title":"CryptoLocker, 2014","author":"Krebs Brian","year":"2014"},{"key":"e_1_3_2_1_4_1","unstructured":"CERT.pl. Zeus P2P Monitoring and Analysis 2013. Tech report. http:\/\/www.cert.pl\/PDF\/2013-06-p2p-rap_en.pdf.  CERT.pl. Zeus P2P Monitoring and Analysis 2013. Tech report. http:\/\/www.cert.pl\/PDF\/2013-06-p2p-rap_en.pdf."},{"key":"e_1_3_2_1_5_1","unstructured":"CrowdStrike. GameOver Zeus and CryptoLocker Takedown 2014. Tech report. http:\/\/www.crowdstrike.com\/blog\/gameover\/index.html.  CrowdStrike. GameOver Zeus and CryptoLocker Takedown 2014. Tech report. http:\/\/www.crowdstrike.com\/blog\/gameover\/index.html."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2008.4690855"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2006.45"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251375.1251396"},{"key":"e_1_3_2_1_9_1","volume-title":"USENIX Sec'13","author":"Durumeric Z.","year":"2013"},{"key":"e_1_3_2_1_10_1","unstructured":"N. Falliere. Sality: Story of a Peer-to-Peer Viral Network 2011. Tech report Symantec.  N. Falliere. Sality: Story of a Peer-to-Peer Viral Network 2011. Tech report Symantec."},{"key":"e_1_3_2_1_11_1","unstructured":"M. Garnaeva. Kelihos\/Hlux Botnet Returns with New Techniques 2012. Tech report SecureList. http:\/\/securelist.com\/blog\/virus-watch\/32021\/.  M. Garnaeva. Kelihos\/Hlux Botnet Returns with New Techniques 2012. Tech report SecureList. http:\/\/securelist.com\/blog\/virus-watch\/32021\/."},{"key":"e_1_3_2_1_12_1","unstructured":"Hide My Ass. List of Proxy Addresses. https:\/\/www.hidemyass.com\/proxy-list\/.  Hide My Ass. List of Proxy Addresses. https:\/\/www.hidemyass.com\/proxy-list\/."},{"key":"e_1_3_2_1_13_1","volume-title":"Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm. In LEET'08","author":"Holz T.","year":"2008"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/EC2ND.2008.11"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1533057.1533064"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_10"},{"key":"e_1_3_2_1_17_1","volume-title":"LEET'08","author":"Kanich C.","year":"2008"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2014.6883429"},{"key":"e_1_3_2_1_19_1","unstructured":"Kaspersky Lab. How Kaspersky Lab and CrowdStrike Dismantled the Hlux Botnet: Success Story 2012. http:\/\/newsroom.kaspersky.eu\/en\/texts\/detail\/article\/how-kaspersky-lab-and-crowdstrike-dismantled-the-second-hluxkelihos-botnet-success-story\/.  Kaspersky Lab. How Kaspersky Lab and CrowdStrike Dismantled the Hlux Botnet: Success Story 2012. http:\/\/newsroom.kaspersky.eu\/en\/texts\/detail\/article\/how-kaspersky-lab-and-crowdstrike-dismantled-the-second-hluxkelihos-botnet-success-story\/."},{"key":"e_1_3_2_1_20_1","unstructured":"P. Kleissner. Me Puppet Master: Behind the Scenes of Crawling P2P Botnets 2014. Tech report. http:\/\/blog.kleissner.org\/?p=455.  P. Kleissner. Me Puppet Master: Behind the Scenes of Crawling P2P Botnets 2014. Tech report. http:\/\/blog.kleissner.org\/?p=455."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.10"},{"key":"e_1_3_2_1_22_1","unstructured":"Microsoft Digital Crimes Unit. Microsoft the FBI Europol and industry partners disrupt the notorious ZeroAccess botnet 2013. http:\/\/www.microsoft.com\/en-us\/news\/press\/2013\/dec13\/12-05zeroaccessbotnetpr.aspx.  Microsoft Digital Crimes Unit. Microsoft the FBI Europol and industry partners disrupt the notorious ZeroAccess botnet 2013. http:\/\/www.microsoft.com\/en-us\/news\/press\/2013\/dec13\/12-05zeroaccessbotnetpr.aspx."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.12"},{"key":"e_1_3_2_1_24_1","volume-title":"CyberProbe: Towards Internet-Scale Active Detection of Malicious Servers. In NDSS'14","author":"Nappa A.","year":"2014"},{"key":"e_1_3_2_1_25_1","unstructured":"A. Neville and R. Gibb. ZeroAccess In-Depth 2013. Tech report Symantec.  A. Neville and R. Gibb. ZeroAccess In-Depth 2013. Tech report Symantec."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2008.63"},{"key":"e_1_3_2_1_27_1","volume-title":"HotBots'07","author":"Rajab M. A.","year":"2007"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.17"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2007.328"},{"key":"e_1_3_2_1_30_1","volume-title":"On Tracking Peer-to-Peer Botnets. In LEET'08","author":"Sarat S.","year":"2008"},{"key":"e_1_3_2_1_31_1","unstructured":"SIDN. AbuseHUB Launched to Tackle Botnets 2013. https:\/\/www.sidn.nl\/en\/news\/news\/article\/abusehub-van-start-botnets-aangepakt-1\/.  SIDN. AbuseHUB Launched to Tackle Botnets 2013. https:\/\/www.sidn.nl\/en\/news\/news\/article\/abusehub-van-start-botnets-aangepakt-1\/."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1460877.1460894"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/EC2ND.2009.10"},{"key":"e_1_3_2_1_34_1","unstructured":"G. Tenebro. W32.Waledac Threat Analysis 2009. Tech report Symantec.  G. Tenebro. W32.Waledac Threat Analysis 2009. Tech report Symantec."},{"key":"e_1_3_2_1_35_1","unstructured":"T. Werner. Botnet Shutdown Success Story: How Kaspersky Lab Disabled the Hlux\/Kelihos Botnet 2011. Tech report Kaspersky Lab. http:\/\/www.securelist.com\/en\/blog\/208193137\/.  T. Werner. Botnet Shutdown Success Story: How Kaspersky Lab Disabled the Hlux\/Kelihos Botnet 2011. Tech report Kaspersky Lab. http:\/\/www.securelist.com\/en\/blog\/208193137\/."},{"key":"e_1_3_2_1_36_1","unstructured":"J. Wyke. ZeroAccess 201"},{"key":"e_1_3_2_1_37_1","volume-title":"Lecture Notes in Computer Science","volume":"7001","author":"Yan G.","year":"2011"}],"event":{"name":"IMC '15: Internet Measurement Conference","location":"Tokyo Japan","acronym":"IMC '15","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication","USENIX Assoc USENIX Assoc"]},"container-title":["Proceedings of the 2015 Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2815675.2815682","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2815675.2815682","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:22Z","timestamp":1750225702000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2815675.2815682"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,10,28]]},"references-count":37,"alternative-id":["10.1145\/2815675.2815682","10.1145\/2815675"],"URL":"https:\/\/doi.org\/10.1145\/2815675.2815682","relation":{},"subject":[],"published":{"date-parts":[[2015,10,28]]},"assertion":[{"value":"2015-10-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}