{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T10:39:51Z","timestamp":1766486391738,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,24]],"date-time":"2017-10-24T00:00:00Z","timestamp":1508803200000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1618493","CNS-1223495","CNS-1223477","CNS-1527141"],"award-info":[{"award-number":["CNS-1618493","CNS-1223495","CNS-1223477","CNS-1527141"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978349","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T08:46:35Z","timestamp":1477385195000},"page":"1541-1552","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Lurking Malice in the Cloud"],"prefix":"10.1145","author":[{"given":"Xiaojing","family":"Liao","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Sumayah","family":"Alrwais","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}]},{"given":"Kan","family":"Yuan","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}]},{"given":"Luyi","family":"Xing","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, USA"}]},{"given":"XiaoFeng","family":"Wang","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}]},{"given":"Shuang","family":"Hao","sequence":"additional","affiliation":[{"name":"University of California Santa Barbara, Santa Barbara, CA, USA"}]},{"given":"Raheem","family":"Beyah","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"unstructured":"Buckets. https:\/\/cloud.google.com\/storage\/docs\/json_api\/v1\/buckets. {Online}.","key":"e_1_3_2_1_1_1"},{"unstructured":"Servnet. https:\/\/servnetshsztndci.onion. {Online}.","key":"e_1_3_2_1_2_1"},{"unstructured":"A. authors. Details omitted for double-blind reviewing.","key":"e_1_3_2_1_3_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_4_1","DOI":"10.5555\/1162264"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_5_1","DOI":"10.1145\/2508859.2516725"},{"volume-title":"http:\/\/builtwith.com\/","year":"2015","unstructured":"BuiltWith. Builtwith. http:\/\/builtwith.com\/, 2015. {Online}.","key":"e_1_3_2_1_6_1"},{"unstructured":"Clean-MX. Clean mx realtime database. http:\/\/support.clean-mx.de\/clean-mx\/viruses.php 2015. {Online}.","key":"e_1_3_2_1_7_1"},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of Kdd workshop on data cleaning and object consolidation","author":"Cohen W.","year":"2003","unstructured":"W. Cohen, P. Ravikumar, and S. Fienberg. A comparison of string metrics for matching names and records. In Proceedings of Kdd workshop on data cleaning and object consolidation, 2003."},{"key":"e_1_3_2_1_9_1","volume-title":"Common crawl. https:\/\/commoncrawl.org\/","author":"Crawl C.","year":"2015","unstructured":"C. Crawl. Common crawl. https:\/\/commoncrawl.org\/, 2015. {Online}."},{"volume-title":"Dgas in the hands of cyber-criminals:examining the state of the art in malware evasion techniques. https:\/\/www.damballa.com\/downloads\/r_pubs\/WP_DGAs-in-the-Hands-of-Cyber-Criminals.pdf","year":"2015","unstructured":"damballa. Dgas in the hands of cyber-criminals:examining the state of the art in malware evasion techniques. https:\/\/www.damballa.com\/downloads\/r_pubs\/WP_DGAs-in-the-Hands-of-Cyber-Criminals.pdf, 2015. {Online}.","key":"e_1_3_2_1_10_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_11_1","DOI":"10.1145\/2623330.2623354"},{"key":"e_1_3_2_1_12_1","volume-title":"https:\/\/www.dnsdb.info\/","author":"Passivedns DB.","year":"2015","unstructured":"DNSDB. Passivedns. https:\/\/www.dnsdb.info\/, 2015. {Online}."},{"volume-title":"Google hosted libraries. https:\/\/developers.google.com\/speed\/libraries\/?csw=1","year":"2015","unstructured":"Google. Google hosted libraries. https:\/\/developers.google.com\/speed\/libraries\/?csw=1, 2015. {Online}.","key":"e_1_3_2_1_13_1"},{"volume-title":"Publish website content. https:\/\/developers.google.com\/drive\/web\/publish-site","year":"2015","unstructured":"Google. Publish website content. https:\/\/developers.google.com\/drive\/web\/publish-site, 2015. {Online}.","key":"e_1_3_2_1_14_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_15_1","DOI":"10.1145\/2382196.2382283"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_16_1","DOI":"10.1007\/978-3-319-20550-2_10"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_17_1","DOI":"10.1145\/2046660.2046676"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_18_1","DOI":"10.1109\/SP.2012.33"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.14722\/ndss.2014.23269"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_20_1","DOI":"10.1109\/SP.2014.8"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_21_1","DOI":"10.1109\/SP.2013.18"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_22_1","DOI":"10.1145\/2872427.2883008"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_23_1","DOI":"10.1145\/2046707.2046761"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.5555\/2028067.2028072"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_25_1","DOI":"10.5555\/2831143.2831208"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_26_1","DOI":"10.1145\/1653662.1653687"},{"unstructured":"Scipy. scipy.cluster.hierarchy.linkage. http:\/\/docs.scipy.org\/doc\/scipy\/reference\/generated\/scipy.cluster.hierarchy.linkage.html 2015. {Online}.","key":"e_1_3_2_1_27_1"},{"unstructured":"Sklearn. sklearn.svm.svc. http:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.svm.SVC.html 2015. {Online}.","key":"e_1_3_2_1_28_1"},{"unstructured":"Snort. Snort ssl and tls. http:\/\/manual.snort.org\/node147.html 2015. {Online}.","key":"e_1_3_2_1_29_1"},{"volume-title":"https:\/\/www.solutionary.com\/_assets\/pdf\/research\/sert-q4--2013-threat-intelligence.pdf","year":"2015","unstructured":"solutionary. Threat-intelligence. https:\/\/www.solutionary.com\/_assets\/pdf\/research\/sert-q4--2013-threat-intelligence.pdf, 2015. {Online}.","key":"e_1_3_2_1_30_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_31_1","DOI":"10.1145\/2508859.2516682"},{"volume-title":"https:\/\/sucuri.net\/","year":"2015","unstructured":"Sucuri. Sucuri. https:\/\/sucuri.net\/, 2015. {Online}.","key":"e_1_3_2_1_32_1"},{"unstructured":"Symantec. The future of ids. http:\/\/www.symantec.com\/connect\/articles\/future-ids 2015. {Online}.","key":"e_1_3_2_1_33_1"},{"volume-title":"https:\/\/www.virustotal.com\/","year":"2015","unstructured":"VirusTotal. Virustotal. https:\/\/www.virustotal.com\/, 2015. {Online}.","key":"e_1_3_2_1_34_1"},{"volume-title":"http:\/\/www.morningstarsecurity.com\/research\/whatweb","year":"2015","unstructured":"WhatWeb. Whatweb. http:\/\/www.morningstarsecurity.com\/research\/whatweb, 2015. {Online}.","key":"e_1_3_2_1_35_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_36_1","DOI":"10.1109\/SP.2015.45"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_37_1","DOI":"10.1145\/2660267.2660356"}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"CCS'16","name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","location":"Vienna Austria"},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978349","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978349","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978349","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:25:45Z","timestamp":1763457945000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978349"}},"subtitle":["Understanding and Detecting Cloud Repository as a Malicious Service"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":37,"alternative-id":["10.1145\/2976749.2978349","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978349","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}