{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:48:57Z","timestamp":1773154137275,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Air Force Research Laboratory\/Defense Advanced Research Projects Agency","award":["2106DTX"],"award-info":[{"award-number":["2106DTX"]}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["2106DGX"],"award-info":[{"award-number":["2106DGX"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000190","name":"U.S. Department of Commerce","doi-asserted-by":"publisher","award":["2106DEK,2106DZD"],"award-info":[{"award-number":["2106DEK,2106DZD"]}],"id":[{"id":"10.13039\/100000190","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3134083","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"1125-1142","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":51,"title":["Practical Attacks Against Graph-based Clustering"],"prefix":"10.1145","author":[{"given":"Yizheng","family":"Chen","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Yacin","family":"Nadji","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Athanasios","family":"Kountouras","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Fabian","family":"Monrose","sequence":"additional","affiliation":[{"name":"University of North Carolina at Chapel Hill, Chapel Hill, NC, USA"}]},{"given":"Roberto","family":"Perdisci","sequence":"additional","affiliation":[{"name":"University of Georgia, Athens, GA, USA"}]},{"given":"Manos","family":"Antonakakis","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Nikolaos","family":"Vasiloglou","sequence":"additional","affiliation":[{"name":"Symantec CAML Group, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Manos Antonakakis Roberto Perdisci David Dagon Wenke Lee and Nick Feamster 2010. Building a Dynamic Reputation System for DNS. In USENIX security symposium. 273--290."},{"key":"e_1_3_2_2_2_1","volume-title":"From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware Presented as part of the 21st USENIX Security Symposium (USENIX Security 12). 491--506","author":"Antonakakis Manos","unstructured":"Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, and David Dagon 2012. From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware Presented as part of the 21st USENIX Security Symposium (USENIX Security 12). 491--506."},{"key":"e_1_3_2_2_3_1","unstructured":"Johannes Bader. 2017. Domain Generation Algorithms. https:\/\/github.com\/baderj\/domain_generation_algorithms. (2017)."},{"key":"e_1_3_2_2_4_1","volume-title":"NDSS","volume":"9","author":"Bayer Ulrich","year":"2009","unstructured":"Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda. 2009. Scalable, Behavior-Based Malware Clustering.. In NDSS, Vol. Vol. 9. Citeseer, 8--11."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2517312.2517321"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666652.2666666"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1088\/1742-5468\/2008\/10\/P10008"},{"key":"e_1_3_2_2_8_1","volume-title":"Aviad Rubinstein, and Omri Weinstein","author":"Braverman Mark","year":"2017","unstructured":"Mark Braverman, Young Kun Ko, Aviad Rubinstein, and Omri Weinstein 2017. ETH hardness for densest-k-subgraph with perfect completeness Proceedings of the Twenty-Eighth Annual ACM-SIAM Symposium on Discrete Algorithms. SIAM, 1326--1341."},{"key":"e_1_3_2_2_9_1","volume-title":"2017 IEEE European Symposium on. IEEE.","author":"Carlini Nicholas","year":"2017","unstructured":"Nicholas Carlini and David Wagner 2017. Towards evaluating the robustness of neural networks Security and Privacy (EuroS&P), 2017 IEEE European Symposium on. IEEE."},{"key":"e_1_3_2_2_10_1","volume-title":"The scree test for the number of factors. Multivariate behavioral research","author":"Cattell Raymond B","year":"1966","unstructured":"Raymond B Cattell. 1966. The scree test for the number of factors. Multivariate behavioral research Vol. 1, 2 (1966), 245--276."},{"key":"e_1_3_2_2_11_1","volume-title":"Polonium: Tera-Scale Graph Mining and Inference for Malware Detection Proceedings of the 2011 SIAM International Conference on Data Mining. SIAM, 131--142","author":"Polo Chau Duen Horng","year":"2011","unstructured":"Duen Horng Polo Chau, Carey Nachenberg, Jeffrey Wilhelm, Adam Wright, and Christos Faloutsos. 2011. Polonium: Tera-Scale Graph Mining and Inference for Malware Detection Proceedings of the 2011 SIAM International Conference on Data Mining. SIAM, 131--142."},{"key":"e_1_3_2_2_12_1","volume-title":"2014 44th Annual IEEE\/IFIP International Conference on. IEEE, 598--609","author":"Chen Yizheng","year":"2014","unstructured":"Yizheng Chen, Manos Antonakakis, Roberto Perdisci, Yacin Nadji, David Dagon, and Wenke Lee. 2014. DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic Dependable Systems and Networks (DSN), 2014 44th Annual IEEE\/IFIP International Conference on. IEEE, 598--609."},{"key":"e_1_3_2_2_13_1","volume-title":"Financial Lower Bounds of Online Advertising Abuse Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Chen Yizheng","unstructured":"Yizheng Chen, Panagiotis Kintis, Manos Antonakakis, Yacin Nadji, David Dagon, Wenke Lee, and Michael Farrell 2016. Financial Lower Bounds of Online Advertising Abuse Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 231--254."},{"key":"e_1_3_2_2_14_1","volume-title":"Measuring Network Reputation in the Ad-Bidding Process International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 388--409","author":"Chen Yizheng","year":"2017","unstructured":"Yizheng Chen, Yacin Nadji, Rosa Romero-G\u00f3mez, Manos Antonakakis, and David Dagon. 2017. Measuring Network Reputation in the Ad-Bidding Process International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 388--409."},{"key":"e_1_3_2_2_15_1","volume-title":"30 Malicious IP List and Block Lists Providers","author":"CYBERWARZONE","year":"2015","unstructured":"CYBERWARZONE Accessed in May 2017. 30 Malicious IP List and Block Lists Providers 2015. http:\/\/cyberwarzone.com\/30-malicious-ip-list-and-block-lists-providers-2015\/. (Accessed in May 2017)."},{"key":"e_1_3_2_2_16_1","volume-title":"Frequency Words in Subtitles. https:\/\/github.com\/hermitdave\/FrequencyWords\/tree\/master\/content\/2016\/en. (Accessed","author":"Hermit Dave","year":"2017","unstructured":"Hermit Dave Accessed in May 2017. Frequency Words in Subtitles. https:\/\/github.com\/hermitdave\/FrequencyWords\/tree\/master\/content\/2016\/en. (Accessed in May 2017)."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180414"},{"key":"e_1_3_2_2_18_1","volume-title":"Nightmare at Test Time: Robust Learning by Feature Deletion Proceedings of the 23rd international conference on Machine learning. ACM, 353--360","author":"Globerson Amir","unstructured":"Amir Globerson and Sam Roweis 2006. Nightmare at Test Time: Robust Learning by Feature Deletion Proceedings of the 23rd international conference on Machine learning. ACM, 353--360."},{"key":"e_1_3_2_2_19_1","volume-title":"node2vec: Scalable Feature Learning for Networks Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 855--864","author":"Grover Aditya","unstructured":"Aditya Grover and Jure Leskovec 2016. node2vec: Scalable Feature Learning for Networks Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 855--864."},{"key":"e_1_3_2_2_20_1","volume-title":"Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine USENIX Security Symposium","volume":"9","author":"Hao Shuang","year":"2009","unstructured":"Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, Alexander G Gray, and Sven Krasser 2009. Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine USENIX Security Symposium, Vol. Vol. 9."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046684.2046692"},{"key":"e_1_3_2_2_22_1","volume-title":"Nazca: Detecting Malware Distribution in Large-Scale Networks NDSS","author":"Invernizzi Luca","year":"2014","unstructured":"Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Christopher Kruegel, Sabyasachi Saha, Giovanni Vigna, Sung-Ju Lee, and Marco Mellia. 2014. Nazca: Detecting Malware Distribution in Large-Scale Networks NDSS, Vol. Vol. 14. 23--26."},{"key":"e_1_3_2_2_23_1","volume-title":"Geographically Organized Small Communities and the Hardness of Clustering Social Networks. Data Mining for Social Network Data","author":"Bencz\u00far Mikl\u00f3s","unstructured":"Kurucz, Mikl\u00f3s and Bencz\u00far, Andr\u00e1s A 2010. Geographically Organized Small Communities and the Hardness of Clustering Social Networks. Data Mining for Social Network Data. Springer."},{"key":"e_1_3_2_2_24_1","volume-title":"Fixing Two Weaknesses of the Spectral Method. Advances in Neural Information Processing Systems","author":"Lang Kevin J","year":"2005","unstructured":"Kevin J Lang. 2005. Fixing Two Weaknesses of the Spectral Method. Advances in Neural Information Processing Systems (2005)."},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1017\/S0960129511000570"},{"key":"e_1_3_2_2_26_1","volume-title":"Operational Security Log Analytics for Enterprise Breach Detection First IEEE Cybersecurity Development Conference (SecDev).","author":"Li Zhou","year":"2016","unstructured":"Zhou Li and Alina Oprea 2016. Operational Security Log Analytics for Enterprise Breach Detection First IEEE Cybersecurity Development Conference (SecDev)."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1376616.1376629"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081870.1081950"},{"key":"e_1_3_2_2_29_1","unstructured":"Daniel Lowd and Christopher Meek 2005. Good Word Attacks on Statistical Spam Filters. CEAS."},{"key":"e_1_3_2_2_30_1","unstructured":"Tomas Mikolov Ilya Sutskever Kai Chen Greg S Corrado and Jeff Dean 2013. Distributed Representations of Words and Phrases and their Compositionality Advances in neural information processing systems. 3111--3119."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516749"},{"key":"e_1_3_2_2_32_1","volume-title":"Connected Colors: Unveiling the Structure of Criminal Networks International Workshop on Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 390--410","author":"Nadji Yacin","year":"2013","unstructured":"Yacin Nadji, Manos Antonakakis, Roberto Perdisci, and Wenke Lee 2013. Connected Colors: Unveiling the Structure of Criminal Networks International Workshop on Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 390--410."},{"key":"e_1_3_2_2_33_1","volume-title":"USENIX Security Symposium. 1025--1040","author":"Nelms Terry","year":"2015","unstructured":"Terry Nelms, Roberto Perdisci, Manos Antonakakis, and Mustaque Ahamad 2015. WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths. USENIX Security Symposium. 1025--1040."},{"key":"e_1_3_2_2_34_1","volume-title":"Towards Measuring and Mitigating Social Engineering Software Download Attacks 25th USENIX Security Symposium (USENIX Security 16)","author":"Nelms Terry","year":"2016","unstructured":"Terry Nelms, Roberto Perdisci, Manos Antonakakis, and Mustaque Ahamad 2016. Towards Measuring and Mitigating Social Engineering Software Download Attacks 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, 773--789."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1038\/nature03607"},{"key":"e_1_3_2_2_36_1","volume-title":"Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples. arXiv preprint arXiv:1605.07277","author":"Papernot Nicolas","year":"2016","unstructured":"Nicolas Papernot, Patrick McDaniel, and Ian Goodfellow. 2016. Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples. arXiv preprint arXiv:1605.07277 (2016)."},{"key":"e_1_3_2_2_37_1","volume-title":"2016 IEEE European Symposium on. IEEE, 372--387","author":"Papernot Nicolas","year":"2016","unstructured":"Nicolas Papernot, Patrick McDaniel, Somesh Jha, Matt Fredrikson, Z Berkay Celik, and Ananthram Swami. 2016. The Limitations of Deep Learning in Adversarial Settings Security and Privacy (EuroS&P), 2016 IEEE European Symposium on. IEEE, 372--387."},{"key":"e_1_3_2_2_38_1","volume-title":"NSDI","volume":"10","author":"Perdisci Roberto","year":"2010","unstructured":"Roberto Perdisci, Wenke Lee, and Nick Feamster. 2010. Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces. In NSDI, Vol. Vol. 10. 14."},{"key":"e_1_3_2_2_39_1","volume-title":"2015 45th Annual IEEE\/IFIP International Conference on. IEEE, 403--414","author":"Rahbarinia Babak","year":"2015","unstructured":"Babak Rahbarinia, Roberto Perdisci, and Manos Antonakakis. 2015. Segugio: Efficient Behavior-Based Tracking of Malware-Control Domains in Large ISP Networks Dependable Systems and Networks (DSN), 2015 45th Annual IEEE\/IFIP International Conference on. IEEE, 403--414."},{"key":"e_1_3_2_2_40_1","volume-title":"Dale A Mongru, Zolt\u00e1n N Oltvai, and A-L Barab\u00e1si","author":"Ravasz Erzs\u00e9bet","year":"2002","unstructured":"Erzs\u00e9bet Ravasz, Anna Lisa Somera, Dale A Mongru, Zolt\u00e1n N Oltvai, and A-L Barab\u00e1si 2002. Hierarchical organization of modularity in metabolic networks. science, Vol. 297, 5586 (2002), 1551--1555."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2010-0410"},{"key":"e_1_3_2_2_42_1","volume-title":"2014 IEEE Symposium on. IEEE, 197--211","author":"Rndic Nedim","year":"2014","unstructured":"Nedim Rndic and Pavel Laskov 2014. Practical Evasion of a Learning-Based Classifier: A Case Study Security and Privacy (SP), 2014 IEEE Symposium on. IEEE, 197--211."},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1073\/pnas.0703740104"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_11"},{"key":"e_1_3_2_2_45_1","volume-title":"2016 IEEE European Symposium on. IEEE, 388--403","author":"Sivakorn Suphannee","year":"2016","unstructured":"Suphannee Sivakorn, Iasonas Polakis, and Angelos D Keromytis 2016. I Am Robot:(deep) Learning to Break Semantic Image Captchas Security and Privacy (EuroS&P), 2016 IEEE European Symposium on. IEEE, 388--403."},{"key":"e_1_3_2_2_46_1","volume-title":"Malicious PDF Detection Using Metadata and Structural Features Proceedings of the 28th Annual Computer Security Applications Conference. ACM, 239--248","author":"Smutz Charles","year":"2012","unstructured":"Charles Smutz and Angelos Stavrou 2012. Malicious PDF Detection Using Metadata and Structural Features Proceedings of the 28th Annual Computer Security Applications Conference. ACM, 239--248."},{"key":"e_1_3_2_2_47_1","volume-title":"Fifth IEEE International Conference on. IEEE, 8--pp.","author":"Sun Jimeng","year":"2005","unstructured":"Jimeng Sun, Huiming Qu, Deepayan Chakrabarti, and Christos Faloutsos 2005. Neighborhood formation and anomaly detection in bipartite graphs Data Mining, Fifth IEEE International Conference on. IEEE, 8--pp."},{"key":"e_1_3_2_2_48_1","volume-title":"Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits International Workshop on Recent Advances in Intrusion Detection","author":"Tan Kymie MC","unstructured":"Kymie MC Tan, Kevin S Killourhy, and Roy A Maxion. 2002. Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits International Workshop on Recent Advances in Intrusion Detection. Springer, 54--73."},{"key":"e_1_3_2_2_49_1","unstructured":"Florian Tram\u00e8r Fan Zhang Ari Juels Michael K Reiter and Thomas Ristenpart 2016. Stealing Machine Learning Models via Prediction Apis USENIX Security."},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11222-007-9033-z"},{"key":"e_1_3_2_2_51_1","volume-title":"Mimicry Attacks on Host-Based Intrusion Detection Systems Proceedings of the 9th ACM Conference on Computer and Communications Security. ACM, 255--264","author":"Wagner David","year":"2002","unstructured":"David Wagner and Paolo Soto 2002. Mimicry Attacks on Host-Based Intrusion Detection Systems Proceedings of the 9th ACM Conference on Computer and Communications Security. ACM, 255--264."},{"key":"e_1_3_2_2_52_1","volume-title":"Singular value decomposition and principal component analysis. A practical approach to microarray data analysis","author":"Wall Michael E","unstructured":"Michael E Wall, Andreas Rechtsteiner, and Luis M Rocha. 2003. Singular value decomposition and principal component analysis. A practical approach to microarray data analysis. Springer, 91--109."},{"key":"e_1_3_2_2_53_1","unstructured":"Gregory L Wittel and Shyhtsun Felix Wu 2004. On Attacking Statistical Spam Filters. In CEAS."},{"key":"e_1_3_2_2_54_1","volume-title":"http:\/\/perso.crans.org\/aynaud\/communities\/api.html. ( Accessed","author":"Network X","year":"2017","unstructured":"Network X Accessed in May 2017. Community API. http:\/\/perso.crans.org\/aynaud\/communities\/api.html. ( Accessed in May 2017)."},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23115"},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523670"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134083","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134083","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134083","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:03Z","timestamp":1750212663000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134083"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":56,"alternative-id":["10.1145\/3133956.3134083","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3134083","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}