{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,31]],"date-time":"2025-12-31T12:14:34Z","timestamp":1767183274774,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-13-1-0703"],"award-info":[{"award-number":["N00014-13-1-0703"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF- 13-1-0421 and W911NF-13-1-0317"],"award-info":[{"award-number":["W911NF- 13-1-0421 and W911NF-13-1-0317"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3140549.3140552","type":"proceedings-article","created":{"date-parts":[[2017,10,31]],"date-time":"2017-10-31T12:31:37Z","timestamp":1509453097000},"page":"75-85","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":25,"title":["Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning"],"prefix":"10.1145","author":[{"given":"Sridhar","family":"Venkatesan","sequence":"first","affiliation":[{"name":"George Mason University, Fairfax, VA, USA"}]},{"given":"Massimiliano","family":"Albanese","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA, USA"}]},{"given":"Ankit","family":"Shah","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA, USA"}]},{"given":"Rajesh","family":"Ganesan","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA, USA"}]},{"given":"Sushil","family":"Jajodia","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA, USA"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the 12th International Symposium on Dynamic Games and Applications. Sophia-Antipolis, France.","author":"Alpcan Tansu","year":"2006","unstructured":"Tansu Alpcan and Tamer Ba\u015far . 2006 . An Intrusion Detection Game with Limited Observations . In Proceedings of the 12th International Symposium on Dynamic Games and Applications. Sophia-Antipolis, France. Tansu Alpcan and Tamer Ba\u015far. 2006. An Intrusion Detection Game with Limited Observations. In Proceedings of the 12th International Symposium on Dynamic Games and Applications. Sophia-Antipolis, France."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/CATCH.2009.40"},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the IEEE Conference on Communications and Network Security (CNS","author":"Beigi Elaheh Biglar","year":"2014","unstructured":"Elaheh Biglar Beigi , Hossein Hadian Jazi , Natalia Stakhanova , and Ali A. Ghorbani . 2014. Towards Effective Feature Selection in Machine Learning-Based Botnet Detection Approaches . In Proceedings of the IEEE Conference on Communications and Network Security (CNS 2014 ). IEEE, San Francisco, CA, USA, 247--255. Elaheh Biglar Beigi, Hossein Hadian Jazi, Natalia Stakhanova, and Ali A. Ghorbani. 2014. Towards Effective Feature Selection in Machine Learning-Based Botnet Detection Approaches. In Proceedings of the IEEE Conference on Communications and Network Security (CNS 2014). IEEE, San Francisco, CA, USA, 247--255."},{"volume-title":"Dynamic Programming","author":"Bellman Richard","key":"e_1_3_2_1_4_1","unstructured":"Richard Bellman . 1957. Dynamic Programming . Princeton University Press , Princeton, NJ, USA . Richard Bellman. 1957. Dynamic Programming. Princeton University Press, Princeton, NJ, USA."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2882969"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4757-3766-0"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the 17th USENIX Security Symposium","author":"Gu Guofei","year":"2008","unstructured":"Guofei Gu , Roberto Perdisci , Junjie Zhang , and Wenke Lee . 2008 . BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection . In Proceedings of the 17th USENIX Security Symposium . San Jose, CA, USA, 139--154. Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. 2008. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection. In Proceedings of the 17th USENIX Security Symposium. San Jose, CA, USA, 139--154."},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of the 16th USENIX Security Symposium","author":"Gu Guofei","year":"2007","unstructured":"Guofei Gu , Phillip Porras , Vinod Yegneswaran , Martin Fong , and Wenke Lee . 2007 . BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation . In Proceedings of the 16th USENIX Security Symposium . Boston, MA, USA, 167--182. Guofei Gu, Phillip Porras, Vinod Yegneswaran, Martin Fong, and Wenke Lee. 2007. BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation. In Proceedings of the 16th USENIX Security Symposium. Boston, MA, USA, 167--182."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS","author":"Gu Guofei","year":"2008","unstructured":"Guofei Gu , Junjie Zhang , and Wenke Lee . 2008 . BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic . In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008). San Diego, CA, USA. Guofei Gu, Junjie Zhang, and Wenke Lee. 2008. BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008). San Diego, CA, USA."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2016.7842088"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/P2P.2009.5284506"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1287\/moor.1080.0360"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1002\/9781118029176"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.17"},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of the 2nd International Workshop on Critical Information Infrastructures Security (CRITIS","author":"Schmidt Stephan","year":"2007","unstructured":"Stephan Schmidt , Tansu Alpcan , \u015eahin Albayrak , Tamer Ba\u015far , and Achim Mueller . 2007 . A Malware Detector Placement Game for Intrusion Detection . In Proceedings of the 2nd International Workshop on Critical Information Infrastructures Security (CRITIS 2007). Springer, Benalm\u00e1dena, M\u00e1laga, Spain, 311--326. Stephan Schmidt, Tansu Alpcan, \u015eahin Albayrak, Tamer Ba\u015far, and Achim Mueller. 2007. A Malware Detector Placement Game for Intrusion Detection. In Proceedings of the 2nd International Workshop on Critical Information Infrastructures Security (CRITIS 2007). Springer, Benalm\u00e1dena, M\u00e1laga, Spain, 311--326."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2016.7568520"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.12.012"},{"key":"e_1_3_2_1_20_1","volume-title":"Honeypots: Tracking Hackers","author":"Spitzner Lance","year":"2002","unstructured":"Lance Spitzner . 2002 . Honeypots: Tracking Hackers . Addison Wesley , Boston, MA, USA . Lance Spitzner. 2002. Honeypots: Tracking Hackers. Addison Wesley, Boston, MA, USA."},{"key":"e_1_3_2_1_22_1","volume-title":"W32.Duqu: The Precursor to the Next Stuxnet. https:\/\/www.symantec.com\/connect\/w32_duqu_precursor_next_stuxnet. (October","author":"Response Symantec Security","year":"2011","unstructured":"Symantec Security Response . 2011. W32.Duqu: The Precursor to the Next Stuxnet. https:\/\/www.symantec.com\/connect\/w32_duqu_precursor_next_stuxnet. (October 2011 ). Symantec Security Response. 2011. W32.Duqu: The Precursor to the Next Stuxnet. https:\/\/www.symantec.com\/connect\/w32_duqu_precursor_next_stuxnet. (October 2011)."},{"key":"e_1_3_2_1_23_1","volume-title":"Lateral Movement: How Do Threat Actors Move Deeper Into Your Network?","author":"Micro Trend","year":"2013","unstructured":"Trend Micro . 2013 . Lateral Movement: How Do Threat Actors Move Deeper Into Your Network? (2013). Trend Micro. 2013. Lateral Movement: How Do Threat Actors Move Deeper Into Your Network? (2013)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2995272.2995280"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.100913.00195"},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the International Conference on Decision and Game Theory for Security (GameSec 2014)","volume":"8840","author":"Michael","unstructured":"Michael P. Wellman and Achintya Prakash. 2014. Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report) . In Proceedings of the International Conference on Decision and Game Theory for Security (GameSec 2014) (Lecture Notes in Computer Science) , Vol. 8840 . Springer, Los Angeles, CA, USA, 43--58. Michael P. Wellman and Achintya Prakash. 2014. Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report). In Proceedings of the International Conference on Decision and Game Theory for Security (GameSec 2014) (Lecture Notes in Computer Science), Vol. 8840. Springer, Los Angeles, CA, USA, 43--58."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"crossref","unstructured":"Michael West. 2009. Computer and Information Security Handbook. Morgan Kaufmann Chapter Preventing System Intrusions 39--51.  Michael West. 2009. Computer and Information Security Handbook. Morgan Kaufmann Chapter Preventing System Intrusions 39--51.","DOI":"10.1016\/B978-0-12-374354-1.00003-0"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2013.2290197"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2011.5958212"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Dallas Texas USA","acronym":"CCS '17"},"container-title":["Proceedings of the 2017 Workshop on Moving Target Defense"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3140549.3140552","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3140549.3140552","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3140549.3140552","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:20Z","timestamp":1750212680000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3140549.3140552"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":26,"alternative-id":["10.1145\/3140549.3140552","10.1145\/3140549"],"URL":"https:\/\/doi.org\/10.1145\/3140549.3140552","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}