{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T09:11:30Z","timestamp":1760346690738,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,8,27]],"date-time":"2018-08-27T00:00:00Z","timestamp":1535328000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,8,27]]},"DOI":"10.1145\/3230833.3233280","type":"proceedings-article","created":{"date-parts":[[2018,8,13]],"date-time":"2018-08-13T12:29:48Z","timestamp":1534163388000},"page":"1-9","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":23,"title":["The challenge of detecting sophisticated attacks"],"prefix":"10.1145","author":[{"given":"Olusola","family":"Akinrolabu","sequence":"first","affiliation":[{"name":"Department of Computer Science, University of Oxford, Oxford"}]},{"given":"Ioannis","family":"Agrafiotis","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Oxford, Oxford"}]},{"given":"Arnau","family":"Erola","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Oxford, Oxford"}]}],"member":"320","published-online":{"date-parts":[[2018,8,27]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.103"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420969"},{"key":"e_1_3_2_1_3_1","volume-title":"Using thematic analysis in psychology. Qualitative research in psychology 3, 2","author":"Braun Virginia","year":"2006","unstructured":"Virginia Braun and Victoria Clarke . 2006. Using thematic analysis in psychology. Qualitative research in psychology 3, 2 ( 2006 ), 77--101. Virginia Braun and Victoria Clarke. 2006. Using thematic analysis in psychology. Qualitative research in psychology 3, 2 (2006), 77--101."},{"key":"e_1_3_2_1_4_1","volume-title":"Kavanagh","author":"Bussa Toby","year":"2016","unstructured":"Toby Bussa , Craig Lawson , and Kelly M . Kavanagh . 2016 . Market Guide for Managed Detection and Response Services . https:\/\/www.gartner.com\/doc\/3314023\/market-guide-managed-detection-response Toby Bussa, Craig Lawson, and Kelly M. Kavanagh. 2016. Market Guide for Managed Detection and Response Services. https:\/\/www.gartner.com\/doc\/3314023\/market-guide-managed-detection-response"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1541880.1541882"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SNPD-SAWN.2006.52"},{"key":"e_1_3_2_1_7_1","volume-title":"Catching Malware En Masse: Dns and Ip Style. Opendns","author":"Dhialite Dhia Mahjoub","year":"2013","unstructured":"Dhia Mahjoub Dhialite , Thibault Reuille , and Andree Toonk . 2013. Catching Malware En Masse: Dns and Ip Style. Opendns ( 2013 ), 1--33. Dhia Mahjoub Dhialite, Thibault Reuille, and Andree Toonk. 2013. Catching Malware En Masse: Dns and Ip Style. Opendns (2013), 1--33."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecurity.2012.16"},{"key":"e_1_3_2_1_9_1","first-page":"23","article-title":"Nazca: Detecting Malware Distribution in Large-Scale Networks","volume":"14","author":"Invernizzi Luca","year":"2014","unstructured":"Luca Invernizzi , Stanislav Miskovic , Ruben Torres , Christopher Kruegel , Sabyasachi Saha , Giovanni Vigna , Sung-Ju Lee , and Marco Mellia . 2014 . Nazca: Detecting Malware Distribution in Large-Scale Networks . In NDSS , Vol. 14. 23 -- 26 . Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Christopher Kruegel, Sabyasachi Saha, Giovanni Vigna, Sung-Ju Lee, and Marco Mellia. 2014. Nazca: Detecting Malware Distribution in Large-Scale Networks. In NDSS, Vol. 14. 23--26.","journal-title":"NDSS"},{"key":"e_1_3_2_1_10_1","volume-title":"60 Seconds on the Wire: A Look at Malicious","author":"Wadner Kiel","year":"2013","unstructured":"Kiel Wadner . 2013. 60 Seconds on the Wire: A Look at Malicious . SANS Institute ( 2013 ), 0--35. Kiel Wadner. 2013. 60 Seconds on the Wire: A Look at Malicious. SANS Institute (2013), 0--35."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813724"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/MASCOTS.2007.2"},{"volume-title":"Combating Advanced Persistent Threats. Whitepaper","year":"2011","key":"e_1_3_2_1_13_1","unstructured":"McAfee. 2011. Combating Advanced Persistent Threats. Whitepaper ( 2011 ), 1--8. https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/combating-malware-and-advanced-persistent-threats\/ McAfee. 2011. Combating Advanced Persistent Threats. Whitepaper (2011), 1--8. https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/combating-malware-and-advanced-persistent-threats\/"},{"key":"e_1_3_2_1_14_1","unstructured":"Leigh B Metcalf and Jonathan M Spring. 2013. Passive Detection of Misbehaving Name Servers Passive Detection of Misbehaving Name Servers. (2013).  Leigh B Metcalf and Jonathan M Spring. 2013. Passive Detection of Misbehaving Name Servers Passive Detection of Misbehaving Name Servers. (2013)."},{"key":"e_1_3_2_1_15_1","unstructured":"Mitre. 2015. Adversarial Tactics Techniques and Common Knowledge ATT & CK Matrix Purpose. (2015).  Mitre. 2015. Adversarial Tactics Techniques and Common Knowledge ATT & CK Matrix Purpose. (2015)."},{"key":"e_1_3_2_1_16_1","unstructured":"ISC OARC. 2016. Project Malfease. http:\/\/malfease.oarci.net  ISC OARC. 2016. Project Malfease. http:\/\/malfease.oarci.net"},{"key":"e_1_3_2_1_17_1","volume-title":"The Role of DNS in Botnets. Open DNS Security Whitepaper","author":"Open DNS Inc. 2011.","year":"2011","unstructured":"Open DNS Inc. 2011. The Role of DNS in Botnets. Open DNS Security Whitepaper ( 2011 ). http:\/\/info.opendns.com\/rs\/opendns\/images\/WB-Security-Talk-Role-Of-DNS-Slides.pdf Open DNS Inc. 2011. The Role of DNS in Botnets. Open DNS Security Whitepaper (2011). http:\/\/info.opendns.com\/rs\/opendns\/images\/WB-Security-Talk-Role-Of-DNS-Slides.pdf"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/IMF.2015.13"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/820756.821796"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11633-014-0870-x"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855711.1855737"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897918"},{"key":"e_1_3_2_1_23_1","volume-title":"CAMP: Content-Agnostic Malware Protection. In NDSS.","author":"Rajab Moheeb Abu","year":"2013","unstructured":"Moheeb Abu Rajab , Lucas Ballard , No\u00e9 Lutz , Panayiotis Mavrommatis , and Niels Provos . 2013 . CAMP: Content-Agnostic Malware Protection. In NDSS. Moheeb Abu Rajab, Lucas Ballard, No\u00e9 Lutz, Panayiotis Mavrommatis, and Niels Provos. 2013. CAMP: Content-Agnostic Malware Protection. In NDSS."},{"key":"e_1_3_2_1_24_1","volume-title":"American Behavioral Scientist","volume":"33","author":"Raymond Lee","year":"1990","unstructured":"Lee Raymond and Claire Renzetti . 1990 . The problem of researching sensitive topics . American Behavioral Scientist , Vol. 33 No. 5., Sage Publications, (1990). Lee Raymond and Claire Renzetti. 1990. The problem of researching sensitive topics. American Behavioral Scientist, Vol. 33 No. 5., Sage Publications, (1990)."},{"key":"e_1_3_2_1_25_1","unstructured":"Konrad Rieck Philipp Trinius Carsten Willems and Thorsten Holz. 2011. Automatic Analysis of Malware Behavior using Machine Learning. J. Comput. Secur. (2011) 1--30.   Konrad Rieck Philipp Trinius Carsten Willems and Thorsten Holz. 2011. Automatic Analysis of Malware Behavior using Machine Learning. J. Comput. Secur. (2011) 1--30."},{"key":"e_1_3_2_1_26_1","unstructured":"Terence Slot. 2015. Detection of APT Malware through External and Internal Network Traffic Correlation. Master Thesis University of Twente March (2015).  Terence Slot. 2015. Detection of APT Malware through External and Internal Network Traffic Correlation. Master Thesis University of Twente March (2015)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"e_1_3_2_1_28_1","unstructured":"Splunk. 2017. Logging with Splunk. http:\/\/dev.splunk.com\/view\/logging-with-splunk\/SP-CAAADP5  Splunk. 2017. Logging with Splunk. http:\/\/dev.splunk.com\/view\/logging-with-splunk\/SP-CAAADP5"},{"key":"e_1_3_2_1_29_1","volume-title":"ALADIN: Active Learning of Anomalies to Detect Intrusion. Microsoft","author":"Stokes Jack W","year":"2008","unstructured":"Jack W Stokes , John C Platt , and Joseph Kravis . 2008 . ALADIN: Active Learning of Anomalies to Detect Intrusion. Microsoft (2008). Jack W Stokes, John C Platt, and Joseph Kravis. 2008. ALADIN: Active Learning of Anomalies to Detect Intrusion. Microsoft (2008)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2013.32"},{"key":"e_1_3_2_1_31_1","volume-title":"What the No Free Lunch Theorems Really Mean","author":"Wolpert David H","year":"2012","unstructured":"David H Wolpert . 2012. What the No Free Lunch Theorems Really Mean ; How to Improve Search Algorithms. Working Paper, Santa Fe Institute ( 2012 ). David H Wolpert. 2012. What the No Free Lunch Theorems Really Mean; How to Improve Search Algorithms. Working Paper, Santa Fe Institute (2012)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523670"},{"key":"e_1_3_2_1_33_1","first-page":"1","article-title":"Defense at Scale: Building a Central Nervous System for the SOC","volume":"2015","author":"Zadeh Joseph","year":"2015","unstructured":"Joseph Zadeh , George Apostolopoulos , Christos Tryfonas , and Muddu Sudhakar . 2015 . Defense at Scale: Building a Central Nervous System for the SOC . Blackhat 2015 (2015), 1 -- 8 . Joseph Zadeh, George Apostolopoulos, Christos Tryfonas, and Muddu Sudhakar. 2015. Defense at Scale: Building a Central Nervous System for the SOC. Blackhat 2015 (2015), 1--8.","journal-title":"Blackhat"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963435"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.04.007"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.06.008"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/NETAPPS.2010.46"}],"event":{"name":"ARES 2018: International Conference on Availability, Reliability and Security","sponsor":["Universit\u00e4t Hamburg Universit\u00e4t Hamburg"],"location":"Hamburg Germany","acronym":"ARES 2018"},"container-title":["Proceedings of the 13th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3230833.3233280","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3230833.3233280","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:08:13Z","timestamp":1750212493000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3230833.3233280"}},"subtitle":["Insights from SOC Analysts"],"short-title":[],"issued":{"date-parts":[[2018,8,27]]},"references-count":37,"alternative-id":["10.1145\/3230833.3233280","10.1145\/3230833"],"URL":"https:\/\/doi.org\/10.1145\/3230833.3233280","relation":{},"subject":[],"published":{"date-parts":[[2018,8,27]]},"assertion":[{"value":"2018-08-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}