{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:30:18Z","timestamp":1750221018622,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,8,26]],"date-time":"2019-08-26T00:00:00Z","timestamp":1566777600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,8,26]]},"DOI":"10.1145\/3387168.3387236","type":"proceedings-article","created":{"date-parts":[[2020,5,26]],"date-time":"2020-05-26T00:25:51Z","timestamp":1590452751000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Using Passive DNS to Detect Malicious Domain Name"],"prefix":"10.1145","author":[{"given":"Zhouyu","family":"Bao","sequence":"first","affiliation":[{"name":"School of Computer Science and Engineering, Beihang University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenbo","family":"Wang","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Beihang University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuqing","family":"Lan","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Beihang University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,5,25]]},"reference":[{"volume-title":"ZeuS Gets More Sophisticated Using P2P Techniques","year":"2011","key":"e_1_3_2_1_1_1","unstructured":"abuse.ch. ( 2011 ). ZeuS Gets More Sophisticated Using P2P Techniques , http:\/\/www.abuse.ch\/?p=3499. abuse.ch. (2011). ZeuS Gets More Sophisticated Using P2P Techniques, http:\/\/www.abuse.ch\/?p=3499."},{"key":"e_1_3_2_1_2_1","volume-title":"Usenix Security Symposium","author":"Antonakakis M","year":"2010","unstructured":"Antonakakis M , Perdisci R , Dagon D , ( 2010 ). Building a Dynamic Reputation System for DNS . Usenix Security Symposium , Washington, DC, USA , August 11-13, 2010, Proceedings. DBLP, 273--290. Antonakakis M, Perdisci R, Dagon D, et al. (2010). Building a Dynamic Reputation System for DNS. Usenix Security Symposium, Washington, DC, USA, August 11-13, 2010, Proceedings. DBLP, 273--290."},{"key":"e_1_3_2_1_3_1","volume-title":"Usenix Conference on Security Symposium, 24--24","author":"Antonakakis M","year":"2012","unstructured":"Antonakakis M , Perdisci R , Nadji Y , ( 2012 ). From throw-away traffic to bots: detecting the rise of DGA-based malware . Usenix Conference on Security Symposium, 24--24 . Antonakakis M, Perdisci R, Nadji Y, et al. (2012). From throw-away traffic to bots: detecting the rise of DGA-based malware. Usenix Conference on Security Symposium, 24--24."},{"key":"e_1_3_2_1_4_1","unstructured":"Antonakakis M. Perdisci R. Dagon D. Lee W. & Feamster N. (2010 August). Building a dynamic reputation system for dns. In USENIX security symposium (pp. 273--290).  Antonakakis M. Perdisci R. Dagon D. Lee W. & Feamster N. (2010 August). Building a dynamic reputation system for dns. In USENIX security symposium (pp. 273--290)."},{"key":"e_1_3_2_1_5_1","volume-title":"Akamai's Prolexic Security Engineering and Research Team (PLXsert) warned on Tuesday","author":"Attackers","year":"2016","unstructured":"Attackers are increasingly leveraging large Domain Name System (DNS) TXT records in an effort to amplify the impact of their distributed denial-of-service (DDoS) attacks. ( 2016 ). Akamai's Prolexic Security Engineering and Research Team (PLXsert) warned on Tuesday . http:\/\/www.securityweek.com\/large-dns-text-records-used-amplify-ddos-attacks-akamai, 2016--08. Attackers are increasingly leveraging large Domain Name System (DNS) TXT records in an effort to amplify the impact of their distributed denial-of-service (DDoS) attacks. (2016). Akamai's Prolexic Security Engineering and Research Team (PLXsert) warned on Tuesday. http:\/\/www.securityweek.com\/large-dns-text-records-used-amplify-ddos-attacks-akamai, 2016--08."},{"key":"e_1_3_2_1_6_1","volume-title":"EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. Network and Distributed System Security Symposium, NDSS","author":"Bilge L","year":"2011","unstructured":"Bilge L , Kirda E , Kruegel C , ( 2011 ). EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA February. DBLP. Bilge L, Kirda E, Kruegel C, et al. (2011). EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA February. DBLP."},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the 6th National Conference on Information Retrieval.","author":"Cao Jianxun","year":"2010","unstructured":"Cao Jianxun , Liu Yuqun, Zhai Rongwei , et al. ( 2010 ). Pornography Identification Based on User Behavior . Proceedings of the 6th National Conference on Information Retrieval. Cao Jianxun, Liu Yuqun, Zhai Rongwei, et al. (2010). Pornography Identification Based on User Behavior. Proceedings of the 6th National Conference on Information Retrieval."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939785"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1126\/science.1069981"},{"key":"e_1_3_2_1_10_1","volume-title":"Global Internet Monitoring Using Passive DNS. Cybersecurity Applications & Technology Conference for Homeland Security. IEEE Computer Society, 163--168","author":"Dagon D","year":"2009","unstructured":"Dagon D , Lee W. ( 2009 ). Global Internet Monitoring Using Passive DNS. Cybersecurity Applications & Technology Conference for Homeland Security. IEEE Computer Society, 163--168 . Dagon D, Lee W. (2009). Global Internet Monitoring Using Passive DNS. Cybersecurity Applications & Technology Conference for Homeland Security. IEEE Computer Society, 163--168."},{"key":"e_1_3_2_1_11_1","volume-title":"Botnet in DDoS Attacks: Trends and Challenges","author":"Hoque N.","year":"2015","unstructured":"Hoque N. , Bhattacharyya D , Kalita J. ( 2015 ). Botnet in DDoS Attacks: Trends and Challenges . IEEE Communications Surveys & Tutorials , 1--1. Hoque N., Bhattacharyya D, Kalita J. (2015). Botnet in DDoS Attacks: Trends and Challenges. IEEE Communications Surveys & Tutorials, 1--1."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSSC.1966.300074"},{"key":"e_1_3_2_1_13_1","volume-title":"What we know (and learned) from the waledac take down","author":"Williams","year":"2010","unstructured":"J. Williams . ( 2010 ). What we know (and learned) from the waledac take down , http:\/\/tinyurl.com\/7apnn9b. J.Williams. (2010). What we know (and learned) from the waledac take down, http:\/\/tinyurl.com\/7apnn9b."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653737"},{"key":"e_1_3_2_1_15_1","volume-title":"Cryptolocker. Eweek.","author":"Lemos R.","year":"2014","unstructured":"Lemos R. ( 2014 ). Law Enforcement Crackdown Targets Gameover Botnet , Cryptolocker. Eweek. Lemos R. (2014). Law Enforcement Crackdown Targets Gameover Botnet, Cryptolocker. Eweek."},{"key":"e_1_3_2_1_16_1","volume-title":"DNS blacklists and whitelists","author":"Levine J. R.","year":"2010","unstructured":"Levine , J. R. ( 2010 ). DNS blacklists and whitelists . Levine, J. R. (2010). DNS blacklists and whitelists."},{"key":"e_1_3_2_1_17_1","volume-title":"International Journal of Electronics Communication and Computer Engineering, 4(2).","author":"Patel D","year":"2013","unstructured":"Patel , D , ( 2013 ). A Web Page Classification Technique with Textual Content Analysis Using NN-PCA for Objectionable Web Page Classification . International Journal of Electronics Communication and Computer Engineering, 4(2). Patel, D, et al. (2013). A Web Page Classification Technique with Textual Content Analysis Using NN-PCA for Objectionable Web Page Classification. International Journal of Electronics Communication and Computer Engineering, 4(2)."},{"key":"e_1_3_2_1_18_1","volume-title":"USENIX Security Symposium, 263--278","author":"Plohmann Daniel","year":"2016","unstructured":"Plohmann Daniel , Fkie Fraunhofer, Yakdan Khaled , Klatt Michael. ( 2016 ). A Comprehensive Measurement Study of Domain Generating Malware . USENIX Security Symposium, 263--278 . Plohmann Daniel, Fkie Fraunhofer, Yakdan Khaled, Klatt Michael. (2016). A Comprehensive Measurement Study of Domain Generating Malware. USENIX Security Symposium, 263--278."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1452520.1452547"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2015.35"},{"key":"e_1_3_2_1_21_1","volume-title":"Analysis of the storm and nugache trojans: P2P is here. The magazine of USENIX & SAGE, 32, 18--27","author":"Stover S","year":"2007","unstructured":"Stover S , Dittrich D , Hernandez J. ( 2007 ). Analysis of the storm and nugache trojans: P2P is here. The magazine of USENIX & SAGE, 32, 18--27 . Stover S, Dittrich D, Hernandez J. (2007). Analysis of the storm and nugache trojans: P2P is here. The magazine of USENIX & SAGE, 32, 18--27."},{"key":"e_1_3_2_1_22_1","first-page":"86","article-title":"A KNN algorithm on Chinese erotic text filtering","volume":"38","author":"Su Guiyang","year":"2004","unstructured":"Su Guiyang , Li Jianhua, Ma Yinghong , et al. ( 2004 ). A KNN algorithm on Chinese erotic text filtering . Journal of Shanghai Jiaotong University , 38 : 86 -- 79 . Su Guiyang, Li Jianhua, Ma Yinghong, et al. (2004). A KNN algorithm on Chinese erotic text filtering. Journal of Shanghai Jiaotong University, 38: 86--79.","journal-title":"Journal of Shanghai Jiaotong University"},{"key":"e_1_3_2_1_23_1","volume-title":"Word2vec project. https:\/\/code.google.com\/p\/word2vec\/","author":"Tomas Mikolov","year":"2014","unstructured":"Tomas Mikolov . ( 2014 ). Word2vec project. https:\/\/code.google.com\/p\/word2vec\/ . Tomas Mikolov. (2014). Word2vec project. https:\/\/code.google.com\/p\/word2vec\/."},{"key":"e_1_3_2_1_24_1","volume-title":"FIRST conference on computer security incident (p. 98)","author":"Weimer F.","year":"2005","unstructured":"Weimer , F. ( 2005 , April). Passive DNS replication . In FIRST conference on computer security incident (p. 98) . Weimer, F. (2005, April). Passive DNS replication. In FIRST conference on computer security incident (p. 98)."},{"key":"e_1_3_2_1_25_1","volume-title":"The storm botnet","author":"Wikipedia","year":"2010","unstructured":"Wikipedia . ( 2010 ). The storm botnet , http:\/\/en.wikipedia.org\/wiki\/Storm_botnet. Wikipedia. (2010). The storm botnet, http:\/\/en.wikipedia.org\/wiki\/Storm_botnet."},{"key":"e_1_3_2_1_26_1","unstructured":"Woodbridge J Anderson H S Ahuja A etal (2016). Predicting Domain Generation Algorithms with Long Short-Term Memory Networks.  Woodbridge J Anderson H S Ahuja A et al. (2016). Predicting Domain Generation Algorithms with Long Short-Term Memory Networks."},{"key":"e_1_3_2_1_27_1","volume-title":"Passive Monitoring of DNS Anomalies\/ Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Zdrnja B","year":"2007","unstructured":"Zdrnja B , Brownlee N , Wessels D. ( 2007 ). Passive Monitoring of DNS Anomalies\/ Detection of Intrusions and Malware, and Vulnerability Assessment . Springer Berlin Heidelberg , 129--139. Zdrnja B, Brownlee N, Wessels D. (2007). Passive Monitoring of DNS Anomalies\/ Detection of Intrusions and Malware, and Vulnerability Assessment. Springer Berlin Heidelberg, 129--139."}],"event":{"name":"ICVISP 2019: 3rd International Conference on Vision, Image and Signal Processing","acronym":"ICVISP 2019","location":"Vancouver BC Canada"},"container-title":["Proceedings of the 3rd International Conference on Vision, Image and Signal Processing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3387168.3387236","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3387168.3387236","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:26:17Z","timestamp":1750206377000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3387168.3387236"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,8,26]]},"references-count":27,"alternative-id":["10.1145\/3387168.3387236","10.1145\/3387168"],"URL":"https:\/\/doi.org\/10.1145\/3387168.3387236","relation":{},"subject":[],"published":{"date-parts":[[2019,8,26]]},"assertion":[{"value":"2020-05-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}