{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T19:45:02Z","timestamp":1776887102432,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":78,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,11,12]],"date-time":"2021-11-12T00:00:00Z","timestamp":1636675200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Key R&D Program of China","award":["2018YFB0803405"],"award-info":[{"award-number":["2018YFB0803405"]}]},{"DOI":"10.13039\/501100005153","name":"China National Funds for Distinguished Young Scientists","doi-asserted-by":"publisher","award":["61825204"],"award-info":[{"award-number":["61825204"]}],"id":[{"id":"10.13039\/501100005153","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62132011 & 61932016"],"award-info":[{"award-number":["62132011 & 61932016"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Beijing Outstanding Young Scientist Program","award":["BJJWZYJH01201910003011"],"award-info":[{"award-number":["BJJWZYJH01201910003011"]}]},{"name":"Beijing National Research Center for Information Science and Technology (BNRist)","award":["BNR2019RC01011"],"award-info":[{"award-number":["BNR2019RC01011"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,12]]},"DOI":"10.1145\/3460120.3484585","type":"proceedings-article","created":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T12:05:27Z","timestamp":1636805127000},"page":"3431-3446","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":189,"title":["Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis"],"prefix":"10.1145","author":[{"given":"Chuanpu","family":"Fu","sequence":"first","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"given":"Qi","family":"Li","sequence":"additional","affiliation":[{"name":"Tsinghua University & Beijing National Research Center for Information Science and Technology (BNRist), Beijing, China"}]},{"given":"Meng","family":"Shen","sequence":"additional","affiliation":[{"name":"Beijing Institute of Technology, Beijing, China"}]},{"given":"Ke","family":"Xu","sequence":"additional","affiliation":[{"name":"Tsinghua University & Beijing National Research Center for Information Science and Technology (BNRist), & Peng Cheng Laboratory, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2021,11,13]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"ICML (JMLR Workshop and Conference Proceedings","volume":"182","author":"Amodei Dario","year":"2016","unstructured":"Dario Amodei, Sundaram Ananthanarayanan, Rishita Anubhai, Jingliang Bai, Eric Battenberg, Carl Case, Jared Casper, Bryan Catanzaro, Jingdong Chen, Mike Chrzanowski, et al. 2016. Deep Speech 2 : End-to-End Speech Recognition in English and Mandarin. In ICML (JMLR Workshop and Conference Proceedings, Vol. 48). JMLR.org, 173--182."},{"key":"e_1_3_2_2_2_1","volume-title":"USENIX Security","author":"Antonakakis Manos","unstructured":"Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, and David Dagon. 2012. From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware. In USENIX Security. USENIX Association, 491--506."},{"key":"e_1_3_2_2_3_1","volume-title":"Practical Traffic Analysis Attacks on Secure Messaging Applications","author":"Bahramali Alireza","unstructured":"Alireza Bahramali, Amir Houmansadr, Ramin Soltani, Dennis Goeckel, and Don Towsley. 2020. Practical Traffic Analysis Attacks on Secure Messaging Applications. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_4_1","volume-title":"USENIX Security","author":"Bartos Karel","unstructured":"Karel Bartos, Michal Sofka, and Vojtech Franc. 2016. Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants. In USENIX Security. USENIX Association, 807--822."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"crossref","unstructured":"Leyla Bilge Davide Balzarotti William K. Robertson Engin Kirda and Christopher Kruegel. 2012. Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis. In ACSAC. ACM 129--138.","DOI":"10.1145\/2420950.2420969"},{"key":"e_1_3_2_2_6_1","volume-title":"Chimera: A Declarative Language for Streaming Network Traffic Analysis. In USENIX Security","author":"Borders Kevin","year":"2012","unstructured":"Kevin Borders, Jonathan Springer, and Matthew Burnside. 2012. Chimera: A Declarative Language for Streaming Network Traffic Analysis. In USENIX Security. USENIX Association, 365--379."},{"key":"e_1_3_2_2_7_1","unstructured":"University Of New Brunswick. Accessed January 2021. A realistic cyber defense dataset. https:\/\/www.unb.ca\/cic\/datasets\/ids-2018.html."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2494502"},{"key":"e_1_3_2_2_9_1","volume-title":"Fingerprinting SDN Applications via Encrypted Control Traffic","author":"Cao Jiahao","unstructured":"Jiahao Cao, Zijie Yang, Kun Sun, Qi Li, Mingwei Xu, and Peiyi Han. 2019. Fingerprinting SDN Applications via Encrypted Control Traffic. In RAID. USENIX Association, 501--515."},{"key":"e_1_3_2_2_10_1","volume-title":"Marvel","author":"Cao Yue","year":"2016","unstructured":"Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy, and Lisa M. Marvel. 2016. Off-Path TCP Exploits: Global Rate Limit Considered Dangerous. In USENIX Security. USENIX Association, 209--225."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2018.2797081"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1541880.1541882"},{"key":"e_1_3_2_2_13_1","unstructured":"Cisco. Accessed January 2021. Cisco SPAN. https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/switches\/catalyst-6500-series-switches\/10570--41.html."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"crossref","unstructured":"Holger Dreger Anja Feldmann Vern Paxson and Robin Sommer. 2004. Operational experiences with high-volume network intrusion detection. In CCS. ACM 2--11.","DOI":"10.1145\/1030083.1030086"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"crossref","unstructured":"Min Du Zhi Chen Chang Liu Rajvardhan Oak and Dawn Song. 2019. Lifelong Anomaly Detection Through Unlearning. In CCS. ACM 1283--1297.","DOI":"10.1145\/3319535.3363226"},{"key":"e_1_3_2_2_16_1","volume-title":"Nicolas Kourtellis, Ilias Leontiadis, Gianluca Stringhini, and Shi Zhou.","author":"Juan Echeverr'i","year":"2018","unstructured":"Juan Echeverr'i a, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Gianluca Stringhini, and Shi Zhou. 2018. LOBO: Evaluation of Generalization Deficiencies in Twitter Bot Classifiers. In ACSAC. ACM, 137--146."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"crossref","unstructured":"Xuewei Feng Chuanpu Fu Qi Li Kun Sun and Ke Xu. 2020. Off-Path TCP Exploits of the Mixed IPID Assignment. In CCS. ACM 1323--1335.","DOI":"10.1145\/3372297.3417884"},{"key":"e_1_3_2_2_18_1","unstructured":"Felix Fischer Huang Xiao Ching-yu Kao Yannick Stachelscheid Benjamin Johnson Danial Razar Paul Fawkesley Nat Buckley Konstantin B\u00f6ttinger Paul Muntean et al. 2019. Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography. In USENIX Security. USENIX Association 339--356."},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"crossref","unstructured":"Prahlad Fogla and Wenke Lee. 2006. Evading network anomaly detection systems: formal reasoning and practical techniques. In CCS. ACM 59--68.","DOI":"10.1145\/1180405.1180414"},{"key":"e_1_3_2_2_20_1","volume-title":"Who Are You? A Statistical Approach to Measuring User Authenticity","author":"Freeman David","unstructured":"David Freeman, Sakshi Jain, Markus D\u00fcrmuth, Battista Biggio, and Giorgio Giacinto. 2016. Who Are You? A Statistical Approach to Measuring User Authenticity. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_21_1","unstructured":"Chuanpu Fu. Accessed January 2021. The source code of Whisper. https:\/\/github.com\/fuchuanpu\/Whisper."},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2008.08.003"},{"key":"e_1_3_2_2_23_1","volume-title":"Deep learning","author":"Goodfellow Ian","unstructured":"Ian Goodfellow, Yoshua Bengio, Aaron Courville, and Yoshua Bengio. 2016. Deep learning. Vol. 1. MIT press Cambridge."},{"key":"e_1_3_2_2_24_1","volume-title":"USENIX Security","author":"Gu Guofei","unstructured":"Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. 2008. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection. In USENIX Security. USENIX Association, 139--154."},{"key":"e_1_3_2_2_25_1","volume-title":"Stealth DoS Attacks on Secure Channels","author":"Herzberg Amir","unstructured":"Amir Herzberg and Haya Shulman. 2010. Stealth DoS Attacks on Secure Channels. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_26_1","unstructured":"Intel. Accessed January 2021. Data Plane Development Kit. https:\/\/www.dpdk.org\/."},{"key":"e_1_3_2_2_27_1","volume-title":"EvilSeed: A Guided Approach to Finding Malicious Web Pages","author":"Invernizzi Luca","unstructured":"Luca Invernizzi and Paolo Milani Comparetti. 2012. EvilSeed: A Guided Approach to Finding Malicious Web Pages. In SP. IEEE Computer Society, 428--442."},{"key":"e_1_3_2_2_28_1","volume-title":"Nazca: Detecting Malware Distribution in Large-Scale Networks","author":"Invernizzi Luca","year":"2014","unstructured":"Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Christopher Kruegel, Sabyasachi Saha, Giovanni Vigna, Sung-Ju Lee, and Marco Mellia. 2014. Nazca: Detecting Malware Distribution in Large-Scale Networks. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"crossref","unstructured":"Muhammad Asim Jamshed Jihyung Lee Sangwoo Moon Insu Yun Deokjin Kim Sungryoul Lee Yung Yi and KyoungSoo Park. 2012. Kargus: a highly-scalable software-based intrusion detection system. In CCS. ACM 317--328.","DOI":"10.1145\/2382196.2382232"},{"key":"e_1_3_2_2_30_1","volume-title":"Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentation","author":"Jan Steve T. K.","unstructured":"Steve T. K. Jan, Qingying Hao, Tianrui Hu, Jiameng Pu, Sonal Oswal, Gang Wang, and Bimal Viswanath. 2020. Throwing Darts in the Dark? Detecting Bots with Limited Data using Neural Data Augmentation. In SP. IEEE, 1190--1206."},{"key":"e_1_3_2_2_31_1","volume-title":"Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach","author":"Jero Samuel","unstructured":"Samuel Jero, Md. Endadul Hoque, David R. Choffnes, Alan Mislove, and Cristina Nita-Rotaru. 2018. Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_32_1","volume-title":"Knightly","author":"Kuzmanovic Aleksandar","year":"2003","unstructured":"Aleksandar Kuzmanovic and Edward W. Knightly. 2003. Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants. In SIGCOMM. ACM, 75--86."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2006.880180"},{"key":"e_1_3_2_2_34_1","first-page":"1509","article-title":"Enabling Performant","volume":"29","author":"Li Guanyu","year":"2021","unstructured":"Guanyu Li, Menghao Zhang, Shicheng Wang, Chang Liu, Mingwei Xu, Ang Chen, Hongxin Hu, Guofei Gu, Qi Li, and Jianping Wu. 2021. Enabling Performant, Flexible and Cost-Efficient DDoS Defense With Programmable Switches. IEEE\/ACM Trans. Netw., Vol. 29, 4 (2021), 1509--1526.","journal-title":"Flexible and Cost-Efficient DDoS Defense With Programmable Switches. IEEE\/ACM Trans. Netw."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"crossref","unstructured":"Hongda Li Hongxin Hu Guofei Gu Gail-Joon Ahn and Fuqiang Zhang. 2018. vNIDS: Towards Elastic Security with Safe and Efficient Virtualization of Network Intrusion Detection Systems. In CCS. ACM 17--34.","DOI":"10.1145\/3243734.3243862"},{"key":"e_1_3_2_2_36_1","volume-title":"USENIX Security","author":"Li Vector Guo","unstructured":"Vector Guo Li, Matthew Dunn, Paul Pearce, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. 2019. Reading the Tea leaves: A Comparative Analysis of Threat Intelligence. In USENIX Security. USENIX Association, 851--867."},{"key":"e_1_3_2_2_37_1","volume-title":"Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection","author":"Lin Chih-Yuan","unstructured":"Chih-Yuan Lin and Simin Nadjm-Tehrani. 2019. Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection. In RAID. USENIX Association, 73--88."},{"key":"e_1_3_2_2_38_1","volume-title":"J\u00f6 rg Schwenk, and Yuval Shavitt","author":"Merget Robert","year":"2019","unstructured":"Robert Merget, Juraj Somorovsky, Nimrod Aviram, Craig Young, Janis Fliegenschmidt, J\u00f6 rg Schwenk, and Yuval Shavitt. 2019. Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities. In USENIX Security. USENIX Association, 1029--1046."},{"key":"e_1_3_2_2_39_1","volume-title":"Handbook of differential entropy","author":"Michalowicz Joseph Victor","unstructured":"Joseph Victor Michalowicz, Jonathan M Nichols, and Frank Bucholtz. 2013. Handbook of differential entropy .Crc Press."},{"key":"e_1_3_2_2_40_1","unstructured":"Microsoft. Accessed January 2021. A theorem prover from Microsoft Research. https:\/\/github.com\/Z3Prover\/z3."},{"key":"e_1_3_2_2_41_1","unstructured":"Yisroel Mirsky. Accessed January 2021. The source code of Kitsune. https:\/\/github.com\/ymirsky\/Kitsune-py."},{"key":"e_1_3_2_2_42_1","volume-title":"Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection","author":"Mirsky Yisroel","year":"2018","unstructured":"Yisroel Mirsky, Tomer Doitshman, Yuval Elovici, and Asaf Shabtai. 2018. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2883177"},{"key":"e_1_3_2_2_44_1","unstructured":"mlpack. Accessed January 2021. mlpack: open source machine learning library and community. https:\/\/www.mlpack.org\/."},{"key":"e_1_3_2_2_45_1","volume-title":"Persistent OSPF Attacks","author":"Nakibly Gabi","unstructured":"Gabi Nakibly, Alex Kirshon, Dima Gonikman, and Dan Boneh. 2012. Persistent OSPF Attacks. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"crossref","unstructured":"Gabi Nakibly Adi Sosnovich Eitan Menahem Ariel Waizel and Yuval Elovici. 2014. OSPF vulnerability to persistent poisoning attacks: a systematic analysis. In ACSAC. ACM 336--345.","DOI":"10.1145\/2664243.2664278"},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26362-5_5"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134074"},{"key":"e_1_3_2_2_49_1","volume-title":"USENIX Security","author":"Nelms Terry","unstructured":"Terry Nelms, Roberto Perdisci, Manos Antonakakis, and Mustaque Ahamad. 2015. WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths. In USENIX Security. USENIX Association, 1025--1040."},{"key":"e_1_3_2_2_50_1","volume-title":"Sumayah A. Alrwais, Damon McCoy, and Michel van Eeten.","author":"Noroozian Arman","year":"2019","unstructured":"Arman Noroozian, Jan Koenders, Eelco van Veldhuizen, Carlos Hernandez Ga n \u00e1 n, Sumayah A. Alrwais, Damon McCoy, and Michel van Eeten. 2019. Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting. In USENIX Security. USENIX Association, 1341--1356."},{"key":"e_1_3_2_2_51_1","volume-title":"Numerical recipes","author":"Press William H","unstructured":"William H Press, Saul A Teukolsky, William T Vetterling, and Brian P Flannery. 2007. Numerical recipes 3rd edition: The art of scientific computing .Cambridge university press.","edition":"3"},{"key":"e_1_3_2_2_52_1","unstructured":"Pytorch. Accessed January 2021. An open source deep learning framework. https:\/\/pytorch.org\/."},{"key":"e_1_3_2_2_53_1","volume-title":"Simpson","author":"Radford Benjamin J.","year":"2018","unstructured":"Benjamin J. Radford, Leonardo M. Apolonio, Antonio J. Trias, and Jim A. Simpson. 2018. Network Traffic Anomaly Detection Using Recurrent Neural Networks. CoRR, Vol. abs\/1803.10769 (2018)."},{"key":"e_1_3_2_2_54_1","volume-title":"BLAG: Improving the Accuracy of Blacklists","author":"Ramanathan Sivaramakrishnan","year":"2020","unstructured":"Sivaramakrishnan Ramanathan, Jelena Mirkovic, and Minlan Yu. 2020. BLAG: Improving the Accuracy of Blacklists. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_55_1","volume-title":"Tom van Goethem, and Wouter Joosen.","author":"Rimmer Vera","year":"2018","unstructured":"Vera Rimmer, Davy Preuveneers, Marc Ju\u00e1 rez, Tom van Goethem, and Wouter Joosen. 2018. Automated Website Fingerprinting through Deep Learning. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3046876"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.011.1900366"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2692682"},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3050608"},{"key":"e_1_3_2_2_60_1","volume-title":"USENIX Security","author":"Shetty Rakshith","unstructured":"Rakshith Shetty, Bernt Schiele, and Mario Fritz. 2018. A4NT: Author Attribute Anonymity by Adversarial Training of Neural Machine Translation. In USENIX Security. USENIX Association, 1633--1650."},{"key":"e_1_3_2_2_61_1","volume-title":"Claudia D'i az, Narseo Vallina-Rodriguez, and Carmela Troncoso.","author":"Siby Sandra","year":"2020","unstructured":"Sandra Siby, Marc Ju\u00e1 rez, Claudia D'i az, Narseo Vallina-Rodriguez, and Carmela Troncoso. 2020. Encrypted DNS -textgreater Privacy? A Traffic Analysis Perspective. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_62_1","unstructured":"Snort. Accessed January 2021. An open source network intrusion detection system. https:\/\/www.snort.org\/."},{"key":"e_1_3_2_2_63_1","volume-title":"Outside the Closed World: On Using Machine Learning for Network Intrusion Detection","author":"Sommer Robin","unstructured":"Robin Sommer and Vern Paxson. 2010. Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. In SP. IEEE Computer Society, 305--316."},{"key":"e_1_3_2_2_64_1","unstructured":"Suricata. Accessed January 2021. An open source threat detection engine. https:\/\/suricata-ids.org\/."},{"key":"e_1_3_2_2_65_1","doi-asserted-by":"crossref","unstructured":"Ruming Tang Zheng Yang Zeyan Li Weibin Meng Haixin Wang Qi Li Yongqian Sun Dan Pei Tao Wei Yanfei Xu et al. 2020. ZeroWall: Detecting Zero-Day Web Attacks through Encoder-Decoder Recurrent Neural Networks. In INFOCOM. IEEE 2479--2488.","DOI":"10.1109\/INFOCOM41043.2020.9155278"},{"key":"e_1_3_2_2_66_1","volume-title":"FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic","author":"van Ede Thijs","unstructured":"Thijs van Ede, Riccardo Bortolameotti, Andrea Continella, Jingjing Ren, Daniel J. Dubois, Martina Lindorfer, David R. Choffnes, Maarten van Steen, and Andreas Peter. 2020. FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_67_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-46035-7_35"},{"key":"e_1_3_2_2_68_1","volume-title":"Stolfo","author":"Wang Ke","year":"2004","unstructured":"Ke Wang and Salvatore J. Stolfo. 2004. Anomalous Payload-Based Network Intrusion Detection. In RAID (Lecture Notes in Computer Science, Vol. 3224). Springer, 203--222."},{"key":"e_1_3_2_2_69_1","unstructured":"WIDE. Accessed January 2021. MAWI working group traffic archive. http:\/\/mawi.wide.ad.jp\/mawi\/."},{"key":"e_1_3_2_2_70_1","volume-title":"USENIX Security","author":"Xing Jiarong","year":"2039","unstructured":"Jiarong Xing, Qiao Kang, and Ang Chen. 2020. NetWarden: Mitigating Network Covert Channels while Preserving Performance. In USENIX Security. USENIX Association, 2039--2056."},{"key":"e_1_3_2_2_71_1","volume-title":"Ripple: A Programmable, Decentralized Link-Flooding Defense Against Adaptive Adversaries. In USENIX Security","author":"Xing Jiarong","year":"2021","unstructured":"Jiarong Xing, Wenqing Wu, and Ang Chen. 2021. Ripple: A Programmable, Decentralized Link-Flooding Defense Against Adaptive Adversaries. In USENIX Security. USENIX Association, 3865--3880."},{"key":"e_1_3_2_2_72_1","doi-asserted-by":"crossref","unstructured":"Yixiao Xu Tao Wang Qi Li Qingyuan Gong Yang Chen and Yong Jiang. 2018. A Multi-tab Website Fingerprinting Attack. In ACSAC. ACM 327--341.","DOI":"10.1145\/3274694.3274697"},{"key":"e_1_3_2_2_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3104869"},{"key":"e_1_3_2_2_74_1","volume-title":"Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches","author":"Zhang Menghao","year":"2020","unstructured":"Menghao Zhang, Guanyu Li, Shicheng Wang, Chang Liu, Ang Chen, Hongxin Hu, Guofei Gu, Qi Li, Mingwei Xu, and Jianping Wu. 2020. Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_75_1","volume-title":"Statistical Privacy for Streaming Traffic","author":"Zhang Xiaokuan","unstructured":"Xiaokuan Zhang, Jihun Hamm, Michael K. Reiter, and Yinqian Zhang. 2019. Statistical Privacy for Streaming Traffic. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_76_1","volume-title":"Hoi","author":"Zhao Peilin","year":"2013","unstructured":"Peilin Zhao and Steven C. H. Hoi. 2013. Cost-sensitive online active learning with application to malicious URL detection. In KDD. ACM, 919--927."},{"key":"e_1_3_2_2_77_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2805600"},{"key":"e_1_3_2_2_78_1","doi-asserted-by":"crossref","unstructured":"Shitong Zhu Shasha Li Zhongjie Wang Xun Chen Zhiyun Qian Srikanth V. Krishnamurthy Kevin S. Chan and Ananthram Swami. 2020. You do (not) belong here: detecting DPI evasion attacks with context learning. In CoNEXT. ACM 183--197.","DOI":"10.1145\/3386367.3431311"}],"event":{"name":"CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event Republic of Korea","acronym":"CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484585","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3484585","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T20:44:40Z","timestamp":1763498680000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484585"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,12]]},"references-count":78,"alternative-id":["10.1145\/3460120.3484585","10.1145\/3460120"],"URL":"https:\/\/doi.org\/10.1145\/3460120.3484585","relation":{},"subject":[],"published":{"date-parts":[[2021,11,12]]},"assertion":[{"value":"2021-11-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}