{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T16:58:26Z","timestamp":1770742706955,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":62,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,1]],"date-time":"2024-07-01T00:00:00Z","timestamp":1719792000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"NSF SaTC","award":["213264"],"award-info":[{"award-number":["213264"]}]},{"DOI":"10.13039\/501100001821","name":"Vienna Science and Technology Fund","doi-asserted-by":"publisher","award":["10.47379\/ICT19056"],"award-info":[{"award-number":["10.47379\/ICT19056"]}],"id":[{"id":"10.13039\/501100001821","id-type":"DOI","asserted-by":"publisher"}]},{"name":"COMET Centre within the framework of COMET"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7]]},"DOI":"10.1145\/3634737.3644992","type":"proceedings-article","created":{"date-parts":[[2024,6,28]],"date-time":"2024-06-28T11:51:38Z","timestamp":1719575498000},"page":"112-127","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["C2Miner: Tricking IoT Malware into Revealing Live Command &amp; Control Servers"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1171-5357","authenticated-orcid":false,"given":"Ali","family":"Davanian","sequence":"first","affiliation":[{"name":"University of California Riverside, Irvine, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3882-9987","authenticated-orcid":false,"given":"Michail","family":"Faloutsos","sequence":"additional","affiliation":[{"name":"University of California Riverside, Riverside, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7001-4481","authenticated-orcid":false,"given":"Martina","family":"Lindorfer","sequence":"additional","affiliation":[{"name":"TU Wien, Vienna, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Abuse.ch. 2024. MalwareBazaar. https:\/\/bazaar.abuse.ch\/."},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS).","author":"Al Alsadi Arwa Abdulkarim","year":"2022","unstructured":"Arwa Abdulkarim Al Alsadi, Kaichi Sameshima, Jakob Bleier, Katsunari Yoshioka, Martina Lindorfer, Michel van Eeten, and Carlos H Ga\u00f1\u00e1n. 2022. No Spring Chicken: Quantifying the Lifespan of Exploits in IoT Malware Using Static and Dynamic Analysis. In Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS)."},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Alrawi Omar","year":"2021","unstructured":"Omar Alrawi, Charles Lever, Kevin Valakuzhy, Ryan Court, Kevin Snow, Fabian Monrose, and Manos Antonakakis. 2021. The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the European Symposium on Research in Computer Security (ESORICS).","author":"Anghel Radu","year":"2023","unstructured":"Radu Anghel, Swaathi Vetrivel, Elsa Turcios Rodriguez, Kaichi Sameshima, Daisuke Makita, Katsunari Yoshioka, Carlos H. Ga\u00f1\u00e1n, and Yury Zhauniarovich. 2023. Peering into the Darkness: The Use of UTRS in Combating DDoS Attacks. In Proceedings of the European Symposium on Research in Computer Security (ESORICS)."},{"key":"e_1_3_2_1_5_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the USENIX Annual Technical Conference (ATC, FREENIX Track).","author":"Bellard Fabrice","year":"2005","unstructured":"Fabrice Bellard. 2005. QEMU, A Fast and Portable Dynamic Translator. In Proceedings of the USENIX Annual Technical Conference (ATC, FREENIX Track)."},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the Annual Computer Security Applications Conference (ACSAC).","author":"Bilge Leyla","year":"2012","unstructured":"Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, and Christopher Kruegel. 2012. Disclosure: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis. In Proceedings of the Annual Computer Security Applications Conference (ACSAC)."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"Marcus Botacin Paulo de Geus and Andr\u00e9 Gr\u00e9gio. 2020. An Empirical Study on the Blocking of HTTP and DNS Requests at Providers Level to Counter In-The-Wild Malware Infections. In Anais do XX Simp\u00f3sio Brasileiro em Seguran\u00e7a da Informa\u00e7\u00e3o e de Sistemas Computacionais.","DOI":"10.5753\/sbseg.2020.19237"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Bouwman Xander","year":"2020","unstructured":"Xander Bouwman, Harm Griffioen, Jelle Egbers, Christian Doerr, Bram Klievink, and Michel van Eeten. 2020. A Different Cup of TI? The Added Value of Commercial Threat Intelligence. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS).","author":"Caballero Juan","year":"2009","unstructured":"Juan Caballero, Pongsin Poosankam, Christian Kreibich, and Dawn Song. 2009. Dispatcher: Enabling Active Botnet Infiltration using Automatic Protocol Reverse-Engineering. In Proceedings of the ACM Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the ACM SIGCOMM Conference on Internet Measurement (IMC).","author":"Collins M. Patrick","year":"2007","unstructured":"M. Patrick Collins, Timothy J. Shimeall, Sidney Faber, Jeff Janies, Rhiannon Weaver, Markus De Shon, and Joseph Kadane. 2007. Using Uncleanliness to Predict Future Botnet Addresses. In Proceedings of the ACM SIGCOMM Conference on Internet Measurement (IMC)."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P).","author":"Comparetti Paolo Milani","year":"2009","unstructured":"Paolo Milani Comparetti, Gilbert Wondracek, Christopher Kruegel, and Engin Kirda. 2009. Prospex: Protocol Specification Extraction. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00054"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427256"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3386367.3431317"},{"key":"e_1_3_2_1_16_1","volume-title":"Effective Granularity in Internet Badhood Detection: Detection Rate, Precision and Implementation Performance. Master's thesis","author":"Davanian Ali","unstructured":"Ali Davanian. 2017. Effective Granularity in Internet Badhood Detection: Detection Rate, Precision and Implementation Performance. Master's thesis. University of Twente."},{"key":"e_1_3_2_1_17_1","unstructured":"Ali Davanian Ahmad Darki and Michalis Faloutsos. 2021. CnCHunter: An Mitm-Approach To Identify Live CnC Servers. In Black Hat USA."},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the ACM Internet Measurement Conference (IMC).","author":"Davanian Ali","year":"2022","unstructured":"Ali Davanian and Michalis Faloutsos. 2022. MalNet: A Binary-Centric Network-Level Profiling of IoT Malware. In Proceedings of the ACM Internet Measurement Conference (IMC)."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the IEEE Conference on Computer Communications (INFOCOM).","author":"Carli Lorenzo De","year":"2017","unstructured":"Lorenzo De Carli, Ruben Torres, Gaspar Modelo-Howard, Alok Tongaonkar, and Somesh Jha. 2017. Botnet Protocol Inference in the Presence of Encrypted Traffic. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM)."},{"key":"e_1_3_2_1_20_1","unstructured":"decalage2. 2019. Balbuzard - Malware analysis tools to extract patterns of interest and crack obfuscation such as XOR. https:\/\/github.com\/decalage2\/balbuzard."},{"key":"e_1_3_2_1_21_1","volume-title":"CoCoSpot: Clustering and Recognizing Botnet Command and Control Channels using Traffic Analysis. Computer Networks 57, 2","author":"Dietrich Christian J.","year":"2013","unstructured":"Christian J. Dietrich, Christian Rossow, and Norbert Pohlmann. 2013. CoCoSpot: Clustering and Recognizing Botnet Command and Control Channels using Traffic Analysis. Computer Networks 57, 2 (2013)."},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P).","author":"Farinholt Brown","year":"2017","unstructured":"Brown Farinholt, Mohammad Rezaeirad, Paul Pearce, Hitesh Dharmdasani, Haikuo Yin, Stevens Le Blond, Damon McCoy, and Kirill Levchenko. 2017. To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484537"},{"key":"e_1_3_2_1_24_1","volume-title":"Unravelling the Changing Landscape of DDoS Attacks: The Role of IoT Botnets. In ICANN DNS Symposium.","author":"Ga\u00f1\u00e1n Carlos H.","year":"2023","unstructured":"Carlos H. Ga\u00f1\u00e1n. 2023. Unravelling the Changing Landscape of DDoS Attacks: The Role of IoT Botnets. In ICANN DNS Symposium."},{"key":"e_1_3_2_1_25_1","unstructured":"Sean Ghallager. 2013. In face of scrutiny researchers back off NSA \"Torsploit\" claim. https:\/\/arstechnica.com\/tech-policy\/2013\/08\/in-face-of-scrutiny-researchers-back-off-nsa-torsploit-claim\/."},{"key":"e_1_3_2_1_26_1","volume-title":"MASSCAN: Mass IP port scanner. https:\/\/github.com\/robertdavidgraham\/masscan.","author":"Graham Robert David","year":"2021","unstructured":"Robert David Graham. 2021. MASSCAN: Mass IP port scanner. https:\/\/github.com\/robertdavidgraham\/masscan."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417277"},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the Annual Computer Security Applications Conference (ACSAC).","author":"Gu Guofei","year":"2009","unstructured":"Guofei Gu, Vinod Yegneswaran, Phillip Porras, Jennifer Stoll, and Wenke Lee. 2009. Active Botnet Probing to Identify Obscure Command and Control Channels. In Proceedings of the Annual Computer Security Applications Conference (ACSAC)."},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS).","author":"Gu Guofei","year":"2008","unstructured":"Guofei Gu, Junjie Zhang, and Wenke Lee. 2008. BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. In Proceedings of the Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23488"},{"key":"e_1_3_2_1_31_1","unstructured":"KimiNewt. 2023. pyshark - Python wrapper for tshark. https:\/\/github.com\/KimiNewt\/pyshark\/."},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA).","author":"Kondo Mizuki","year":"2022","unstructured":"Mizuki Kondo, Rui Tanabe, Natsuo Shintani, Daisuke Makita, Katsunari Yoshioka, and Tsutomu Matsumoto. 2022. Amplification Chamber: Dissecting the Attack Infrastructure of Memcached DRDoS Attacks. In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)."},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID).","author":"Kr\u00e4mer Lukas","year":"2015","unstructured":"Lukas Kr\u00e4mer, Johannes Krupp, Daisuke Makita, Tomomi Nishizoe, Takashi Koide, Katsunari Yoshioka, and Christian Rossow. 2015. AmpPot: Monitoring and Defending Against Amplification DDoS Attacks. In Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)."},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID).","author":"K\u00fchrer Marc","year":"2014","unstructured":"Marc K\u00fchrer, Christian Rossow, and Thorsten Holz. 2014. Paint it Black: Evaluating the Effectiveness of Malware Blacklists. In Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)."},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the Annual Network and Distributed System Security Symposium (NDSS).","author":"Pochat Victor Le","year":"2020","unstructured":"Victor Le Pochat, Tim Van hamme, Sourena Maroofi, Tom Van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen, and Maciej Korczy\u0144ski. 2020. A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints. In Proceedings of the Annual Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_36_1","unstructured":"Chao Lei Zhibin Zhang and Cecilia Hu. 2023. Mirai IZ1H9 - Mirai Variant Targets Multiple IoT Devices. https:\/\/unit42.paloaltonetworks.com\/mirai-variant-iz1h9\/."},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P).","author":"Lever Chaz","year":"2017","unstructured":"Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, and Manos Antonakakis. 2017. A Lustrum of Malware Network Communication: Evolution and Insights. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Li Vector Guo","year":"2019","unstructured":"Vector Guo Li, Matthew Dunn, Paul Pearce, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. 2019. Reading the Tea Leaves: A Comparative Analysis of Threat Intelligence. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID).","author":"Lindorfer Martina","year":"2011","unstructured":"Martina Lindorfer, Clemens Kolbitsch, and Paolo Milani Comparetti. 2011. Detecting Environment-Sensitive Malware. In Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID)."},{"key":"e_1_3_2_1_40_1","unstructured":"Tongbo Luo Zhaoyan Xu Xing Jin Yanhui Jia and Xin Ouyang. 2017. IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices. In Black Hat USA."},{"key":"e_1_3_2_1_41_1","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Nadji Yacin","year":"2013","unstructured":"Yacin Nadji, Manos Antonakakis, Roberto Perdisci, David Dagon, and Wenke Lee. 2013. Beheading Hydras: Performing Effective Botnet Takedowns. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076734"},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS).","author":"Nappa Antonio","year":"2014","unstructured":"Antonio Nappa, Zhaoyan Xu, M. Zubair Rafique, Juan Caballero, and Guofei Gu. 2014. CyberProbe: Towards Internet-Scale Active Detection of Malicious Servers. In Proceedings of the Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_44_1","unstructured":"National Security Agency. 2023. Ghidra - Software Reverse Engineering Framework. https:\/\/www.nsa.gov\/resources\/everyone\/ghidra\/."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076736"},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI).","author":"Perdisci Roberto","year":"2010","unstructured":"Roberto Perdisci, Wenke Lee, and Nick Feamster. 2010. Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI)."},{"key":"e_1_3_2_1_47_1","volume-title":"Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID).","author":"Zubair Rafique M.","year":"2013","unstructured":"M. Zubair Rafique and Juan Caballero. 2013. Firma: Malware Clustering and Network Signature Generation with Mixed Network Behaviors. In Proceedings of the International Symposium on Research in Attacks, Intrusions and Defenses (RAID)."},{"key":"e_1_3_2_1_48_1","volume":"201","author":"Rossow Christian","unstructured":"Christian Rossow and Christian J. Dietrich. 2013. ProVeX: Detecting Botnets with Encrypted Command and Control Channels. In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA).","journal-title":"Christian J. Dietrich."},{"key":"e_1_3_2_1_49_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P).","author":"Rossow Christian","year":"2012","unstructured":"Christian Rossow, Christian J. Dietrich, Chris Grier, Christian Kreibich, Vern Paxson, Norbert Pohlmann, Herbert Bos, and Maarten van Steen. 2012. Prudent Practices for Designing Malware Experiments: Status Quo and Outlook. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427261"},{"key":"e_1_3_2_1_51_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS).","author":"Stone-Gross Brett","year":"2009","unstructured":"Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna. 2009. Your Botnet is My Botnet: Analysis of a Botnet Takeover. In Proceedings of the ACM Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3409177"},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of International Conference on emerging Networking EXperiments and Technologies (CoNEXT).","author":"Tegeler Florian","year":"2012","unstructured":"Florian Tegeler, Xiaoming Fu, Giovanni Vigna, and Christopher Kruegel. 2012. BotFinder: Finding Bots in Network Traffic Without Deep Packet Inspection. In Proceedings of International Conference on emerging Networking EXperiments and Technologies (CoNEXT)."},{"key":"e_1_3_2_1_54_1","unstructured":"Alex Turing Hui Wang and Genshen Ye. 2021. The Mostly Dead Mozi and Its' Lingering Bots. https:\/\/blog.netlab.360.com\/the-mostly-dead-mozi-and-its-lingering-bots\/."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_26"},{"key":"e_1_3_2_1_56_1","unstructured":"VirusTotal. 2024. VirusTotal. https:\/\/www.virustotal.com."},{"key":"e_1_3_2_1_57_1","volume-title":"Proceedings of the European Symposium on Research in Computer Security (ESORICS).","author":"Wang Zhi","year":"2009","unstructured":"Zhi Wang, Xuxian Jiang, Weidong Cui, Xinyuan Wang, and Mike Grace. 2009. ReFormat: Automatic Reverse Engineering of Encrypted Messages. In Proceedings of the European Symposium on Research in Computer Security (ESORICS)."},{"key":"e_1_3_2_1_58_1","volume-title":"Proceedings of the European Symposium on Research in Computer Security (ESORICS).","author":"Wurzinger Peter","year":"2009","unstructured":"Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, and Engin Kirda. 2009. Automatically Generating Models for Botnet Detection. In Proceedings of the European Symposium on Research in Computer Security (ESORICS)."},{"key":"e_1_3_2_1_59_1","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Xu Zhaoyan","year":"2014","unstructured":"Zhaoyan Xu, Antonio Nappa, Robert Baykov, Guangliang Yang, Juan Caballero, and Guofei Gu. 2014. Autoprobe: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_60_1","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Wong Miuyin Yong","year":"2021","unstructured":"Miuyin Yong Wong, Matthew Landen, Manos Antonakakis, Douglas M. Blough, Elissa M. Redmiles, and Mustaque Ahamad. 2021. An Inside Look into the Practice of Malware Analysis. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_61_1","volume-title":"Proceedings of the Annual ACM Symposium on Applied Computing (SAC).","author":"Zand Ali","year":"2014","unstructured":"Ali Zand, Giovanni Vigna, Xifeng Yan, and Christopher Kruegel. 2014. Extracting Probable Command and Control Signatures for Detecting Botnets. In Proceedings of the Annual ACM Symposium on Applied Computing (SAC)."},{"key":"e_1_3_2_1_62_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Zhu Shuofei","year":"2020","unstructured":"Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, and Gang Wang. 2020. Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines. In Proceedings of the USENIX Security Symposium."}],"event":{"name":"ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security","location":"Singapore Singapore","acronym":"ASIA CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 19th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3644992","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:44:06Z","timestamp":1750290246000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3644992"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7]]},"references-count":62,"alternative-id":["10.1145\/3634737.3644992","10.1145\/3634737"],"URL":"https:\/\/doi.org\/10.1145\/3634737.3644992","relation":{},"subject":[],"published":{"date-parts":[[2024,7]]},"assertion":[{"value":"2024-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}