{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:05:36Z","timestamp":1750309536686,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,6]],"date-time":"2024-12-06T00:00:00Z","timestamp":1733443200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,6]]},"DOI":"10.1145\/3711618.3711620","type":"proceedings-article","created":{"date-parts":[[2025,2,22]],"date-time":"2025-02-22T11:22:41Z","timestamp":1740223361000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Detecting CDN Domain Names Based on Resolution Graph with PU Learning"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-8339-7443","authenticated-orcid":false,"given":"Meng","family":"Luo","sequence":"first","affiliation":[{"name":"China United Network Communications Group Corporation Limited, China, Beijing, Beijing, China and Beijing University of Posts and Telecommunications, Beijing, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-5053-4818","authenticated-orcid":false,"given":"Jianrong","family":"Zhang","sequence":"additional","affiliation":[{"name":"China Unicom Digital Technology Co., Ltd, Beijing, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-4678-3522","authenticated-orcid":false,"given":"Cheng","family":"Yu","sequence":"additional","affiliation":[{"name":"China Unicom Digital Technology Co., Ltd, Beijing, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-4366-811X","authenticated-orcid":false,"given":"Kai","family":"Zhou","sequence":"additional","affiliation":[{"name":"China Unicom Digital Technology Co., Ltd, Beijing, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-6206-4739","authenticated-orcid":false,"given":"Xinyan","family":"Wang","sequence":"additional","affiliation":[{"name":"China Unicom Digital Technology Co., Ltd, Beijing, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-8420-6522","authenticated-orcid":false,"given":"Kunyan","family":"Li","sequence":"additional","affiliation":[{"name":"China United Network Communications Group Corporation Limited, China, Beijing, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6937-4068","authenticated-orcid":false,"given":"Baojiang","family":"Cui","sequence":"additional","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2025,2,22]]},"reference":[{"key":"e_1_3_3_2_2_2","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOMW.2012.6193524"},{"key":"e_1_3_3_2_3_2","first-page":"491","volume-title":"21st USENIX Security Symposium (USENIX Security 12)","author":"Antonakakis Manos","year":"2012","unstructured":"Manos Antonakakis, Roberto Perdisci, Yacin Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, and David Dagon. 2012. From { Throw-Away} traffic to bots: Detecting the rise of { DGA-Based} malware. In 21st USENIX Security Symposium (USENIX Security 12). 491\u2013506."},{"key":"e_1_3_3_2_4_2","doi-asserted-by":"crossref","unstructured":"Jessa Bekker and Jesse Davis. 2020. Learning from positive and unlabeled data: A survey. Machine Learning 109 4 (2020) 719\u2013760.","DOI":"10.1007\/s10994-020-05877-5"},{"key":"e_1_3_3_2_5_2","doi-asserted-by":"crossref","unstructured":"Andreas Berger Alessandro D\u2019Alconzo Wilfried\u00a0N Gansterer and Antonio Pescap\u00e9. 2016. Mining agile DNS traffic using graph analysis for cybercrime detection. Computer Networks 100 (2016) 28\u201344.","DOI":"10.1016\/j.comnet.2016.02.009"},{"key":"e_1_3_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-28486-1_23"},{"key":"e_1_3_3_2_7_2","doi-asserted-by":"publisher","DOI":"10.1145\/2504730.2504754"},{"key":"e_1_3_3_2_8_2","doi-asserted-by":"crossref","unstructured":"David Choffnes Jilong Wang et\u00a0al. 2017. CDNs meet CN an empirical study of CDN deployments in China. IEEE Access 5 (2017) 5292\u20135305.","DOI":"10.1109\/ACCESS.2017.2682190"},{"key":"e_1_3_3_2_9_2","doi-asserted-by":"crossref","unstructured":"Gianni D\u2019Angelo Arcangelo Castiglione and Francesco Palmieri. 2022. DNS tunnels detection via DNS-images. Information Processing & Management 59 3 (2022) 102930.","DOI":"10.1016\/j.ipm.2022.102930"},{"key":"e_1_3_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1145\/1401890.1401920"},{"key":"e_1_3_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/SRDS.2018.00011"},{"key":"e_1_3_3_2_12_2","first-page":"6185","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Guo Run","year":"2023","unstructured":"Run Guo, Jianjun Chen, Yihang Wang, Keran Mu, Baojun Liu, Xiang Li, Chao Zhang, Haixin Duan, and Jianping Wu. 2023. Temporal { CDN-Convex} Lens: A { CDN-Assisted} Practical Pulsing { DDoS} Attack. In 32nd USENIX Security Symposium (USENIX Security 23). 6185\u20136202."},{"key":"e_1_3_3_2_13_2","doi-asserted-by":"publisher","DOI":"10.1109\/IPCCC47392.2019.8958718"},{"key":"e_1_3_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2019.8888058"},{"key":"e_1_3_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/3388176.3388206"},{"key":"e_1_3_3_2_16_2","doi-asserted-by":"crossref","unstructured":"Jianbing Liang Suxia Wang Shuang Zhao and Shuhui Chen. 2023. FECC: DNS tunnel detection model based on CNN and clustering. Computers & Security 128 (2023) 103132.","DOI":"10.1016\/j.cose.2023.103132"},{"key":"e_1_3_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC50000.2020.9219547"},{"key":"e_1_3_3_2_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC53001.2021.9631549"},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"crossref","unstructured":"Fantine Mordelet and J-P Vert. 2014. A bagging SVM to learn from positive and unlabeled examples. Pattern Recognition Letters 37 (2014) 201\u2013209.","DOI":"10.1016\/j.patrec.2013.06.010"},{"key":"e_1_3_3_2_20_2","doi-asserted-by":"crossref","unstructured":"Jeman Park Rhongho Jang Manar Mohaisen and David Mohaisen. 2021. A large-scale behavioral analysis of the open DNS resolvers on the internet. IEEE\/ACM Transactions on Networking 30 1 (2021) 76\u201389.","DOI":"10.1109\/TNET.2021.3105599"},{"key":"e_1_3_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_14"},{"key":"e_1_3_3_2_22_2","first-page":"1165","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Sch\u00fcppen Samuel","year":"2018","unstructured":"Samuel Sch\u00fcppen, Dominik Teubert, Patrick Herrmann, and Ulrike Meyer. 2018. { FANCI} : Feature-based automated { NXDomain} classification and intelligence. In 27th USENIX Security Symposium (USENIX Security 18). 1165\u20131181."},{"key":"e_1_3_3_2_23_2","first-page":"195","volume-title":"2016 USENIX Annual Technical Conference (USENIX ATC 16)","author":"Scott Will","year":"2016","unstructured":"Will Scott, Thomas Anderson, Tadayoshi Kohno, and Arvind Krishnamurthy. 2016. Satellite: Joint analysis of { CDNs} and { Network-Level} interference. In 2016 USENIX Annual Technical Conference (USENIX ATC 16). 195\u2013208."},{"key":"e_1_3_3_2_24_2","unstructured":"Karthika Subramani Roberto Perdisci Pierros Skafidas and Manos Antonakakis. 2023. Measuring CDNs susceptible to Domain Fronting. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2310.17851 (2023)."},{"key":"e_1_3_3_2_25_2","first-page":"399","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019)","author":"Sun Xiaoqing","year":"2019","unstructured":"Xiaoqing Sun, Mingkai Tong, Jiahai Yang, Liu Xinran, and Liu Heng. 2019. { HinDom} : A robust malicious domain detection system based on heterogeneous information network with transductive classification. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019). 399\u2013412."},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"crossref","unstructured":"Xiaoqing Sun Zhiliang Wang Jiahai Yang and Xinran Liu. 2020. Deepdom: Malicious domain detection with scalable and heterogeneous graph convolutional networks. Computers & Security 99 (2020) 102057.","DOI":"10.1016\/j.cose.2020.102057"},{"key":"e_1_3_3_2_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS47738.2020.9110462"},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"crossref","unstructured":"Qing Wang Cong Dong Shijie Jian Dan Du Zhigang Lu Yinhao Qi Dongxu Han Xiaobo Ma Fei Wang and Yuling Liu. 2023. HANDOM: Heterogeneous attention network model for malicious domain detection. Computers & Security 125 (2023) 103059.","DOI":"10.1016\/j.cose.2022.103059"},{"key":"e_1_3_3_2_29_2","first-page":"3327","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Wei Mingkui","year":"2021","unstructured":"Mingkui Wei. 2021. Domain Shadowing: Leveraging Content Delivery Networks for Robust { Blocking-Resistant} Communications. In 30th USENIX Security Symposium (USENIX Security 21). 3327\u20133343."},{"key":"e_1_3_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-28486-1_27"},{"key":"e_1_3_3_2_31_2","doi-asserted-by":"crossref","unstructured":"Yuwei Zeng Xiaochun Yun Xunxun Chen Boquan Li Haiwei Tsang Yipeng Wang Tianning Zang and Yongzheng Zhang. 2021. Finding disposable domain names: A linguistics-based stacking approach. Computer Networks 184 (2021) 107642.","DOI":"10.1016\/j.comnet.2020.107642"}],"event":{"name":"ICCNS 2024: 2024 14th International Conference on Communication and Network Security","acronym":"ICCNS 2024","location":"Xiamen Shanghai China"},"container-title":["Proceedings of the 2024 14th International Conference on Communication and Network Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3711618.3711620","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3711618.3711620","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:29Z","timestamp":1750295909000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3711618.3711620"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,6]]},"references-count":30,"alternative-id":["10.1145\/3711618.3711620","10.1145\/3711618"],"URL":"https:\/\/doi.org\/10.1145\/3711618.3711620","relation":{},"subject":[],"published":{"date-parts":[[2024,12,6]]},"assertion":[{"value":"2025-02-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}