{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,24]],"date-time":"2026-04-24T09:02:18Z","timestamp":1777021338740,"version":"3.51.4"},"reference-count":32,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,29]],"date-time":"2023-05-29T00:00:00Z","timestamp":1685318400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,5,29]],"date-time":"2023-05-29T00:00:00Z","timestamp":1685318400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5,29]]},"DOI":"10.23919\/cycon58705.2023.10182001","type":"proceedings-article","created":{"date-parts":[[2023,7,19]],"date-time":"2023-07-19T18:28:49Z","timestamp":1689791329000},"page":"253-271","source":"Crossref","is-referenced-by-count":4,"title":["Towards Generalizing Machine Learning Models to Detect Command and Control Attack Traffic"],"prefix":"10.23919","author":[{"given":"Lina","family":"Gehri","sequence":"first","affiliation":[{"name":"ETH Zurich,Department of Electrical Engineering and Information Technology,Zurich,Switzerland"}]},{"given":"Roland","family":"Meier","sequence":"additional","affiliation":[{"name":"armasuisse Science and Technology,Cyber-Defence Campus,Thun,Switzerland"}]},{"given":"Daniel","family":"Hulliger","sequence":"additional","affiliation":[{"name":"armasuisse Science and Technology,Cyber-Defence Campus,Thun,Switzerland"}]},{"given":"Vincent","family":"Lenders","sequence":"additional","affiliation":[{"name":"armasuisse Science and Technology,Cyber-Defence Campus,Thun,Switzerland"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/2684195"},{"key":"ref2","volume-title":"HTTPS encryption on the web \u2013 Google Transparency Report","year":"2022"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.3390\/app9204396"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.3041951"},{"key":"ref5","volume-title":"Locked Shields","year":"2022"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1002\/ett.4150"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-019-0038-7"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2019.01.023"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3163058.3163059"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-04503-6_14"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/cisda.2009.5356528"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-15-6648-6_10"},{"key":"ref13","volume-title":"KDD Cup 1999 Data","year":"1999"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2017.09.129"},{"key":"ref15","volume-title":"Traffic Data from Kyoto University\u2019s Honeypots","year":"2015"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/cybersecpods.2018.8560673"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.23919\/cycon55549.2022.9811018"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.23919\/cycon.2019.8756814"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3411508.3421379"},{"key":"ref20","article-title":"Tweaking Metasploit to Evade Encrypted C2 Traffic Detection, 2022","author":"Xavier"},{"key":"ref21","volume-title":"NATO Cooperative Cyber Defence Centre of Excellence","year":"2022"},{"key":"ref22","volume-title":"Cyber Defence Exercise Locked Shields 2013 After Action Report","year":"2013"},{"key":"ref23","volume-title":"Kali Linux","year":"2022"},{"key":"ref24","volume-title":"Metasploit Framework","year":"2022"},{"key":"ref25","volume-title":"Cobalt Strike","year":"2022"},{"key":"ref26","volume-title":"CICFlowMeter","author":"Lashkari","year":"2022"},{"key":"ref27","volume-title":"CICFowMeter Features"},{"key":"ref28","volume-title":"Intrusion Detection Evaluation Dataset (CIC-IDS2017)","year":"2017"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1137\/0119020"},{"key":"ref30","article-title":"sklearn.feature_selection.mutual_info_classif","volume-title":"Scikit-learn.org"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0087357"},{"key":"ref32","article-title":"sklearn.feature_selection.RFE \u2013 scikit-learn 1.1.1 documentation","volume-title":"Scikit-learn.org"}],"event":{"name":"2023 15th International Conference on Cyber Conflict: Meeting Reality (CyCon)","location":"Tallinn, Estonia","start":{"date-parts":[[2023,5,30]]},"end":{"date-parts":[[2023,6,2]]}},"container-title":["2023 15th International Conference on Cyber Conflict: Meeting Reality (CyCon)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10181240\/10181347\/10182001.pdf?arnumber=10182001","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,13]],"date-time":"2024-04-13T04:16:32Z","timestamp":1712981792000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10182001\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,29]]},"references-count":32,"URL":"https:\/\/doi.org\/10.23919\/cycon58705.2023.10182001","relation":{},"subject":[],"published":{"date-parts":[[2023,5,29]]}}}