{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,3]],"date-time":"2025-08-03T04:17:55Z","timestamp":1754194675590},"reference-count":33,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,6,13]],"date-time":"2022-06-13T00:00:00Z","timestamp":1655078400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,6,13]],"date-time":"2022-06-13T00:00:00Z","timestamp":1655078400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,6,13]]},"DOI":"10.23919\/ifipnetworking55013.2022.9829757","type":"proceedings-article","created":{"date-parts":[[2022,7,22]],"date-time":"2022-07-22T16:42:14Z","timestamp":1658508134000},"page":"1-9","source":"Crossref","is-referenced-by-count":1,"title":["Clustering Payloads: Grouping Randomized Scan Probes Into Campaign Templates"],"prefix":"10.23919","author":[{"given":"Vincent","family":"Ghiette","sequence":"first","affiliation":[{"name":"Delft University of Technology,Delft,The Netherlands"}]},{"given":"Christian","family":"Doerr","sequence":"additional","affiliation":[{"name":"Hasso Plattner Institute for Digital Engineering,Potsdam,Germany"}]}],"member":"263","reference":[{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8482"},{"journal-title":"Sipvicious","year":"0","key":"ref32"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1035"},{"key":"ref30","article-title":"Spelling-error tolerant, order-independent pass-phrases via the damerau-levenshtein string-edit distance metric","author":"bard","year":"2007","journal-title":"ACSW frontiers Citeseer"},{"key":"ref10","article-title":"Nmap network scanning: The official Nmap project guide to network discovery and security scanning","author":"lyon","year":"2008","journal-title":"Insecure"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196537"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966928"},{"key":"ref13","article-title":"An internet-wide view of internet-wide scanning","author":"durumeric","year":"2014","journal-title":"USENIX Security Symposium"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/ICSSIT48917.2020.9214121"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/3341105.3373970"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2002-101-205"},{"key":"ref17","article-title":"Detection and characterization of port scan attacks","author":"lee","year":"2003","journal-title":"Univeristy of California Department of Computer Science and Engineering"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/WIFS.2016.7823920"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2014.6997483"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS47738.2020.9110444"},{"key":"ref4","article-title":"Scan correlation-revealing dis-tributed scan campaigns","author":"haas","year":"2020","journal-title":"IEEE\/IFIP NOMS"},{"journal-title":"Zmap manual","year":"0","key":"ref27"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484747"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_10"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2017.7945057"},{"key":"ref5","article-title":"Inferring and investigating iot-generated scanning cam-paigns targeting a large network telescope","author":"torabi","year":"2020","journal-title":"IEEE TDSC"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00064"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2013.09.008"},{"journal-title":"Cyber Kill Chain","year":"2021","author":"martin","key":"ref2"},{"journal-title":"Junos os Remote code execution vulnerability in overlayd service (cve-2021&#x2013;0254)","year":"0","key":"ref9"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/IACS.2014.6841978"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.02.005"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407051"},{"key":"ref21","article-title":"Understanding the mirai botnet","author":"antonakakis","year":"2017","journal-title":"USENIX Security Symposium"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-016-3744-4"},{"key":"ref23","article-title":"Coordinated scan detection","author":"gates","year":"2009","journal-title":"NDSS"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/3229598.3229606"},{"key":"ref25","article-title":"Internet-scale probing of cps: Inference, characterization and orches-tration analysis","author":"fachkha","year":"2017","journal-title":"NDSS"}],"event":{"name":"2022 IFIP Networking Conference (IFIP Networking)","start":{"date-parts":[[2022,6,13]]},"location":"Catania, Italy","end":{"date-parts":[[2022,6,16]]}},"container-title":["2022 IFIP Networking Conference (IFIP Networking)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9829715\/9829755\/09829757.pdf?arnumber=9829757","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,29]],"date-time":"2022-08-29T21:50:03Z","timestamp":1661809803000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9829757\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,13]]},"references-count":33,"URL":"https:\/\/doi.org\/10.23919\/ifipnetworking55013.2022.9829757","relation":{},"subject":[],"published":{"date-parts":[[2022,6,13]]}}}