乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,15]],"date-time":"2024-09-15T13:48:50Z","timestamp":1726408130739},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030372279"},{"type":"electronic","value":"9783030372286"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37228-6_20","type":"book-chapter","created":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T05:00:05Z","timestamp":1576472405000},"page":"406-425","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":22,"title":["SoK: ATT&CK Techniques and Trends in Windows Malware"],"prefix":"10.1007","author":[{"given":"Kris","family":"Oosthoek","sequence":"first","affiliation":[]},{"given":"Christian","family":"Doerr","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,12,13]]},"reference":[{"key":"20_CR1","doi-asserted-by":"crossref","unstructured":"Barabosch, T., Bergmann, N., Dombeck, A.: Quincy: detecting host-based code injection attacks in memory dumps. In: LNCS (2017)","DOI":"10.1007\/978-3-319-60876-1_10"},{"key":"20_CR2","doi-asserted-by":"crossref","unstructured":"Barabosch, T., Eschweiler, S., Gerhards-Padilla, E.: Bee master: detecting host-based code injection attacks. In: LNCS (2014)","DOI":"10.1007\/978-3-319-08509-8_13"},{"key":"20_CR3","unstructured":"Bayer, U., Habibi, I., Balzarotti, D., Kirda, E., Kruegel, C.: A view on current malware behaviors. USENIX Large-scale exploits and emergent threats (2009)"},{"key":"20_CR4","doi-asserted-by":"crossref","unstructured":"Binsalleeh, H., et al.: On the analysis of the Zeus botnet crimeware toolkit. In: 2010 Eighth International Conference on Privacy, Security and Trust (2010)","DOI":"10.1109\/PST.2010.5593240"},{"key":"20_CR5","unstructured":"Chen, X., Andersen, J., Morley Mao, Z., Bailey, M., Nazario, J.: Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: International Conference on Dependable Systems and Networks (2008)"},{"key":"20_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2089125.2089126","volume":"44","author":"M Egele","year":"2012","unstructured":"Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. 44, 1\u201349 (2012)","journal-title":"ACM Comput. Surv."},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Grill, B., Bacs, A., Platzer, C., Bos, H.: \u201cNice boots!\u201d-A large-scale analysis of bootkits and new ways to stop them. In: LNCS (2015)","DOI":"10.1007\/978-3-319-20550-2_2"},{"key":"20_CR8","unstructured":"Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. In: International Conference on Information Warfare & Security (2011)"},{"key":"20_CR9","unstructured":"Joe Security LLC: Joe Sandbox Cloud Community Edition"},{"key":"20_CR10","doi-asserted-by":"crossref","unstructured":"Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L.: Cutting the gordian knot: a look under the hood of ransomware attacks. In: LNCS (2015)","DOI":"10.1007\/978-3-319-20550-2_1"},{"key":"20_CR11","unstructured":"Kirat, D., Vigna, G., Kruegel, C.: BareCloud: bare-metal analysis-based evasive malware detection. In: 23rd USENIX Security Symposium (2014)"},{"key":"20_CR12","unstructured":"Kirillov, I.A., Beck, D.A., Chase, M.P., Martin, R.A.: The Concepts of the Malware Attribute Enumeration and Characterization (MAEC) Effort (2009)"},{"key":"20_CR13","unstructured":"Laliberte, M.: A Twist On The Cyber Kill Chain: Defending Against A JavaScript Malware Attack (2016)"},{"issue":"2","key":"20_CR14","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2007.48","volume":"5","author":"Robert Lyda","year":"2007","unstructured":"Lyda, R., Hamrock, J.: Using entropy analysis to find encrypted and packed malware (2007)","journal-title":"IEEE Security and Privacy Magazine"},{"key":"20_CR15","unstructured":"Malpedia: win.pupy. \nmalpedia.caad.fkie.fraunhofer.de\/details\/win.pupy"},{"key":"20_CR16","first-page":"7","volume":"2017","author":"S Mansfield-Devine","year":"2017","unstructured":"Mansfield-Devine, S.: Fileless attacks: compromising targets without malware. Netw. Secur. 2017, 7\u201311 (2017)","journal-title":"Netw. Secur."},{"key":"20_CR17","unstructured":"Microsoft: Microsoft Security Bulletin MS14-027 (2014)"},{"key":"20_CR18","unstructured":"Nachreiner, C.: Kill Chain 3.0: Update the cyber kill chain for better defense (2015)"},{"key":"20_CR19","unstructured":"Obrst, L., Chase, P., Markeloff, R.: Developing an ontology of the cyber security domain. In: Semantic Technologies for Intelligence, Defense, and Security (2012)"},{"key":"20_CR20","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1109\/MSP.2011.98","volume":"9","author":"P O\u2019Kane","year":"2011","unstructured":"O\u2019Kane, P., Sezer, S., McLaughlin, K.: Obfuscation: the hidden malware. IEEE Secur. Privacy 9, 41\u201347 (2011)","journal-title":"IEEE Secur. Privacy"},{"key":"20_CR21","unstructured":"Plohmann, D., Clauss, M., Enders, S., Padilla, E.: Malpedia: a collaborative effort to inventorize the malware landscape. J. Cybercrime & Dig. Investigations, 3 (2018)"},{"key":"20_CR22","unstructured":"Porras, P., Saidi, H., Yegneswaran, V.: An analysis of conficker\u2019s logic and rendezvous points. Technical Report, Computer Science Laboratory, SRI International (2009)"},{"key":"20_CR23","doi-asserted-by":"crossref","unstructured":"Rossow, C., et al.: Prudent practices for designing malware experiments: status quo and outlook. In: IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.14"},{"key":"20_CR24","doi-asserted-by":"crossref","unstructured":"Song, D., et al.: BitBlaze: a new approach to computer security via binary analysis. In: LNCS (2008)","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"20_CR25","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1016\/j.ijcip.2013.01.002","volume":"6","author":"AK Sood","year":"2013","unstructured":"Sood, A.K., Enbody, R.J.: Crimeware-as-a-service-a survey of commoditized crimeware in the underground market. Int. J. Crit. Infrastruct. Prot. 6, 28\u201338 (2013)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"20_CR26","unstructured":"Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT&CK: Design and Philosophy. The Mitre Corporation, McLean, VA, Technical report (2018)"},{"key":"20_CR27","unstructured":"Symantec Security Response: W32.Duqu: the precursor to the next Stuxnet. Symantec Security Response (2011)"},{"key":"20_CR28","unstructured":"The Mitre Corporation: ATT&CK JSON Library (2018)"},{"key":"20_CR29","unstructured":"The Mitre Corporation: Enterprise Matrix - Windows (2018). \nhttps:\/\/attack.mitre.org\/matrices\/enterprise\/windows\/"},{"key":"20_CR30","doi-asserted-by":"crossref","unstructured":"Verizon: 2018 Data Breach Investigations Report. Technical report, New York, NY (2018)","DOI":"10.1016\/S1361-3723(18)30040-X"},{"key":"20_CR31","doi-asserted-by":"crossref","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox (2007)","DOI":"10.1109\/MSP.2007.45"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37228-6_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T05:02:25Z","timestamp":1576472545000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37228-6_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372279","9783030372286"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37228-6_20","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}