乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,1]],"date-time":"2024-10-01T04:21:18Z","timestamp":1727756478357},"publisher-location":"New York, NY, USA","reference-count":92,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-23-1-2095","N00014-23-1-2080"],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Office of Naval Research","award":["N00014-23-1-2095","N00014-23-1-2080"]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3678890.3678923","type":"proceedings-article","created":{"date-parts":[[2024,9,29]],"date-time":"2024-09-29T22:23:36Z","timestamp":1727648616000},"page":"197-214","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["BluePrint: Automatic Malware Signature Generation for Internet Scanning"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0009-0008-3832-4058","authenticated-orcid":false,"given":"Kevin","family":"Stevens","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, United States of America"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-8283-8952","authenticated-orcid":false,"given":"Mert","family":"Erdemir","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, United States of America"}]},{"ORCID":"http:\/\/orcid.org\/0009-0003-6089-1079","authenticated-orcid":false,"given":"Hang","family":"Zhang","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, United States of America"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-7440-2067","authenticated-orcid":false,"given":"Taesoo","family":"Kim","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, United States of America"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-6418-9699","authenticated-orcid":false,"given":"Paul","family":"Pearce","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2024,9,30]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","unstructured":"Christopher Allen and Tim Dierks. 1999. The TLS Protocol Version 1.0. RFC 2246. https:\/\/doi.org\/10.17487\/RFC2246","DOI":"10.17487\/RFC2246"},{"key":"e_1_3_2_1_2_1","volume-title":"GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites. Retrieved","author":"Altares Eduardo","year":"2024","unstructured":"Eduardo Altares, Joie Salvio, and Roy Tay. 2022. GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites. Retrieved January 5, 2024 from https:\/\/www.fortinet.com\/blog\/threat-research\/gotrim-go-based-botnet-actively-brute-forces-wordpress-websites"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60080-2_12"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991114"},{"key":"e_1_3_2_1_5_1","volume-title":"Researchers link new backdoor and Mac-based rootkit to Turla spy group. Retrieved","author":"Barth Bradley","year":"2024","unstructured":"Bradley Barth. 2017. Researchers link new backdoor and Mac-based rootkit to Turla spy group. Retrieved January 5, 2024 from https:\/\/www.scmagazine.com\/news\/researchers-link-new-backdoor-and-mac-based-rootkit-to-turla-spy-group"},{"key":"e_1_3_2_1_6_1","volume-title":"Technical Report. Retrieved","author":"Beck Pete","year":"2014","unstructured":"Pete Beck and David Cannings. 2014. NCC Group Malware Technical Note: Derusbi Server variant (November 2014). Technical Report. Retrieved July 25, 2023 from https:\/\/research.nccgroup.com\/wp-content\/uploads\/episerver-images\/assets\/800eeb255c4149708f9cc9415f7e2700\/800eeb255c4149708f9cc9415f7e2700.pdf"},{"key":"e_1_3_2_1_7_1","volume-title":"Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey. Retrieved","author":"Research Team Bitsight Threat","year":"2024","unstructured":"Bitsight Threat Research Team. 2023. Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey. Retrieved January 4, 2024 from https:\/\/www.bitsight.com\/blog\/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey"},{"key":"e_1_3_2_1_8_1","volume-title":"Programming Z3. Retrieved","author":"Bj\u00f8rner Nikolaj","year":"2023","unstructured":"Nikolaj Bj\u00f8rner, Leonardo de Moura, Lev Nachmanson, and Christoph Wintersteiger. 2022. Programming Z3. Retrieved April 4, 2023 from https:\/\/theory.stanford.edu\/\u00a0nikolaj\/programmingz3.html"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","unstructured":"Simon Blake-Wilson Jan Mikkelsen Magnus Nystrom David Hopwood and Tim Wright. 2003. Transport Layer Security (TLS) Extensions. RFC 3546. https:\/\/doi.org\/10.17487\/RFC3546","DOI":"10.17487\/RFC3546"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-20951-3_12"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653737"},{"key":"e_1_3_2_1_12_1","volume-title":"Rosetta: Extracting Protocol Semantics using Binary Analysis with Applications to Protocol Replay and NAT Rewriting. Technical Report CMU-CyLab-07-014","author":"Caballero Juan","year":"2007","unstructured":"Juan Caballero and Dawn Song. 2007. Rosetta: Extracting Protocol Semantics using Binary Analysis with Applications to Protocol Replay and NAT Rewriting. Technical Report CMU-CyLab-07-014. Carnegie Mellon University CyLab. Retrieved December 29, 2023 from https:\/\/software.imdea.org\/\u00a0juanca\/papers\/cmucylab07014.pdf"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315286"},{"key":"e_1_3_2_1_14_1","volume-title":"ProxyNation: The dark nexus between proxy apps and malware. Retrieved","author":"Caspi Ofer","year":"2024","unstructured":"Ofer Caspi. 2023. ProxyNation: The dark nexus between proxy apps and malware. Retrieved January 4, 2024 from https:\/\/cybersecurity.att.com\/blogs\/labs-research\/proxynation-the-dark-nexus-between-proxy-apps-and-malware"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.20944\/preprints202403.0225.v1"},{"key":"e_1_3_2_1_17_1","volume-title":"Gh0st RAT Beta 2.5\u5f00\u6e90-\u7ea2\u72fc\u8fdc\u63a7. Retrieved","author":"Rufus Security Team C.","year":"2023","unstructured":"C.Rufus Security Team. 2008. Gh0st RAT Beta 2.5\u5f00\u6e90-\u7ea2\u72fc\u8fdc\u63a7. Retrieved June 5, 2023 from https:\/\/www.15897.com\/blog\/post\/Gh0st-RAT-Beta-2.5-open-source.html"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455820"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813707"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","unstructured":"Leonardo de Moura and Nikolaj Bj\u00f8rner. 2008. Z3: An Efficient SMT Solver. In Proceedings of the 11th European Joint Conference on Theory and Practice of Software 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems(TACAS \u201908\/ETAPS \u201908). Springer-Verlag Berlin Heidelberg 337\u2013340. https:\/\/doi.org\/10.1007\/978-3-540-78800-3_24","DOI":"10.1007\/978-3-540-78800-3_24"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-016-0289-8"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813703"},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the 22nd USENIX Security Symposium(SEC \u201913)","author":"Durumeric Zakir","year":"2013","unstructured":"Zakir Durumeric, Eric Wustrow, and J.\u00a0Alex Halderman. 2013. ZMap: Fast Internet-Wide Scanning and its Security Applications. In Proceedings of the 22nd USENIX Security Symposium(SEC \u201913). USENIX Association, 605\u2013619."},{"key":"e_1_3_2_1_28_1","volume-title":"BladeRunner: Adventures in Tracking Botnets. In Botnet Fighting Conference 2013(Botconf \u201913)","author":"Eisenbarth Marc","year":"2013","unstructured":"Marc Eisenbarth and Jason Jones. 2013. BladeRunner: Adventures in Tracking Botnets. In Botnet Fighting Conference 2013(Botconf \u201913). Alliance internationale de lutte contre les botnets, Rez\u00e9, France."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380277"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.48"},{"key":"e_1_3_2_1_31_1","unstructured":"Freepik. 2024. Check. https:\/\/www.flaticon.com\/free-icon\/check_3285799."},{"key":"e_1_3_2_1_32_1","unstructured":"Freepik. 2024. Decision tree. https:\/\/www.flaticon.com\/free-icon\/decision-tree_5139787."},{"key":"e_1_3_2_1_33_1","unstructured":"Freepik. 2024. File. https:\/\/www.flaticon.com\/free-icon\/file_1150643."},{"key":"e_1_3_2_1_34_1","unstructured":"Freepik. 2024. Gear. https:\/\/www.flaticon.com\/free-icon\/gear_1790071."},{"key":"e_1_3_2_1_35_1","unstructured":"Freepik. 2024. Worldwide. https:\/\/www.flaticon.com\/free-icon\/worldwide_2859731."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/11555827_19"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2016.7792471"},{"key":"e_1_3_2_1_38_1","volume-title":"Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor. Retrieved","author":"Gn Sivagnanam","year":"2024","unstructured":"Sivagnanam Gn and Sean Gallagher. 2020. Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor. Retrieved January 4, 2024 from https:\/\/news.sophos.com\/en-us\/2020\/12\/16\/systembc\/"},{"key":"e_1_3_2_1_39_1","unstructured":"Google. 2024. Google Public DNS. https:\/\/developers.google.com\/speed\/public-dns."},{"key":"e_1_3_2_1_40_1","unstructured":"GreyNoise. 2024. GreyNoise. https:\/\/www.greynoise.io\/."},{"key":"e_1_3_2_1_42_1","unstructured":"Hendi48. 2024. Magicmida. https:\/\/github.com\/Hendi48\/Magicmida."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23488"},{"volume-title":"Retrieved","year":"2024","key":"e_1_3_2_1_44_1","unstructured":"Hex-Rays. 2024. F.L.I.R.T. (2024). Retrieved March 28, 2024 from https:\/\/hex-rays.com\/products\/ida\/tech\/flirt"},{"key":"e_1_3_2_1_45_1","volume-title":"WinorDLL64: A backdoor from the vast Lazarus arsenal?Retrieved","author":"Hr\u010dka Vladislav","year":"2024","unstructured":"Vladislav Hr\u010dka. 2023. WinorDLL64: A backdoor from the vast Lazarus arsenal?Retrieved January 5, 2024 from https:\/\/www.welivesecurity.com\/2023\/02\/23\/winordll64-backdoor-vast-lazarus-arsenal\/"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2021.11.009"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3517745.3561434"},{"volume-title":"Attackers Using FRP (Fast Reverse Proxy) to Attack Korean Companies. Retrieved","year":"2024","key":"e_1_3_2_1_48_1","unstructured":"jcleebobgatenet. 2022. Attackers Using FRP (Fast Reverse Proxy) to Attack Korean Companies. Retrieved January 4, 2024 from https:\/\/asec.ahnlab.com\/en\/38156\/"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455774"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.3390\/sym10050151"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2867544"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26362-5_28"},{"key":"e_1_3_2_1_55_1","volume-title":"Residential Networks. Retrieved","author":"Krebs Brian","year":"2024","unstructured":"Brian Krebs. 2019. The Rise of \u201cBulletproof\u201d Residential Networks. Retrieved January 4, 2024 from https:\/\/krebsonsecurity.com\/2019\/08\/the-rise-of-bulletproof-residential-networks\/"},{"key":"e_1_3_2_1_56_1","volume-title":"A Deep Dive Into the Residential Proxy Service \u2018911\u2019. Retrieved","author":"Krebs Brian","year":"2024","unstructured":"Brian Krebs. 2022. A Deep Dive Into the Residential Proxy Service \u2018911\u2019. Retrieved January 4, 2024 from https:\/\/krebsonsecurity.com\/2022\/07\/a-deep-dive-into-the-residential-proxy-service-911\/"},{"key":"e_1_3_2_1_57_1","volume-title":"The Link Between AWM Proxy & the Glupteba Botnet. Retrieved","author":"Krebs Brian","year":"2024","unstructured":"Brian Krebs. 2022. The Link Between AWM Proxy & the Glupteba Botnet. Retrieved January 4, 2024 from https:\/\/krebsonsecurity.com\/2022\/06\/the-link-between-awm-proxy-the-glupteba-botnet\/"},{"key":"e_1_3_2_1_58_1","volume-title":"Who and What is Behind the Malware Proxy Service SocksEscort?Retrieved","author":"Krebs Brian","year":"2024","unstructured":"Brian Krebs. 2023. Who and What is Behind the Malware Proxy Service SocksEscort?Retrieved January 4, 2024 from https:\/\/krebsonsecurity.com\/2023\/07\/who-and-what-is-behind-the-malware-proxy-service-socksescort\/"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23318"},{"key":"e_1_3_2_1_60_1","volume-title":"Hunting Botnets with ZMap. Retrieved","author":"Ricky\u00a0","year":"2024","unstructured":"Ricky\u00a0\u201cHeadlessZeke\u201d Lawshae. 2014. Hunting Botnets with ZMap. Retrieved March 29, 2024 from https:\/\/web.archive.org\/web\/20160808012806http:\/\/community.hpe.com\/t5\/Security-Research\/Hunting-Botnets-with-ZMap\/ba-p\/6320865"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1928"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1929"},{"key":"e_1_3_2_1_63_1","volume-title":"Kazuar: Multiplatform Espionage Backdoor with API Access. Retrieved","author":"Levene Brandon","year":"2017","unstructured":"Brandon Levene, Robert Falcone, and Tyler Halfpop. 2017. Kazuar: Multiplatform Espionage Backdoor with API Access. Retrieved January 8, 2024 from https:\/\/unit42.paloaltonetworks.com\/unit42-kazuar-multiplatform-espionage-backdoor-api-access\/"},{"key":"e_1_3_2_1_64_1","volume-title":"Proceedings of the 25th USENIX Security Symposium(SEC \u201916)","author":"Li Frank","year":"2016","unstructured":"Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey, Damon McCoy, Stefan Savage, and Vern Paxson. 2016. You\u2019ve Got Vulnerability: Exploring Effective Vulnerability Notifications. In Proceedings of the 25th USENIX Security Symposium(SEC \u201916). USENIX Association, 1033\u20131050."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2006.29"},{"key":"e_1_3_2_1_66_1","volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium(NDSS \u201908)","author":"Lin Zhiqiang","year":"2008","unstructured":"Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, and Xiangyu Zhang. 2008. Automatic Protocol Format Reverse Engineering through Context-Aware Monitored Execution. In Proceedings of the 15th Annual Network and Distributed System Security Symposium(NDSS \u201908). The Internet Society."},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2009.54"},{"key":"e_1_3_2_1_68_1","volume-title":"Lyon.","author":"Gordon\u00a0","year":"2009","unstructured":"Gordon\u00a0\u201cFyodor\u201d Lyon. 2009. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure, Sunnyvale, CA, USA."},{"key":"e_1_3_2_1_69_1","volume-title":"Lazarus and the tale of three RATs. Retrieved","author":"Malhotra Asheer","year":"2024","unstructured":"Asheer Malhotra, Vitor Ventura, and Jungsoo An. 2022. Lazarus and the tale of three RATs. Retrieved January 4, 2024 from https:\/\/blog.talosintelligence.com\/lazarus-three-rats\/"},{"key":"e_1_3_2_1_71_1","volume-title":"Proceedings of the 26th USENIX Security Symposium(SEC \u201917)","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In Proceedings of the 26th USENIX Security Symposium(SEC \u201917). USENIX Association, 1093\u20131110."},{"key":"e_1_3_2_1_72_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium(SEC \u201914)","author":"Marczak R.","year":"2014","unstructured":"William\u00a0R. Marczak, John Scott-Railton, Morgan Marquis-Boire, and Vern Paxson. 2014. When Governments Hack Opponents: A Look at Actors and Technology. In Proceedings of the 23rd USENIX Security Symposium(SEC \u201914). USENIX Association, 511\u2013525."},{"key":"e_1_3_2_1_73_1","unstructured":"John Matherly. 2024. Shodan - Malware Hunter. https:\/\/malware-hunter.shodan.io."},{"key":"e_1_3_2_1_74_1","unstructured":"John Matherly. 2024. Shodan Search Engine. https:\/\/www.shodan.io."},{"key":"e_1_3_2_1_75_1","unstructured":"Geoff McDonald. 2022. Process Dump. https:\/\/github.com\/glmcdona\/Process-Dump."},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_76_1","unstructured":"Microsoft. 2021. Graceful Shutdown, Linger Options, and Socket Closure. Retrieved October 18, 2023 from https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/winsock\/graceful-shutdown-linger-options-and-socket-closure-2"},{"key":"e_1_3_2_1_77_1","unstructured":"Netgate. 2024. pfSense. https:\/\/www.pfsense.org."},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180444"},{"volume-title":"Technical Report. Retrieved","year":"2014","key":"e_1_3_2_1_79_1","unstructured":"Novetta. 2014. Derusbi (Server Variant) Analysis. Technical Report. Retrieved March 30, 2023 from https:\/\/web.archive.org\/web\/20220119130812\/https:\/\/www.novetta.com\/wp-content\/uploads\/2014\/11\/Derusbi.pdf"},{"key":"e_1_3_2_1_80_1","volume-title":"Technical Report. Retrieved","author":"Technologies Positive","year":"2023","unstructured":"Positive Technologies. 2023. Positive Research \/ 2023. Technical Report. Retrieved July 27, 2023 from https:\/\/www.ptsecurity.com\/upload\/corporate\/ww-en\/analytics\/positive-research-2023-eng.pdf"},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","unstructured":"Christian Presa\u00a0Schnell and Samuel Hopstock. 2024. Un{i}packer. https:\/\/doi.org\/10.5281\/zenodo.11236807","DOI":"10.5281\/zenodo.11236807"},{"key":"e_1_3_2_1_83_1","volume-title":"The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware. Retrieved","author":"Sde-Or Rotem","year":"2023","unstructured":"Rotem Sde-Or. 2022. The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware. Retrieved May 3, 2023 from https:\/\/www.fortinet.com\/blog\/threat-research\/unraveling-the-evolution-of-the-soul-searcher-malware"},{"key":"e_1_3_2_1_84_1","volume-title":"Gh0st RAT: What Is It and How do You Find It?Retrieved","author":"Sela Yali","year":"2023","unstructured":"Yali Sela. 2015. Gh0st RAT: What Is It and How do You Find It?Retrieved April 5, 2023 from https:\/\/www.sentinelone.com\/blog\/the-curious-case-of-gh0st-malware"},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1109\/SNPD.2019.8935642"},{"key":"e_1_3_2_1_86_1","volume-title":"Analyzing Operation GhostSecret: Attack Seeks to Steal Data Worldwide. Retrieved","author":"Sherstobitoff Ryan","year":"2024","unstructured":"Ryan Sherstobitoff. 2018. Analyzing Operation GhostSecret: Attack Seeks to Steal Data Worldwide. Retrieved January 5, 2024 from https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide\/"},{"key":"e_1_3_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1155\/2018"},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423617"},{"key":"e_1_3_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653738"},{"key":"e_1_3_2_1_92_1","volume-title":"New Espionage Campaign Targets South East Asia. Retrieved","author":"Hunter Team Symantec Threat","year":"2023","unstructured":"Symantec Threat Hunter Team. 2021. New Espionage Campaign Targets South East Asia. Retrieved June 5, 2023 from https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/espionage-campaign-south-east-asia"},{"key":"e_1_3_2_1_93_1","volume-title":"FIN13: A Cybercriminal Threat Actor Focused on Mexico. Retrieved","author":"Ta Van","year":"2024","unstructured":"Van Ta, Jake Nicastro, Rufus Brown, and Nick Richard. 2021. FIN13: A Cybercriminal Threat Actor Focused on Mexico. Retrieved January 5, 2024 from https:\/\/www.mandiant.com\/resources\/blog\/fin13-cybercriminal-mexico"},{"key":"e_1_3_2_1_94_1","volume-title":"Retrieved","author":"The","year":"2023","unstructured":"The angr Project contributors. 2023. Simulation Managers - angr documentation. Retrieved May 25, 2023 from https:\/\/docs.angr.io\/en\/latest\/core-concepts\/pathgroups.html#exploration-techniques"},{"key":"e_1_3_2_1_95_1","volume-title":"Retrieved","author":"The","year":"2023","unstructured":"The angr Project contributors. 2023. Symbolic memory addressing - angr documentation. Retrieved July 22, 2023 from https:\/\/docs.angr.io\/en\/latest\/advanced-topics\/concretization_strategies.html"},{"key":"e_1_3_2_1_96_1","doi-asserted-by":"publisher","DOI":"10.1145\/3291061"},{"key":"e_1_3_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04444-1_13"},{"key":"e_1_3_2_1_98_1","volume-title":"Proceedings of the 33rd USENIX Security Symposium(SEC \u201924)","author":"Williams Grant","year":"2024","unstructured":"Grant Williams, Mert Erdemir, Amanda Hsu, Shraddha Bhat, Abhishek Bhaskar, Frank Li, and Paul Pearce. 2024. 6Sense: Internet-Wide IPv6 Scanning and its Security Applications. In Proceedings of the 33rd USENIX Security Symposium(SEC \u201924). USENIX Association."},{"key":"e_1_3_2_1_99_1","volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium(NDSS \u201908)","author":"Wondracek Gilbert","year":"2008","unstructured":"Gilbert Wondracek, Paolo\u00a0Milani Comparetti, Christopher Kruegel, and Engin Kirda. 2008. Automatic Network Protocol Analysis. In Proceedings of the 15th Annual Network and Distributed System Security Symposium(NDSS \u201908). The Internet Society."},{"key":"e_1_3_2_1_100_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium(SEC \u201914)","author":"Wustrow Eric","year":"2014","unstructured":"Eric Wustrow, Colleen\u00a0M. Swanson, and J.\u00a0Alex Halderman. 2014. TapDance: End-to-Middle Anticensorship without Flow Blocking. In Proceedings of the 23rd USENIX Security Symposium(SEC \u201914). USENIX Association, 159\u2013174."},{"key":"e_1_3_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815695"},{"key":"e_1_3_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_2_1_104_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487853"}],"event":{"name":"RAID '24: The 27th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID '24","location":"Padua Italy"},"container-title":["The 27th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3678890.3678923","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3678890.3678923","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T10:29:06Z","timestamp":1727692146000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678923"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":92,"alternative-id":["10.1145\/3678890.3678923","10.1145\/3678890"],"URL":"https:\/\/doi.org\/10.1145\/3678890.3678923","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-09-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}