From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware, USENIX Security, pp.24-40, 2012. ,
TTAnalyze: A Tool for Analyzing Malware, 15th EICAR Conference, 2006. ,
Generalized suffix trees for biological sequence data: applications and implementation, Proceedings of the Twenty-Seventh Hawaii International Conference on System Sciences HICSS-94, pp.35-44, 1994. ,
DOI : 10.1109/HICSS.1994.323593
The new era of botnets, White paper from McAfee, 2010. ,
A density-based algorithm for discovering clusters in large spatial databases with noise, Proc. of KDD, 1996. ,
Botminer: Clustering analysis of network traffic for protocol and structure independent botnet detection, Proc. of IEEE SSP, 2008. ,
JackStraws: Picking Command and Control Connections from Bot Traffic, USENIX Security, 2011. ,
Advances in Record-Linkage Methodology as Applied to Matching the 1985 Census of Tampa, Florida, Journal of the American Statistical Association, vol.81, issue.406, 1989. ,
DOI : 10.1080/01621459.1989.10478785
Social Network-Based Botnet Command-and-Control: Emerging Threats and Countermeasures, Applied Cryptography and Network Security, pp.511-528, 2010. ,
DOI : 10.1007/978-3-642-13708-2_30
Behavioral classification and detection of malware through HTTP user agent anomalies, Journal of Information Security and Applications, vol.18, issue.1, 2013. ,
DOI : 10.1016/j.jisa.2013.07.006
PeerViewer: Behavioral Tracking and Classification of P2P Malware, Proc. of CSS, pp.282-298, 2013. ,
DOI : 10.1007/978-3-319-03584-0_21
BotSuer: Suing Stealthy P2P Bots in Network Traffic through Netflow Analysis, Proc. of CANS, 2013. ,
DOI : 10.1007/978-3-319-02937-5_9
PhishDef: URL names say it all, 2011 Proceedings IEEE INFOCOM, 2011. ,
DOI : 10.1109/INFCOM.2011.5934995
Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience, Proc. of IEEE SSP, 2006. ,
BotGrep: Finding P2P Bots with Structured Graph Analysis, USENIX Security, 2010. ,
Driving in the Cloud: An Analysis of Drive-by Download Operations and Abuse Reporting, Proc. of DIMVA, 2013. ,
DOI : 10.1007/978-3-642-39235-1_1
Detecting malware's failover C&C strategies with squeeze, Proceedings of the 27th Annual Computer Security Applications Conference on, ACSAC '11, 2011. ,
DOI : 10.1145/2076732.2076736
Polygraph: Automatically Generating Signatures for Polymorphic Worms, 2005 IEEE Symposium on Security and Privacy (S&P'05), pp.226-241, 2005. ,
DOI : 10.1109/SP.2005.15
CloudAV: N-Version antivirus in the network cloud, USENIX Security, 2008. ,
Scalable fine-grained behavioral clustering of HTTP-based malware, Computer Networks, vol.57, issue.2, pp.487-500, 2013. ,
DOI : 10.1016/j.comnet.2012.06.022
Misleading worm signature generators using deliberate noise injection, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006. ,
DOI : 10.1109/SP.2006.26
An Incremental K-means algorithm, Proceedings of the Institution of Mechanical Engineers, Part C: Journal of Mechanical Engineering Science, vol.20, issue.7, pp.783-795, 2004. ,
DOI : 10.1243/0954406041319509
FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors, Proc. of RAID, 2013. ,
DOI : 10.1007/978-3-642-41284-4_8
Learning and Classification of Malware Behavior, Proc. of DIMVA, 2008. ,
DOI : 10.1007/978-3-540-70542-0_6