, From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware, USENIX Security, pp.24-40, 2012.
, TTAnalyze: A Tool for Analyzing Malware, 15th EICAR Conference, 2006.
, Generalized suffix trees for biological sequence data: applications and implementation, Proceedings of the Twenty-Seventh Hawaii International Conference on System Sciences HICSS-94, pp.35-44, 1994.
DOI : 10.1109/HICSS.1994.323593
, The new era of botnets, White paper from McAfee, 2010.
, A density-based algorithm for discovering clusters in large spatial databases with noise, Proc. of KDD, 1996.
, Botminer: Clustering analysis of network traffic for protocol and structure independent botnet detection, Proc. of IEEE SSP, 2008.
, JackStraws: Picking Command and Control Connections from Bot Traffic, USENIX Security, 2011.
, Advances in Record-Linkage Methodology as Applied to Matching the 1985 Census of Tampa, Florida, Journal of the American Statistical Association, vol.81, issue.406, 1989.
DOI : 10.1080/01621459.1989.10478785
, Social Network-Based Botnet Command-and-Control: Emerging Threats and Countermeasures, Applied Cryptography and Network Security, pp.511-528, 2010.
DOI : 10.1007/978-3-642-13708-2_30
, Behavioral classification and detection of malware through HTTP user agent anomalies, Journal of Information Security and Applications, vol.18, issue.1, 2013.
DOI : 10.1016/j.jisa.2013.07.006
, PeerViewer: Behavioral Tracking and Classification of P2P Malware, Proc. of CSS, pp.282-298, 2013.
DOI : 10.1007/978-3-319-03584-0_21
, BotSuer: Suing Stealthy P2P Bots in Network Traffic through Netflow Analysis, Proc. of CANS, 2013.
DOI : 10.1007/978-3-319-02937-5_9
, PhishDef: URL names say it all, 2011 Proceedings IEEE INFOCOM, 2011.
DOI : 10.1109/INFCOM.2011.5934995
, Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience, Proc. of IEEE SSP, 2006.
, BotGrep: Finding P2P Bots with Structured Graph Analysis, USENIX Security, 2010.
, Driving in the Cloud: An Analysis of Drive-by Download Operations and Abuse Reporting, Proc. of DIMVA, 2013.
DOI : 10.1007/978-3-642-39235-1_1
, Detecting malware's failover C&C strategies with squeeze, Proceedings of the 27th Annual Computer Security Applications Conference on, ACSAC '11, 2011.
DOI : 10.1145/2076732.2076736
, Polygraph: Automatically Generating Signatures for Polymorphic Worms, 2005 IEEE Symposium on Security and Privacy (S&P'05), pp.226-241, 2005.
DOI : 10.1109/SP.2005.15
, CloudAV: N-Version antivirus in the network cloud, USENIX Security, 2008.
, Scalable fine-grained behavioral clustering of HTTP-based malware, Computer Networks, vol.57, issue.2, pp.487-500, 2013.
DOI : 10.1016/j.comnet.2012.06.022
, Misleading worm signature generators using deliberate noise injection, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006.
DOI : 10.1109/SP.2006.26
, An Incremental K-means algorithm, Proceedings of the Institution of Mechanical Engineers, Part C: Journal of Mechanical Engineering Science, vol.20, issue.7, pp.783-795, 2004.
DOI : 10.1243/0954406041319509
, FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors, Proc. of RAID, 2013.
DOI : 10.1007/978-3-642-41284-4_8
, Learning and Classification of Malware Behavior, Proc. of DIMVA, 2008.
DOI : 10.1007/978-3-540-70542-0_6