{"id":"https://openalex.org/W2018468546","doi":"https://doi.org/10.1109/ecrime.2011.6151981","title":"Taming Zeus by leveraging its own crypto internals","display_name":"Taming Zeus by leveraging its own crypto internals","publication_year":2011,"publication_date":"2011-11-01","ids":{"openalex":"https://openalex.org/W2018468546","doi":"https://doi.org/10.1109/ecrime.2011.6151981","mag":"2018468546"},"language":"en","primary_location":{"id":"doi:10.1109/ecrime.2011.6151981","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ecrime.2011.6151981","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 eCrime Researchers Summit","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008136217","display_name":"Marco Riccardi","orcid":null},"institutions":[{"id":"https://openalex.org/I4210150449","display_name":"Barcelona Digital Centro Tecnol\u00f3gico","ror":"https://ror.org/04v2q5t19","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210150449"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Marco Riccardi","raw_affiliation_strings":["eSecurity Research Group, Barcelona Digital Technology Centre, Barcelona, Spain"],"affiliations":[{"raw_affiliation_string":"eSecurity Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","institution_ids":["https://openalex.org/I4210150449"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065932621","display_name":"Roberto Di Pietro","orcid":"https://orcid.org/0000-0003-1909-0336"},"institutions":[{"id":"https://openalex.org/I4210150449","display_name":"Barcelona Digital Centro Tecnol\u00f3gico","ror":"https://ror.org/04v2q5t19","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210150449"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Roberto Di Pietro","raw_affiliation_strings":["eSecurity Research Group, Barcelona Digital Technology Centre, Barcelona, Spain"],"affiliations":[{"raw_affiliation_string":"eSecurity Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","institution_ids":["https://openalex.org/I4210150449"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067849751","display_name":"Jorge Aguil\u00e0 Vila","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jorge Aguila Vila","raw_affiliation_strings":["CSIRT, La Caixa, Barcelona, Spain"],"affiliations":[{"raw_affiliation_string":"CSIRT, La Caixa, Barcelona, Spain","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5008136217"],"corresponding_institution_ids":["https://openalex.org/I4210150449"],"apc_list":null,"apc_paid":null,"fwci":1.55327415,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.82173333,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/zeus","display_name":"ZEUS (particle detector)","score":0.9803628921508789},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8693534135818481},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.785987913608551},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5441554188728333},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.532619833946228},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5275071859359741},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.27744317054748535}],"concepts":[{"id":"https://openalex.org/C2776444479","wikidata":"https://www.wikidata.org/wiki/Q8063038","display_name":"ZEUS (particle detector)","level":5,"score":0.9803628921508789},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8693534135818481},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.785987913608551},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5441554188728333},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.532619833946228},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5275071859359741},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.27744317054748535},{"id":"https://openalex.org/C89473665","wikidata":"https://www.wikidata.org/wiki/Q2748917","display_name":"Deep inelastic scattering","level":4,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C191486275","wikidata":"https://www.wikidata.org/wiki/Q210028","display_name":"Scattering","level":2,"score":0.0},{"id":"https://openalex.org/C142199849","wikidata":"https://www.wikidata.org/wiki/Q3027672","display_name":"Inelastic scattering","level":3,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/ecrime.2011.6151981","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ecrime.2011.6151981","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 eCrime Researchers Summit","raw_type":"proceedings-article"},{"id":"pmh:oai:iris.uniroma3.it:11590/178651","is_oa":false,"landing_page_url":"http://hdl.handle.net/11590/178651","pdf_url":null,"source":{"id":"https://openalex.org/S4377196120","display_name":"Iris (Roma Tre University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I119003972","host_organization_name":"Roma Tre University","host_organization_lineage":["https://openalex.org/I119003972"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W77823155","https://openalex.org/W109909280","https://openalex.org/W191098608","https://openalex.org/W324032601","https://openalex.org/W1531572846","https://openalex.org/W1553004598","https://openalex.org/W1977415353","https://openalex.org/W2018468546","https://openalex.org/W2026536265","https://openalex.org/W2097896685","https://openalex.org/W2112731379","https://openalex.org/W2114661707","https://openalex.org/W2134092661","https://openalex.org/W2148560273","https://openalex.org/W2161463939","https://openalex.org/W2163888186","https://openalex.org/W2402036396","https://openalex.org/W4230653929","https://openalex.org/W6603159369","https://openalex.org/W6604490274","https://openalex.org/W6607784307","https://openalex.org/W6611150389","https://openalex.org/W6656730300","https://openalex.org/W6679909452"],"related_works":["https://openalex.org/W4235738472","https://openalex.org/W2794457305","https://openalex.org/W2966448719","https://openalex.org/W2546296060","https://openalex.org/W2181649187","https://openalex.org/W2183594348","https://openalex.org/W2242743405","https://openalex.org/W2151716880","https://openalex.org/W2945481194","https://openalex.org/W2736713534"],"abstract_inverted_index":{"Malware":[0],"is":[1],"one":[2],"of":[3,50,72,74],"the":[4,8,63,82,98],"main":[5],"threats":[6],"to":[7,14,61,81,94],"Internet":[9],"security":[10],"in":[11,17,113,117],"general,":[12],"and":[13,22,25,31,42,96],"commercial":[15],"transactions":[16],"particular.":[18],"However,":[19],"malware":[20,65,112],"detection":[21],"containment":[23],"tools":[24],"techniques":[26],"still":[27],"call":[28],"for":[29],"effective":[30],"efficient":[32],"solutions.":[33],"In":[34],"this":[35,51],"paper,":[36],"we":[37,56,68,86,102],"address":[38],"a":[39,58,70,76],"specific,":[40],"dreadful,":[41],"widely":[43],"diffused":[44],"financial":[45],"malware:":[46],"Zeus.":[47],"The":[48],"contributions":[49],"paper":[52],"are":[53],"manifold:":[54],"first,":[55],"propose":[57],"general":[59,108,114],"methodology":[60,77],"break":[62],"encrypted":[64],"communications;":[66],"second,":[67],"provide":[69,103],"proof":[71],"concept":[73],"such":[75],"by":[78],"applying":[79],"it":[80],"production":[83],"environment.":[84],"Further,":[85],"show":[87],"how":[88],"our":[89],"proposal":[90],"can":[91],"be":[92],"implemented":[93],"detect":[95],"contain":[97],"Zeus":[99,116],"threat.":[100],"Finally,":[101],"lesson":[104],"learning":[105],"highlighting":[106],"some":[107],"principles":[109],"that":[110],"underly":[111],"(and":[115],"particular).":[118]},"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":3},{"year":2012,"cited_by_count":1}],"updated_date":"2026-02-09T09:26:11.010843","created_date":"2025-10-10T00:00:00"}