{"id":"https://openalex.org/W2054897983","doi":"https://doi.org/10.1145/2076732.2076736","title":"Detecting malware's failover C&amp;C strategies with squeeze","display_name":"Detecting malware's failover C&amp;C strategies with squeeze","publication_year":2011,"publication_date":"2011-12-05","ids":{"openalex":"https://openalex.org/W2054897983","doi":"https://doi.org/10.1145/2076732.2076736","mag":"2054897983"},"language":"en","primary_location":{"id":"doi:10.1145/2076732.2076736","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2076732.2076736","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063464936","display_name":"Matthias Neugschwandtner","orcid":null},"institutions":[{"id":"https://openalex.org/I145847075","display_name":"TU Wien","ror":"https://ror.org/04d836q62","country_code":"AT","type":"education","lineage":["https://openalex.org/I145847075"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Matthias Neugschwandtner","raw_affiliation_strings":["Vienna University of Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Vienna University of Technology","institution_ids":["https://openalex.org/I145847075"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064772336","display_name":"Paolo Milani Comparetti","orcid":null},"institutions":[{"id":"https://openalex.org/I145847075","display_name":"TU Wien","ror":"https://ror.org/04d836q62","country_code":"AT","type":"education","lineage":["https://openalex.org/I145847075"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Paolo Milani Comparetti","raw_affiliation_strings":["Vienna University of Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Vienna University of Technology","institution_ids":["https://openalex.org/I145847075"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5028746106","display_name":"Christian Platzer","orcid":null},"institutions":[{"id":"https://openalex.org/I145847075","display_name":"TU Wien","ror":"https://ror.org/04d836q62","country_code":"AT","type":"education","lineage":["https://openalex.org/I145847075"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Christian Platzer","raw_affiliation_strings":["Vienna University of Technology"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Vienna University of Technology","institution_ids":["https://openalex.org/I145847075"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I145847075"],"apc_list":null,"apc_paid":null,"fwci":4.6808,"has_fulltext":false,"cited_by_count":27,"citation_normalized_percentile":{"value":0.95395936,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"21","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/failover","display_name":"Failover","score":0.9912703037261963},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.856372594833374},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8276815414428711},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7063803672790527},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6475316286087036},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6350986957550049},{"id":"https://openalex.org/keywords/command-and-control","display_name":"Command and control","score":0.5640562772750854},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.5564398169517517},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.49275973439216614},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.25563371181488037},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.14701223373413086},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.07083785533905029}],"concepts":[{"id":"https://openalex.org/C109751979","wikidata":"https://www.wikidata.org/wiki/Q998767","display_name":"Failover","level":2,"score":0.9912703037261963},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.856372594833374},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8276815414428711},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7063803672790527},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6475316286087036},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6350986957550049},{"id":"https://openalex.org/C506615639","wikidata":"https://www.wikidata.org/wiki/Q21662260","display_name":"Command and control","level":2,"score":0.5640562772750854},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.5564398169517517},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.49275973439216614},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.25563371181488037},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.14701223373413086},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.07083785533905029},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2076732.2076736","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2076732.2076736","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4300000071525574,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G1232336282","display_name":null,"funder_award_id":"820854 (TRUDIE)","funder_id":"https://openalex.org/F4320323031","funder_display_name":"\u00d6sterreichische Forschungsf\u00f6rderungsgesellschaft"},{"id":"https://openalex.org/G8224915787","display_name":null,"funder_award_id":"257007 (SysSec)","funder_id":"https://openalex.org/F4320334960","funder_display_name":"Seventh Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320323031","display_name":"\u00d6sterreichische Forschungsf\u00f6rderungsgesellschaft","ror":"https://ror.org/028jc0449"},{"id":"https://openalex.org/F4320334960","display_name":"Seventh Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":43,"referenced_works":["https://openalex.org/W109909280","https://openalex.org/W187875600","https://openalex.org/W191656338","https://openalex.org/W1503224444","https://openalex.org/W1515180657","https://openalex.org/W1522250664","https://openalex.org/W1530266714","https://openalex.org/W1531782611","https://openalex.org/W1583098994","https://openalex.org/W1674877186","https://openalex.org/W1827212170","https://openalex.org/W1910686388","https://openalex.org/W1916198581","https://openalex.org/W1962340579","https://openalex.org/W1968061803","https://openalex.org/W1977415353","https://openalex.org/W1994344180","https://openalex.org/W2096449544","https://openalex.org/W2100307718","https://openalex.org/W2100765095","https://openalex.org/W2101077503","https://openalex.org/W2102262986","https://openalex.org/W2111038628","https://openalex.org/W2114092087","https://openalex.org/W2115175195","https://openalex.org/W2115734893","https://openalex.org/W2117030266","https://openalex.org/W2119425658","https://openalex.org/W2120215974","https://openalex.org/W2120297918","https://openalex.org/W2126881776","https://openalex.org/W2132897303","https://openalex.org/W2134385885","https://openalex.org/W2136245903","https://openalex.org/W2140807364","https://openalex.org/W2144699258","https://openalex.org/W2160637255","https://openalex.org/W2914797477","https://openalex.org/W4230704046","https://openalex.org/W4237492309","https://openalex.org/W4248139656","https://openalex.org/W4252684946","https://openalex.org/W4299301436"],"related_works":["https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964","https://openalex.org/W86804927","https://openalex.org/W2898126008","https://openalex.org/W1583098994","https://openalex.org/W2386447999","https://openalex.org/W2130216882","https://openalex.org/W2091214382","https://openalex.org/W2783300127"],"abstract_inverted_index":{"The":[0],"ability":[1],"to":[2],"remote-control":[3],"infected":[4],"PCs":[5],"is":[6,28],"a":[7],"fundamental":[8],"component":[9],"of":[10,62],"modern":[11],"malware":[12],"campaigns.":[13],"At":[14],"the":[15,18],"same":[16],"time,":[17],"command":[19],"and":[20,51,73],"control":[21],"(C&C)":[22],"infrastructure":[23,72],"that":[24],"provides":[25],"this":[26],"capability":[27],"an":[29],"attractive":[30],"target":[31],"for":[32],"mitigation.":[33],"In":[34],"recent":[35],"years,":[36],"more":[37],"or":[38],"less":[39],"successful":[40],"takedown":[41],"operations":[42],"have":[43],"been":[44],"conducted":[45],"against":[46,59],"botnets":[47],"employing":[48],"both":[49],"client-server":[50],"peer-to-peer":[52],"C&C":[53,71,76],"architectures.":[54],"To":[55],"improve":[56],"their":[57,63],"robustness":[58],"such":[60],"disruptions":[61],"illegal":[64],"business,":[65],"botnet":[66],"operators":[67],"routinely":[68],"deploy":[69],"redundant":[70],"implement":[74],"failover":[75],"strategies.":[77]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":8},{"year":2012,"cited_by_count":2}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
