{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,12]],"date-time":"2024-09-12T08:03:44Z","timestamp":1726128224235},"publisher-location":"Cham","reference-count":15,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030781194"},{"type":"electronic","value":"9783030781200"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-78120-0_20","type":"book-chapter","created":{"date-parts":[[2021,6,17]],"date-time":"2021-06-17T05:02:49Z","timestamp":1623906169000},"page":"302-316","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Enriching DNS Flows with Host-Based Events to Bypass Future Protocol Encryption"],"prefix":"10.1007","author":[{"given":"Stanislav","family":"\u0160pa\u010dek","sequence":"first","affiliation":[]},{"given":"Daniel","family":"Tovar\u0148\u00e1k","sequence":"additional","affiliation":[]},{"given":"Pavel","family":"\u010celeda","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,6,15]]},"reference":[{"key":"20_CR1","unstructured":"Brilingait\u0117, A., Bukauskas, L., Kutka, E.: Time-line alignment of cyber incidents in heterogeneous environments. In: ECCWS 2018 17th European Conference on Cyber Warfare and Security, p. 57. Academic Conferences and Publishing Ltd. (2018)"},{"key":"20_CR2","unstructured":"Bushart, J., Rossow, C.: Padding ain\u2019t enough: assessing the privacy guarantees of encrypted DNS. In: 10th USENIX Workshop on Free and Open Communications on the Internet ($$\\{$$FOCI$$\\}$$ 20) (2020)"},{"key":"20_CR3","unstructured":"Collins, M., Collins, M.S.: Network Security Through Data Analysis: Building Situational Awareness. O\u2019Reilly Media, Inc., Newton (2014)"},{"key":"20_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1007\/11506881_13","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"H Dreger","year":"2005","unstructured":"Dreger, H., Kreibich, C., Paxson, V., Sommer, R.: Enhancing the accuracy of network-based intrusion detection with host-based context. In: Julisch, K., Kruegel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 206\u2013221. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11506881_13"},{"key":"20_CR5","doi-asserted-by":"crossref","unstructured":"Haas, S., Sommer, R., Fischer, M.: Zeek-osquery: Host-network correlation for advanced monitoring and intrusion detection. arXiv preprint arXiv:2002.04547 (2020)","DOI":"10.1007\/978-3-030-58201-2_17"},{"key":"20_CR6","unstructured":"Henderson, S., Nicholls, B., Ehmann, B.: Time-based correlation of malicious events and their connections. https:\/\/resources.sei.cmu.edu\/asset_files\/Presentation\/2019_017_001_539987.pdf. Accessed 15 Sept 2020"},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Houser, R., Li, Z., Cotton, C., Wang, H.: An investigation on information leakage of DNS over TLS. In: Proceedings of the 15th International Conference on Emerging Networking Experiments And Technologies, pp. 123\u2013137 (2019)","DOI":"10.1145\/3359989.3365429"},{"key":"20_CR8","doi-asserted-by":"crossref","unstructured":"Luque, A., Carrasco, A., Mart\u00edn, A., de las Heras, A.: The impact of class imbalance in classification performance metrics based on the binary confusion matrix. Pattern Recogn. 91, 216\u2013231 (2019)","DOI":"10.1016\/j.patcog.2019.02.023"},{"key":"20_CR9","doi-asserted-by":"crossref","unstructured":"Siby, S., Juarez, M., Diaz, C., Vallina-Rodriguez, N., Troncoso, C.: Encrypted DNS - privacy? A traffic analysis perspective. arXiv preprint arXiv:1906.09682 (2019)","DOI":"10.14722\/ndss.2020.24301"},{"key":"20_CR10","doi-asserted-by":"crossref","unstructured":"Teng, S., Wu, N., Zhu, H., Teng, L., Zhang, W.: SVM-DT-based adaptive and collaborative intrusion detection. IEEE\/CAA J. Autom. Sin. 5(1), 108\u2013118 (2017)","DOI":"10.1109\/JAS.2017.7510730"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Tovar\u0148\u00e1k, D., \u0160pa\u010dek, S., Vykopal, J.: Traffic and log data captured during a cyber defense exercise. Data Brief 31, 105784 (2020)","DOI":"10.1016\/j.dib.2020.105784"},{"issue":"4","key":"20_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2716260","volume":"47","author":"E Vasilomanolakis","year":"2015","unstructured":"Vasilomanolakis, E., Karuppayah, S., M\u00fchlh\u00e4user, M., Fischer, M.: Taxonomy and survey of collaborative intrusion detection. ACM Comput. Surv. (CSUR) 47(4), 1\u201333 (2015)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"5","key":"20_CR13","doi-asserted-by":"publisher","first-page":"355","DOI":"10.1002\/nem.1901","volume":"25","author":"P Velan","year":"2015","unstructured":"Velan, P., \u010cerm\u00e1k, M., \u010celeda, P., Dra\u0161ar, M.: A survey of methods for encrypted traffic classification and analysis. Int. J. Netw. Manage. 25(5), 355\u2013374 (2015)","journal-title":"Int. J. Netw. Manage."},{"issue":"1","key":"20_CR14","first-page":"148","volume":"4","author":"T Zhang","year":"2018","unstructured":"Zhang, T., Zhu, Q.: Distributed privacy-preserving collaborative intrusion detection systems for VANETs. IEEE Trans. Sign. Inf. Process. Netw. 4(1), 148\u2013161 (2018)","journal-title":"IEEE Trans. Sign. Inf. Process. Netw."},{"key":"20_CR15","doi-asserted-by":"publisher","unstructured":"\u0160pa\u010dek, S.: Enriching DNS flows with host-based events to bypass future protocol encryption - scripts for data processing. Zenodo (2020). https:\/\/doi.org\/10.5281\/zenodo.4064934","DOI":"10.5281\/zenodo.4064934"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-78120-0_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,6]],"date-time":"2021-07-06T08:11:38Z","timestamp":1625559098000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-78120-0_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030781194","9783030781200"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-78120-0_20","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"15 June 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oslo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 June 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.ifipsec.org\/2021\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"112","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}