TY - STD TI - Hao, Shuang, et al. (2013) Understanding the domain registration behavior of spammers. Proceedings of the 2013 conference on Internet measurement conference. ACM ID - ref1 ER - TY - CHAP AU - Alrwais, S. AU - Yuan, K. AU - Alowaisheq, E. AU - Li, Z. AU - Wang, X. PY - 2014 DA - 2014// TI - Understanding the dark side of domain parking BT - Proceedings of the 23rd USENIX security symposium ID - Alrwais2014 ER - TY - STD TI - Bishop CM (2006) Pattern recognition and machine learning. springer ID - ref3 ER - TY - STD TI - Borgolte K, Kruegel C, Vigna G (2013) Delta: automatic identification of unknown web-based infection campaigns. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, ACM, pp 109–120 ID - ref4 ER - TY - STD TI - Buckets n.d.. https://cloud.google.com/storage/docs/json_api/v1/buckets. Accessed Aug 2018. [On- line] UR - https://cloud.google.com/storage/docs/json_api/v1/buckets ID - ref5 ER - TY - STD TI - BuiltWith. Builtwith. http://builtwith.com/, 2015. Accessed Aug 2018. [Online] UR - http://builtwith.com/ ID - ref6 ER - TY - STD TI - Clean-MX. Clean mx realtime database. http://support.clean-mx.de/clean-mx/viruses.php, 2015. Accessed Aug 2018. [Online] UR - http://support.clean-mx.de/clean-mx/viruses.php ID - ref7 ER - TY - CHAP AU - Cohen, W. AU - Ravikumar, P. AU - Fienberg, S. PY - 2003 DA - 2003// TI - A comparison of string metrics for matching names and records BT - Proceedings of Kdd workshop on data cleaning and object consolidation ID - Cohen2003 ER - TY - STD TI - C. Crawl. Common crawl. https://commoncrawl.org/, 2015. Accessed Aug 2018. [Online] UR - https://commoncrawl.org/ ID - ref9 ER - TY - STD TI - damballa. Dgas in the hands of cyber-criminals:examining the state of the art in malware evasion techniques. https://www.damballa.com/downloads/r_pubs/WP_DGAs-in-the-Hands-of-Cyber-Criminals.pdf; 2015. Accessed Aug 2018. [Online] UR - https://www.damballa.com/downloads/r_pubs/WP_DGAs-in-the-Hands-of-Cyber-Criminals.pdf ID - ref10 ER - TY - STD TI - Der MF, Saul LK, Savage S, Voelker GM (2014) Knock it off: profiling the online storefronts of counterfeit merchandise. In: Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining. ACM, pp 1759–1768 ID - ref11 ER - TY - STD TI - DNSDB. Passivedns. https://www.dnsdb.info/, 2015. Accessed Aug 2018. [Online] UR - https://www.dnsdb.info/ ID - ref12 ER - TY - STD TI - Google. Google hosted libraries. https://developers.google.com/speed/libraries/?csw=1, 2015. Accessed Aug 2018. [Online] UR - https://developers.google.com/speed/libraries/?csw=1 ID - ref13 ER - TY - STD TI - Google. Publish website content. https://developers.google.com/drive/web/publish-site, 2015. Accessed Aug 2018. [Online] UR - https://developers.google.com/drive/web/publish-site ID - ref14 ER - TY - STD TI - Han X, Kheir N, Balzarotti D (2015) The role of cloud services in malicious software: trends and insights. In: DIMVA 2015, 12th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 9–10, 2015, Milan, Italy, Milan ID - ref15 ER - TY - STD TI - Idziorek J, Tannian M, Jacobson D (2011) Detecting fraudulent use of cloud resources. In: Proc. 3rd ACM workshop on cloud computing security workshop, Chicago ID - ref16 ER - TY - STD TI - Invernizzi L, Comparetti PM, Benvenuti S, Kruegel C, Cova M, Vigna G (2012) Evilseed: A guided approach to finding malicious web pages. In: Security and Privacy (SP), 2012 IEEE Symposium on. IEEE, pp 428–442 ID - ref17 ER - TY - CHAP AU - Invernizzi, L. AU - Miskovic, S. AU - Torres, R. AU - Saha, S. AU - Lee, S. AU - Mellia, M. AU - Kruegel, C. AU - Vigna, G. PY - 2014 DA - 2014// TI - Nazca: detecting malware distribution in large-scale networks BT - Proceedings of the Network and Distributed System Security Symposium (NDSS) ID - Invernizzi2014 ER - TY - STD TI - Li Z, Alrwais S, Wang X, Alowaisheq E (2014) Hunting the red fox online: Understanding and detection of mass redirect-script injections. In: Security and Privacy (SP), 2014 IEEE Symposium on. IEEE, pp 3–18 ID - ref19 ER - TY - STD TI - Li Z, Alrwais S, Xie Y, Yu F, Wang X (2013) Finding the linchpins of the dark web: a study on topologically dedicated hosts on malicious web infrastructures. In: Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, pp 112–126 ID - ref20 ER - TY - CHAP AU - Liao, X. AU - Liu, C. AU - Mccoy, D. AU - Shi, E. AU - Beyah, R. PY - 2016 DA - 2016// TI - Characterizing long-tail seo spam on cloud web hosting services BT - Proceedings of the International World Wide Web Conference ID - Liao2016 ER - TY - STD TI - Moore T, Leontiadis N, Christin N (2011) Fashion crimes: trending-term exploitation on the web. In: Proceedings of the 18th ACM conference on Computer and communications security. ACM, pp 455–466 ID - ref22 ER - TY - STD TI - Mulazzani M, Schrittwieser S, Leithner M, Huber M Dark Clouds on the Horizon: Using cloud storage as attack vector and online slack space. In: Proc. 20th USENIX security symposium, San Francisco, p 2011 ID - ref23 ER - TY - CHAP AU - Nelms, T. AU - Perdisci, R. AU - Antonakakis, M. AU - Ahamad, M. PY - 2015 DA - 2015// TI - Webwitness: Investigating, categorizing, and mitigating malware download paths BT - 24th USENIX Security Symposium (USENIX Security 15) PB - USENIX Association CY - Washington, D.C. ID - Nelms2015 ER - TY - STD TI - Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on Computer and communications security. ACM, pp 199–212 ID - ref25 ER - TY - STD TI - Scipy. scipy.cluster.hierarchy.linkage. http://docs.scipy.org/doc/scipy/reference/generated/scipy.cluster.hierarchy.linkage.html, 2015. Accessed Aug 2018. [Online] UR - http://docs.scipy.org/doc/scipy/reference/generated/scipy.cluster.hierarchy.linkage.html ID - ref26 ER - TY - STD TI - Servnet n.d.. https://servnetshsztndci.onion. Accessed Aug 2018. [Online] UR - https://servnetshsztndci.onion/ ID - ref27 ER - TY - STD TI - Sklearn. sklearn.svm.svc. http://scikit-learn.org/stable/modules/generated/sklearn.svm.SVC.html, 2015. Accessed Aug 2018. [Online] UR - http://scikit-learn.org/stable/modules/generated/sklearn.svm.SVC.html ID - ref28 ER - TY - STD TI - Snort. Snort ssl and tls. http://manual.snort.org/node147.html, 2015. Accessed Aug 2018. [Online] UR - http://manual.snort.org/node147.html ID - ref29 ER - TY - STD TI - solutionary. Threat-intelligence. https://www.solutionary.com/_assets/pdf/research/sert-q4-2013-threat-intelligence.pdf, 2015. Accessed Aug 2018. [Online] UR - https://www.solutionary.com/_assets/pdf/research/sert-q4-2013-threat-intelligence.pdf ID - ref30 ER - TY - STD TI - Stringhini G, Kruegel C, Vigna G (2013) Shady paths: Leveraging surfing crowds to detect malicious web pages. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, pp 133–144 ID - ref31 ER - TY - STD TI - Sucuri. Sucuri. https://sucuri.net/, 2015. Accessed Aug 2018. [Online] UR - https://sucuri.net/ ID - ref32 ER - TY - STD TI - Symantec. The future of ids. http://www.symantec.com/connect/articles/future-ids, 2015. Accessed Aug 2018. [Online] UR - http://www.symantec.com/connect/articles/future-ids ID - ref33 ER - TY - STD TI - VirusTotal. Virustotal. https://www.virustotal.com/, 2015. Accessed Aug 2018. [Online] UR - https://www.virustotal.com/ ID - ref34 ER - TY - STD TI - WhatWeb. Whatweb. http://www.morningstarsecurity.com/research/whatweb, 2015. Accessed Aug 2018. [Online] UR - http://www.morningstarsecurity.com/research/whatweb ID - ref35 ER - TY - STD TI - Xu Y, Cui W, Peinado M (2015) Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: Proceedings of the 36th IEEE Symposium on Security and Privacy (Oakland). IEEE Institute of Electrical and Electronics Engineers ID - ref36 ER - TY - STD TI - Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart. Cross-tenant Side-Channel attacks in PaaS clouds. In Proc. 21st Conference on Computer and Communications Security (CCS), Scottsdale, 2014 ID - ref37 ER -