4FOGLA P, SHARIF M, PERDISCI R, et al. Polymorphic blending attacks[A]. Proceedings of the 15th Conference on USENIX Security Symposium[C]. Berkeley, CA, USA, 2006. 17.
5GUNDY M V, BALZAROTI'I D, FIELDSCHEMA G V. Catch me, if you can: evading network signatures with Web-based polymorphic worms[A]. Proceedings of the First USENIX Workshop on Offensive Technologies (WOOT)[C]. Boston, MA, USA, 2007.
6KREIBICH C, CROWCROFF J. Honeycomb- creating intrusion detection signatures using honeypots[A]. Proceedings of the Second Workshop on Hot Topics in Networks (Hornets II)[C]. Boston, 2003.51-56.
7WANG K, CRETU G, STOLFO S J. Anomalous payload-based worm detection and signature generation[A].Proceedings of Recent Ad- vances in Intrusion Detection (RAID)IC]. 2003.227-246.
8SINGH S, ESTAN C, VARGHESE G, et al. Automated worm finger-printing[A]. Proceedings of the 6th USENIX OSDI[C]. 2004.45-60.
9KIM H A, KARP B. Autograph: toward automated, distributed worm signature detection[A]. Proceedings of USENIX Security Sympo- sium[C]. 2004. 271-286.
10SINGH S, ESTAN C, VARGHESE G, et al. Automated worm finger- printing[A]. Proceedings of the 6th USENIX OSDI[C]. San Francisco, CA, 2004.45-60.