{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,16]],"date-time":"2025-07-16T13:25:17Z","timestamp":1752672317885},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540266136"},{"type":"electronic","value":"9783540316459"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11506881_8","type":"book-chapter","created":{"date-parts":[[2010,7,14]],"date-time":"2010-07-14T16:30:33Z","timestamp":1279125033000},"page":"123-140","source":"Crossref","is-referenced-by-count":161,"title":["A Learning-Based Approach to the Detection of SQL Attacks"],"prefix":"10.1007","author":[{"given":"Fredrik","family":"Valeur","sequence":"first","affiliation":[]},{"given":"Darren","family":"Mutz","sequence":"additional","affiliation":[]},{"given":"Giovanni","family":"Vigna","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","unstructured":"libAnomaly project homepage, http:\/\/www.cs.ucsb.edu\/~rsg\/libAnomaly"},{"key":"8_CR2","doi-asserted-by":"crossref","unstructured":"Almgren, M., Debar, H., Dacier, M.: A lightweight tool for detecting web server attacks. In: Proceedings of the ISOC Symposium on Network and Distributed Systems Security, San Diego, CA (February 2000)","DOI":"10.1016\/S1353-4858(00)85018-7"},{"key":"8_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1007\/3-540-45474-8_2","volume-title":"Recent Advances in Intrusion Detection","author":"M. Almgren","year":"2001","unstructured":"Almgren, M., Lindqvist, U.: Application-Integrated Data Collection for Security Monitoring. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, pp. 22\u201336. Springer, Heidelberg (2001)"},{"key":"8_CR4","volume-title":"Probability and Measure","author":"P. Billingsley","year":"1995","unstructured":"Billingsley, P.: Probability and Measure, 3rd edn. Wiley-Interscience, New York (1995)","edition":"3"},{"key":"8_CR5","unstructured":"Burzi, F.: Php-nuke website (2005), http:\/\/phpnuke.org\/"},{"key":"8_CR6","unstructured":"CERT\/CC. Code Red Worm Exploiting Buffer Overflow In IIS Indexing Service DLL. Advisory CA-2001-19 (July 2001)"},{"issue":"2","key":"8_CR7","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D.E. Denning","year":"1987","unstructured":"Denning, D.E.: An Intrusion Detection Model. IEEE Transactions on Software Engineering\u00a013(2), 222\u2013232 (1987)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"8_CR8","unstructured":"Flanagan, D.: JavaScript: The Definitive Guide, 4th edn. (December 2001)"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Forrest, S.: A Sense of Self for UNIX Processes. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1996, pp. 120\u2013128 (1996)","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"8_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1007\/978-3-540-39650-5_19","volume-title":"Computer Security \u2013 ESORICS 2003","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Mutz, D., Valeur, F., Vigna, G.: On the Detection of Anomalous System Call Arguments. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol.\u00a02808, pp. 326\u2013343. Springer, Heidelberg (2003)"},{"key":"8_CR11","volume-title":"Symposium on Applied Computing (SAC)","author":"C. Kruegel","year":"2002","unstructured":"Kruegel, C., Toth, T., Kirda, E.: Service Specific Anomaly Detection for Network Intrusion Detection. In: Symposium on Applied Computing (SAC), March 2002. ACM Scientific Press, New York (2002)"},{"key":"8_CR12","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1145\/948109.948144","volume-title":"Proceedings of the 10th ACM Conference on Computer and Communication Security (CCS 2003)","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Vigna, G.: Anomaly Detection of Web-based Attacks. In: Proceedings of the 10th ACM Conference on Computer and Communication Security (CCS 2003), Washington, DC, October 2003, pp. 251\u2013261. ACM Press, New York (2003)"},{"key":"8_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"264","DOI":"10.1007\/3-540-45853-0_16","volume-title":"Computer Security - ESORICS 2002","author":"S. Lee","year":"2002","unstructured":"Lee, S., Low, W., Wong, P.: Learning Fingerprints for a Database Intrusion Detection System. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol.\u00a02502, p. 264. Springer, Heidelberg (2002)"},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Liljenstam, M., Nicol, D., Berk, V., Gray, R.: Simulating realistic network worm traffic for worm warning system design and testing. In: Proceedings of the ACM Workshop on Rapid Malcode, Washington, DC, pp. 24\u201333 (2003)","DOI":"10.1145\/948187.948193"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Mahoney, M., Chan, P.: Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks. In: Proceedings of the 8th International Conference on Knowledge Discovery and Data Mining, Edmonton, Alberta, Canada, pp. 376\u2013385 (2002)","DOI":"10.1145\/775047.775102"},{"key":"8_CR16","unstructured":"Portnoy, L., Eskin, E., Stolfo, S.: Intrusion Detection with Unlabeled Data Using Clustering. In: Proceedings of ACM CSS Workshop on Data Mining Applied to Security, Philadelphia, PA (November 2001)"},{"key":"8_CR17","unstructured":"Security Focus Homepage (2002), http:\/\/www.securityfocus.com\/"},{"key":"8_CR18","unstructured":"Stolcke, A., Omohundro, S.: Hidden Markov Model Induction by Bayesian Model Merging. In: Advances in Neural Information Processing Systems (1993)"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Stolcke, A., Omohundro, S.: Inducing probabilistic grammars by bayesian model merging. In: International Conference on Grammatical Inference (1994)","DOI":"10.1007\/3-540-58473-0_141"},{"key":"8_CR20","doi-asserted-by":"crossref","unstructured":"Tan, K., Killourhy, K., Maxion, R.: Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits. In: Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection, Zurich, Switzerland, October 2002, pp. 54\u201373 (2002)","DOI":"10.1007\/3-540-36084-0_4"},{"key":"8_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/b13476","volume-title":"Advances in Computer Systems Architecture","author":"G. Vigna","year":"2003","unstructured":"Vigna, G., Robertson, W., Kher, V., Kemmerer, R.A.: A Stateful Intrusion Detection System for World-Wide Web Servers. In: Omondi, A.R., Sedukhin, S.G. (eds.) ACSAC 2003. LNCS, vol.\u00a02823, pp. 34\u201343. Springer, Heidelberg (2003)"},{"key":"8_CR22","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry Attacks on Host-Based Intrusion Detection Systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington DC, USA, November 2002, pp. 255\u2013264 (2002)","DOI":"10.1145\/586110.586145"},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.A.: Detecting intrusions using system calls: Alternative data models. In: IEEE Symposium on Security and Privacy, pp. 133\u2013145 (1999)","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"8_CR24","unstructured":"Watchfire. AppShield Web Intrusion Prevention (2005), http:\/\/www.watchfire.com\/products\/appshield\/default.aspx"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11506881_8.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T15:03:38Z","timestamp":1605625418000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11506881_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540266136","9783540316459"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/11506881_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2005]]}}}