{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T08:05:32Z","timestamp":1759133132568,"version":"3.32.0"},"publisher-location":"Berlin, Heidelberg","reference-count":38,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540317784"},{"type":"electronic","value":"9783540317791"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11663812_5","type":"book-chapter","created":{"date-parts":[[2006,1,20]],"date-time":"2006-01-20T12:57:08Z","timestamp":1137761828000},"page":"82-101","source":"Crossref","is-referenced-by-count":34,"title":["FLIPS: Hybrid Adaptive Intrusion Prevention"],"prefix":"10.1007","author":[{"given":"Michael E.","family":"Locasto","sequence":"first","affiliation":[]},{"given":"Ke","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Angelos D.","family":"Keromytis","sequence":"additional","affiliation":[]},{"given":"Salvatore J.","family":"Stolfo","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Anagnostakis, K., Greenwald, M.B., Ioannidis, S., Keromytis, A.D., Li, D.: A Cooperative Immunization System for an Untrusting Internet. In: Proceedings of the 11th IEEE International Conference on Networks (ICON), October 2003, pp. 403\u2013408 (2003)","DOI":"10.1109\/ICON.2003.1266224"},{"key":"5_CR2","unstructured":"Anagnostakis, K.G., Sidiroglou, S., Akritidis, P., Xinidis, K., Markatos, E., Keromytis, A.D.: Detecting Targeted Attacks Using Shadow Honeypots. In: Proceedings of the 14th USENIX Security Symposium (August 2005) (to appear)"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Barrantes, E.G., Ackley, D.H., Forrest, S., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized Instruction Set Emulation to Distrupt Binary Code Injection Attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS) (October 2003)","DOI":"10.1145\/948109.948147"},{"key":"5_CR4","unstructured":"Bhatkar, S., DuVarney, D.C., Sekar, R.: Address Obfuscation: an Efficient Approach to Combat a Broad Range of Memory Error Exploits. In: Proceedings of the 12th USENIX Security Symposium, August 2003, pp. 105\u2013120 (2003)"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Boyd, S., Keromytis, A.: SQLrand: Preventing SQL Injection Attacks. In: Applied Cryptography and Network Security (ACNS), June 2004, pp. 292\u2013302 (2004)","DOI":"10.1007\/978-3-540-24852-1_21"},{"key":"5_CR6","unstructured":"Candea, G., Fox, A.: Crash-Only Software. In: Proceedings of the 9th Workshop on Hot Topics in Operating Systems (HOTOS-IX) (May 2003)"},{"key":"5_CR7","unstructured":"Cuppens, F., Miege, A.: Alert Correlation in a Cooperative Intrusion Detection Framework. IEEE Security and Privacy (2002)"},{"key":"5_CR8","unstructured":"Demsky, B., Rinard, M.C.: Automatic Data Structure Repair for Self-Healing Systems. In: Proceedings of the 1st Workshop on Algorithms and Architectures for Self-Managing Systems (June 2003)"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Forrest, S., Somayaji, A., Ackley, D.: Building Diverse Computer Systems. In: Proceedings of the 6th Workshop on Hot Topics in Operating Systems, pp. 67\u201372 (1997)","DOI":"10.1109\/HOTOS.1997.595185"},{"key":"5_CR10","unstructured":"Handley, M., Paxson, V., Kreibich, C.: Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In: Proceedings of the USENIX Security Conference (2001)"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Ioannidis, S., Keromytis, A.D., Bellovin, S.M., Smith, J.M.: Implementing a Distributed Firewall. In: Proceedings of the 7th ACM International Conference on Computer and Communications Security (CCS), November 2000, pp. 190\u2013199 (2000)","DOI":"10.1145\/352600.353052"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering Code-Injection Attacks With Instruction-Set Randomization. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS) (October 2003)","DOI":"10.1145\/948109.948146"},{"key":"5_CR13","unstructured":"Kim, H.-A., Karp, B.: Autograph: Toward Automated, Distributed Worm Signature Detection. In: Proceedings of the USENIX Security Conference (2004)"},{"key":"5_CR14","unstructured":"King, S.T., Mao, Z.M., Lucchetti, D.G., Chen, P.M.: Enriching Intrusion Alerts Through Multi-host Causality. In: Proceedings of the Symposium on Network and Distributed Systems Security, NDSS (2005)"},{"key":"5_CR15","unstructured":"Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure Execution Via Program Shepherding. In: Proceedings of the 11th USENIX Security Symposium (August 2002)"},{"key":"5_CR16","unstructured":"Kolesnikov, A., Lee, W.: Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Technical report, Georgia Tech College of Computing (2004)"},{"key":"5_CR17","doi-asserted-by":"crossref","unstructured":"Krugel, C., Toth, T., Kirda, E.: Service Specific Anomaly Detection for Network Intrusion Detection. In: Proceedings of the ACM Symposium on Applied Computing, SAC (2002)","DOI":"10.1145\/508791.508835"},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"Locasto, M.E., Parekh, J.J., Keromytis, A.D., Stolfo, S.J.: Towards Collaborative Security and P2P Intrusion Detection. In: Proceedings of the IEEE Information Assurance Workshop (IAW), June 2005, pp. 333\u2013339 (2005)","DOI":"10.1109\/IAW.2005.1495971"},{"key":"5_CR19","unstructured":"Locasto, M.E., Sidiroglou, S., Keromytis, A.D.: Application Communities: Using Monoculture for Dependability. In: Proceedings of the 1st Workshop on Hot Topics in System Dependability (HotDep 2005) (June 2005)"},{"key":"5_CR20","unstructured":"Newsome, J., Song, D.: Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. In: The 12th Annual Network and Distributed System Security Symposium (NDSS) (February 2005)"},{"key":"5_CR21","unstructured":"Overill, R.E.: How Re(Pro)active Should an IDS Be? In: Proceedings of the 1st International Workshop on Recent Advances in Intrusion Detection (RAID) (September 1998)"},{"key":"5_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/978-3-540-30143-1_6","volume-title":"Recent Advances in Intrusion Detection","author":"T. Pietraszek","year":"2004","unstructured":"Pietraszek, T.: Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 102\u2013124. Springer, Heidelberg (2004)"},{"issue":"4","key":"5_CR23","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MSP.2004.36","volume":"2","author":"J. Pincus","year":"2004","unstructured":"Pincus, J., Baker, B.: Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overflows. IEEE Security & Privacy\u00a02(4), 20\u201327 (2004)","journal-title":"IEEE Security & Privacy"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"Rabek, J.C., Khazan, R.I., Lewandowski, S.M., Cunningham, R.K.: Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code. In: Proceedings of the Workshop on Rapid Malcode, WORM (2003)","DOI":"10.1145\/948187.948201"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Reynolds, J.C., Just, J., Clough, L., Maglich, R.: On-Line Intrusion Detection and Attack Prevention Using Diversity, Genrate-and-Test, and Generalization. In: Proceedings of the 36th Hawaii International Conference on System Sciences, HICSS (2003)","DOI":"10.1109\/HICSS.2003.1174911"},{"key":"5_CR26","unstructured":"Rinard, M., Cadar, C., Dumitran, D., Roy, D., Leu, T., Beebee, J.W.: Enhancing Server Availability and Security Through Failure-Oblivious Computing. In: Proceedings 6th Symposium on Operating Systems Design and Implementation (OSDI) (December 2004)"},{"key":"5_CR27","doi-asserted-by":"crossref","unstructured":"Sidiroglou, S., Ioannidis, J., Keromytis, A.D., Stolfo, S.J.: An Email Worm Vaccine Architecture. In: Proceedings of the 1st Information Security Practice and Experience Conference (ISPEC) (April 2005)","DOI":"10.1007\/978-3-540-31979-5_9"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Sidiroglou, S., Keromytis, A.D.: A Network Worm Vaccine Architecture. In: Proceedings of the IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), Workshop on Enterprise Security, June 2003, pp. 220\u2013225 (2003)","DOI":"10.1109\/ENABL.2003.1231411"},{"key":"5_CR29","unstructured":"Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a Reactive Immune System for Software Services. In: Proceedings of the USENIX Annual Technical Conference, April 2005, pp. 149\u2013161 (2005)"},{"key":"5_CR30","unstructured":"Singh, S., Estan, C., Varghese, G., Savage, S.: Automated Worm Fingerprinting. In: Proceedings of Symposium on Operating Systems Design and Implementation, OSDI (2004)"},{"key":"5_CR31","unstructured":"Smirnov, A., Chiueh, T.: DIRA: Automatic Detection, Identification, and Repair of Control-Hijacking Attacks. In: The 12th Annual Network and Distributed System Security Symposium (February 2005)"},{"key":"5_CR32","unstructured":"Somayaji, A., Forrest, S.: Automated Response Using System-Call Delays. In: Proceedings of the 9th USENIX Security Symposium (August 2000)"},{"key":"5_CR33","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Enhancing Byte-Level Network Intrusion Detection Signatures with Context. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 262\u2013271 (2003)","DOI":"10.1145\/948109.948145"},{"key":"5_CR34","unstructured":"Stig, A., Clark, A., Mohay, G.: Network-based Buffer Overflow Detection by Exploit Code Analysis. In: AusCERT Conference (May 2004)"},{"key":"5_CR35","doi-asserted-by":"crossref","unstructured":"Stolfo, S.: Worm and Attack Early Warning: Piercing Stealthy Reconnaissance. IEEE Privacy and Security (May\/June 2004)","DOI":"10.1109\/MSP.2004.28"},{"issue":"5","key":"5_CR36","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1145\/1037949.1024404","volume":"38","author":"G.E. Suh","year":"2004","unstructured":"Suh, G.E., Lee, J.W., Zhang, D., Devadas, S.: Secure Program Execution Via Dynamic Information Flow Tracking. SIGOPS Operating Systems Review\u00a038(5), 85\u201396 (2004)","journal-title":"SIGOPS Operating Systems Review"},{"key":"5_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1007\/3-540-36084-0_15","volume-title":"Recent Advances in Intrusion Detection","author":"T. Toth","year":"2002","unstructured":"Toth, T., Kruegel, C.: Accurate Buffer Overflow Detection via Abstract Payload Execution. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, p. 274. Springer, Heidelberg (2002)"},{"key":"5_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-3-540-30143-1_11","volume-title":"Recent Advances in Intrusion Detection","author":"K. Wang","year":"2004","unstructured":"Wang, K., Stolfo, S.J.: Anomalous Payload-based Network Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 203\u2013222. Springer, Heidelberg (2004)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11663812_5.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,7]],"date-time":"2025-01-07T08:25:49Z","timestamp":1736238349000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11663812_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540317784","9783540317791"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/11663812_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}