{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T18:36:05Z","timestamp":1725474965272},"publisher-location":"Berlin, Heidelberg","reference-count":28,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540360148"},{"type":"electronic","value":"9783540360179"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11790754_2","type":"book-chapter","created":{"date-parts":[[2006,11,27]],"date-time":"2006-11-27T13:02:37Z","timestamp":1164632557000},"page":"17-36","source":"Crossref","is-referenced-by-count":14,"title":["Using Static Program Analysis to Aid Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Manuel","family":"Egele","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Martin","family":"Szydlowski","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"2_CR1","unstructured":"Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. In: Usenix Security Symposium (1998)"},{"key":"2_CR2","doi-asserted-by":"crossref","unstructured":"Lindqvist, U., Porras, P.: Detecting Computer and Network Misuse with the Production-Based Expert System Toolset (P-BEST). In: IEEE Symposium on Security and Privacy (1999)","DOI":"10.1109\/SECPRI.1999.766911"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Vigna, G., Valeur, F., Kemmerer, R.: Designing and Implementing a Family of IDSs. In: 9th European Software Engineering Conference (2003)","DOI":"10.1145\/940071.940084"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Denning, D.: An Intrusion Detection Model. IEEE Transactions on Software Engineering\u00a013(2) (1987)","DOI":"10.1109\/TSE.1987.232894"},{"key":"2_CR5","doi-asserted-by":"crossref","unstructured":"Ko, C., Ruschitzka, M., Levitt, K.: Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-based Approach. In: IEEE Symposium on Security and Privacy (1997)","DOI":"10.1109\/SECPRI.1997.601332"},{"key":"2_CR6","unstructured":"Kruegel, C., Vigna, G.: 10th ACM Conference on Computer and Communications Security (CCS) (2003)"},{"key":"2_CR7","unstructured":"Goldberg, I., Wagner, D., Thomas, R., Brewer, E.: A Secure Environment for Untrusted Helper Applications. In: Usenix Security Symposium (1996)"},{"key":"2_CR8","unstructured":"Provos, N.: Improving Host Security with System Call Policies. In: Usenix Security Symposium (2003)"},{"key":"2_CR9","unstructured":"Chari, S., Cheng, P.: BlueBoX: A Policy-driven, Host-Based IDS. In: Symposium on Network and Distributed System Security (NDSS) (2002)"},{"key":"2_CR10","unstructured":"Zend Corporation, PHP: Hypertext Preprocessor (2006), http:\/\/www.php.net\/"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Lee, W., Stolfo, S., Mok, K.: Mining in a Data-flow Environment: Experience in Network Intrusion Detection. In: ACM International Conference on Knowledge Discovery & Data Mining (KDD) (1999)","DOI":"10.1145\/312129.312212"},{"key":"2_CR12","doi-asserted-by":"crossref","unstructured":"Javitz, H., Valdes, A.: The SRI IDES Statistical Anomaly Detector. In: IEEE Symposium on Security and Privacy (1991)","DOI":"10.1109\/RISP.1991.130799"},{"key":"2_CR13","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A Sense of Self for Unix Processes. In: IEEE Symposium on Security and Privacy (1996)","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.: Detecting Intrusions Using System Calls: Alternative Data Models. In: IEEE Symposium on Security and Privacy (1999)","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Ganapathy, V., Jha, S., Chandler, D., Melski, D., Vitek, D.: Buffer overrun detection using linear programming and static analysis. In: ACM Conference on Computer and Communications Security (CCS) (2003)","DOI":"10.1145\/948109.948155"},{"key":"2_CR16","unstructured":"Larochelle, D., Evans, D.: Statically Detecting Likely Buffer Overflow Vulnerabilities. In: Usenix Security Symposium (2001)"},{"key":"2_CR17","unstructured":"Wagner, D., Foster, J., Brewer, E., Aiken, A.: A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In: Network and Distributed System Security (NDSS) (2000)"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: IEEE Symposium on Security and Privacy (2001)","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"2_CR19","unstructured":"Chen, H., Dean, D., Wagner, D.: Model Checking One Million Lines of C Code. In: Network and Distributed System Security (NDSS) (2004)"},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"Chen, H., Wagner, D.: MOPS: An infrastructure for examining security properties of software. In: ACM Conference on Computer and Communications Security (CCS) (2002)","DOI":"10.1145\/586110.586142"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Ashcraft, K., Engler, D.: Using Programmer-Written Compiler Extensions to Catch Security Holes. In: IEEE Symposium on Security and Privacy (2002)","DOI":"10.1109\/SECPRI.2002.1004368"},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"Engler, D., Chen, D., Hallem, S., Chou, A., Chelf, B.: Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code. In: ACM Symposium on Operating Systems Principles (2001)","DOI":"10.1145\/502034.502041"},{"key":"2_CR23","doi-asserted-by":"crossref","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: IEEE Symposium on Security and Privacy (2001)","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"2_CR24","unstructured":"Giffin, J., Jha, S., Miller, B.: Detecting Manipulated Remote Call Streams. In: Usenix Security Symposium (2002)"},{"key":"2_CR25","unstructured":"Giffin, J., Jha, S., Miller, B.: Efficient context-sensitive intrusion detection. In: Network and Distributed System Security Symposium (NDSS) (2004)"},{"key":"2_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-30143-1_1","volume-title":"Recent Advances in Intrusion Detection","author":"L.C. Lam","year":"2004","unstructured":"Lam, L.C., Chiueh, T.-c.: Automatic Extraction of Accurate Application-Specific Sandboxing Policy. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 1\u201320. Springer, Heidelberg (2004)"},{"key":"2_CR27","doi-asserted-by":"crossref","unstructured":"Feng, H., Kolesnikov, O., Fogla, P., Lee, W., Gong, W.: Anomaly Detection using Call Stack Information. In: IEEE Symposium on Security and Privacy (2003)","DOI":"10.1109\/SECPRI.2003.1199328"},{"key":"2_CR28","unstructured":"Feng, H., Giffin, J., Huang, Y., Jha, S., Lee, W., Miller, B.: Formalizing Sensitivity in Static Analysis for Intrusion Detection. In: IEEE Symposium on Security and Privacy (2004)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware &amp; Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11790754_2.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T07:23:13Z","timestamp":1619508193000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11790754_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540360148","9783540360179"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/11790754_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}