{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T18:36:08Z","timestamp":1725474968933},"publisher-location":"Berlin, Heidelberg","reference-count":21,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540360148"},{"type":"electronic","value":"9783540360179"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11790754_7","type":"book-chapter","created":{"date-parts":[[2006,11,27]],"date-time":"2006-11-27T08:02:37Z","timestamp":1164614557000},"page":"109-128","source":"Crossref","is-referenced-by-count":12,"title":["Using Contextual Security Policies for Threat Response"],"prefix":"10.1007","author":[{"given":"Herv\u00e9","family":"Debar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yohann","family":"Thomas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nora","family":"Boulahia-Cuppens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fr\u00e9d\u00e9ric","family":"Cuppens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"7_CR1","doi-asserted-by":"crossref","unstructured":"Brackney, R.: Cyber-intrusion response. In: Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems, West Lafayette, IN, p. 413 (1998)","DOI":"10.1109\/RELDIS.1998.740533"},{"key":"7_CR2","volume-title":"Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC)","author":"T. Toth","year":"2002","unstructured":"Toth, T., Kruegel, C.: Evaluating the impact of automated intrusion response mechanisms. In: Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC), Las Vegas, NV. IEEE Computer Society Press, Los Alamitos (2002)"},{"key":"7_CR3","doi-asserted-by":"crossref","unstructured":"Petkac, M., Badger, L.: Security agility in response to intrusion detection. In: 16th Annual Computer Security Applications Conference (ACSAC 2000), New Orleans, LO, p. 11 (2000)","DOI":"10.1109\/ACSAC.2000.898853"},{"key":"7_CR4","unstructured":"rfc3360: Inappropriate tcp resets considered harmful. RFC 3360 (2002), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc3360.txt"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Gombault, S., Sans, T.: Selecting Appropriate Counter-Measures in an Intrusion Detection Framework. In: 17th IEEE Computer Security Foundations Workshop (CSFW), Pacific Grove, CA (2004)","DOI":"10.1109\/CSFW.2004.1310733"},{"key":"7_CR6","unstructured":"Mounji, A., Charlier, B.L.: Continuous assessment of a unix configuration integrating intrusion detection and configuration analysis (1997)"},{"key":"7_CR7","first-page":"2344","volume-title":"Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics","author":"D. Ragsdale","year":"2000","unstructured":"Ragsdale, D., Carver, C., Humphries, J., Pooch, U.: Adaptation techniques for intrusion detection and intrusion response system. In: Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics, Nashville, TN, pp. 2344\u20132349. IEEE Computer Society Press, Los Alamitos (2000)"},{"key":"7_CR8","unstructured":"Carver, C., Hill, J., Pooch, U.: Limiting uncertainty in intrusion response. In: Proceedings of the 2001 IEEE workshop on Information Assurance and Security, United States Military Academy, West Point, NY (2001)"},{"issue":"8","key":"7_CR9","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1145\/360303.360333","volume":"19","author":"M.A. Harrison","year":"1976","unstructured":"Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in Operating Systems. Communication of the ACM\u00a019(8), 461\u2013471 (1976)","journal-title":"Communication of the ACM"},{"issue":"2","key":"7_CR10","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"R. Sandhu","year":"1996","unstructured":"Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer\u00a029(2), 38\u201347 (1996)","journal-title":"IEEE Computer"},{"key":"7_CR11","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1145\/352600.352613","volume-title":"CCS 2000: Proceedings of the 7th ACM conference on Computer and communications security","author":"M. Kudo","year":"2000","unstructured":"Kudo, M., Hada, S.: XML document security based on provisional authorization. In: CCS 2000: Proceedings of the 7th ACM conference on Computer and communications security, pp. 87\u201396. ACM Press, New York (2000)"},{"key":"7_CR12","unstructured":"Mi\u00e8ge, A.: Definition of a formal framework for specifying security policies. The Or-BAC model and extensions. PhD thesis, ENST (2005)"},{"key":"7_CR13","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Mi\u00e8ge, A.: Inheritance hierarchies in the Or-BAC Model and application in a network environment. In: Second Foundations of Computer Security Workshop (FCS 2004), Turku, Finland (2004)"},{"key":"7_CR14","unstructured":"Ullman, J.D.: Principles of Database and Knowledge Base Systems. Computer Science Press (1989)"},{"key":"7_CR15","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Sans, T., Mi\u00e8ge, A.: A Formal Approach to Specify and Deploy a Network Security Policy. In: Formal Aspects of Security and Trust (FAST), Toulouse, France (2004)"},{"key":"7_CR16","unstructured":"Debar, H., Curry, D., Feinstein, B.: The intrusion detection message exchange format. Internet Draft (2005) Work in progress, expires (July 31, 2005)"},{"key":"7_CR17","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Mi\u00e8ge, A.: Alert Correlation in a Cooperative Intrusion Detection Framework. In: Proceedings of the IEEE Symposium on Security and Privacy (2002)","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"7_CR18","unstructured":"Dain, O., Cunningham, R.: Fusing a Heterogeneous Alert Stream into Scenarios. In: Proceedings of the 2001 ACM Workshop on Data Mining for Security Applications, pp. 1\u201313 (2001)"},{"key":"7_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/3-540-36084-0_7","volume-title":"Recent Advances in Intrusion Detection","author":"B. Morin","year":"2002","unstructured":"Morin, B., M\u00e9, L., Debar, H., Ducass\u00e9, M.: M2D2: A Formal Data Model for IDS Alert Correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, p. 115. Springer, Heidelberg (2002)"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Ning, P., Cui, Y., Reeves, D.S.: Constructing Attack Scenarios Through Correlation of Intrusion Alerts. In: Proceedings of the 9th Conference on Computer and Communication Security (2002)","DOI":"10.1145\/586110.586144"},{"key":"7_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"754","DOI":"10.1007\/978-3-540-39962-9_76","volume-title":"On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops","author":"F. Cuppens","year":"2003","unstructured":"Cuppens, F., Mi\u00e8ge, A.: Administration Model for Or-BAC. In: Meersman, R., Tari, Z. (eds.) OTM-WS 2003. LNCS, vol.\u00a02889, pp. 754\u2013768. Springer, Heidelberg (2003)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware & Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11790754_7.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T03:23:15Z","timestamp":1619493795000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11790754_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540360148","9783540360179"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/11790754_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}