{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,19]],"date-time":"2025-03-19T14:01:00Z","timestamp":1742392860862,"version":"3.32.0"},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540397236"},{"type":"electronic","value":"9783540397250"}],"license":[{"start":{"date-parts":[[2006,1,1]],"date-time":"2006-01-01T00:00:00Z","timestamp":1136073600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11856214_15","type":"book-chapter","created":{"date-parts":[[2006,9,16]],"date-time":"2006-09-16T07:12:21Z","timestamp":1158390741000},"page":"290-310","source":"Crossref","is-referenced-by-count":16,"title":["WIND: Workload-Aware INtrusion Detection"],"prefix":"10.1007","author":[{"given":"Sushant","family":"Sinha","sequence":"first","affiliation":[]},{"given":"Farnam","family":"Jahanian","sequence":"additional","affiliation":[]},{"given":"Jignesh M.","family":"Patel","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"15_CR1","unstructured":"Symantec: Symantec Internet threat report: Trends for July 2005 - December 2005 (March 2006), http:\/\/www.symantec.com\/enterprise\/threatreport\/index.jsp"},{"key":"15_CR2","unstructured":"Roesch, M.: Snort: Lightweight intrusion detection for networks. In: Proceedings of Usenix Lisa Conference (November 2001)"},{"key":"15_CR3","unstructured":"Microsoft: Vulnerability in graphics rendering engine could allow remote code execution (January 2006), http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms06-001.mspx"},{"key":"15_CR4","unstructured":"Knobbe, F.: WMF exploit (December 2005), http:\/\/www.securityfocus.com\/archive\/119\/420727\/30\/60\/threaded"},{"key":"15_CR5","doi-asserted-by":"crossref","unstructured":"Dreger, H., Feldmann, A., Paxson, V., Sommer, R.: Operational experiences with high-volume network intrusion detection. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 2\u201311 (2004)","DOI":"10.1145\/1030083.1030086"},{"issue":"23-24","key":"15_CR6","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V. Paxson","year":"1999","unstructured":"Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks\u00a031(23-24), 2435\u20132463 (1999)","journal-title":"Computer Networks"},{"key":"15_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1007\/3-540-36084-0_14","volume-title":"Recent Advances in Intrusion Detection","author":"W. Lee","year":"2002","unstructured":"Lee, W., Cabrera, J.B.D., Thomas, A., Balwalli, N., Saluja, S., Zhang, Y.: Performance adaptation in real-time intrusion detection systems. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, pp. 252\u2013273. Springer, Heidelberg (2002)"},{"key":"15_CR8","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1109\/SECPRI.2002.1004378","volume-title":"Proceedings of the 2002 IEEE Symposium on Security and Privacy","author":"C. Kruegel","year":"2002","unstructured":"Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.: Stateful intrusion detection for high-speed networks. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, Washington, DC, USA, pp. 285\u2013293. IEEE Computer Society, Los Alamitos (2002)"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Sekar, R., Guang, Y., Verma, S., Shanbhag, T.: A high-performance network intrusion detection system. In: ACM Conference on Computer and Communications Security, pp. 8\u201317 (1999)","DOI":"10.1145\/319709.319712"},{"key":"15_CR10","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511574931","volume-title":"Algorithms on strings, trees, and sequences: Computer Science and Computational Biology","author":"D. Gusfield","year":"1997","unstructured":"Gusfield, D.: Algorithms on strings, trees, and sequences: Computer Science and Computational Biology. Cambridge University Press, Cambridge (1997)"},{"key":"15_CR11","unstructured":"Wu, S., Manber, U.: A fast algorithm for multi-pattern searching. Technical report, Department of Computer Science, University of Arizona (1993)"},{"key":"15_CR12","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Toth, T.: Automatic rule clustering for improved signature-based intrusion detection. Technical report, Distributed systems group: Technical Univ. Vienna, Austria (2002)","DOI":"10.1007\/978-3-540-45248-5_10"},{"key":"15_CR13","unstructured":"Egorov, S., Savchuk, G.: SNORTRAN: An optimizing compiler for snort rules. Technical report, Fidelis Security Systems (2002)"},{"key":"15_CR14","unstructured":"Norton, M., Roelker, D.: SNORT 2.0: Hi-performance multi-rule inspection engine. Technical report, Sourcefire Inc. (2002)"},{"key":"15_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1007\/978-3-540-30117-2_32","volume-title":"Field Programmable Logic and Application","author":"D.V. Schuehler","year":"2004","unstructured":"Schuehler, D.V., Lockwood, J.W.: A modular system for FPGA-based TCP flow processing in high-speed networks. In: Becker, J., Platzner, M., Vernalde, S. (eds.) FPL 2004. LNCS, vol.\u00a03203, pp. 301\u2013310. Springer, Heidelberg (2004)"},{"key":"15_CR16","unstructured":"Cho, Y.H., Mangione, W.H.: Programmable hardware for deep packet filtering on a large signature set (2004), http:\/\/citeseer.ist.psu.edu\/699471.html"},{"key":"15_CR17","doi-asserted-by":"crossref","unstructured":"Finkelstein, S.: Common expression analysis in database applications. In: Proceedings of the 1982 ACM SIGMOD international conference on Management of data, New York, NY, USA, pp. 235\u2013245 (1982)","DOI":"10.1145\/582399.582400"},{"issue":"1","key":"15_CR18","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1145\/42201.42203","volume":"13","author":"T.K. Sellis","year":"1988","unstructured":"Sellis, T.K.: Multiple-query optimization. ACM Trans. Database Syst.\u00a013(1), 23\u201352 (1988)","journal-title":"ACM Trans. Database Syst."},{"issue":"2","key":"15_CR19","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1109\/69.54724","volume":"2","author":"T. Sellis","year":"1990","unstructured":"Sellis, T., Ghosh, S.: On the multiple-query optimization problem. IEEE Transactions on Knowledge and Data Engineering\u00a02(2), 262\u2013266 (1990)","journal-title":"IEEE Transactions on Knowledge and Data Engineering"},{"key":"15_CR20","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1109\/ICDE.1988.105474","volume-title":"Proceedings of the Fourth International Conference on Data Engineering","author":"J. Park","year":"1988","unstructured":"Park, J., Segev, A.: Using common subexpressions to optimize multiple queries. In: Proceedings of the Fourth International Conference on Data Engineering, Washington, DC, USA, pp. 311\u2013319. IEEE Computer Society, Los Alamitos (1988)"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Graham, S., Kessler, P., McKusick, M.: gprof: A call graph execution profiler. In: Proceedings of the SIGPLAN 1982 Symposium on Compiler Construction, pp. 120\u2013126 (June 1982)","DOI":"10.1145\/872726.806987"},{"key":"15_CR22","doi-asserted-by":"crossref","unstructured":"Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClung, D., Weber, D., Webster, S.E., Wyschogrod, D., Cunningham, R.K., Zissman, M.A.: Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. In: Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX), pp. 12\u201326 (2000)","DOI":"10.1109\/DISCEX.2000.821506"},{"key":"15_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/3-540-39945-3_11","volume-title":"Recent Advances in Intrusion Detection","author":"R.P. Lippmann","year":"2000","unstructured":"Lippmann, R.P., Haines, J.W., Fried, D.J., Korba, J., Das, K.: Analysis and results of the 1999 DARPA off-line intrusion detection evaluation. In: Debar, H., M\u00e9, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol.\u00a01907, pp. 162\u2013182. Springer, Heidelberg (2000)"},{"key":"15_CR24","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Enhancing byte-level network intrusion detection signatures with context. In: Proceedings of the 10th ACM Conference on Computer and Communication Security (CCS 2003), New York, pp. 262\u2013271 (2003)","DOI":"10.1145\/948109.948145"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11856214_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,10]],"date-time":"2025-01-10T21:48:39Z","timestamp":1736545719000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11856214_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540397236","9783540397250"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/11856214_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}