{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T05:09:46Z","timestamp":1743052186381,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":19,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540494966"},{"type":"electronic","value":"9783540494973"}],"license":[{"start":{"date-parts":[[2006,1,1]],"date-time":"2006-01-01T00:00:00Z","timestamp":1136073600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11935308_26","type":"book-chapter","created":{"date-parts":[[2006,11,15]],"date-time":"2006-11-15T11:26:42Z","timestamp":1163590002000},"page":"369-378","source":"Crossref","is-referenced-by-count":0,"title":["Modular Behavior Profiles in Systems with Shared Libraries (Short Paper)"],"prefix":"10.1007","author":[{"given":"Carla","family":"Marceau","sequence":"first","affiliation":[]},{"given":"Matt","family":"Stillerman","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"26_CR1","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry Attacks on Host Based Intrusion Detection Systems. In: Proceedings of the Ninth ACM Conference on Computer and Communications Security (2002)","DOI":"10.1145\/586110.586145"},{"key":"26_CR2","unstructured":"Allison, K.: Windows PCs Face \u2018Huge\u2019 Virus Threat. In: Financial Times (January 2, 2006)"},{"key":"26_CR3","unstructured":"Microsoft (TM), Microsoft Security Bulletin Ms05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424), http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS05-053.mspx"},{"key":"26_CR4","volume-title":"Proceedings of the IEEE Symposium on Computer Security and Privacy","author":"S. Forrest","year":"1996","unstructured":"Forrest, S., Hofmeyr, S.A., Somajayi, A.: A Sense of Self for UNIX Processes. In: Proceedings of the IEEE Symposium on Computer Security and Privacy. IEEE Press, Los Alamitos (1996)"},{"issue":"3","key":"26_CR5","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S.A. Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion Detection Using Sequences of System Calls. Journal of Computer Security\u00a06(3), 151\u2013180 (1998)","journal-title":"Journal of Computer Security"},{"key":"26_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BFb0055852","volume-title":"Computer Security \u2013 ESORICS 98","author":"H. Debar","year":"1998","unstructured":"Debar, H., et al.: Fixed vs. Variable-Length Patterns for Detecting Suspicious Process Behavior. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol.\u00a01485, pp. 1\u201315. Springer, Heidelberg (1998)"},{"key":"26_CR7","doi-asserted-by":"crossref","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.: Detecting Intrusions Using System Calls: Alternative Data Models. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 133\u2013145 (1999)","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"26_CR8","unstructured":"Ghosh, A.K., Schwatzbard, A., Shatz, M.: Learning Program Behavior Profiles for Intrusion Detection. In: Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California (1999)"},{"key":"26_CR9","doi-asserted-by":"crossref","unstructured":"Marceau, C.: Characterizing the Behavior of a Program Using Multiple-Length N-Grams. In: Proceedings of the New Security Paradigms Workshop, Ballycotton, Ireland (2000)","DOI":"10.1145\/366173.366197"},{"key":"26_CR10","unstructured":"Pfleger, K.: On-Line Cumulative Learning of Hierarchical Sparse N-Grams. In: Proceedings of the International Conference on Development and Learning (2004)"},{"issue":"3","key":"26_CR11","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1145\/545186.545187","volume":"5","author":"C.C. Michael","year":"2002","unstructured":"Michael, C.C., Ghosh, A.: Simple, State-Based Approaches to Program-Based Intrusion Detection. ACM Transactions on Information and System Security\u00a05(3), 203\u2013237 (2002)","journal-title":"ACM Transactions on Information and System Security"},{"key":"26_CR12","doi-asserted-by":"crossref","unstructured":"Balzer, R., Goldman, N.: Mediating Connectors. In: Proceedings of the ICDCS Workshop on Electronic Commerce and Web-Based Applications, Austin, TX, pp. 73\u201377 (1999)","DOI":"10.1109\/ECMDD.1999.776417"},{"key":"26_CR13","unstructured":"Balzer, R., Goldman, N.: Mediating Connectors: A Non-Bypassable Process Wrapping Technology. In: Proceedings of the 19th IEEE International Conference on Distributed Computing Systems (1999)"},{"key":"26_CR14","unstructured":"Feng, H., et al.: Anomaly Detection Using Call Stack Information. In: Proceedings of the IEEE Security and Privacy, Oakland, CA, USA (2003)"},{"key":"26_CR15","doi-asserted-by":"crossref","unstructured":"Sekar, R., et al.: A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 144\u2013155 (2001)","DOI":"10.1109\/SECPRI.2001.924295"},{"key":"26_CR16","unstructured":"Arcata Pet, Imgviewer\/32, http:\/\/www.arcatapet.net\/imgv32.cfm"},{"key":"26_CR17","unstructured":"Ries, C.: Analysis of a Malicious JPEG Attack, http:\/\/www.vigilantminds.com\/files\/jpeg_attack_wp.pdf"},{"key":"26_CR18","unstructured":"French Security Incident Response Team (FSIRT), Windows JPEG GDI+ Overflow Administrator Exploit (Ms04-028), http:\/\/www.frsirt.com\/exploits\/09232004.ms04-28-admin.sh.php"},{"key":"26_CR19","unstructured":"Microsoft (TM) TechNet, Microsoft Security Bulletin Ms06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919), http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS06-001.mspx"}],"container-title":["Lecture Notes in Computer Science","Information and Communications Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11935308_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,11]],"date-time":"2025-01-11T23:14:40Z","timestamp":1736637280000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11935308_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540494966","9783540494973"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/11935308_26","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}