{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:10:08Z","timestamp":1763467808986},"publisher-location":"Berlin, Heidelberg","reference-count":21,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540000204"},{"type":"electronic","value":"9783540360841"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2002]]},"DOI":"10.1007\/3-540-36084-0_6","type":"book-chapter","created":{"date-parts":[[2007,5,15]],"date-time":"2007-05-15T21:40:00Z","timestamp":1179265200000},"page":"95-114","source":"Crossref","is-referenced-by-count":116,"title":["A Mission-Impact-Based Approach to INFOSEC Alarm Correlation"],"prefix":"10.1007","author":[{"given":"Phillip A.","family":"Porras","sequence":"first","affiliation":[]},{"given":"Martin W.","family":"Fong","sequence":"additional","affiliation":[]},{"given":"Alfonso","family":"Valdes","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2002,10,10]]},"reference":[{"key":"6_CR1","doi-asserted-by":"crossref","unstructured":"D\u2019 Ambrosio, B, M. Takikawa, D. Upper, J. Fitzgerald, and S. Mahoney, \u201cSecurity Situation Assessment and Response Evaluation,\u201d Proceedings (DISCEX II) DARPA Information Survivability Conference and Exposition, Anaheim, CA, Vol. I, June 2001.","DOI":"10.1109\/DISCEX.2001.932233"},{"key":"6_CR2","unstructured":"D.W. Baker, S.M. Christey, W.H. Hill, and D.E. Mann, \u201cThe Development of a Common Enumeration of Vulnerabilities and Exposures,\u201d Proceedings of the Second International Workshop on Recent Advances in Intrusion Detection (RAID), September 1999."},{"key":"6_CR3","unstructured":"Bugtraq. Security Focus Online. http:\/\/online.securityfocus.com\/archive\/1"},{"key":"6_CR4","unstructured":"CERT Coordination Center. Cert\/CC Advisories Carnegie Mellon, Software Engineering Institute. Online. http:\/\/www.cert.org\/advisories\/"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"F. Cuppens, \u201cManaging Alerts in a Multi-Intrusion Detection Environment,\u201d Proceedings 17th Computer Security Applications Conference, New Orleans, LA, December 2001.","DOI":"10.1109\/ACSAC.2001.991518"},{"key":"6_CR6","unstructured":"Common Vulnerabilities and Exposures. The MITRE Corporation. http:\/\/cve.mitre.org\/"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"H. Debar and A. Wespi, \u201cAggregation and Correlation of Intrusion-Detection Alerts,\u201d Proceedings 2001 International Workshop on Recent Advances in Intrusion Detection (RAID), Davis, CA, October 2001.","DOI":"10.1007\/3-540-45474-8_6"},{"key":"6_CR8","doi-asserted-by":"crossref","unstructured":"G. Vigna, R.A. Kemmerer, and P. Blix, \u201cDesigning a Web of Highly-Configurable Intrusion Detection Sensors,\u201d Proceedings 2001 International Workshop on Recent Advances in Intrusion Detection (RAID), Davis, CA, October 2001. C.W. Geib and R.P Goldman, \u201cProbabilistic Plan Recognition for Hostile Agents,\u201d Proceedings of FLAIRS 2001 Special Session on Uncertainty-May 2001.","DOI":"10.1007\/3-540-45474-8_5"},{"key":"6_CR9","unstructured":"C. Kahn, P.A. Porras, S. Staniford-Chen, and B. Tung, \u201cA Common Intrusion Detection Framework,\u201d http:\/\/www.gidos.org ."},{"key":"6_CR10","unstructured":"K. Kendall, \u201cA Database of Computer Attacks for the Evaluation of Intrusion Detection Systems,\u201d Master\u2019s Thesis, Massachusetts Institute of Technology, June 1999."},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"W. Lee, R.A. Nimbalkar, K.K. Yee, S.B. Patil, P.H. Desai, T.T. Tran, and S.J. Stolfo, \u201cA Data Mining and CIDF-Based Approach for Detecting Novel and Distributed Intrusions\u201d, Proceedings 2000 International Workshop on Recent Advances in Intrusion Detection (RAID), Toulouse, France, October 2000.","DOI":"10.1007\/3-540-39945-3_4"},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"D. Levin, Y. Tenney, and H. Henri, \u201cIssues in Human Interaction for Cyber Command and Control,\u201d Proceedings (DISCEX II) DARPA Information Survivability Conference and Exposition, Anaheim, CA, Vol. I, June 2001.","DOI":"10.1109\/DISCEX.2001.932203"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"U. Lindqvist and P.A. Porras, \u201ceXpert-BSM: A Host-based Intrusion Detection Solution for Sun Solaris,\u201d Proceedings 17th Computer Security Applications Conference, New Orleans, LA, December 2001.","DOI":"10.1109\/ACSAC.2001.991540"},{"key":"6_CR14","unstructured":"U. Lindqvist, D. Moran, P.A. Porras, and M. Tyson, \u201cDesigning IDLE: The Intrusion Detection Library Enterprise,\u201d Proceedings 1998 International Workshop on Recent Advances in Intrusion Detection (RAID), Louvain-la-Neuve, Belgium, September 1998."},{"key":"6_CR15","unstructured":"NMAP Network Mapping tool. http:\/\/www.insecure.org\/nmap\/"},{"key":"6_CR16","unstructured":"Pearl, J. \u201cProbabilistic Reasoning in Intelligent Systems,\u201d Morgan-Kaufmann (1988)."},{"key":"6_CR17","unstructured":"L. Perrochon, E. Jang, and D.C. Luckham.: Enlisting Event Patterns for Cyber Battlefield Awareness. DARPA Information Survivability Conference & Exposition (DISCEX\u201900), Hilton Head, South Carolina, January 2000."},{"key":"6_CR18","unstructured":"P.A. Porras and P.G. Neumann, \u201cEMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances,\u201d Proceedings National Information Systems Security Conference, NSA\/NIST, Baltimore, MD, October 1997."},{"key":"6_CR19","unstructured":"M. Roesch, \u201cLightweight Intrusion Detection for Networks,\u201d Proceedings of the 13th Systems Adminstration Conference \u2014 LISA 1999, November, 1999."},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Valdes and K. Skinner, \u201cAdaptive, Model-based Monitoring for Cyber Attack Detection\u201d, Proceedings 2000 International Workshop on Recent Advances in Intrusion Detection (RAID), Toulouse, France, October 2000.","DOI":"10.1007\/3-540-39945-3_6"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Valdes and K. Skinner, \u201cProbabilistic Alert Correlation,\u201d Proceedings 2001 International Workshop on Recent Advances in Intrusion Detection (RAID), Davis, CA, October 2001.","DOI":"10.1007\/3-540-45474-8_4"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-36084-0_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,27]],"date-time":"2019-04-27T20:51:43Z","timestamp":1556398303000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-36084-0_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2002]]},"ISBN":["9783540000204","9783540360841"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/3-540-36084-0_6","relation":{},"ISSN":["0302-9743"],"issn-type":[{"type":"print","value":"0302-9743"}],"subject":[],"published":{"date-parts":[[2002]]}}}