{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T13:27:15Z","timestamp":1772112435482,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":15,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540410850","type":"print"},{"value":"9783540399452","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2000]]},"DOI":"10.1007\/3-540-39945-3_8","type":"book-chapter","created":{"date-parts":[[2007,4,14]],"date-time":"2007-04-14T06:38:33Z","timestamp":1176532713000},"page":"110-129","source":"Crossref","is-referenced-by-count":83,"title":["Intrusion Detection Using Variable-Length Audit Trail Patterns"],"prefix":"10.1007","author":[{"given":"Andreas","family":"Wespi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marc","family":"Dacier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Herv\u00e9","family":"Debar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2000,11,11]]},"reference":[{"key":"8_CR1","unstructured":"A. Brazma, I. Jonassen, I. Eidhammer, and D. Gilbert. Approaches to the automatic discovery of patterns in biosequences. Technical report, Department of Informatics, University of Bergen, 1995."},{"key":"8_CR2","series-title":"Lect Notes Comput Sci","first-page":"1","volume-title":"Computer Security-ESORICS 98, 5th European Symposium on Research in Computer Security","author":"H. Debar","year":"1998","unstructured":"Herv\u00e9 Debar, Marc Dacier, Medhi Nassehi, and Andreas Wespi. Fixed vs. variable-length patterns for detecting suspicious process behavior. In Jean-Jacques Quisquater, Yves Deswarte, Catherine Meadows, and Dieter Gollmann, (editors), Computer Security-ESORICS 98, 5th European Symposium on Research in Computer Security, LNCS, pages 1\u201315, Louvain-la-Neuve, Belgium, September 1998. Springer."},{"key":"8_CR3","unstructured":"Herv\u00e9 Debar, Marc Dacier, and Andreas Wespi. Reference Audit Information Generation for Intrusion Detection Systems. In Reinhard Posch and Gy\u00f6rgy Papp, (editors), Information Systems Security, Proceedings of the 14th International Information Security Conference IFIP SEC\u201998, pages 405\u2013417, Vienna, Austria and Budapest, Hungaria, August 31\u2013September 4 1998."},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Herv\u00e9 Debar, Marc Dacier, and Andreas Wespi. Towards a taxonomy of intrusion detection systems. Computer Networks, 31(8):805\u2013822, April 1999. Special issue on Computer Network Security.","DOI":"10.1016\/S1389-1286(98)00017-6"},{"key":"8_CR5","volume-title":"Technical Report RZ 6519","author":"H. Debar","year":"1998","unstructured":"Herv\u00e9 Debar, Marc Dacier, Andreas Wespi, and Stefan Lampart. A workbench for intrusion detection systems. Technical Report RZ 6519, IBM Zurich Research Laboratory, S\u00e4umerstrasse 4, CH-8803 R\u00fcschlikon, Switzerland, March 1998."},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Patrick D\u2019haeseleer, Stephanie Forrest, and Paul Helman. An immunological approach to change detection: algorithms, analysis, and implications. In Proceedings of the 1996 IEEE Symposium on Research in Security and Privacy, pages 110\u2013119. IEEE Computer Society, IEEE Computer Society Press, May 1996.","DOI":"10.1109\/SECPRI.1996.502674"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Stephanie Forrest, Steven A. Hofmeyr, and Anil Somayaji. Computer immunology. Communications of the ACM, 40(10):88\u201396, October 1997.","DOI":"10.1145\/262793.262811"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, and Thomas A. Longstaff. A sense of self for Unix processes. In Proceedinges of the 1996 IEEE Symposium on Research in Security and Privacy, pages 120\u2013128. IEEE Computer Society, IEEE Computer Society Press, May 1996.","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Stephanie Forrest, Alan S. Perelson, Lawrence Allen, and Rajesh Cherukuri. Self-nonself discrimination. In Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy, pages 202\u2013212. IEEE Computer Society, IEEE Computer Society Press, May 1994.","DOI":"10.1109\/RISP.1994.296580"},{"issue":"3","key":"8_CR10","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S. A. Hofmeyr","year":"1998","unstructured":"Steven A. Hofmeyr, Stephanie Forrest, and Anil Somayaji. Intrusion detection using sequences of system calls. Journal of Computer Security, 6(3):151\u2013180, 1998.","journal-title":"Journal of Computer Security"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Andrew P. Kosoresow and Steven A. Hofmeyr. Intrusion detection via system call traces. IEEE Software, pages 35\u201342, September\/October 1997.","DOI":"10.1109\/52.605929"},{"issue":"1","key":"8_CR12","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1093\/bioinformatics\/14.1.55","volume":"14","author":"I. Rigoutsos","year":"1998","unstructured":"Isidore Rigoutsos and Aris Floratos. Combinatorial pattern discovery in biological sequences. Bioinformatics, 14(1):55\u201367, 1998.","journal-title":"Bioinformatics"},{"key":"8_CR13","unstructured":"Andreas Wespi, Marc Dacier, and Herv\u00e9 Debar. An intrusion-detection system based on the Teiresias pattern-discovery algorithm. In Urs E. Gattiker, Pia Pedersen, and Karsten Petersen, (editors), Proceedings of EICAR\u2019 99, Aalborg, Denmark, February 1999. European Institute for Computer Anti-Virus Research. ISBN 87-987271-0-9."},{"key":"8_CR14","unstructured":"Andreas Wespi, Marc Dacier, Herv\u00e9 Debar, and Mehdi M. Nassehi. Audit trail pattern analysis for detecting suspicious process behavior. In Proceedings of RAID 98, Workshop on Recent Advances in Intrusion Detection, Louvain-la-Neuve, Belgium, September 1998."},{"key":"8_CR15","unstructured":"Andreas Wespi and Herv\u00e9 Debar. Building an intrusion-detection system to detect suspicious process behavior. In Proceedings of RAID 99, Workshop on Recent Advances in Intrusion Detection, West Lafayette, Indiana, USA, September 1999."}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-39945-3_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,15]],"date-time":"2025-01-15T20:03:31Z","timestamp":1736971411000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-39945-3_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2000]]},"ISBN":["9783540410850","9783540399452"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/3-540-39945-3_8","relation":{},"ISSN":["0302-9743"],"issn-type":[{"value":"0302-9743","type":"print"}],"subject":[],"published":{"date-parts":[[2000]]}}}