{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,11]],"date-time":"2025-04-11T04:57:37Z","timestamp":1744347457534,"version":"3.33.0"},"publisher-location":"Berlin, Heidelberg","reference-count":18,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540427025"},{"type":"electronic","value":"9783540454748"}],"license":[{"start":{"date-parts":[[2001,1,1]],"date-time":"2001-01-01T00:00:00Z","timestamp":978307200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2001]]},"DOI":"10.1007\/3-540-45474-8_12","type":"book-chapter","created":{"date-parts":[[2007,8,6]],"date-time":"2007-08-06T17:26:29Z","timestamp":1186421189000},"page":"190-203","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["System Health and Intrusion Monitoring Using a Hierarchy of Constraints"],"prefix":"10.1007","author":[{"given":"Calvin","family":"Ko","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Paul","family":"Brutch","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jeff","family":"Rowe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guy","family":"Tsafnat","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Karl","family":"Levitt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2001,9,27]]},"reference":[{"issue":"13","key":"12_CR1","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1109\/32.372146","volume":"2","author":"K. Ilgun","year":"1995","unstructured":"K. Ilgun, R. Kemmerer, and P. Porras, \u201cState Transition Analysis: A Rulebased Intrusion Detection Approach\u201d, IEEE Transactions of Software Engineering, 2(13):181\u2013199, March 1995.","journal-title":"IEEE Transactions of Software Engineering"},{"key":"12_CR2","unstructured":"U. Lindqvist and P. Porras, \u201cDetecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)\u201d, In Proceedings of the 1999 Symposium on Security and Privacy, May 1999."},{"key":"12_CR3","unstructured":"H. Javitz and A. Valdes, \u201cThe NIDES Statistical Component Description and Justification,\u201d Technical Report, Computer Science Laboratory, SRI International, Menlo Park, CA, Mar 1994."},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"R. Lippmann et. al., \u201cEvaluating Intrusion Detection Systems: The 1998 DARPA Off-Line Intrusion Detection Evaluation,\u201d DISCEX 2000-DARPA Information Survivability Conference and Exposition, Hilton Head, SC, 2000.","DOI":"10.1007\/3-540-39945-3_11"},{"key":"12_CR5","unstructured":"C. Ko, G. Fink and K. Levitt, \u201cAutomated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring\u201d, In Proceedings of the 10th Computer Security Application Conference, Orlando, Dec 1994."},{"key":"12_CR6","unstructured":"C. Ko, M. Ruschitzka and K. Levitt, \u201cExecution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-based Approach,\u201d In Proceedings of the 1997 Symposium on Security and Privacy, May 1997."},{"key":"12_CR7","unstructured":"R. Sekar, T. Bowen, and M. Segal, \u201cOn Preventing Intrusions by Process Behavior Monitoring,\u201d Workshop on Intrusion Detection and Network Monitoring Proceedings, Berkeley, CA, USENIX, pages 29\u201340."},{"key":"12_CR8","unstructured":"CERT Advisory CA-1999013 Multiple Vulnerabilities in WU-FTPD, CERT CC, available at http:\/\/www.cert.org\/advisories\/CA-1999-13.html , Nov 1999."},{"key":"12_CR9","unstructured":"M. Roesch, \u201cSnort-Lig htweight Intrusion Detection for Networks,\u201d USENIX LISA\u2019 99 conference, Nov 1999. Also available at http:\/\/www.snort.org ."},{"key":"12_CR10","unstructured":"L. Miras, \u201cAdvanced Evasion of IDS buffer overflow detection\u201d, power point presentation in http:\/\/www.newhackcity.net\/~jeru"},{"key":"12_CR11","unstructured":"T. Fraser, L. Badger, M. Feldman, \u201cHardening COTS Software Using Generic Software Wrappers\u201d, IEEE Symposium on Security and Privacy, May 1999."},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"D. Clark and D. Wilson, \u201cA Comparison of Commercial and Military Computer Security Policies,\u201d In Proceedings of the 1987 IEEE Symposium on Security and Privacy, May 1987.","DOI":"10.1109\/SP.1987.10001"},{"key":"12_CR13","series-title":"Technical Report","volume-title":"Integrity Considerations for Secure Computer Systems","author":"K.J. Biba","year":"1977","unstructured":"K.J. Biba, \u201cIntegrity Considerations for Secure Computer Systems,\u201d Technical Report ESD-TR-76-372, USAF Electronic Systems Division, Bedford, MA, 1977."},{"key":"12_CR14","unstructured":"W. Boebert and R. Kain, \u201cA Practical Alternative to Hierarchical Integrity Policies,\u201d Proceedings of the 8th National Computer Security Conference, Gaithersburg, MD, 1985."},{"issue":"9","key":"12_CR15","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"J. Saltzer","year":"1975","unstructured":"J. Saltzer and M. Schroeder, \u201cThe Protection of Information in Computer Systems,\u201d In Proceedings of the IEEE, Vol. 63, No. 9, pages 1278\u20131308, March 1975.","journal-title":"Proceedings of the IEEE"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"C. Landwehr et. al., \u201cA Taxonomy of Computer Program Security Flaws,\u201d ACM Computing Surveys, Vol.26, No. 3, September 1994.","DOI":"10.1145\/185403.185412"},{"key":"12_CR17","unstructured":"I. Krsul, \u201cSoftware Vulnerability Analysis,\u201d Department of Computer Science, Purdue University, Ph.D. Thesis, Coast TR-98-09, 1998."},{"key":"12_CR18","unstructured":"M. Bishop, \u201cWriting Safe Privileged Programs,\u201d Network Security 1997, New Orleans, LA, 1997."}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-45474-8_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,20]],"date-time":"2025-01-20T04:35:24Z","timestamp":1737347724000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-45474-8_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2001]]},"ISBN":["9783540427025","9783540454748"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/3-540-45474-8_12","relation":{},"ISSN":["0302-9743"],"issn-type":[{"type":"print","value":"0302-9743"}],"subject":[],"published":{"date-parts":[[2001]]},"assertion":[{"value":"27 September 2001","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}