{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T00:10:35Z","timestamp":1725495035007},"publisher-location":"New York, NY","reference-count":20,"publisher":"Springer New York","isbn-type":[{"type":"print","value":"9780387737416"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-73742-3_5","type":"book-chapter","created":{"date-parts":[[2007,11,13]],"date-time":"2007-11-13T10:45:53Z","timestamp":1194950753000},"page":"75-86","source":"Crossref","is-referenced-by-count":1,"title":["An Integrated System for Insider Threat Detection"],"prefix":"10.1007","author":[{"given":"Daniel","family":"Ray","sequence":"first","affiliation":[]},{"given":"Phillip","family":"Bradford","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","volume-title":"Technical Report 99-15","author":"S. Axelsson","year":"2000","unstructured":"S. Axelsson, Intrusion Detection Systems: A Survey and Taxonomy, Technical Report 99-15, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden, 2000."},{"key":"5_CR2","doi-asserted-by":"publisher","first-page":"648","DOI":"10.1109\/ITCC.2004.1286727","volume":"2","author":"P. Bradford","year":"2004","unstructured":"P. Bradford, M. Brown, J. Perdue and B. Self, Towards proactive computer-system forensics, Proceedings of the International Conference on Information Technology: Coding and Computing, vol. 2, pp. 648\u2013652, 2004.","journal-title":"Proceedings of the International Conference on Information Technology: Coding and Computing"},{"unstructured":"P. Bradford and N. Hu, A layered approach to insider threat detection and proactive forensics, Proceedings of the Twenty-First Annual Computer Security Applications Conference (Technology Blitz), 2005.","key":"5_CR3"},{"unstructured":"J. Cooperstein, Windows management instrumentation: Administering Windows and applications across your enterprise, MSDN Magazine (\n                    http:\/\/msdn.microsoft.com\/msdnmag\/issues\/0500\/wmiover\n                    \n                  ), May 2000.","key":"5_CR4"},{"issue":"2","key":"5_CR5","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D. Denning","year":"1987","unstructured":"D. Denning, An intrusion-detection model, IEEE Transactions on Software Engineering, vol. 13(2), pp. 222\u2013232, 1987.","journal-title":"IEEE Transactions on Software Engineering"},{"unstructured":"J. Evers, Computer crime costs $67 billion FBI says, CNET News.com, January 19, 2006.","key":"5_CR6"},{"unstructured":"M. Gerken, Statistical-based intrusion detection, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania (\n                    http:\/\/www.sei.cmu.edu\/str\/descriptions\/sbid.htm\n                    \n                  ).","key":"5_CR7"},{"unstructured":"K. Goss, WMI made easy for C#, C# Help (\n                    http:\/\/www.csharphelp.com\/archives2\/archive334.html\n                    \n                  ).","key":"5_CR8"},{"key":"5_CR9","doi-asserted-by":"crossref","DOI":"10.1201\/9780203500132","volume-title":"A Practical Approach to WBEM\/CIM Management","author":"C. Hobbs","year":"2004","unstructured":"C. Hobbs, A Practical Approach to WBEM\/CIM Management, Auerbach\/CRC Press, Boca Raton, Florida, 2004."},{"key":"5_CR10","volume-title":"Technical Report, Department of Computer Science","author":"A. Jones","year":"2000","unstructured":"A. Jones and R. Sielken, Computer System Intrusion Detection: A Survey, Technical Report, Department of Computer Science, University of Virginia, Charlottesville, Virginia, 2000."},{"key":"5_CR11","first-page":"153","volume-title":"Advances in Digital Forensics","author":"P. Kahai","year":"2005","unstructured":"P. Kahai, M. Srinivasan, K. Namuduri and R. Pendse, Forensic profiling system, in Advances in Digital Forensics, M. Pollitt and S. Shenoi (Eds.), Springer, New York, pp. 153\u2013164, 2005."},{"unstructured":"W. Lee, S. Stolfo and K. Mok, A data mining framework for building intrusion detection models, Proceedings of the IEEE Symposium on Security and Privacy, pp. 120\u2013132, 1999.","key":"5_CR12"},{"unstructured":"T. Lunt, Automated audit trail analysis and intrustion detection: A survey, Proceedings of the Eleventh National Computer Security Conference, 1988.","key":"5_CR13"},{"issue":"4","key":"5_CR14","doi-asserted-by":"publisher","first-page":"405","DOI":"10.1016\/0167-4048(93)90029-5","volume":"12","author":"T. Lunt","year":"1993","unstructured":"T. Lunt, A survey of intrusion detection techniques, Computers and Security, vol. 12(4), pp. 405\u2013418, 1993.","journal-title":"Computers and Security"},{"unstructured":"Microsoft Corporation, WMI classes (\n                    http:\/\/msdn2.microsoft.com\/en-us\/library\/aa394554.aspx\n                    \n                  ), 2006.","key":"5_CR15"},{"unstructured":"J. Murphy, A quick introduction to WMI from.NET, O\u2019Reilly Network (\n                    http:\/\/www.ondotnet.com\/pub\/a\/dotnet\/2003\/04\/07\/wmi.html\n                    \n                  ), 2003.","key":"5_CR16"},{"unstructured":"K. Salchner, An in-depth look at WMI and instrumentation, DeveloperLand (\n                    http:\/\/www.developerland.com\/DotNet\/Enterprise\/145.aspx\n                    \n                  ), 2004.","key":"5_CR17"},{"unstructured":"L. Snow, Optimizing management queries, .NET Developer\u2019s Journal (\n                    http:\/\/dotnet.sys-con.com\/read\/38914.htm\n                    \n                  ), July 21, 2003.","key":"5_CR18"},{"unstructured":"SRI International, Event Monitoring Enabling Responses to Anomalous Live Disturbances (EMERALD) (\n                    http:\/\/www.csl.sri.com\/projects\/emerald\n                    \n                  ).","key":"5_CR19"},{"key":"5_CR20","volume-title":"Developing WMI Solutions","author":"C. Tunstall","year":"2002","unstructured":"C. Tunstall and G. Cole, Developing WMI Solutions, Pearson Education, Boston, Massachusetts, 2002."}],"container-title":["IFIP \u2014 The International Federation for Information Processing","Advances in Digital Forensics III"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-73742-3_5.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,29]],"date-time":"2021-04-29T04:17:20Z","timestamp":1619669840000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-73742-3_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387737416"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-73742-3_5","relation":{},"subject":[]}}