{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T22:04:22Z","timestamp":1743026662304,"version":"3.40.3"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319027258"},{"type":"electronic","value":"9783319027265"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-319-02726-5_15","type":"book-chapter","created":{"date-parts":[[2013,10,30]],"date-time":"2013-10-30T09:39:17Z","timestamp":1383125957000},"page":"194-212","source":"Crossref","is-referenced-by-count":1,"title":["XLRF: A Cross-Layer Intrusion Recovery Framework for Damage Assessment and Recovery Plan Generation"],"prefix":"10.1007","author":[{"given":"Eunjung","family":"Yoon","sequence":"first","affiliation":[]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"5","key":"15_CR1","doi-asserted-by":"publisher","first-page":"1167","DOI":"10.1109\/TKDE.2002.1033782","volume":"14","author":"P. Ammann","year":"2002","unstructured":"Ammann, P., Jajodia, S., Liu, P.: Recovery from malicious transactions. IEEE Trans. on Knowl. and Data Eng.\u00a014(5), 1167\u20131185 (2002)","journal-title":"IEEE Trans. on Knowl. and Data Eng."},{"issue":"6","key":"15_CR2","doi-asserted-by":"crossref","first-page":"799","DOI":"10.3233\/JCS-2004-12601","volume":"12","author":"V. Atluri","year":"2004","unstructured":"Atluri, V., Ae Chun, S., Mazzoleni, P.: Chinese wall security for decentralized workflow management systems. J. Comput. Secur.\u00a012(6), 799\u2013840 (2004)","journal-title":"J. Comput. Secur."},{"key":"15_CR3","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/1315245.1315250","volume-title":"Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007","author":"D. Balzarotti","year":"2007","unstructured":"Balzarotti, D., Cova, M., Felmetsger, V.V., Vigna, G.: Multi-module vulnerability analysis of web-based applications. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 25\u201335. ACM, New York (2007)"},{"key":"15_CR4","first-page":"5","volume-title":"Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC-FSE 2007","author":"M. Christodorescu","year":"2007","unstructured":"Christodorescu, M., Jha, S., Kruegel, C.: Mining specifications of malicious behavior. In: Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC-FSE 2007, pp. 5\u201314. ACM, New York (2007)"},{"issue":"SI","key":"15_CR5","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1145\/844128.844148","volume":"36","author":"G.W. Dunlap","year":"2002","unstructured":"Dunlap, G.W., King, S.T., Cinar, S., Basrai, M.A., Chen, P.M.: Revirt: enabling intrusion analysis through virtual-machine logging and replay. SIGOPS Oper. Syst. Rev.\u00a036(SI), 211\u2013224 (2002)","journal-title":"SIGOPS Oper. Syst. Rev."},{"key":"15_CR6","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1109\/COOPIS.1996.555004","volume-title":"Proceedings of the First IFCIS International Conference on Cooperative Information Systems, COOPIS 1996","author":"J. Eder","year":"1996","unstructured":"Eder, J., Liebhart, W.: Workflow recovery. In: Proceedings of the First IFCIS International Conference on Cooperative Information Systems, COOPIS 1996, pp. 124\u2013134. IEEE Computer Society, Washington, DC (1996)"},{"key":"15_CR7","series-title":"IFIP AICT","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/978-3-642-30436-1_9","volume-title":"Information Security and Privacy Research","author":"E. Gessiou","year":"2012","unstructured":"Gessiou, E., Pappas, V., Athanasopoulos, E., Keromytis, A.D., Ioannidis, S.: Towards a universal data provenance framework using dynamic instrumentation. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol.\u00a0376, pp. 103\u2013114. Springer, Heidelberg (2012)"},{"key":"15_CR8","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1145\/1095810.1095826","volume-title":"Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP 2005","author":"A. Goel","year":"2005","unstructured":"Goel, A., Po, K., Farhadi, K., Li, Z., de Lara, E.: The taser intrusion recovery system. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP 2005, pp. 163\u2013176. ACM, New York (2005)"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Hsu, F., Chen, H., Ristenpart, T., Li, J., Su, Z.: Back to the future: A framework for automatic malware removal and system repair. In: Proceedings of the 22nd Annual Computer Security Applications Conference, ACSAC 2006, pp. 257\u2013268. IEEE Computer Society, Washington, DC (2006)","DOI":"10.1109\/ACSAC.2006.16"},{"key":"15_CR10","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1145\/1352592.1352603","volume-title":"Proceedings of the 3rd ACM SIGOPS\/EuroSys European Conference on Computer Systems 2008, Eurosys 2008","author":"S. Jain","year":"2008","unstructured":"Jain, S., Shafique, F., Djeric, V., Goel, A.: Application-level isolation and recovery with solitude. In: Proceedings of the 3rd ACM SIGOPS\/EuroSys European Conference on Computer Systems 2008, Eurosys 2008, pp. 95\u2013107. ACM, New York (2008)"},{"key":"15_CR11","doi-asserted-by":"publisher","first-page":"528","DOI":"10.1145\/1993498.1993561","volume-title":"Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2011","author":"D. Kim","year":"2011","unstructured":"Kim, D., Rinard, M.C.: Verification of semantic commutativity conditions and inverse operations on linked data structures. In: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2011, pp. 528\u2013541. ACM, New York (2011)"},{"key":"15_CR12","first-page":"1","volume-title":"Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI 2010","author":"T. Kim","year":"2010","unstructured":"Kim, T., Wang, X., Zeldovich, N., Kaashoek, M.F.: Intrusion recovery using selective re-execution. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI 2010, pp. 1\u20139. USENIX Association, Berkeley (2010)"},{"key":"15_CR13","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1145\/945445.945467","volume-title":"Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, SOSP 2003","author":"S.T. King","year":"2003","unstructured":"King, S.T., Chen, P.M.: Backtracking intrusions. In: Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, SOSP 2003, pp. 223\u2013236. ACM, New York (2003)"},{"key":"15_CR14","first-page":"131","volume-title":"Proceedings of the 4th ACM European Conference on Computer Systems, EuroSys 2009","author":"P. Mahajan","year":"2009","unstructured":"Mahajan, P., Kotla, R., Marshall, C.C., Ramasubramanian, V., Rodeheffer, T.L., Terry, D.B., Wobber, T.: Effective and efficient compromise recovery for weakly consistent replication. In: Proceedings of the 4th ACM European Conference on Computer Systems, EuroSys 2009, pp. 131\u2013144. ACM, New York (2009)"},{"key":"15_CR15","first-page":"27","volume-title":"Proceedings of the 19th USENIX Conference on Security, USENIX Security 2010","author":"R. Paleari","year":"2010","unstructured":"Paleari, R., Martignoni, L., Passerini, E., Davidson, D., Fredrikson, M., Giffin, J., Jha, S.: Automatic generation of remediation procedures for malware infections. In: Proceedings of the 19th USENIX Conference on Security, USENIX Security 2010, p. 27. USENIX Association, Berkeley (2010)"},{"issue":"9","key":"15_CR16","doi-asserted-by":"publisher","first-page":"1128","DOI":"10.1109\/TKDE.2004.47","volume":"16","author":"W. Aalst van der","year":"2004","unstructured":"van der Aalst, W., Weijters, T., Maruster, L.: Workflow mining: Discovering process models from event logs. IEEE Trans. on Knowl. and Data Eng.\u00a016(9), 1128\u20131142 (2004)","journal-title":"IEEE Trans. on Knowl. and Data Eng."},{"key":"15_CR17","first-page":"255","volume-title":"Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002","author":"D. Wagner","year":"2002","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, pp. 255\u2013264. ACM, New York (2002)"},{"key":"15_CR18","doi-asserted-by":"publisher","first-page":"484","DOI":"10.1109\/ACSAC.2009.52","volume-title":"Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC 2009","author":"X. Xiong","year":"2009","unstructured":"Xiong, X., Jia, X., Liu, P.: Shelf: Preserving business continuity and availability in an intrusion recovery system. In: Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC 2009, pp. 484\u2013493. IEEE Computer Society, Washington, DC (2009)"},{"key":"15_CR19","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1145\/1315245.1315261","volume-title":"Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007","author":"H. Yin","year":"2007","unstructured":"Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 116\u2013127. ACM, New York (2007)"},{"key":"15_CR20","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1109\/ICDCS.2004.1281607","volume-title":"Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS 2004)","author":"M. Yu","year":"2004","unstructured":"Yu, M., Liu, P., Zang, W.: Self-healing workflow systems under attacks. In: Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS 2004), pp. 418\u20134025. IEEE Computer Society, Washington, DC (2004)"}],"container-title":["Lecture Notes in Computer Science","Information and Communications Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-02726-5_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,25]],"date-time":"2019-08-25T20:24:26Z","timestamp":1566764666000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-02726-5_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783319027258","9783319027265"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-02726-5_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}