{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T01:41:01Z","timestamp":1742953261554,"version":"3.40.3"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319044460"},{"type":"electronic","value":"9783319044477"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-04447-7_10","type":"book-chapter","created":{"date-parts":[[2014,5,13]],"date-time":"2014-05-13T09:56:59Z","timestamp":1399975019000},"page":"125-134","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Attack Pattern Recognition Through Correlating Cyber Situational Awareness in Computer Networks"],"prefix":"10.1007","author":[{"given":"Noor-ul-hassan","family":"Shirazi","sequence":"first","affiliation":[]},{"given":"Alberto","family":"Schaeffer-Filho","sequence":"additional","affiliation":[]},{"given":"David","family":"Hutchison","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,5,14]]},"reference":[{"key":"10_CR1","doi-asserted-by":"publisher","unstructured":"Rinalid SM, Peerenboom JP, Kelly TK. Identifying, understanding and analyzing critical infrastructure interdependencies. IEEE Control Syst Magaz. 2001;21(6):11\u201325. doi:10.1109\/37.969131.","DOI":"10.1109\/37.969131"},{"key":"10_CR2","doi-asserted-by":"publisher","unstructured":"Smith P, Hutchison D, Sch\u00f6ller M, Fessi A, Karaliopoulos M, Lac C, Plattner B. Network resilience: a systematic approach. IEEE Commun Magaz. 2011;49(7):88\u201397. doi:10.1109\/MCOM.2011.5936160.","DOI":"10.1109\/MCOM.2011.5936160"},{"key":"10_CR3","unstructured":"Computer Crime Research Center. Cybercrime is an organized and sophisticated business. 2001. http:\/\/www.crime-research.org\/library\/Cybercrime.htm. Accessed Sept 2013."},{"key":"10_CR4","volume-title":"Design patterns: elements of reusable object-oriented software","author":"E Gamma","year":"1995","unstructured":"Gamma E, Helm R, Johnson R, Vlissides J. Design patterns: elements of reusable object-oriented software. Inc, Boston, MA, USA: Addison-Wesley Longman Publishing Co.; 1995."},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Jain AK, Murty MN, Flynn PJ. Data clustering: a review. ACM Comput Surv. 1999;31(3):264\u2013323. doi:http:\/\/doi.acm.org\/10.1145\/331499.331504 NULL.","DOI":"10.1145\/331499.331504"},{"key":"10_CR6","doi-asserted-by":"publisher","unstructured":"Pavan M, Pelillo M. A new graph-theoretic approach to clustering and segmentation. In: Proceedings of the IEEE conference on computer vision and pattern recognition, Madison, Wisconsin, USA. doi:10.1109\/CVPR.2003.1211348; 2003. pp. 145\u2013152.","DOI":"10.1109\/CVPR.2003.1211348"},{"key":"10_CR7","volume-title":"Introduction to data mining","author":"P-N Tan","year":"2005","unstructured":"Tan P-N, Steinbach M, Kumar V. Introduction to data mining. Inc, Boston, MA, USA: Addison-Wesley Longman Publishing Co.; 2005."},{"key":"10_CR8","unstructured":"Adrian F, Rehnhard M. Histogram matrix:Log visualization for anomaly detection. In: Proceedings of the third international conference on availability reliability and security, Barcelona, Spain; 2008. pp 610\u2013617."},{"key":"10_CR9","doi-asserted-by":"publisher","unstructured":"Kind A, Stoecklin MP, Dimitriopoulos X. Histogram based traffic anomaly detection. IEEE Trans Netw Serv Manage. 2009;6(2):110\u2013121. doi:10.1109\/TNSM.2009.090604.","DOI":"10.1109\/TNSM.2009.090604"},{"key":"10_CR10","unstructured":"Nousiainen S, Kilpi J, Silvonen P, HiirsalmiSami M. Anomaly detection from server log data. A Case Study. Tech. rep., VTT Research Notes. http:\/\/www.vtt.fi\/inf\/pdf\/tiedotteet\/2009\/T2480.pdf (2009)."},{"key":"10_CR11","unstructured":"Barnum S, Sethi A. An introduction to attack patterns as a software assurance knowledge resource. Tech. rep., Cigital Inc. http:\/\/capec.mitre.org\/documents\/Attack_Patterns-Knowing_Your_Enemies_in_Order_to_Defeat_Them-Paper.pdf (2007)."},{"key":"10_CR12","unstructured":"Barnum S. Common attack pattern enumeration and classification (CAPEC) schema description. Tech. rep., Cigital Inc. http:\/\/capec.mitre.org\/documents\/documentation\/CAPEC_Schema_Description_v1.3.pdf (2008)."},{"key":"10_CR13","unstructured":"Gu G, Perdisci R, Zhang J, Lee W. BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnet detection. In: Proceedings of the 17th USENIX security symposium. San Jose: CA, USA; 2008. pp. 139\u2013154."},{"key":"10_CR14","doi-asserted-by":"publisher","unstructured":"Varrandi R. SEC\u2014a light weight event correlation tool. In: Proceedings of the IEEE workshop on IP operations and management. doi:10.1109\/IPOM.2002.1045765; 2002. pp. 111\u2013115.","DOI":"10.1109\/IPOM.2002.1045765"},{"issue":"1\u20132","key":"10_CR15","doi-asserted-by":"crossref","first-page":"105","DOI":"10.3233\/JCS-2002-101-205","volume":"10","author":"S Staniford","year":"2002","unstructured":"Staniford S, Hoagland JA, McAlerney JA. Practical automated detection of stealthy portscans. J Comput Secur. 2002;10(1\u20132):105\u201336.","journal-title":"J Comput Secur"},{"key":"10_CR16","unstructured":"Staniford-Chen S, et al. GrIDS\u2014A graph based intrusion detection system for large networks. In: Proceedings of the 19th national information systems security conference; 1996. pp. 361\u2013370."},{"key":"10_CR17","unstructured":"Roesch M. SNORT\u2014Lightweight intrusion detection for networks. In: Proceedings of the USENIX technical program - 13th systems administration conference - LISA \u201999. Washington, USA: Seattle; 1999. p. 229\u2013238."},{"key":"10_CR18","unstructured":"The Team Cymru. Home page of The team Cymru darknet. http:\/\/www.team-cymru.org\/Services\/darknets.html. (2009). Accessed Sept 2013."},{"key":"10_CR19","unstructured":"Bailey M, Cooke E, Jahanian F, Nazario J, Watson D. The Internet motion sensor: a distributed blackhole monitoring system. In: Proceedings of the 12th annual network and distributed system security symposium (NDSS), San Diego, CA, USA; 2005."},{"key":"10_CR20","doi-asserted-by":"publisher","unstructured":"Shannon C, Moore D. The spread of the witty worm. IEEE Secur Priv. 2004;2(4):46\u201350. doi:10.1109\/MSP.2004.59.","DOI":"10.1109\/MSP.2004.59"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Staniford S, Moore D, Paxson V, Weaver N. The top speed of flash worms. In: Proceedings of the ACM workshop on rapid malcode, WORM 2004, Washington, DC, USA; 2004.","DOI":"10.1145\/1029618.1029624"},{"key":"10_CR22","doi-asserted-by":"publisher","unstructured":"Pang R, Yegneswaran V, Barford P, Paxson V, Peterson L. Characteristics of Internet background radiation. In: Proceedings of the 4th ACM SIGCOMM, Taormina, Sicily, Italy; 2004. pp. 27\u201340. doi:10.1145\/1028788.1028794.","DOI":"10.1145\/1028788.1028794"},{"key":"10_CR23","unstructured":"ArborNetworks. Estonian DDoS attacks-A summary to date. Tech. rep., Arbor Networks. http:\/\/asert.arbornetworks.com\/2007\/05\/estonian-ddos-attacks-a-summary-to-date\/ (2007)."},{"key":"10_CR24","doi-asserted-by":"publisher","unstructured":"Pratt VR. Modeling concurrency with partial orders. Int J Parallel Prog. 1986;15(1):33\u201371. doi:10.1007\/BF01379149.","DOI":"10.1007\/BF01379149"},{"key":"10_CR25","doi-asserted-by":"publisher","unstructured":"Yu Y, Fry M, Schaeffer-Filho A, Smith P, Hutchison D. An adaptive approach to network resilience: evolving challenge detection and mitigation. In: 2011 8th International workshop on the design of reliable communication Networks (DRCN). doi:10.1109\/DRCN.2011.6076900; 2011. pp 172\u2013179.","DOI":"10.1109\/DRCN.2011.6076900"},{"key":"10_CR26","doi-asserted-by":"publisher","unstructured":"Sterbenz JPG, Hutchison D, \u00c7etinkaya EK, Jabbar A, Rohrer JP, Sch\u00f6ller M, Smith P. Resilience and survivability in communication networks: strategies, principles, and survey of disciplines. Comput Netw. 2010;54(8):1245\u20131265. doi:10.1016\/j.comnet.2010.03.005.","DOI":"10.1016\/j.comnet.2010.03.005"}],"container-title":["Cyberpatterns"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-04447-7_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T06:52:49Z","timestamp":1674543169000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-04447-7_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319044460","9783319044477"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-04447-7_10","relation":{},"subject":[],"published":{"date-parts":[[2014]]},"assertion":[{"value":"14 May 2014","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}