{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:16:42Z","timestamp":1763468202064,"version":"3.40.4"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319113784"},{"type":"electronic","value":"9783319113791"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-11379-1_16","type":"book-chapter","created":{"date-parts":[[2014,8,20]],"date-time":"2014-08-20T03:14:54Z","timestamp":1408504494000},"page":"320-340","source":"Crossref","is-referenced-by-count":3,"title":["Count Me In: Viable Distributed Summary Statistics for Securing High-Speed Networks"],"prefix":"10.1007","author":[{"given":"Johanna","family":"Amann","sequence":"first","affiliation":[]},{"given":"Seth","family":"Hall","sequence":"additional","affiliation":[]},{"given":"Robin","family":"Sommer","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"16_CR1","doi-asserted-by":"crossref","unstructured":"Barman, D., Satapathy, P., Ciardo, G.: Detecting Attacks in Routers using Sketches. In: Workshop on High Performance Switching and Routing, HPSR (2007)","DOI":"10.1109\/HPSR.2007.4281248"},{"key":"16_CR2","unstructured":"Bro SumStat Scripts & Repos, http:\/\/www.icir.org\/johanna\/sumstats"},{"key":"16_CR3","unstructured":"Bro Network Security Monitor Web Site, http:\/\/www.bro.org"},{"key":"16_CR4","doi-asserted-by":"crossref","unstructured":"Cohen, E., Duffield, N., Kaplan, H., Lund, C., Thorup, M.: Composable, Scalable, and Accurate Weight Summarization of Unaggregated Data Sets. Proc. VLDB Endow.\u00a02(1) (August 2009)","DOI":"10.14778\/1687627.1687677"},{"key":"16_CR5","doi-asserted-by":"crossref","unstructured":"Das, S., Antony, S., Agrawal, D., El Abbadi, A.: Thread Cooperation in Multicore Architectures for Frequency Counting over Multiple Data Streams. Proc. VLDB Endow.\u00a02(1) (August 2009)","DOI":"10.14778\/1687627.1687653"},{"key":"16_CR6","doi-asserted-by":"crossref","unstructured":"Dean, J., Ghemawat, S.: MapReduce: Simplified Data Processing on Large Clusters. Commun. ACM 51(1) (January 2008)","DOI":"10.1145\/1327452.1327492"},{"key":"16_CR7","doi-asserted-by":"crossref","unstructured":"Denning, D.E.: An Intrusion-Detection Model. IEEE TSE 13(2) (February 1987)","DOI":"10.1109\/TSE.1987.232894"},{"key":"16_CR8","doi-asserted-by":"crossref","unstructured":"Estan, C., Varghese, G.: New Directions in Traffic Measurement and Accounting: Focusing on the Elephants, ignoring the Mice. ACM Trans. Comput. Syst. 21(3) (August 2003)","DOI":"10.1145\/859716.859719"},{"key":"16_CR9","doi-asserted-by":"crossref","unstructured":"Estan, C., Varghese, G., Fisk, M.: Bitmap Algorithms for Counting Active Flows on High-Speed Links. IEEE\/ACM Trans. Netw. 14(5) (October 2006)","DOI":"10.1109\/TNET.2006.882836"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Flajolet, P., Fusy, \u00c9., Gandouet, O., et al.: Hyperloglog: The Analysis of a Near-Optimal Cardinality Estimation Algorithm. In: Proc. of the International Conference of Analysis of Algorithms, AFOA (2007)","DOI":"10.46298\/dmtcs.3545"},{"key":"16_CR11","unstructured":"Flow-tools information, http:\/\/www.splintered.net\/sw\/flow-tools"},{"key":"16_CR12","doi-asserted-by":"crossref","unstructured":"Garcia-Teodoro, P., D\u00edaz-Verdejo, J.E., Maci\u00e1-Fern\u00e1ndez, G., Vzquez, E.: Anomaly-Based Network Intrusion Detection: Techniques, Systems and Challenges. Computers & Security 28(1-2) (2009)","DOI":"10.1016\/j.cose.2008.08.003"},{"key":"16_CR13","doi-asserted-by":"crossref","unstructured":"Heule, S., Nunkesser, M., Hall, A.: HyperLogLog in Practice: Algorithmic Engineering of a State of The Art Cardinality Estimation Algorithm. In: Proc. EDBT (2013)","DOI":"10.1145\/2452376.2452456"},{"key":"16_CR14","doi-asserted-by":"crossref","unstructured":"Kane, D.M., Nelson, J., Woodruff, D.P.: An Optimal Algorithm for the Distinct Elements Problem. In: Proceedings ACM PODS (2010)","DOI":"10.1145\/1807085.1807094"},{"key":"16_CR15","doi-asserted-by":"crossref","unstructured":"Keys, K., Moore, D., Estan, C.: A Robust System for Accurate Real-Time Summaries of Internet Traffic. In: Proc. SIGMETRICS (2005)","DOI":"10.1145\/1064212.1064223"},{"key":"16_CR16","unstructured":"Kim, H.A., O\u2019Hallaron, D.R.: Counting Network Flows in Real Time. In: Proc. IEEE Global Telecommunications Conference, vol.\u00a07 (2003)"},{"key":"16_CR17","doi-asserted-by":"crossref","unstructured":"Metwally, A., Agrawal, D., El Abbadi, A.: Efficient Computation of Frequent and Top-k Elements in Data Streams. In: Proc. ICDT (2005)","DOI":"10.1007\/978-3-540-30570-5_27"},{"key":"16_CR18","doi-asserted-by":"crossref","unstructured":"Patcha, A., Park, J.M.: An Overview of Anomaly Detection Techniques: Existing Solutions and Latest Technological Trends. Computer Networks 51(12) (2007)","DOI":"10.1016\/j.comnet.2007.02.001"},{"key":"16_CR19","doi-asserted-by":"crossref","unstructured":"Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks 31(23-24) (1999)","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"16_CR20","doi-asserted-by":"crossref","unstructured":"Peng, T., Leckie, C., Ramamohanarao, K.: Information Sharing for Distributed Intrusion Detection Systems. Journal of Network and Computer Applications 30(3) (August 2007)","DOI":"10.1016\/j.jnca.2005.07.004"},{"key":"16_CR21","unstructured":"Roesch, M.: Snort: Lightweight Intrusion Detection for Networks. In: LISA (1999)"},{"key":"16_CR22","unstructured":"SILK \u2013 System for Internet-Level Knowledge, http:\/\/tools.netsa.cert.org\/silk\/"},{"key":"16_CR23","unstructured":"Sommer, R., Paxson, V.: Exploiting Independent State For Network Intrusion Detection. In: ACSAC (2005)"},{"key":"16_CR24","doi-asserted-by":"crossref","unstructured":"Sridharan, A., Ye, T.: Tracking Port Scanners on the IP Backbone. In: Proc. Workshop on Large Scale Attack Defense, LSAD (2007)","DOI":"10.1145\/1352664.1352674"},{"key":"16_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-540-74320-0_6","volume-title":"Recent Advances in Intrusion Detection","author":"M. Vallentin","year":"2007","unstructured":"Vallentin, M., Sommer, R., Lee, J., Leres, C., Paxson, V., Tierney, B.: The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 107\u2013126. Springer, Heidelberg (2007)"},{"key":"16_CR26","doi-asserted-by":"crossref","unstructured":"Vitter, J.S.: Random Sampling with a Reservoir. ACM TOMS 11(1) (March 1985)","DOI":"10.1145\/3147.3165"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-11379-1_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,4]],"date-time":"2025-05-04T08:27:09Z","timestamp":1746347229000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-11379-1_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319113784","9783319113791"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-11379-1_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]}}}