{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T20:40:03Z","timestamp":1748724003703,"version":"3.41.0"},"publisher-location":"Cham","reference-count":13,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319269603"},{"type":"electronic","value":"9783319269610"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-26961-0_13","type":"book-chapter","created":{"date-parts":[[2015,12,16]],"date-time":"2015-12-16T13:07:52Z","timestamp":1450271272000},"page":"207-224","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Assessment of an Automatic Correlation Rules Generator"],"prefix":"10.1007","author":[{"given":"E.","family":"Godefroy","sequence":"first","affiliation":[]},{"given":"E.","family":"Totel","sequence":"additional","affiliation":[]},{"given":"M.","family":"Hurfin","sequence":"additional","affiliation":[]},{"given":"F.","family":"Majorczyk","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,12,31]]},"reference":[{"issue":"9","key":"13_CR1","doi-asserted-by":"publisher","first-page":"2221","DOI":"10.1016\/j.comnet.2011.03.005","volume":"55","author":"SH Ahmadinejad","year":"2011","unstructured":"Ahmadinejad, S.H., Jalili, S., Abadi, M.: A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs. Comput. Netw. 55(9), 2221\u20132240 (2011)","journal-title":"Comput. Netw."},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"\u00c7amtepe, S.A., Yener, B.: Modeling and detection of complex attacks. In: Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks, pp. 234\u2013243. IEEE (2007)","DOI":"10.1109\/SECCOM.2007.4550338"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Godefroy, E., Totel, E., Hurfin, M., Majorczyk, F.: Automatic generation of correlation rules to detect complex attack scenarios. In: 2014 10th International Conference on Information Assurance and Security (IAS), pp. 23\u201328. IEEE (2014)","DOI":"10.1109\/ISIAS.2014.7064615"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Jajodia, S., Noel, S.: Topological vulnerability analysis: A powerful new approach for network attack prevention, detection, and response. Indian Statistical Institute Monograph Series (2007)","DOI":"10.1142\/9789812836243_0013"},{"issue":"4","key":"13_CR5","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J McHugh","year":"2000","unstructured":"McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262\u2013294 (2000)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"13_CR6","series-title":"International Federation for Information Processing (Advances in Information and Communication Technology)","first-page":"353","volume-title":"SEC 2001","author":"C Michel","year":"2001","unstructured":"Michel, C., M\u00e9, L.: ADeLe: an attack description language for knowledge-based intrusion detection. In: Dupuy, M., Paradinas, P. (eds.) SEC 2001. IFIP AICT, vol. 65, pp. 353\u2013365. Springer, Heidelberg (2001)"},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"Noel, S., Robertson, E., Jajodia, S.: Correlating intrusion events and building attack scenarios through attack graph distances. In: ACSAC, pp. 350\u2013359 (2004)","DOI":"10.1109\/CSAC.2004.11"},{"key":"13_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1007\/978-3-642-21323-6_8","volume-title":"Computational Intelligence in Security for Information Systems","author":"S Roschke","year":"2011","unstructured":"Roschke, S., Cheng, F., Meinel, C.: A new alert correlation algorithm based on attack graph. In: Herrero, A., Corchado, E. (eds.) CISIS 2011. LNCS, vol. 6694, pp. 58\u201367. Springer, Heidelberg (2011)"},{"key":"13_CR9","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/978-0-387-09699-5_17","volume-title":"Proceedings of the IFIP TC 11 23rd International Information Security Conference","author":"GC Tjhai","year":"2008","unstructured":"Tjhai, G.C., Papadaki, M., Furnell, S., Clarke, N.L.: Investigating the problem of ids false alarms: An experimental study using snort. In: Jajodia, S., Samarati, P., Cimato, S. (eds.) Proceedings of the IFIP TC 11 23rd International Information Security Conference. IFIP AICT, vol. 278, pp. 253\u2013267. Springer, Boston (2008)"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Totel, E., Vivinis, B., M\u00e9, L.: A language driven intrusion detection system for event and alert correlation. In: Proceedings ot the 19th IFIP International Information Security Conference, pp. 209\u2013224. Kluwer Academic (2004)","DOI":"10.1007\/1-4020-8143-X_14"},{"key":"13_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/3-540-45474-8_4","volume-title":"Recent Advances in Intrusion Detection","author":"A Valdes","year":"2001","unstructured":"Valdes, A., Skinner, K.: Probabilistic alert correlation. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 54\u201368. Springer, Heidelberg (2001)"},{"issue":"2","key":"13_CR12","first-page":"8","volume":"3","author":"G Vigna","year":"2003","unstructured":"Vigna, G.: Teaching hands-on network security: Testbeds and live exercises. J. Inf. Warfare 3(2), 8\u201325 (2003)","journal-title":"J. Inf. Warfare"},{"key":"13_CR13","unstructured":"Xu, D., Ning, P.: Alert correlation through triggering events and common resources. In: 20th Annual Computer Security Applications Conference, pp. 360\u2013369. IEEE (2004)"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-26961-0_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T20:20:16Z","timestamp":1748722816000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-26961-0_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319269603","9783319269610"],"references-count":13,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-26961-0_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"31 December 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}