{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T13:22:39Z","timestamp":1725974559983},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319788128"},{"type":"electronic","value":"9783319788135"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-78813-5_36","type":"book-chapter","created":{"date-parts":[[2018,4,10]],"date-time":"2018-04-10T06:03:21Z","timestamp":1523340201000},"page":"687-703","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["TopHat : Topology-Based Host-Level Attribution for Multi-stage Attacks in\u00a0Enterprise Systems Using Software Defined Networks"],"prefix":"10.1007","author":[{"given":"Subramaniyam","family":"Kannan","sequence":"first","affiliation":[]},{"given":"Paul","family":"Wood","sequence":"additional","affiliation":[]},{"given":"Larry","family":"Deatrick","sequence":"additional","affiliation":[]},{"given":"Patricia","family":"Beane","sequence":"additional","affiliation":[]},{"given":"Somali","family":"Chaterji","sequence":"additional","affiliation":[]},{"given":"Saurabh","family":"Bagchi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,4,11]]},"reference":[{"key":"36_CR1","doi-asserted-by":"crossref","unstructured":"Alserhani, F., Akhlaq, M., Awan, I.U., Cullen, A.J., Mirchandani, P.: MARS: multi-stage attack recognition system. In: 2010 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), pp. 753\u2013759. IEEE (2010)","DOI":"10.1109\/AINA.2010.57"},{"issue":"2","key":"36_CR2","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/4236.991439","volume":"6","author":"T Baba","year":"2002","unstructured":"Baba, T., Matsuda, S.: Tracing network attacks to their sources. IEEE Internet Comput. 6(2), 20\u201326 (2002)","journal-title":"IEEE Internet Comput."},{"key":"36_CR3","doi-asserted-by":"crossref","unstructured":"Clark, D.D., Landau, S.: The problem isn\u2019t attribution: it\u2019s multi-stage attacks. In: Proceedings of the Re-architecting the Internet Workshop, p. 11. ACM (2010)","DOI":"10.1145\/1921233.1921247"},{"key":"36_CR4","first-page":"323","volume":"2","author":"DD Clark","year":"2011","unstructured":"Clark, D.D., Landau, S.: Untangling attribution. Harv. Nat. Secur. J. 2, 323 (2011)","journal-title":"Harv. Nat. Secur. J."},{"key":"36_CR5","doi-asserted-by":"crossref","unstructured":"Dawkins, J., Hale, J.: A systematic approach to multi-stage network attack analysis. In: Proceedings of Second IEEE International Information Assurance Workshop, pp. 48\u201356. IEEE (2004)","DOI":"10.1109\/IWIA.2004.1288037"},{"issue":"2","key":"36_CR6","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1145\/2602204.2602219","volume":"44","author":"N Feamster","year":"2014","unstructured":"Feamster, N., Rexford, J., Zegura, E.: The road to SDN: an intellectual history of programmable networks. ACM SIGCOMM Comput. Commun. Rev. 44(2), 87\u201398 (2014)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"36_CR7","doi-asserted-by":"crossref","unstructured":"Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 127\u2013132. ACM (2012)","DOI":"10.1145\/2342441.2342467"},{"key":"36_CR8","doi-asserted-by":"crossref","unstructured":"Kampanakis, P., Perros, H., Beyene, T.: SDN-based solutions for moving target defense network protection. In: 2014 IEEE 15th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1\u20136. IEEE (2014)","DOI":"10.1109\/WoWMoM.2014.6918979"},{"key":"36_CR9","unstructured":"Kannan, S., Wood, P., Deatrick, L., Beane, P., Chaterji, S., Bagchi, S.: TopHat: topology-based host-level attribution for multi-stage attacks in enterprise systems using software defined networks. Technical report, CERIAS Tech Report TR 2017-4 (2017). \nhttps:\/\/www.cerias.purdue.edu\/apps\/reports_and_papers\/"},{"key":"36_CR10","doi-asserted-by":"crossref","unstructured":"MacFarland, D.C., Shue, C.A.: The SDN shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 37\u201341. ACM (2015)","DOI":"10.1145\/2808475.2808485"},{"key":"36_CR11","doi-asserted-by":"crossref","unstructured":"Mao, M., Humphrey, M.: A performance study on the VM startup time in the cloud. In: 2012 IEEE 5th International Conference on Cloud Computing (CLOUD), pp. 423\u2013430. IEEE (2012)","DOI":"10.1109\/CLOUD.2012.103"},{"issue":"2","key":"36_CR12","first-page":"30","volume":"17","author":"N McKeown","year":"2009","unstructured":"McKeown, N.: Software-defined networking. INFOCOM Keynote Talk 17(2), 30\u201332 (2009)","journal-title":"INFOCOM Keynote Talk"},{"key":"36_CR13","doi-asserted-by":"crossref","unstructured":"Medved, J., Varga, J., Tkacik, A., Gray, K.: OpenDaylight: towards a model-driven SDN controller architecture. In: 2014 IEEE 15th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1\u20136. IEEE (2014)","DOI":"10.1109\/WoWMoM.2014.6918985"},{"key":"36_CR14","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-642-31909-9_3","volume-title":"Security and Privacy in Communication Networks","author":"G Modelo-Howard","year":"2012","unstructured":"Modelo-Howard, G., Sweval, J., Bagchi, S.: Secure configuration of intrusion detection sensors for changing enterprise systems. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) SecureComm 2011. LNICST, vol. 96, pp. 39\u201358. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-31909-9_3"},{"issue":"4","key":"36_CR15","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1145\/347057.347560","volume":"30","author":"Stefan Savage","year":"2000","unstructured":"Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: ACM SIGCOMM Computer Communication Review, vol. 30, no. 4, pp. 295\u2013306. ACM (2000)","journal-title":"ACM SIGCOMM Computer Communication Review"},{"key":"36_CR16","doi-asserted-by":"crossref","unstructured":"Strayer, W.T., Jones, C.E., Schwartz, B.I., Mikkelson, J., Livadas, C.: Architecture for multi-stage network attack traceback. In: The IEEE Conference on Local Computer Networks 30th Anniversary, pp. 8\u2013pp. IEEE (2005)","DOI":"10.1109\/LCN.2005.33"},{"key":"36_CR17","doi-asserted-by":"crossref","unstructured":"Sultan, F., Srinivasan, K., Iyer, D., Iftode, L.: Migratory TCP: connection migration for service continuity in the internet. In: Proceedings of 22nd International Conference on Distributed Computing Systems, pp. 469\u2013470. IEEE (2002)","DOI":"10.1109\/ICDCS.2002.1022294"},{"key":"36_CR18","first-page":"12","volume":"11","author":"R Wang","year":"2011","unstructured":"Wang, R., Butnariu, D., Rexford, J., et al.: Openflow-based server load balancing gone wild. Hot-ICE 11, 12 (2011)","journal-title":"Hot-ICE"},{"key":"36_CR19","doi-asserted-by":"crossref","unstructured":"Xu, Z., Wu, Z., Li, Z., Jee, K., Rhee, J., Xiao, X., Xu, F., Wang, H., Jiang, G.: High fidelity data reduction for big data security dependency analyses. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 504\u2013516. ACM (2016)","DOI":"10.1145\/2976749.2978378"},{"key":"36_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1007\/11767831_8","volume-title":"Privacy Enhancing Technologies","author":"Y Zhu","year":"2006","unstructured":"Zhu, Y., Bettati, R.: Unmixing mix traffic. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 110\u2013127. Springer, Heidelberg (2006). \nhttps:\/\/doi.org\/10.1007\/11767831_8"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-78813-5_36","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,4,10]],"date-time":"2018-04-10T06:22:40Z","timestamp":1523341360000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-78813-5_36"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319788128","9783319788135"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-78813-5_36","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018]]}}}