{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T04:17:48Z","timestamp":1769919468141,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540231233","type":"print"},{"value":"9783540301431","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/978-3-540-30143-1_8","type":"book-chapter","created":{"date-parts":[[2010,9,18]],"date-time":"2010-09-18T23:59:24Z","timestamp":1284854364000},"page":"146-165","source":"Crossref","is-referenced-by-count":91,"title":["On the Design and Use of Internet Sinks for Network Abuse Monitoring"],"prefix":"10.1007","author":[{"given":"Vinod","family":"Yegneswaran","sequence":"first","affiliation":[]},{"given":"Paul","family":"Barford","sequence":"additional","affiliation":[]},{"given":"Dave","family":"Plonka","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","unstructured":"Anderson, R., Khattak, A.: The Use of Information Retrieval Techniques for Intrusion Detection. In: Proceedings of RAID (September 1998)"},{"key":"8_CR2","unstructured":"Network Associates. LovGate Virus Summary, http:\/\/vil.nai.com\/vil\/content\/Print100183.htm (2002)"},{"key":"8_CR3","unstructured":"Bullard, C.: Argus Open Project, http:\/\/www.qosient.com\/argus\/"},{"key":"8_CR4","unstructured":"Cranor, C., Gao, Y., Johnson, T., Shkapenyuk, V., Spatscheck, O.: Gigascope: High Performance Network Monitoring with an SQL Interface"},{"key":"8_CR5","unstructured":"E-eye. Analysis: Sasser Worm, http:\/\/www.eeye.com\/html\/Research\/Advisories\/AD20040501.html"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Estan, C., Varghese, G.: New Directions in Traffic Measurement and Accounting. In: Proceedings of ACM SIGCOMM 2002, Pittsburgh, PA (August 2002)","DOI":"10.1145\/633025.633056"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Feldmann, A., Greenberg, A., Lund, C., Reingold, N., Rexford, J.: NetScope: Traffic Engineering for IP Networks. IEEE Network Magazine, Special Issue on Internet Traffic Engineering (2000)","DOI":"10.1109\/65.826367"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Greene, B.: BGPv4 Security Risk Assessment (June 2002)","DOI":"10.1016\/S1361-3723(02)00812-6"},{"key":"8_CR9","unstructured":"Greene, B.: Remote Triggering Black Hole Filtering (August 2002)"},{"key":"8_CR10","unstructured":"Honeyd: Network Rhapsody for You, http:\/\/www.citi.umich.edu\/u\/provos\/honeyd"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Iannaccone, G., Diot, C., Graham, I., McKeown, N.: Monitoring very high speed links. In: SIGCOMM Internet Measurement Workshop (November 2001)","DOI":"10.1145\/505202.505235"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Kohler, E., Morris, R., Chen, B., Jannotti, J., Kaashoek, F.: The click modular router. ACM Transactions on Computer Systems (August 2000)","DOI":"10.1145\/354871.354874"},{"key":"8_CR13","unstructured":"Lee, W., Stolfo, S.J., Mok, K.W.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy (1999)"},{"key":"8_CR14","unstructured":"Liston, T.: The Labrea Tarpit Homepage, http:\/\/www.hackbusters.net\/LaBrea\/"},{"key":"8_CR15","unstructured":"Moore, D.: Network Telescopes, http:\/\/www.caida.org\/outreach\/presentations\/2003\/dimacs0309\/"},{"key":"8_CR16","unstructured":"Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: The Spread of the Sapphire\/Slammer Worm. Technical report, CAIDA (2003)"},{"key":"8_CR17","doi-asserted-by":"crossref","unstructured":"Moore, D., Shannon, C., Claffy, K.: Code Red: A Case Study on the Spread and Victims of an Internet Worm. In: Proceedings of ACM SIGCOMM Internet Measurement Workshop, Marseilles, France (November 2002)","DOI":"10.1145\/637201.637244"},{"key":"8_CR18","unstructured":"Moore, D., Shannon, C., Voelker, G., Savage, S.: Internet Quarantine: Requirements for Containing Self-Propagating Code. In: Proceedings of IEEE INFOCOM (April 2003)"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Moore, D., Voelker, G., Savage, S.: Inferring Internet Denial of Service Activity. In: Proceedings of the 2001 USENIX Security Symposium, Washington D.C. (August 2001)","DOI":"10.21236\/ADA400003"},{"key":"8_CR20","unstructured":"Oetiker, T.: The multi router traffic grapher. In: Proceedings of the USENIX Twelvth System Administration Conference LISA XII (December 1998)"},{"key":"8_CR21","unstructured":"Paxson, V.: BRO: A System for Detecting Network Intruders in Real Time. In: Proceedings of the 7th USENIX Security Symposium (1998)"},{"key":"8_CR22","unstructured":"Plonka, D.: Flawed Routers Flood University of Wisconsin Internet Time Server, http:\/\/www.cs.wisc.edu\/plonka\/netgear-sntp"},{"key":"8_CR23","unstructured":"Plonka, D.: Flowscan: A network traffic flow reporting and visualization tool. In: Proceedings of the USENIX Fourteenth System Administration Conference LISA XIV (December 2000)"},{"key":"8_CR24","doi-asserted-by":"crossref","unstructured":"Rekhter, Y.: RFC 1817: CIDR and Classful Routing (August 1995)","DOI":"10.17487\/rfc1817"},{"key":"8_CR25","unstructured":"Roesch, M.: The SNORT Network Intrusion Detection System, http:\/\/www.snort.org"},{"key":"8_CR26","unstructured":"Staniford, S., Hoagland, J., McAlerney, J.: Practical Automated Detection of Stealthy Portscans. In: Proceedings of the ACM CCS IDS Workshop (November 2000)"},{"key":"8_CR27","unstructured":"Staniford, S., Paxson, V., Weaver, N.: How to Own the Internet in Your Spare Time. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA (August 2002)"},{"key":"8_CR28","unstructured":"Teng, H.S., Chen, K., Lu, S.C.-Y.: Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns. In: IEEE Symposium on Security and Privacy (1999)"},{"key":"8_CR29","unstructured":"The Honeynet Project, http:\/\/project.honeynet.org"},{"key":"8_CR30","unstructured":"Trend Micro. WORM RBOT.CC, http:\/\/uk.trendmicro-europe.com\/enterprise\/security_info\/-ve_detail.php?Vname=WORM_RBOT.CC"},{"key":"8_CR31","unstructured":"Yegneswaran, V., Barford, P., Jha, S.: Global Intrusion Detection in the DOMINO Overlay System. In: Proceedings of NDSS, San Diego, CA (2004)"},{"key":"8_CR32","doi-asserted-by":"crossref","unstructured":"Yegneswaran, V., Barford, P., Plonka, D.: On the Design and Use of Internet Sinks for Network Abuse Monitoring. University of Wisconsin Technical Report #1497 (2004)","DOI":"10.1007\/978-3-540-30143-1_8"},{"issue":"1","key":"8_CR33","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1145\/885651.781045","volume":"31","author":"Vinod Yegneswaran","year":"2003","unstructured":"Yegneswaran, V., Barford, P., Ullrich, J.: Internet Intrusions: Global Characteristics and Prevalence. In: Proceedings of ACM SIGMETRICS, San Diego, CA (June 2003)","journal-title":"ACM SIGMETRICS Performance Evaluation Review"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-30143-1_8.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T03:52:23Z","timestamp":1620013943000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-30143-1_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9783540231233","9783540301431"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-30143-1_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2004]]}}}