{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,19]],"date-time":"2025-03-19T11:17:14Z","timestamp":1742383034823},"publisher-location":"Berlin, Heidelberg","reference-count":18,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540231233"},{"type":"electronic","value":"9783540301431"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/978-3-540-30143-1_9","type":"book-chapter","created":{"date-parts":[[2010,9,18]],"date-time":"2010-09-18T23:59:24Z","timestamp":1284854364000},"page":"166-187","source":"Crossref","is-referenced-by-count":18,"title":["Monitoring IDS Background Noise Using EWMA Control Charts and Alert Information"],"prefix":"10.1007","author":[{"given":"Jouni","family":"Viinikka","sequence":"first","affiliation":[]},{"given":"Herv\u00e9","family":"Debar","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"9_CR1","unstructured":"Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. Technical report, James P. Anderson Co., Fort Washington, Pa 19034 (April 1980)"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Julisch, K., Dacier, M.: Mining Intrusion Detection Alarms for Actionable Knowledge. In: Proceedings of Knowledge Discovery in Data and Data Mining, SIGKDD (2002)","DOI":"10.1145\/775047.775101"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Porras, P.A., Fong, M.W., Valdes, A.: A Mission-Impact-Based Approach to INFOSEC Alarm Correlation. In: Wespi et al. [17], pp. 95\u2013114","DOI":"10.1007\/3-540-36084-0_6"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Morin, B., Debar, H.: Correlation of Intrusion Symptoms: an Application of Chronicles. In: Vigna et al. [18], pp. 94\u2013112","DOI":"10.1007\/978-3-540-45248-5_6"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Debar, H., Morin, B.: Evaluation of the Diagnostic Capabilities of Commercial Intrusion Detection Systems. In: Wespi et al. [17]","DOI":"10.1007\/3-540-36084-0_10"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Julisch, K.: Mining Alarm Clusters to Improve Alarm Handling Efficiency. In: Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC2001) (December 2001)","DOI":"10.1109\/ACSAC.2001.991517"},{"key":"9_CR7","unstructured":"Teoh, S.T., Ma, K.-L., Wu, S.F., Zhao, X.: A Visual Technique for Internet Anomaly Detection. In: Proceedings of IASTED Computer Graphics and Imaging, ACTA Press (2002)"},{"issue":"3","key":"9_CR8","doi-asserted-by":"publisher","first-page":"230","DOI":"10.2307\/1266443","volume":"1","author":"S.W. Roberts","year":"1959","unstructured":"Roberts, S.W.: Control Chart Tests Based On Geometric Moving Averages. Technometrics\u00a01(3), 230\u2013250 (1959)","journal-title":"Technometrics"},{"issue":"1","key":"9_CR9","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1109\/TR.2002.805796","volume":"52","author":"N. Ye","year":"2003","unstructured":"Ye, N., Vilbert, S., Chen, Q.: Computer Intrusion Detection Through EWMA for Autocorrelated and Uncorrelated Data. IEEE Transactions on Reliability\u00a052(1), 75\u201382 (2003)","journal-title":"IEEE Transactions on Reliability"},{"key":"9_CR10","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1002\/qre.493","volume":"18","author":"N. Ye","year":"2002","unstructured":"Ye, N., Borror, C., Chang, Y.: EWMA Techniques for Computer Intrusion Detection Through Anomalous Changes In Event Intensity. Quality and Reliability Engineering International\u00a018, 443\u2013451 (2002)","journal-title":"Quality and Reliability Engineering International"},{"key":"9_CR11","unstructured":"Mahadik, V.A., Wu, X., Reeves, D.S.: Detection of Denial of QoS Attacks Based on \u03c72 Statistic and EWMA Control Chart, http:\/\/arqos.csc.ncsu.edu\/papers.htm (February 2002)"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Mell, P., Hu, V., Lippman, R., Haines, J., Zissman, M.: An Overview of Issues in Testing Intrusion Detection Systems. NIST IR 7007, NIST CSRC - National Institute of Standards and Technology, Computer Security Resource Center (June 2003)","DOI":"10.6028\/NIST.IR.7007"},{"key":"9_CR13","unstructured":"Debar, H., Dacier, M., Wespi, A.: A Revised Taxonomy of Intrusion- Detection Systems. Technical Report RZ 3176 (#93222), IBM Research, Zurich (October 1999)"},{"key":"9_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/3-540-45474-8_4","volume-title":"Recent Advances in Intrusion Detection","author":"A. Valdes","year":"2001","unstructured":"Valdes, A., Skinner, K.: Probabilistic alert correlation. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, p. 54. Springer, Heidelberg (2001)"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Qin, X., Lee, W.: Statistical Causality Analysis of INFOSEC Alert Data. In: Vigna et al. [18], pp. 73\u201393","DOI":"10.1007\/978-3-540-45248-5_5"},{"key":"9_CR16","unstructured":"Manganaris, S., Christensen, M., Zerkle, D., Hermiz, K.: A Data Mining Analysis of RTID Alarms. In: 2nd International Symposium on Recent Advances in Intrusion Detection, RAID 1999 (1999), Available online: http:\/\/www.raid-symposium.org\/raid99\/PAPERS\/Manganaris.pdf"},{"key":"9_CR17","series-title":"Lecture Notes in Computer Science","volume-title":"Recent Advances in Intrusion Detection","year":"2002","unstructured":"Wespi, A., Vigna, G., Deri, L. (eds.): RAID 2002. LNCS, vol.\u00a02516. Springer, Heidelberg (2002)"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","volume-title":"Recent Advances in Intrusion Detection","year":"2003","unstructured":"Vigna, G., Kr\u00fcgel, C., Jonsson, E. (eds.): RAID 2003. LNCS, vol.\u00a02820. Springer, Heidelberg (2003)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-30143-1_9.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,19]],"date-time":"2020-11-19T04:44:53Z","timestamp":1605761093000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-30143-1_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9783540231233","9783540301431"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-30143-1_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2004]]}}}