{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T15:49:17Z","timestamp":1781020157284,"version":"3.54.1"},"publisher-location":"Berlin, Heidelberg","reference-count":19,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540407973","type":"print"},{"value":"9783540452157","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2003]]},"DOI":"10.1007\/978-3-540-45215-7_5","type":"book-chapter","created":{"date-parts":[[2010,6,24]],"date-time":"2010-06-24T00:27:59Z","timestamp":1277339279000},"page":"57-81","source":"Crossref","is-referenced-by-count":20,"title":["A Behavior-Based Approach to Securing Email Systems"],"prefix":"10.1007","author":[{"given":"Salvatore J.","family":"Stolfo","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Shlomo","family":"Hershkop","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ke","family":"Wang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Olivier","family":"Nimeskern","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chia-Wei","family":"Hu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Bhattacharyya, M., Hershkop, S., Eskin, E., Stolfo, S.J.: MET: An Experimental System for Malicious Email Tracking. In: Proceedings of the 2002 New Security Paradigms Workshop (NSPW-2002), Virginia Beach, VA (September 2002)","DOI":"10.1145\/844102.844104"},{"key":"5_CR2","unstructured":"Zhiqiang, B., Faloustos, C.: Flip Korn: The DGX Distribution for Mining Massive, Skewed Data (2001)"},{"issue":"9","key":"5_CR3","doi-asserted-by":"publisher","first-page":"575","DOI":"10.1145\/362342.362367","volume":"16","author":"C. Bron","year":"1973","unstructured":"Bron, C., Kerbosch, J.: Finding all cliques of an undirected graph. Comm. ACM\u00a016(9), 575\u2013577 (1973)","journal-title":"Comm. ACM"},{"key":"5_CR4","volume-title":"Data Mining for Security Applications","author":"E. Eskin","year":"2002","unstructured":"Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.J.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. In: Data Mining for Security Applications. Kluwer, Dordrecht (2002) (to appear)"},{"key":"5_CR5","unstructured":"John, G.H., Langley, P.: Estimating continuous distributions in bayesian classifiers. In: Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence, pp. 338\u2013345 (1995)"},{"key":"5_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","DOI":"10.1007\/BFb0095252","volume-title":"Research and Development in Knowledge Discovery and Data Mining","author":"W. Lee","year":"1998","unstructured":"Lee, W., Stolfo, S., Mok, K.: Mining Audit Data to Build Intrusion Detection Models. In: Wu, X., Kotagiri, R., Korb, K.B. (eds.) PAKDD 1998. LNCS, vol.\u00a01394. Springer, Heidelberg (1998)"},{"key":"5_CR7","unstructured":"Lee, W., Stolfo, S., Chan, P.: Learning Patterns from Unix Process Execution Traces for Intrusion Detection. In: AAAI Workshop: AI Approaches to Fraud Detection and Risk Management (July 1997)"},{"key":"5_CR8","unstructured":"MySQL (2002), http:\/\/www.mysql.org"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Niblack, W., et al.: The QBIC project: querying images by content using color, texture, and shape. In: Proceedings of the SPIE (February 1993)","DOI":"10.1117\/12.143648"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Procmail (2002), http:\/\/www.procmail.org","DOI":"10.1145\/504689.504690"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Sendmail (2002), http:\/\/www.sendmail.org","DOI":"10.1145\/504689.504690"},{"key":"5_CR12","unstructured":"Schultz, M.G., Eskin, E., Stolfo, S.J.: Malicious Email Filter \u2013 A UNIX Mail Filter that Detects Malicious Windows Executables. In: Proceedings of USENIX Annual Technical Conference \u2014 FREENIX Track, Boston, MA (June 2001)"},{"key":"5_CR13","unstructured":"Smith, J.R.: Integrated Spatial and Feature Image Systems: Retrieval, Compression and Analysis. PhD thesis, Columbia University (1997)"},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Williamson, M.M.: Throttling viruses: Restricting propagation to defeat malicious mobile code. In: Prof. ACSAC Security Conference, Las Vegas, NV (2002)","DOI":"10.1109\/CSAC.2002.1176279"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Newman, M.E., Forrest, S., Balthrup, J.: Email networks and the spread of computer viruses. The American Physical Society (2002)","DOI":"10.1103\/PhysRevE.66.035101"},{"issue":"5199","key":"5_CR16","doi-asserted-by":"publisher","first-page":"843","DOI":"10.1126\/science.267.5199.843","volume":"267","author":"M. Damashek","year":"1995","unstructured":"Damashek, M.: Gauging similarity with n-grams: language independent categorization of text. Science\u00a0267(5199), 843\u2013848 (1995)","journal-title":"Science"},{"key":"5_CR17","first-page":"180","volume-title":"Machine Learning","author":"T.M. Mitchell","year":"1997","unstructured":"Mitchell, T.M.: Machine Learning, pp. 180\u2013183. McGraw-Hill, New York (1997)"},{"key":"5_CR18","first-page":"293","volume-title":"Introduction to Mathematical Statistics","author":"R.V. Hogg","year":"1994","unstructured":"Hogg, R.V., Craig, A.T.: Introduction to Mathematical Statistics, pp. 293\u2013301. Prentice Hall, Englewood Cliffs (1994)"},{"key":"5_CR19","doi-asserted-by":"crossref","unstructured":"Schonlau, M., DuMouchel, W., Ju, W.H., Karr, A.F., theus, M., Vardi, Y.: Computer Intrusion Detecting Masquerades. Statistical Science\u00a016 (2001)","DOI":"10.1214\/ss\/998929476"}],"container-title":["Lecture Notes in Computer Science","Computer Network Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-45215-7_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,27]],"date-time":"2024-03-27T20:07:41Z","timestamp":1711570061000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-45215-7_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003]]},"ISBN":["9783540407973","9783540452157"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-45215-7_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2003]]}}}