{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T06:22:41Z","timestamp":1769926961746,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540408789","type":"print"},{"value":"9783540452485","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2003]]},"DOI":"10.1007\/978-3-540-45248-5_10","type":"book-chapter","created":{"date-parts":[[2010,6,28]],"date-time":"2010-06-28T04:40:20Z","timestamp":1277700020000},"page":"173-191","source":"Crossref","is-referenced-by-count":150,"title":["Using Decision Trees to Improve Signature-Based Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Christopher","family":"Kruegel","sequence":"first","affiliation":[]},{"given":"Thomas","family":"Toth","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"10_CR1","doi-asserted-by":"crossref","first-page":"333","DOI":"10.1145\/360825.360855","volume":"18","author":"A. Aho","year":"1975","unstructured":"Aho, A., Corasick, M.: Efficient string matching: An aid to bibliographic search. Communications of the Association for Computing Machinery\u00a018, 333\u2013340 (1975)","journal-title":"Communications of the Association for Computing Machinery"},{"key":"10_CR2","unstructured":"Cisco IDS - formerly NetRanger (2002), \n \n http:\/\/www.cisco.com\/warp\/public\/cc\/pd\/sqsw\/sqidsz\/index.shtml"},{"key":"10_CR3","unstructured":"Jason Coit, C., Staniford, S., McAlerney, J.: Towards Faster String Matching for Intrusion Detection or Exceeding the Speed of Snort. In: Proceedings of DISCEX 2001 (2001)"},{"key":"10_CR4","unstructured":"Eckmann, S.T., Vigna, G., Kemmerer, R.A.: STATL: An Attack Language for State-based Intrusion Detection. In: Proceedings of the ACM Workshop on Intrusion Detection Systems, Athens, Greece (November 2000)"},{"key":"10_CR5","unstructured":"Fisk, M., Varghese, G.G.: An analysis of fast string matching applied to contentbased forwarding and intrusion detection. Technical Report UCSD TR CS2001- 0670, UC San Diego (2001)"},{"key":"10_CR6","unstructured":"Hartmeier, D.: Design and Performance of the OpenBSD Stateful Packet Filter (pf). In: USENIX Annual Technical Conference \u2013 FREENIX Track (2002)"},{"key":"10_CR7","unstructured":"Lee, W., Stolfo, S., Mok, K.: A Data Mining Framework for Building Intrusion Detection Models. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA (May 1999)"},{"key":"10_CR8","unstructured":"MIT Lincoln Labs. DARPA Intrusion Detection Evaluation (1999), \n \n http:\/\/www.ll.mit.edu\/IST\/ideval"},{"key":"10_CR9","doi-asserted-by":"crossref","first-page":"762","DOI":"10.1145\/359842.359859","volume":"20","author":"J.S. Moore","year":"1977","unstructured":"Moore, J.S., Boyer, R.S.: A Fast String Searching Algorithm. Communications of the Association for Computing Machinery\u00a020, 762\u2013772 (1977)","journal-title":"Communications of the Association for Computing Machinery"},{"key":"10_CR10","unstructured":"Paxson, V.: Bro: A system for detecting network intruders in real-time. In: 7th USENIX Security Symposium, San Antonio, TX, USA (January 1998)"},{"key":"10_CR11","unstructured":"Quinlan, J.R.: Discovering rules by induction from large collections of examples. In: Expert Systems in the Micro-Electronic Age, Edinburgh University Press (1979)"},{"issue":"1","key":"10_CR12","first-page":"81","volume":"1","author":"J.R. Quinlan","year":"1986","unstructured":"Quinlan, J.R.: Induction of decision trees. Machine Learning\u00a01(1), 81\u2013106 (1986)","journal-title":"Machine Learning"},{"key":"10_CR13","unstructured":"RealSecure., \n \n http:\/\/www.iss.net\/products_services\/enterprise_protection"},{"key":"10_CR14","unstructured":"Roesch, M.: Snort - Lightweight Intrusion Detection for Networks. In: USENIX Lisa 1999 (1999)"},{"key":"10_CR15","unstructured":"Snort-NG. Snort - Next Generation: Network Intrusion Detection System, \n \n http:\/\/www.infosys.tuwien.ac.at\/snort-ng"},{"key":"10_CR16","unstructured":"Snort. Open-source Network Intrusion Detection System, \n \n http:\/\/www.snort.org"},{"key":"10_CR17","unstructured":"Sourcefire. Snort 2.0, \n \n http:\/\/www.sourcefire.com\/technology\/whitepapers.htm"},{"key":"10_CR18","unstructured":"Swatch: Simple Watchdog, \n \n http:\/\/swatch.sourceforge.net"},{"key":"10_CR19","unstructured":"Symantec - NetProwler and Intruder Alert (2002), \n \n http:\/\/enterprisesecurity.symantec.com\/products\/products.cfm?ProductID=%50"},{"key":"10_CR20","volume-title":"Proceedings of DISCEX 2000","author":"G. Vigna","year":"2000","unstructured":"Vigna, G., Eckmann, S., Kemmerer, R.A.: The STAT Tool Suite. In: Proceedings of DISCEX 2000, Hilton Head, South Carolina, January 2000, IEEE Computer Society Press, Los Alamitos (2000)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-45248-5_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,15]],"date-time":"2019-03-15T03:49:17Z","timestamp":1552621757000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-45248-5_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003]]},"ISBN":["9783540408789","9783540452485"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-45248-5_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2003]]}}}