{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,19]],"date-time":"2025-03-19T14:35:59Z","timestamp":1742394959316},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540408789"},{"type":"electronic","value":"9783540452485"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2003]]},"DOI":"10.1007\/978-3-540-45248-5_6","type":"book-chapter","created":{"date-parts":[[2010,6,28]],"date-time":"2010-06-28T04:40:20Z","timestamp":1277700020000},"page":"94-112","source":"Crossref","is-referenced-by-count":76,"title":["Correlation of Intrusion Symptoms: An Application of Chronicles"],"prefix":"10.1007","author":[{"given":"Benjamin","family":"Morin","sequence":"first","affiliation":[]},{"given":"Herv\u00e9","family":"Debar","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"6_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/3-540-36084-0_7","volume-title":"Recent Advances in Intrusion Detection","author":"B. Morin","year":"2002","unstructured":"Morin, B., M\u00e9, L., Debar, H., Ducass\u00e9, M.: M2D2: a formal data model for intrusion alarm correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, p. 115. Springer, Heidelberg (2002)"},{"key":"6_CR2","unstructured":"Eckmann, S.T., Vigna, G., Kemmerer, R.A.: STATL: An Attack Language for Statebased Intrusion Detection, Dept. of Computer Science, University of California, Santa Barbara (2000)"},{"key":"6_CR3","doi-asserted-by":"crossref","unstructured":"Roger, M., Goubault-Larrecq, J.: Log Auditing Through Model-Checking. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop, CSFW 2001 (2001)","DOI":"10.1109\/CSFW.2001.930148"},{"key":"6_CR4","doi-asserted-by":"crossref","unstructured":"Lindqvist, U., Porras, P.A.: Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST). In: Proceedings of the IEEE Symposium on Security and Privacy (1999)","DOI":"10.1109\/SECPRI.1999.766911"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"McDermott, D.V.: A Temporal Logic for Reasoning about Processes and Plans. Cognitive Science, 101\u2013155 (1982)","DOI":"10.1207\/s15516709cog0602_1"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Bacchus, F., Tenenberg, J., Koomen, J.A.: A non-reified Temporal Logic. Artificial Intelligence, 87\u2013108 (1991)","DOI":"10.1016\/0004-3702(91)90025-F"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Allen, J.: Towards a General Theory of Action and Time. Artificial Intelligence, 123\u2013154 (1984)","DOI":"10.1016\/0004-3702(84)90008-0"},{"key":"6_CR8","doi-asserted-by":"crossref","unstructured":"Debar, H., Wespi, A.: Aggregation and Correlation of Intrusion Detection Alerts. In: Proceedings of the 4th Recent Advances in Intrusion Detection (RAID 2001) (October 2000)","DOI":"10.1007\/3-540-39945-3"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Manganaris, S., Christensen, M., Zerkle, D., Hermiz, K.: A Data Mining Analysis of RTID Alarms. Computer Networks: The International Journal of Computer and Telecommunications Networking\u00a034(34) (October 2000)","DOI":"10.1016\/S1389-1286(00)00138-9"},{"key":"6_CR10","unstructured":"Dousson, C., Gaborit, P., Ghallab, M.: Situation Recognition: Representation and Algorithms. In: Proceedings of the 13th IJCAI, August 1993, pp. 166\u2013172 (1993)"},{"key":"6_CR11","unstructured":"Dousson, C.: Suivi d\u2019\u00e9volutions et reconnaissance de chroniques, PhD Thesis (1994), http:\/\/dli.rd.francetelecom.fr\/abc\/diagnostic\/"},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Dousson, C.: Alarm Driven Supervision for Telecommunication Networks: Online Chronicle Recognition. Annales des Telecommunications, 501\u2013508 (1996)","DOI":"10.1007\/BF02997712"},{"key":"6_CR13","unstructured":"Dousson, C.: Extending and Unifying Chronicles Representation with Event Counters. In: Proceedings of the 15th European Conference on Artificial Intelligence (ECAI 2002) (August 2002)"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Cordier, M.O., Dousson, C.: Alarm Driven Monitoring Based on Chronicles. In: Proceedings of the 4th Symposium on Fault Detection Supervision and Safety for Technical Processes (Safeprocess 2000), June 2000, pp. 286\u2013291 (2000)","DOI":"10.1016\/S1474-6670(17)37375-5"},{"key":"6_CR15","unstructured":"Debar, H., Huang, M.Y., Donahoo, D.J.: Intrusion Detection Exchange Format Data Model. IETF Draft (2002)"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Shoham, Y.: Temporal Logics in AI: Semantical and Ontological Considerations. Journal of Artificial Intelligence 89\u2013104 (1987)","DOI":"10.1016\/0004-3702(87)90052-X"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Dechter, R., Meiri, I., Pearl, J.: Temporal Constraint Networks. Artificial Intelligence,\u00a061\u201395 (1991)","DOI":"10.1016\/0004-3702(91)90006-6"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Jakobson, G., Weissman, M.D.: Alarm correlation. IEEE Network Magazine, 52\u201360 (1993)","DOI":"10.1109\/65.244794"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Julisch, K.: Mining Alarm Clusters to Improve Alarm Handling Efficiency. In: Proceedings of the 17th ACSAC (December 2001)","DOI":"10.1109\/ACSAC.2001.991517"},{"key":"6_CR20","unstructured":"Manganaris, S., et al.: A Data Mining Analysis of RTID Alarms. In: First International Workshop on the Recent Advances in Intrusion Detection (RAID 1998) (September 1998)"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Pouzol, J.P., Ducass\u00e9, M.: From Declarative Signatures to Misuse IDS. In: Proceedings of the 4th Recent Advances in Intrusion Detection, RAID (2001)","DOI":"10.1007\/3-540-45474-8_1"},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"Pouzol, J.P., Ducass\u00e9, M.: Formal Specification of Intrusion Signatures and Detection Rules. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW) (2002)","DOI":"10.1109\/CSFW.2002.1021807"},{"key":"6_CR23","doi-asserted-by":"crossref","unstructured":"Cuppens, F.: Managing Alerts in Multi-Intrusion Detection Environment. In: Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001) (2001)","DOI":"10.1109\/ACSAC.2001.991518"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Miege, A.: Alert Correlation in a Cooperative Intrusion Detection Framework. In: Proceedings of the IEEE Symposium on Security and Privacy (2002)","DOI":"10.1109\/SECPRI.2002.1004372"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-45248-5_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,10,30]],"date-time":"2021-10-30T07:18:39Z","timestamp":1635578319000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-45248-5_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003]]},"ISBN":["9783540408789","9783540452485"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-45248-5_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2003]]}}}