{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T10:00:12Z","timestamp":1773655212385,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":38,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540734987","type":"print"},{"value":"9783540734994","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-73499-4_33","type":"book-chapter","created":{"date-parts":[[2007,8,27]],"date-time":"2007-08-27T00:01:39Z","timestamp":1188172899000},"page":"434-448","source":"Crossref","is-referenced-by-count":3,"title":["A Case-Based Approach to Anomaly Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Alessandro","family":"Micarelli","sequence":"first","affiliation":[]},{"given":"Giuseppe","family":"Sansonetti","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"1","key":"33_CR1","doi-asserted-by":"crossref","first-page":"39","DOI":"10.3233\/AIC-1994-7104","volume":"7","author":"A. Aamodt","year":"1994","unstructured":"Aamodt, A., Plaza, E.: Case-based Reasoning: Foundational Issues, Methodological Variations and System Approaches. AICOM\u00a07(1), 39\u201359 (1994)","journal-title":"AICOM"},{"key":"33_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/319709.319710","volume-title":"Proceedings of the 6th ACM Conference on Computer and Communications Security","author":"S. Axelsson","year":"1999","unstructured":"Axelsson, S.: Intrusion Detection Systems: A Survey and Taxonomy. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, Singapore, November 1999, pp. 1\u20137. ACM Press, New York (1999)"},{"key":"33_CR3","unstructured":"Axelsson, S.: Intrusion Detection Systems: A Survey and Taxonomy. Technical Report 99-15, Department of Computer Engineering, Chalmers University (March 2000)"},{"key":"33_CR4","unstructured":"Axelsson, S., Lindqvist, U., Gustafson, U., Jonsson, E.: An Approach to UNIX Security Logging. In: Proceedings of the 21st NIST-NCSC National Information Systems Security Conference, Crystal City, VA, October 1998, pp. 62\u201375 (1998)"},{"issue":"1","key":"33_CR5","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1109\/2945.468391","volume":"1","author":"R. Becker","year":"1995","unstructured":"Becker, R., Eick, S.G., Wilks, A.: Visualizing Network Data. IEEE Transactions on Visualization and Computer Graphics\u00a01(1), 16\u201328 (1995)","journal-title":"IEEE Transactions on Visualization and Computer Graphics"},{"key":"33_CR6","volume-title":"Visual Information Retrieval","author":"A. Del Bimbo","year":"1999","unstructured":"Del Bimbo, A.: Visual Information Retrieval. Morgan Kaufmann Publishers, Inc., San Francisco, CA (1999)"},{"key":"33_CR7","unstructured":"Couch, A.: Visualizing Huge Tracefiles with Xscal. In: LISA 1996. 10th Systems Administration Conference, Chicago, IL, October 1996, pp. 51\u201358 (1996)"},{"issue":"8","key":"33_CR8","doi-asserted-by":"publisher","first-page":"805","DOI":"10.1016\/S1389-1286(98)00017-6","volume":"31","author":"H. Debar","year":"1999","unstructured":"Debar, H., Dacier, M., Wespi, A.: Towards a Taxonomy of Intrusion Detection Systems. Computer Networks\u00a031(8), 805\u2013822 (1999)","journal-title":"Computer Networks"},{"key":"33_CR9","doi-asserted-by":"crossref","unstructured":"Erbacher, R.: Visual Traffic Monitoring and Evaluation. In: Proceedings of the Second Conference on Internet Performance and Control of Network Systems, Denver, CO, August 2001, pp. 153\u2013160 (2001)","DOI":"10.1117\/12.434309"},{"key":"33_CR10","doi-asserted-by":"crossref","unstructured":"Erbacher, R., Frincke, D.: Visualization in Detection of Intrusions and Misuse in Large Scale Networks. In: Proceedings of the International Conference on Information Visualization 2000, London, UK, July 2000, pp. 294\u2013299 (2000)","DOI":"10.1109\/IV.2000.859771"},{"key":"33_CR11","unstructured":"Esmaili, M., Safavi-Naini, R., Balachandran, B.M.: AUTOGUARD: A Continuous Case-Based Intrusion Detection System. In: Proceedings of the 20th Australasian Computer Science Conference (1997)"},{"issue":"12","key":"33_CR12","doi-asserted-by":"publisher","first-page":"1349","DOI":"10.1109\/34.895972","volume":"22","author":"A.W. Smeulders","year":"2000","unstructured":"Smeulders, A.W., et al.: Content-Based Image Retrieval at the End of the Early Years. IEEE Transactions on Pattern Analysis and Machine Intelligence\u00a022(12), 1349\u20131380 (2000)","journal-title":"IEEE Transactions on Pattern Analysis and Machine Intelligence"},{"key":"33_CR13","doi-asserted-by":"crossref","unstructured":"Nyarko, K., et al.: Network Intrusion Visualization with NIVA, an Intrusion Detection Visual Analyzer with Haptic Integration. In: Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems, Orlando, FL (2002)","DOI":"10.1109\/HAPTIC.2002.998969"},{"key":"33_CR14","doi-asserted-by":"crossref","unstructured":"Esmaili, M., et al.: Case-Based Reasoning for Intrusion Detection. In: Proceedings of the 12th Annual Computer Security Applications Conference, San Diego, CA (1996)","DOI":"10.1109\/CSAC.1996.569702"},{"key":"33_CR15","doi-asserted-by":"crossref","unstructured":"Lippmann, R.P., et al.: Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation. In: Proceedings of Recent Advances in Intrusion Detection, Toulouse, France, pp. 162\u2013182 (2000)","DOI":"10.1007\/3-540-39945-3_11"},{"key":"33_CR16","first-page":"120","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"S. Forrest","year":"1996","unstructured":"Forrest, S.: A Sense of Self for UNIX Processes. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 120\u2013198. IEEE Computer Society Press, Los Alamitos (1996)"},{"key":"33_CR17","volume-title":"Computer Vision: A Modern Approach","author":"D. Forsyth","year":"2003","unstructured":"Forsyth, D., Ponce, J.: Computer Vision: A Modern Approach. Prentice-Hall, Inc., Upper Saddle River, NJ (2003)"},{"key":"33_CR18","unstructured":"Frank, J.: Artificial Intelligence and Intrusion Detection: Current and Future Directions. In: Proceedings of the 17th National Computer Security Conference, Washington, DC, pp. 22\u201333 (1994)"},{"key":"33_CR19","unstructured":"Frincke, D., Tobin, D., McConnell, J., Marconi, J., Polla, D.: A Framework for Cooperative Intrusion Detection. In: Proceedings of the 21th National Information Systems Security Conference, Crystal City, VA, October 1998, pp. 361\u2013373 (1998)"},{"key":"33_CR20","unstructured":"Girardin, L., Brodbeck, D.: A Visual Approach for Monitoring Logs. In: Proceedings of the Second Systems Administration Conference (LISA XII), Boston, MA, October 1998, pp. 299\u2013308 (1998)"},{"issue":"2","key":"33_CR21","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1002\/bltj.2104","volume":"3","author":"T. He","year":"1998","unstructured":"He, T., Eick, S.G.: Constructing Interactive Visual Network Interfaces. Bells Labs Technical Journal\u00a03(2), 47\u201357 (1998)","journal-title":"Bells Labs Technical Journal"},{"key":"33_CR22","volume-title":"The Perception of Visual Information","author":"W. Hendee","year":"1994","unstructured":"Hendee, W., Wells, P.: The Perception of Visual Information. Springer, Heidelberg (1994)"},{"key":"33_CR23","unstructured":"Hughes, D.: Using Visualization in System and Network Administration. In: LISA 1996. Proceedings of the 10th Systems Administration Conference, Chicago, IL, October 1996, pp. 59\u201366 (1996)"},{"key":"33_CR24","unstructured":"Jain, R.: Proceedings of US NSF Workshop Visual Information Management Systems (1992)"},{"key":"33_CR25","volume-title":"Case-Based Reasoning","author":"J. Kolodner","year":"1993","unstructured":"Kolodner, J.: Case-Based Reasoning. Morgan Kaufmann Publishers, Inc., San Mateo, CA (1993)"},{"key":"33_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"326","DOI":"10.1007\/978-3-540-39650-5_19","volume-title":"Computer Security \u2013 ESORICS 2003","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Mutz, D., Valeur, F., Vigna, G.: On the Detection of Anomalous System Call Arguments. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol.\u00a02808, pp. 326\u2013343. Springer, Heidelberg (2003)"},{"key":"33_CR27","doi-asserted-by":"crossref","unstructured":"Mizoguchi, F.: Anomaly Detection Using Visualization and Machine Learning. In: WET ICE 2000. Proceedings of the 9th International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, Gaithersburg, MD, March 2000, pp. 165\u2013170 (2000)","DOI":"10.1109\/ENABL.2000.883722"},{"key":"33_CR28","first-page":"59","volume-title":"Proceedings of the IEEE International Conference on Computer Vision","author":"Y. Rubner","year":"1998","unstructured":"Rubner, Y., Tomasi, C., Guibas, L.J.: A Metric for Distributions with Applications to Image Databases. In: Proceedings of the IEEE International Conference on Computer Vision, Bombay, India, January 1998, pp. 59\u201366. IEEE Computer Society Press, Los Alamitos (1998)"},{"issue":"40","key":"33_CR29","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1023\/A:1026543900054","volume":"28","author":"Y. Rubner","year":"2000","unstructured":"Rubner, Y., Tomasi, C., Guibas, L.J.: The Earth Mover\u2019s Distance as a Metric for Image Retrieval. International Journal of Computer Vision\u00a028(40), 99\u2013121 (2000)","journal-title":"International Journal of Computer Vision"},{"key":"33_CR30","volume-title":"Computer Vision","author":"L.G. Shapiro","year":"2001","unstructured":"Shapiro, L.G., Stockman, G.C.: Computer Vision. Prentice-Hall, Inc., Upper Saddle River, NJ (2001)"},{"key":"33_CR31","unstructured":"Snapp, S.: DIDS (Distributed Intrusion Detection System): Motivation, Architecture and An Early Prototype. In: Proceedings of the National Information Systems Security Conference, Washington, DC, October 1991, pp. 167\u2013176 (1991)"},{"key":"33_CR32","unstructured":"Takada, T., Koike, H.: Tudumi: Information Visualization System for Monitoring and Auditing Computer Logs. In: IV 2002. Proceedings of the 6th International Conference on Information Visualization, London, England, July 2002, pp. 570\u2013576 (2002)"},{"key":"33_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36084-0_4","volume-title":"Recent Advances in Intrusion Detection","author":"K. Tan","year":"2002","unstructured":"Tan, K., Killourhy, K., Maxion, R.: Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, Springer, Heidelberg (2002)"},{"key":"33_CR34","unstructured":"Varner, P.E., Knight, J.C.: Security Monitoring, Visualization, and System Survivability. In: ISW-2001\/2002. 4th Information Survivability Workshop Vancouver, Canada (March 2002) (2002)"},{"key":"33_CR35","unstructured":"Veltkamp, R.C., Tanase, M.: Content-Based Image Retrieval Systems: A Survey. Technical Report 2000-34, UU-CS, Utrecht, Holland (October 2000)"},{"key":"33_CR36","first-page":"40","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"D. Wagner","year":"2001","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 40\u201347. IEEE Computer Society Press, Los Alamitos (2001)"},{"key":"33_CR37","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1145\/586110.586145","volume-title":"Proceedings of the 9th ACM Conference on Computer and Communications Security","author":"D. Wagner","year":"2002","unstructured":"Wagner, D., Soto, P.: Mimicry Attacks on Host-Based Intrusion Detection Systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, pp. 255\u2013264. ACM Press, New York (2002)"},{"key":"33_CR38","volume-title":"Case-Based Reasoning: Techniques for Enterprise Systems","author":"I. Watson","year":"1997","unstructured":"Watson, I.: Case-Based Reasoning: Techniques for Enterprise Systems. Morgan Kaufmann Publishers, Inc., San Francisco (1997)"}],"container-title":["Lecture Notes in Computer Science","Machine Learning and Data Mining in Pattern Recognition"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-73499-4_33.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,19]],"date-time":"2020-11-19T00:15:40Z","timestamp":1605744940000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-73499-4_33"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540734987","9783540734994"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-73499-4_33","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[]}}