{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:32:19Z","timestamp":1725489139850},"publisher-location":"Berlin, Heidelberg","reference-count":39,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540741381"},{"type":"electronic","value":"9783540741411"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-74141-1_19","type":"book-chapter","created":{"date-parts":[[2007,8,14]],"date-time":"2007-08-14T09:24:33Z","timestamp":1187083473000},"page":"269-283","source":"Crossref","is-referenced-by-count":1,"title":["Case-Based Anomaly Detection"],"prefix":"10.1007","author":[{"given":"Alessandro","family":"Micarelli","sequence":"first","affiliation":[]},{"given":"Giuseppe","family":"Sansonetti","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"19_CR1","unstructured":"Abraham, T.: IDDM: Intrusion Detection using Data Mining Techniques. Technical Report DSTO-GD-0286, DSTO Electronics and Surveillance Research Laboratory (May 2001)"},{"key":"19_CR2","unstructured":"Axelsson, S., Lindqvist, U., Gustafson, U., Jonsson, E.: An Approach to UNIX Security Logging. In: Proceedings of the 21st NIST-NCSC National Information Systems Security Conference, Crystal City, VA, October 1998, pp. 62\u201375 (1998)"},{"key":"19_CR3","doi-asserted-by":"crossref","unstructured":"Barbara, D., Wu, N., Jajodia, S.: Detecting Novel Network Intrusions using Bayes Estimators. In: Proceedings of the First SIAM Conference on Data Mining, Chicago, IL (April 2001)","DOI":"10.1137\/1.9781611972719.28"},{"key":"19_CR4","first-page":"51","volume-title":"LISA 1996","author":"A. Couch","year":"1996","unstructured":"Couch, A.: Visualizing Huge Tracefiles with Xscal. In: LISA 1996. 10th Systems Administration Conference, pp. 51\u201358. Chicago, IL, October 1996 (1996)"},{"key":"19_CR5","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1109\/RISP.1992.213257","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"H. Debar","year":"1992","unstructured":"Debar, H., Becker, M., Siboni, D.: A Neural Network Component for an Intrusion Detection System. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1992, pp. 240\u2013250. IEEE Computer Society Press, Los Alamitos (1992)"},{"issue":"2","key":"19_CR6","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D. Denning","year":"1987","unstructured":"Denning, D.: An Intrusion Detection Model. IEEE Transactions on Software Engineering\u00a013(2), 222\u2013232 (1987)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"19_CR7","unstructured":"Dowell, C., Ramstedt, P.: The ComputerWatch Data Reduction Tool. In: Proceedings of the 13th National Computer Security Conference, Washington, DC, October 1990, pp. 99\u2013108 (1990)"},{"key":"19_CR8","doi-asserted-by":"crossref","unstructured":"Erbacher, R.: Visual Traffic Monitoring and Evaluation. In: Proceedings of the Second Conference on Internet Performance and Control of Network Systems, Denver, CO, August 2001, pp. 153\u2013160 (2001)","DOI":"10.1117\/12.434309"},{"key":"19_CR9","unstructured":"Esmaili, M., Safavi-Naini, R., Balachandran, B.M.: AUTOGUARD: A Continuous Case-Based Intrusion Detection System. In: Proceedings of the 20th Australasian Computer Science Conference (1997)"},{"issue":"12","key":"19_CR10","doi-asserted-by":"publisher","first-page":"1349","DOI":"10.1109\/34.895972","volume":"22","author":"A.W. Smeulders","year":"2000","unstructured":"Smeulders, A.W., et al.: Content-Based Image Retrieval at the End of the Early Years. IEEE Transactions on Pattern Analysis and Machine Intelligence\u00a022(12), 1349\u20131380 (2000)","journal-title":"IEEE Transactions on Pattern Analysis and Machine Intelligence"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"Nyarko, K., et al.: Network Intrusion Visualization with NIVA, an Intrusion Detection Visual Analyzer with Haptic Integration. In: Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems, Orlando, FL (2002)","DOI":"10.1109\/HAPTIC.2002.998969"},{"key":"19_CR12","doi-asserted-by":"crossref","unstructured":"Esmaili, M., et al.: Case-Based Reasoning for Intrusion Detection. In: Proceedings of the 12th Annual Computer Security Applications Conference, San Diego, CA (1996)","DOI":"10.1109\/CSAC.1996.569702"},{"key":"19_CR13","first-page":"120","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"S. Forrest","year":"1996","unstructured":"Forrest, S.: A Sense of Self for UNIX Processes. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 120\u2013198. IEEE Computer Society Press, Los Alamitos (1996)"},{"key":"19_CR14","volume-title":"Computer Vision: A Modern Approach","author":"D. Forsyth","year":"2003","unstructured":"Forsyth, D., Ponce, J.: Computer Vision: A Modern Approach. Prentice-Hall, Upper Saddle River, NJ (2003)"},{"key":"19_CR15","unstructured":"Frincke, D., Tobin, D., McConnell, J., Marconi, J., Polla, D.: A Framework for Cooperative Intrusion Detection. In: Proceedings of the 21st National Information Systems Security Conference, Crystal City, VA, October 1998, pp. 361\u2013373 (1998)"},{"key":"19_CR16","unstructured":"Girardin, L., Brodbeck, D.: A Visual Approach for Monitoring Logs. In: LISA XII. Proceedings of the Second Systems Administration Conference, Boston, MA, October 1998, pp. 299\u2013308 (1998)"},{"key":"19_CR17","unstructured":"Hughes, D.: Using Visualization in System and Network Administration. In: LISA \u201996. Proceedings of the 10th Systems Administration Conference, Chicago, IL, October 1996, pp. 59\u201366 (1996)"},{"key":"19_CR18","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"H.S. Javitz","year":"1991","unstructured":"Javitz, H.S., Valdes, A.: The SRI IDES Statistical Anomaly Detector. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1991, IEEE Computer Society Press, Los Alamitos (1991)"},{"key":"19_CR19","doi-asserted-by":"crossref","unstructured":"Karam, G.: Visualization using Timelines. In: Proceedings of the International Symposium on Software Testing and Analysis, Seattle, WA (August 1994)","DOI":"10.1145\/186258.187157"},{"key":"19_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"326","DOI":"10.1007\/978-3-540-39650-5_19","volume-title":"Computer Security \u2013 ESORICS 2003","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Mutz, D., Valeur, F., Vigna, G.: On the Detection of Anomalous System Call Arguments. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol.\u00a02808, pp. 326\u2013343. Springer, Heidelberg (2003)"},{"key":"19_CR21","unstructured":"MIT Lincoln Laboratory. DARPA Intrusion Detection Evaluation Data Set (1999), \n                    \n                      http:\/\/www.ll.mit.edu\/IST\/ideval"},{"key":"19_CR22","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"T. Lunt","year":"1988","unstructured":"Lunt, T.: Real-time Intrusion Detection. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, April 1988, IEEE Computer Society Press, Los Alamitos (1988)"},{"key":"19_CR23","doi-asserted-by":"crossref","unstructured":"McHugh, J.: Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory. ACM Transaction on Information and System Security\u00a03(4) (2000)","DOI":"10.1145\/382912.382923"},{"key":"19_CR24","doi-asserted-by":"crossref","unstructured":"Mizoguchi, F.: Anomaly Detection Using Visualization and Machine Learning. In: Proceedings of the 9th International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000), Gaithersburg, MD, pp. 165\u2013170 (March 2000)","DOI":"10.1109\/ENABL.2000.883722"},{"key":"19_CR25","first-page":"2","volume-title":"chapter Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt","author":"S. Noel","year":"2002","unstructured":"Noel, S., Wijesekera, D., Youman, C.: Applications of Data Mining in Computer Security. In: chapter Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt, pp. 2\u201325. Kluwer Academic Publisher, Boston, MA (2002)"},{"key":"19_CR26","unstructured":"Porras, P., Neumann, P.: EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In: Proceedings of the 20th National Information Systems Security Conference, Baltimore, MA (October 1997)"},{"key":"19_CR27","doi-asserted-by":"crossref","unstructured":"Rubner, Y., Tomasi, C., Guibas, L.J.: A Metric for Distributions with Applications to Image Databases. In: Proceedings of the IEEE International Conference on Computer Vision, Bombay, India, pp. 59\u201366 (January 1998)","DOI":"10.1109\/ICCV.1998.710701"},{"issue":"40","key":"19_CR28","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1023\/A:1026543900054","volume":"28","author":"Y. Rubner","year":"2000","unstructured":"Rubner, Y., Tomasi, C., Guibas, L.J.: The Earth Mover\u2019s Distance as a Metric for Image Retrieval. International Journal of Computer Vision\u00a028(40), 99\u2013121 (2000)","journal-title":"International Journal of Computer Vision"},{"key":"19_CR29","unstructured":"Sarle, W.S.: Neural Networks and Statistical Models. In: Proceedings of the Nineteenth Annual SAS Users Group International Conference, Cary, NC, pp. 1538\u20131550 (April 1994)"},{"key":"19_CR30","volume-title":"Computer Vision","author":"L.G. Shapiro","year":"2001","unstructured":"Shapiro, L.G., Stockman, G.C.: Computer Vision. Prentice-Hall, Inc., Upper Saddle River, NJ (2001)"},{"key":"19_CR31","unstructured":"Snapp, S.: DIDS (Distributed Intrusion Detection System): Motivation, Architecture and An Early Prototype. In: Proceedings of the National Information Systems Security Conference, Washington, D.C., pp. 167\u2013176 (October 1991)"},{"key":"19_CR32","doi-asserted-by":"crossref","unstructured":"Takada, T., Koike, H.: Tudumi: Information Visualization System for Monitoring and Auditing Computer Logs. In: Proceedings of the 6th International Conference on Information Visualization (IV 2002), London, England, pp. 570\u2013576 (July 2002)","DOI":"10.1109\/IV.2002.1028831"},{"key":"19_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36084-0_4","volume-title":"Recent Advances in Intrusion Detection","author":"K. Tan","year":"2002","unstructured":"Tan, K., Killourhy, K., Maxion, R.: Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, Springer, Heidelberg (2002)"},{"key":"19_CR34","doi-asserted-by":"crossref","unstructured":"Tan, K., Maxion, R.: \u201dWhy 6?\u201d Defining the Operational Limits of Stide, an Anomaly-Based Intrusion Detector. In: Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, pp. 188\u2013202 (May 2002)","DOI":"10.1109\/SECPRI.2002.1004371"},{"key":"19_CR35","doi-asserted-by":"crossref","unstructured":"Vaccaro, H., Liepins, G.: Detection of Anomalous Computer Session Activity. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 208\u2013209 (May 1989)","DOI":"10.1109\/SECPRI.1989.36302"},{"key":"19_CR36","unstructured":"Varner, P.E., Knight, J.C.: Security Monitoring, Visualization, and System Survivability. In: 4th Information Survivability Workshop (ISW-2001\/2002), Vancouver, Canada (March 2002)"},{"key":"19_CR37","unstructured":"Veltkamp, R.C., Tanase, M.: Content-Based Image Retrieval Systems: A Survey. Technical Report 2000-34, UU-CS, Utrecht, Holland (October 2000)"},{"key":"19_CR38","doi-asserted-by":"crossref","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, pp. 40\u201347 (2001)","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"19_CR39","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry Attacks on Host-Based Intrusion Detection Systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, D.C., pp. 255\u2013264 (2002)","DOI":"10.1145\/586110.586145"}],"container-title":["Lecture Notes in Computer Science","Case-Based Reasoning Research and Development"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-74141-1_19.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T06:12:03Z","timestamp":1619503923000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-74141-1_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540741381","9783540741411"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-74141-1_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}