{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:31:27Z","timestamp":1725489087934},"publisher-location":"Berlin, Heidelberg","reference-count":16,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540742814"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-74282-1_16","type":"book-chapter","created":{"date-parts":[[2007,8,9]],"date-time":"2007-08-09T15:13:02Z","timestamp":1186672382000},"page":"135-144","source":"Crossref","is-referenced-by-count":0,"title":["Black-Box Extraction of Functional Structures from System Call Traces for Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Xianghua","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Jiwei","family":"Li","sequence":"additional","affiliation":[]},{"given":"Zhaohui","family":"Jiang","sequence":"additional","affiliation":[]},{"given":"Huanqing","family":"Feng","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"4","key":"16_CR1","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/604264.604269","volume":"30","author":"J.B.D. Cabrera","year":"2001","unstructured":"Cabrera, J.B.D., Lewis, L., Mehra, R.K.: Detection and Classification of Intrusions and Faults Using Sequences of System Calls. ACM SIGMOD Record\u00a030(4), 25\u201334 (2001)","journal-title":"ACM SIGMOD Record"},{"key":"16_CR2","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1109\/SECPRI.1996.502675","volume-title":"Proceedings of the 1996 IEEE Symposium on Security and Privacy","author":"S. Forrest","year":"1996","unstructured":"Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: A Sense of Self for Unix Processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 120\u2013128. IEEE Computer Society Press, Los Alamitos, CA (1996)"},{"issue":"3","key":"16_CR3","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S.A. Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion Detection Using Sequences of System Calls. Journal of Computer Security\u00a06(3), 151\u2013180 (1998)","journal-title":"Journal of Computer Security"},{"key":"16_CR4","first-page":"133","volume-title":"Proceedings of the 1999 IEEE Symposium on Security and Privacy, IEEE Computer Society","author":"C. Warrender","year":"1999","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.: Detecting Intrusions Using System Calls: Alternative Data Models. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy, IEEE Computer Society, pp. 133\u2013145. IEEE Computer Society Press, Los Alamitos (1999)"},{"key":"16_CR5","first-page":"62","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"H. Feng","year":"2003","unstructured":"Feng, H., Kolesnikov, O., Fogla, P., Lee, W., Gong, W.: Anomaly Detection Using Call Stack Information. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, pp. 62\u201375. IEEE Computer Society Press, Los Alamitos (2003)"},{"key":"16_CR6","unstructured":"Liao, Y., Venuri, V.R.: Using Text Categorization Techniques for Intrusion Detection. In: Proceedings of 11th USENIX Security Symposium, USENIX Association, pp. 51\u201359 (2002)"},{"key":"16_CR7","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1007\/3-540-39945-3_8","volume-title":"Recent Advances in Intrusion Detection","author":"A. Wespi","year":"2000","unstructured":"Wespi, A., Dacier, M., Debar, H.: Intrusion Detection Using Variable-Length Audit Trail Patterns. In: Recent Advances in Intrusion Detection. Proceedings of the Third International Workshop, Toulouse, France, pp. 110\u2013129. Springer, Heidelberg (2000)"},{"key":"16_CR8","doi-asserted-by":"crossref","first-page":"318","DOI":"10.1145\/1030083.1030126","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security","author":"D. Gao","year":"2004","unstructured":"Gao, D., Reiter, M.K., Song, D.: Gray-Box Extraction of Execution Graphs for Anomaly Detection. In: Proceedings of the ACM Conference on Computer and Communications Security, Washington, DC, pp. 318\u2013329. ACM Press, New York (2004)"},{"key":"16_CR9","first-page":"165","volume-title":"Proceedings of DISCEX II","author":"E. Eskin","year":"2001","unstructured":"Eskin, E., Lee, W., Stolfo, S.J.: Modeling System Calls for Intrusion Detection with Dynamic Window Sizes. In: Proceedings of DISCEX II, Anaheim, CA, pp. 165\u2013175. IEEE Computer Society Press, Los Alamitos (2001)"},{"key":"16_CR10","doi-asserted-by":"publisher","first-page":"637","DOI":"10.1109\/ICDM.2002.1184017","volume-title":"Proceedings of the 2002 IEEE International Conference on Data Mining (ICDM\u201902)","author":"N. Jiang","year":"2002","unstructured":"Jiang, N., Hua, K., Sheu, S.: Considering Both Intra-Pattern and Inter-Pattern Anomalies for Intrusion Detection. In: Proceedings of the 2002 IEEE International Conference on Data Mining (ICDM\u201902), Washington, DC, pp. 637\u2013640. IEEE Computer Society Press, Los Alamitos (2002)"},{"key":"16_CR11","unstructured":"Giffin, J., Jha, S., Miller, B.: Efficient Context-sensitive Intrusion Detection. In: 11th Annual Network and Distributed Systems Security Symposium (NDSS), San Diego, California (2004)"},{"key":"16_CR12","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1109\/SECPRI.2001.924296","volume-title":"Proceedings of the 2001 IEEE Symposium on Security and Privacy","author":"D. Wagner","year":"2001","unstructured":"Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 156\u2013168. IEEE Computer Society Press, Los Alamitos (2001)"},{"key":"16_CR13","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1109\/SECPRI.2001.924295","volume-title":"Proceedings of the 2001 IEEE Symposium on Security and Privacy","author":"R. Sekar","year":"2001","unstructured":"Sekar, R., Bendre, M., Dhurjati, D., Bollineni, P.: A Fast Automaton-based Method for Detecting Anomalous Program Behaviors. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 144\u2013155. IEEE Computer Society Press, Los Alamitos (2001)"},{"key":"16_CR14","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1109\/SECPRI.2004.1301324","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"H. Feng","year":"2004","unstructured":"Feng, H., Giffin, J., Huang, Y., Jha, S., Lee, W., Miller, B.P.: Formalizing Sensitivity in Static Analysis for Intrusion Detection. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, pp. 194\u2013208. IEEE Computer Society Press, Los Alamitos (2004)"},{"key":"16_CR15","unstructured":"MIT Lincoln Laboratory, http:\/\/www.ll.mit.edu\/IST\/ideval"},{"issue":"3","key":"16_CR16","first-page":"391","volume":"15","author":"M. Xu","year":"2003","unstructured":"Xu, M., Chen, C., Ying, J.: Anomaly Detection Based on System Call Classification. Journal of Software\u00a015(3), 391\u2013403 (2003)","journal-title":"Journal of Software"}],"container-title":["Communications in Computer and Information Science","Advanced Intelligent Computing Theories and Applications. With Aspects of Contemporary Intelligent Computing Techniques"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-74282-1_16.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,8,21]],"date-time":"2021-08-21T13:48:01Z","timestamp":1629553681000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-74282-1_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540742814"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-74282-1_16","relation":{},"subject":[]}}