{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:43:26Z","timestamp":1725489806065},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540743194"},{"type":"electronic","value":"9783540743200"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-74320-0_14","type":"book-chapter","created":{"date-parts":[[2007,8,16]],"date-time":"2007-08-16T13:47:48Z","timestamp":1187272068000},"page":"256-275","source":"Crossref","is-referenced-by-count":3,"title":["Alert Verification Evasion Through Server Response Forging"],"prefix":"10.1007","author":[{"given":"Adam D.","family":"Todd","sequence":"first","affiliation":[]},{"given":"Richard A.","family":"Raines","sequence":"additional","affiliation":[]},{"given":"Rusty O.","family":"Baldwin","sequence":"additional","affiliation":[]},{"given":"Barry E.","family":"Mullins","sequence":"additional","affiliation":[]},{"given":"Steven K.","family":"Rogers","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"Intrusion-detection System: Wikipedia: The Free Encyclopedia (2006), http:\/\/en.wikipedia.org\/wiki\/Intrusion_Detection_System"},{"key":"14_CR2","unstructured":"Ptacek, T.H., Newsham, T.N.: Insertion, evasion, and denial of service: Eluding network intrusion detection. Secure Networks, Inc. (January 1998)"},{"key":"14_CR3","unstructured":"Del Carlo, C., et al.: Intrusion detection evasion (2003)"},{"key":"14_CR4","unstructured":"Snort Documentation (2006), http:\/\/www.snort.org\/docs\/"},{"key":"14_CR5","unstructured":"Axelsson, S.: Intrusion detection systems: A survey and taxonomy. Chalmers University (March 2000)"},{"key":"14_CR6","unstructured":"Lindqvist, U., Porras, P.A.: Detecting computer and network misuse through the Production-Based Expert System Toolset(P-BEST). Doktorsavhandlingar vid Chalmers Tekniska Hogskola, pp. 161-189 (1999)"},{"key":"14_CR7","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/948109.948145","volume-title":"Proceedings of the 10th ACM conference on Computer and communication security","author":"R. Sommer","year":"2003","unstructured":"Sommer, R., Paxson, V.: Enhancing byte-level network intrusion detection signatures with context. In: Proceedings of the 10th ACM conference on Computer and communication security, pp. 262\u2013271. ACM Press, New York (2003)"},{"key":"14_CR8","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1145\/967900.967988","volume-title":"Proceedings of the 2004 ACM symposium on Applied computing","author":"S. Zanero","year":"2004","unstructured":"Zanero, S., Savaresi, S.M.: Unsupervised learning techniques for an intrusion detection system. In: Proceedings of the 2004 ACM symposium on Applied computing, pp. 412\u2013419. ACM Press, New York (2004)"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Chebrolu, S., Abraham, A., Thomas, J.: Feature Deduction and Ensemble Design of Intrusion Detection Systems. Computers and Security, Elsevier Science (2005)","DOI":"10.1016\/j.cose.2004.09.008"},{"key":"14_CR10","unstructured":"Kruegel, C., Robertson, W.: Alert Verification: Determining the Success of Intrusion Attempts. In: Proc. First Workshop the Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2004) (July 2004)"},{"issue":"3","key":"14_CR11","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1109\/TDSC.2004.21","volume":"1","author":"F. Valeur","year":"2004","unstructured":"Valeur, F., et al.: Comprehensive approach to intrusion detection alert correlation. IEEE Transactions on Dependable and Secure Computing\u00a01(3), 146\u2013169 (2004)","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"14_CR12","unstructured":"Zhou, J., Carlson, A.J., Bishop, M.: Verify Results of Network Intrusion Alerts Using Lightweight Protocol Analysis. In: Computer Security Applications Conference, 21st Annual, pp. 117\u2013126 (2005)"},{"key":"14_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_11","volume-title":"Recent Advances in Intrusion Detection","author":"C. Kruegel","year":"2006","unstructured":"Kruegel, C., et al.: Polymorphic worm detection using structural information of executables. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol.\u00a03858, Springer, Heidelberg (2006)"},{"key":"14_CR14","unstructured":"Timm, K.: IDS Evasion Techniques and Tactics. SecurityFocus (Infocus)\u00a07 (2002)"},{"key":"14_CR15","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1145\/586110.586145","volume-title":"Proceedings of the 9th ACM conference on Computer and communications security","author":"D. Wagner","year":"2002","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the 9th ACM conference on Computer and communications security, pp. 255\u2013264. ACM Press, New York (2002)"},{"issue":"6","key":"14_CR16","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1109\/MSP.2006.159","volume":"4","author":"D.J. Chaboya","year":"2006","unstructured":"Chaboya, D.J., Raines, R.A., Baldwin, R.O., Mullins, B.E.: Network Intrusion Detection Systems Evasion Techniques and Solutions. IEEE Security and Privacy\u00a04(6), 36\u201343 (2006)","journal-title":"IEEE Security and Privacy"},{"key":"14_CR17","unstructured":"Fedora User Documentation (2006), http:\/\/fedora.redhat.com\/docs\/"},{"key":"14_CR18","unstructured":"The Top Ten Distributions: A Beginner\u2019s Guide to Choosing a (Linux) Distribution (2006), http:\/\/distrowatch.com\/dwres.php?resource=major"},{"key":"14_CR19","unstructured":"Metasploit Framework User Guide (2005), http:\/\/www.metasploit.com\/projects\/Framework\/docs\/userguide.pdf"},{"key":"14_CR20","unstructured":"Lamping, U., Sharpe, R., Warnicke, E.: Ethereal User\u2019s Guide (2005), http:\/\/www.ethereal.com\/docs\/eug_html_chunked\/"},{"key":"14_CR21","unstructured":"Workstation 5: Powerful Virtual Machine Software for the Technical Professional (2006), http:\/\/www.vmware.com\/pdf\/ws55_manual.pdf"},{"key":"14_CR22","unstructured":"Samba Fragment Reassembly Overflow: Open Source Vulnerability Database (2004), http:\/\/www.osvdb.org\/6323"},{"key":"14_CR23","unstructured":"GNU Mailutils imap4d Server Client Command Format String: Open Source Vulnerability Database (2005), http:\/\/www.osvdb.org\/16857"},{"key":"14_CR24","unstructured":"PoPToP PPTP Negative Read Overflow: Open Source Vulnerability Database (2005), http:\/\/www.osvdb.org\/3293"},{"key":"14_CR25","unstructured":"Samba call_trans2open() Function Overflow: Open Source Vulnerability Database (2005), http:\/\/www.osvdb.org\/4469"},{"key":"14_CR26","unstructured":"Jacobson, V., Leres, C., McCanne, S.: PCAP (2003), http:\/\/www.tcpdump.org\/pcap\/pcap.html"},{"key":"14_CR27","unstructured":"Linux Shellcode (2007), http:\/\/www.metasploit.com\/shellcode_linux.html"},{"key":"14_CR28","unstructured":"UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes (2001), http:\/\/lsd-pl.net\/projects\/asmcodes.zip"},{"key":"14_CR29","unstructured":"Chong, S.K.: History and Advances in Windows Shellcode. Phrack (2004)"},{"issue":"11","key":"14_CR30","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1145\/1096000.1096004","volume":"48","author":"B.A. Kuperman","year":"2005","unstructured":"Kuperman, B.A., et al.: Detection and prevention of stack buffer overflow attacks. Communications of the ACM\u00a048(11), 50\u201356 (2005)","journal-title":"Communications of the ACM"},{"key":"14_CR31","unstructured":"Current Exploits (2007), http:\/\/metasploit.com\/projects\/Framework\/exploits.html"},{"key":"14_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11790754_4","volume-title":"Detection of Intrusions and Malware & Vulnerability Assessment","author":"M. Polychronakis","year":"2006","unstructured":"Polychronakis, M., Anagnostakis, K.G., Markatos, E.P.: Network-Level Polymorphic Shellcode Detection Using Emulation. In: B\u00fcschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol.\u00a04064, Springer, Heidelberg (2006)"},{"key":"14_CR33","doi-asserted-by":"crossref","unstructured":"Mahoney, M.: Network Traffic Anomaly Detection Based on Packet Bytes. In: Proc. ACM-SAC, pp. 346\u2013350 (2003)","DOI":"10.1145\/952532.952601"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-74320-0_14.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,19]],"date-time":"2020-11-19T05:21:34Z","timestamp":1605763294000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-74320-0_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540743194","9783540743200"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-74320-0_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}