{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T06:50:55Z","timestamp":1725519055496},"publisher-location":"Berlin, Heidelberg","reference-count":16,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540876977"},{"type":"electronic","value":"9783540876984"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-87698-4_20","type":"book-chapter","created":{"date-parts":[[2008,9,19]],"date-time":"2008-09-19T19:53:29Z","timestamp":1221854009000},"page":"221-234","source":"Crossref","is-referenced-by-count":5,"title":["Finding Corrupted Computers Using Imperfect Intrusion Prevention System Event Data"],"prefix":"10.1007","author":[{"given":"Danielle","family":"Chrun","sequence":"first","affiliation":[]},{"given":"Michel","family":"Cukier","sequence":"additional","affiliation":[]},{"given":"Gerry","family":"Sneeringer","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"20_CR1","doi-asserted-by":"crossref","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Provos, N., Rosaen, K., Watson, D.: Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic. In: Proceedings of the USENIX\/ACM Internet Measurement Conference, New Orleans (2005)","DOI":"10.1145\/1330107.1330135"},{"key":"20_CR2","unstructured":"Sung, M., Haas, M., Xu, J.: Analysis of DoS attack traffic data. In: 2002 FIRST Conference, Hawaii (2002)"},{"key":"20_CR3","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1145\/1128817.1128835","volume-title":"Proceedings of the 2006 ACM Symposium on Information, computer and communications security","author":"J. Viinikka","year":"2006","unstructured":"Viinikka, J., Debar, H., M\u00e9, L., S\u00e9guier, R.: Time series modeling for IDS alert management. In: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pp. 102\u2013113. ACM Press, New York (2006)"},{"key":"20_CR4","doi-asserted-by":"crossref","unstructured":"Clifton, C., Gengo, G.: Developing custom intrusion detection filters using data mining. In: MILCOM 2000. 21st Century Military Communications Conference Proceedings, vol.\u00a01 (2000)","DOI":"10.1109\/MILCOM.2000.904991"},{"key":"20_CR5","volume-title":"Proceedings of the 17th Annual Computer Security Applications Conference","author":"F. Cuppens","year":"2001","unstructured":"Cuppens, F.: Managing alerts in a multi-intrusion detection environment. In: Proceedings of the 17th Annual Computer Security Applications Conference, vol.\u00a032. IEEE Computer Society, Los Alamitos (2001)"},{"key":"20_CR6","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Miege, A.: Alert correlation in a cooperative intrusion detection framework. In: IEEE Symposium on Security and Privacy, pp. 202\u2013215 (2002)","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Julisch, K.: Mining Alarm Clusters to Improve Alarm Handling Efficiency. In: Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pp. 12\u201321 (2001)","DOI":"10.1109\/ACSAC.2001.991517"},{"key":"20_CR8","volume-title":"Data mining for Intrusion Detection. Applications of Data Mining in Computer Security","author":"K. Julisch","year":"2002","unstructured":"Julisch, K.: Data mining for Intrusion Detection. Applications of Data Mining in Computer Security. Kluwer Academic Publishers, Dordrecht (2002)"},{"key":"20_CR9","doi-asserted-by":"publisher","first-page":"366","DOI":"10.1145\/775047.775101","volume-title":"Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining","author":"K. Julisch","year":"2002","unstructured":"Julisch, K., Dacier, M.: Mining intrusion detection alarms for actionable knowledge. In: Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp. 366\u2013375. ACM Press, New York (2002)"},{"issue":"4","key":"20_CR10","doi-asserted-by":"publisher","first-page":"571","DOI":"10.1016\/S1389-1286(00)00138-9","volume":"34","author":"S. Manganaris","year":"2000","unstructured":"Manganaris, S., Christensen, M., Zerkle, D., Hermiz, K.: A data mining analysis of RTID alarms. Computer Networks\u00a034(4), 571\u2013577 (2000)","journal-title":"Computer Networks"},{"key":"20_CR11","volume-title":"Recent Advances In Intrusion Detection: 7th International Symposium","author":"T. Pietraszek","year":"2004","unstructured":"Pietraszek, T.: Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In: Recent Advances In Intrusion Detection: 7th International Symposium. Springer, Heidelberg (2004)"},{"key":"20_CR12","series-title":"Recent Advances in Intrusion Detection","volume-title":"Aggregation and correlation of intrusion-detection alerts","author":"H. Debar","year":"2001","unstructured":"Debar, H., Wespi, A.: Aggregation and correlation of intrusion-detection alerts. Recent Advances in Intrusion Detection. Springer, Heidelberg (2001)"},{"key":"20_CR13","volume-title":"Recent Advances in Intrusion Detection: 5th Internatonal Symposium","author":"B. Morin","year":"2002","unstructured":"Morin, B., Me, L., Debar, H., Ducasse, M.: M2D2: A Formal Data Model for IDS Alert Correlation. In: Recent Advances in Intrusion Detection: 5th Internatonal Symposium. Springer, Heidelberg (2002)"},{"key":"20_CR14","unstructured":"Ning, P., Xu, D., Healey, C., Amant, R.S.: Building attack scenarios through integration of complementary alert correlation methods. In: Proceedings of the 11th Annual Network and Distributed System Security Symposium, pp. 97\u2013111 (2004)"},{"key":"20_CR15","doi-asserted-by":"crossref","unstructured":"Valdes, A., Skinner, K.: Probabilistic Alert Correlation. In: Proceedings of the Fourth International Workshop on the Recent Advances in Intrusion Detection (2001)","DOI":"10.1007\/3-540-45474-8_4"},{"issue":"3","key":"20_CR16","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1109\/TDSC.2004.21","volume":"1","author":"F. Valeur","year":"2004","unstructured":"Valeur, F., Vigna, G., Kruegel, C., Kemmerer, R.: Comprehensive approach to intrusion detection alert correlation. IEEE Transactions on Dependable and Secure Computing\u00a01(3), 146\u2013169 (2004)","journal-title":"IEEE Transactions on Dependable and Secure Computing"}],"container-title":["Lecture Notes in Computer Science","Computer Safety, Reliability, and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-87698-4_20.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T11:45:24Z","timestamp":1619523924000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-87698-4_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540876977","9783540876984"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-87698-4_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}