{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T07:18:22Z","timestamp":1725520702289},"publisher-location":"Berlin, Heidelberg","reference-count":49,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540898528"},{"type":"electronic","value":"9783540898535"}],"license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008]]},"DOI":"10.1007\/978-3-540-89853-5_46","type":"book-chapter","created":{"date-parts":[[2008,11,12]],"date-time":"2008-11-12T07:07:17Z","timestamp":1226473637000},"page":"433-444","source":"Crossref","is-referenced-by-count":1,"title":["PrISM: Automatic Detection and Prevention from Cyber Attacks"],"prefix":"10.1007","author":[{"given":"Ahmed","family":"Zeeshan","sequence":"first","affiliation":[]},{"given":"Anwar M.","family":"Masood","sequence":"additional","affiliation":[]},{"given":"Zafar M.","family":"Faisal","sequence":"additional","affiliation":[]},{"given":"Azam","family":"Kalim","sequence":"additional","affiliation":[]},{"given":"Naheed","family":"Farzana","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"46_CR1","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/s10207-004-0052-x","volume":"4","author":"J.D. Guttman","year":"2005","unstructured":"Guttman, J.D., Herzog, A.L.: Rigorous automated network security management. Int. J. Inf. Secur.\u00a04, 29\u201348 (2005)","journal-title":"Int. J. Inf. Secur."},{"key":"46_CR2","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/s102070100003","volume":"1","author":"C.E. Landwehr","year":"2001","unstructured":"Landwehr, C.E.: Computer security. IJIS\u00a01, 3\u201313 (2001)","journal-title":"IJIS"},{"key":"46_CR3","unstructured":"Krause, M., Harold, F.T.: Handbook of Information Security Management. CRC Press LLC (2006)"},{"key":"46_CR4","unstructured":"Technical White Paper, Event Horizon tm : Lanifex Intrusion Detection Solution., ver. 1.5, CSO Lanifex GmbH (2003)"},{"key":"46_CR5","unstructured":"Smirnov, A., Chiueh, T.: DIRA: Automatic Detection, Identification, and Repair of Control-Hijacking Attacks. In: Proc. of 12th Annual Network and Distributed System Security Symposium, San Diego, California (2005)"},{"key":"46_CR6","doi-asserted-by":"crossref","unstructured":"Anwar, M., Zafar, M.F., Ahmed, Z.: A Proposed Preventive Information Security System. In: Proceedings of International Multitopic Conference (INMIC 2006), Islamabad, Pakistan (2006)","DOI":"10.1109\/ICEE.2007.4287288"},{"key":"46_CR7","unstructured":"Guo, F., Yu, Y., Chiueh, T.: Automated and Safe Vulnerability Assessment. In: Proceedings of 21st Annual Computer Security Applications Conference (ACSAC 2005), Tucson, USA (2005)"},{"key":"46_CR8","doi-asserted-by":"crossref","unstructured":"Evans, D., Guttag, J., Horning, J., Tan, Y.M.: LCLint: A tool for using specifications to check code. In: Proceedings of the ACM SIGOFT Symposium on the Foundations of Software Engineering, vol.\u00a019(5), pp. 87\u201396 (1994)","DOI":"10.1145\/193173.195297"},{"key":"46_CR9","unstructured":"Johnson, S.C.: Lint, a C program checker. In: AT&T Bell Laboratories. Murray Hill, NJ, USA (1978)"},{"key":"46_CR10","unstructured":"Nazario, J.: Project Pedantic \u2013 source code analysis tool(s) (2002), pedantic.sourceforge.net"},{"key":"46_CR11","unstructured":"Secure software solutions. Rough auditing tool for security, RATS 2.1, www.securesw.com\/rats"},{"key":"46_CR12","doi-asserted-by":"crossref","unstructured":"Viega, J., Bloch, J.T., Kohno, T., McGraw, G.: ITS4: A static vulnerability scanner for C and C++ code. In: Proceeding of the 16th Annual Computer Security Applications Conference (ACSAC 2000), p. 257 (2000)","DOI":"10.1109\/ACSAC.2000.898880"},{"key":"46_CR13","unstructured":"Wheeler, D.: Flawfinder, www.dwheeler.com\/flawfinder"},{"key":"46_CR14","unstructured":"Vendicator. StackShield, G.C.C.: Compiler patch, http:\/\/www.angelfire.com\/sk\/stackshield"},{"key":"46_CR15","unstructured":"Chiueh, T.C., Hsu, F.H.: RAD: A compile-time solution to buffer overflow attacks. In: Proc. of 21st Intl. Conf. on Distributed Computing Systems (ICDCS 2001), pp. 4\u20139 (2001)"},{"key":"46_CR16","unstructured":"Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G., Frantzen, M., Lokier, J.: Format Guard: Automatic protection from printf format string vulnerabilities. In: Proceedings of 10th USENIX Security Symposium, Washington, D.C., USA (2001)"},{"key":"46_CR17","unstructured":"Cowan, C., Pu, C., Maier, D., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q., Hinton, H.: Stack-Guard: Automatic detection and prevention of buffer over flow attacks. In: Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, USA (1998)"},{"key":"46_CR18","unstructured":"Etoh, H.: GCC extensions for protecting applications from stack-smashing attacks (2000), http:\/\/www.trl.ibm.com\/projects\/security\/ssp"},{"key":"46_CR19","unstructured":"Frantzen, M., Shuey, M.: StackGhost: Hardware facilitated stack protection. In: Proceedings of the 10th USENIX Security Symposium, Washington, D.C., USA (2001)"},{"key":"46_CR20","unstructured":"Team, P.: Non-executable pages design and implementation, http:\/\/pax.grsecurity.net\/~docs\/noexec.txt"},{"key":"46_CR21","unstructured":"Openwall project, http:\/\/www.openwall.com"},{"key":"46_CR22","unstructured":"Hastings, R., Joyce, B.: Purify: Fast detection of memory leaks and access errors. In: Proceedings of the Winter USENIX Conference San Francisco, USA, pp. 125\u2013138 (1992)"},{"key":"46_CR23","doi-asserted-by":"crossref","unstructured":"Hangal, S., Lam, M.S.: Tracking down software bugs using automatic anomaly detection. In: Proceedings of 24th Int. Conf. Software Engineering, pp. 291\u2013301 (2002)","DOI":"10.1145\/581339.581377"},{"key":"46_CR24","doi-asserted-by":"crossref","unstructured":"Prvulovic, M., Torrellas, J.: ReEnact: Using thread-level speculation to debug software; An application to data races in multithreaded codes. In: Proceedings of the 30th Annual International Symposium on Computer Architecture, pp. 110\u2013121 (2003)","DOI":"10.1145\/859618.859632"},{"key":"46_CR25","doi-asserted-by":"crossref","unstructured":"Zhou, P., Qin, F., Liu, W., Zhou, Y., Torrellas, J.: iWatcher: Efficient architectural support for software debugging. In: Proceedings of the 31st Annual International Symposium on Computer Architecture (2004)","DOI":"10.1145\/1028176.1006720"},{"key":"46_CR26","unstructured":"Kim, H.A., Karp, B.: Autograph: Toward automated, distributed worm signature detection. In: Proceedings of 13th USENIX Security Symposium, San Diego, CA, USA (2004)"},{"key":"46_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1007\/3-540-36084-0_15","volume-title":"Recent Advances in Intrusion Detection","author":"T. Toth","year":"2002","unstructured":"Toth, T., Kruegel, C.: Accurate buffer overflow detection via abstract payload execution. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, pp. 274\u2013291. Springer, Heidelberg (2002)"},{"key":"46_CR28","doi-asserted-by":"crossref","unstructured":"Min, S.L., Choi, J.D.: An efficient cache-based access anomaly detection scheme. In: Proceedings of the Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, Santa Clara, CA, USA, pp. 235\u2013244 (1991)","DOI":"10.1145\/106972.106996"},{"key":"46_CR29","unstructured":"Open Source Security Management, www.ossim.net"},{"key":"46_CR30","unstructured":"LBL Network Research Group: Arpwatch, www.securityfocus.com\/tools\/142"},{"key":"46_CR31","unstructured":"Zalewski, M.: P0f: a versatile passive OS fingerprinting tool, http:\/\/lcamtuf.coredump.cx\/p0f.shtml"},{"key":"46_CR32","unstructured":"http:\/\/www.lsli.com\/pad.whitepaper.html"},{"key":"46_CR33","unstructured":"Tenable Network Security, The Network Vulnerability Scanner, http:\/\/www.nessus.org"},{"key":"46_CR34","unstructured":"Sourcefire, Inc., Open Source Snort, http:\/\/www.snort.org"},{"key":"46_CR35","unstructured":"Benson, S.: Tcptrack, A sniffer to displays information about TCP connections on a network interface, www.rhythm.cx\/~steve\/devel\/tcptrack\/"},{"key":"46_CR36","unstructured":"Hoagland, J., Staniford, S.: SPADE (Statistical Packet Anomaly Detection Engine) Snort preprocessor plugin, www.securityfocus.com\/tools\/1767"},{"key":"46_CR37","unstructured":"ntop. A network traffic probe to show network usage, www.ntop.org"},{"key":"46_CR38","unstructured":"Nagios Enterprises, L.L.C.: Nagios, Open source host, service and network monitoring program, www.nagios.org"},{"key":"46_CR39","unstructured":"Paul, J.B.: Intrusion Detection \u2013 Evolution beyond Anomalous Behavior and Pattern Matching. Security Essentials Version 1.4 (2002)"},{"issue":"2","key":"46_CR40","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D.E. Denning","year":"1987","unstructured":"Denning, D.E.: An Intrusion Detection Model. IEEE Trans. Software Eng.\u00a013(2), 222\u2013232 (1987)","journal-title":"IEEE Trans. Software Eng."},{"key":"46_CR41","unstructured":"Wang, T., Suckow, W., Brown, D.: A Survey of Intrusion Detection Systems. In: CSE221 course notes, Department of Computer Science, University of California, San Diego, CA, USA (2001)"},{"key":"46_CR42","first-page":"259","volume-title":"Proc. Annual Computer Security Application Conference (ACSAC 1998)","author":"A.K. Ghosh","year":"1998","unstructured":"Ghosh, A.K., Wanken, J., Charron, F.: Detecting Anomalous and Unknown Intrusions Against Programs. In: Proc. Annual Computer Security Application Conference (ACSAC 1998), pp. 259\u2013267. IEEE CS Press, Los Alamitos (1998)"},{"issue":"3","key":"46_CR43","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1109\/32.372146","volume":"21","author":"K. Ilgun","year":"1995","unstructured":"Ilgun, K., Kemmerer, R.A., Porras, P.A.: State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Trans. Software Eng.\u00a021(3), 181\u2013199 (1995)","journal-title":"IEEE Trans. Software Eng."},{"key":"46_CR44","doi-asserted-by":"crossref","unstructured":"Lindqvist, U., Porras, P.A.: Detecting Computer and Network Misuse with the Production-Based Expert System Toolset (P-BEST). In: 1999 IEEE Symp. Security and Privacy, pp. 146\u2013161 (1999)","DOI":"10.1109\/SECPRI.1999.766911"},{"key":"46_CR45","doi-asserted-by":"crossref","unstructured":"Scarfone, K., Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS). Special Publication 800-94, National Institute of Standards and Technology, Gaithersburg, MD, US (2007)","DOI":"10.6028\/NIST.SP.800-94"},{"key":"46_CR46","unstructured":"Roesch, M.: Snort \u2013 Lightweight Intrusion Detection for Networks, www.snort.org\/docs\/lisapaper.txt"},{"key":"46_CR47","unstructured":"Aleph One: Smashing the Stack for Fun and Profit, Phrack, vol. 7(49), (1996), www.phrack.com"},{"key":"46_CR48","unstructured":"Hansen, S.E., Atkins, E.T.: Centralized System Monitoring with Swatch. In: USENIX Seventh Conference on Systems Administration, Monterey, California, USA, pp. 145\u2013152 (1993)"},{"key":"46_CR49","unstructured":"Angela, O., Eric, C.: Intrusion Prevention and Active Response: Implementing an Open Source Defense. Sys. Admin. Magazine\u00a014(3) (2005)"}],"container-title":["Communications in Computer and Information Science","Wireless Networks, Information Processing and Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-89853-5_46","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,15]],"date-time":"2019-05-15T06:12:46Z","timestamp":1557900766000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-89853-5_46"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008]]},"ISBN":["9783540898528","9783540898535"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-89853-5_46","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2008]]}}}