{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T09:53:38Z","timestamp":1725530018963},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642009716"},{"type":"electronic","value":"9783642009723"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-00972-3_6","type":"book-chapter","created":{"date-parts":[[2009,4,7]],"date-time":"2009-04-07T01:33:26Z","timestamp":1239068006000},"page":"65-82","source":"Crossref","is-referenced-by-count":0,"title":["A Network-Based Response Framework and Implementation"],"prefix":"10.1007","author":[{"given":"Marcus","family":"Tylutki","sequence":"first","affiliation":[]},{"given":"Karl","family":"Levitt","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"6_CR1","unstructured":"Snapp, S., Brentano, J., Dias, G., Goan, T., Heberlein, T., Ho, C., Levitt, K., Mukherjee, B., Smaha, S., Grance, T., Teal, D., Mansur, D.: DIDS (Distributed Intrusion Detection System) - Motivation, Architecture, and an Early Prototype. In: Proc. 14th National Computer Security Conference (1991)"},{"key":"6_CR2","doi-asserted-by":"crossref","unstructured":"Heberlein, L., Dias, G., Levitt, K., Mukherjee, B., Wood, J., Wolber, D.: A Network Security Monitor. In: Proc. IEEE Symposium on Security and Privacy (1990)","DOI":"10.1109\/RISP.1990.63859"},{"key":"6_CR3","unstructured":"Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303, USA. SunSHIELD Basic Security Module Guide, Solaris 7, Part No. 805-2635-10 (October 1998)"},{"key":"6_CR4","unstructured":"Ionnidis, J., Bellovin, S.M.: Implementing Pushback: Router-based Defense against DDoS Attacks. In: Proc. The Network and Distributed System Security Symposium (2002)"},{"key":"6_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/3-540-45474-8_9","volume-title":"Recent Advances in Intrusion Detection","author":"D. Sterne","year":"2001","unstructured":"Sterne, D., Djahandari, K., Wilson, B., Babson, B., Schnackenberg, D., Holliday, H., Reid, T.: Autonomic response to distributed denial of service attacks. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, p. 134. Springer, Heidelberg (2001)"},{"key":"6_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-45248-5_1","volume-title":"Recent Advances in Intrusion Detection","author":"M. Tylutki","year":"2003","unstructured":"Tylutki, M., Levitt, K.: Mitigating distributed denial of service attacks using a proportional-integral-derivative controller. In: Vigna, G., Kr\u00fcgel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol.\u00a02820, pp. 1\u201316. Springer, Heidelberg (2003)"},{"key":"6_CR7","unstructured":"Rowe, J.: Intrusion Detection and Isolation Protocol: Automated Response to Attacks. In: Recent Advances in Intrusion Detection (1999)"},{"key":"6_CR8","unstructured":"Kreidl, O., Frazier, T.: Feedback Control Applied to Survivability: A Host-Based Autonomic Defense System. IEEE Transactions of Reliability\u00a052(3) (2003)"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Musliner, D.: CIRCADIA Demonstration: Active Adaptive Defense. In: Proc. DISCEX 2003 (2003)","DOI":"10.1109\/DISCEX.2003.1194905"},{"key":"6_CR10","doi-asserted-by":"crossref","unstructured":"Toth, T., Kruegel, C.: Evaluating the Impact of Automated Intrusion Response Mechanisms. In: Proc. 18th Annual Computer Security Applications Conference (2002)","DOI":"10.1109\/CSAC.2002.1176302"},{"key":"6_CR11","unstructured":"Cohen, F., Lambert, D., Preston, C., Berry, N., Stewart, C., Thomas, E.: A Framework for Deception (July 2005) (accessed July 2005), http:\/\/www.all.net\/journal\/deception\/Framework\/Framework.html"},{"issue":"5","key":"6_CR12","doi-asserted-by":"publisher","first-page":"402","DOI":"10.1016\/S0167-4048(03)00506-6","volume":"22","author":"F. Cohen","year":"2003","unstructured":"Cohen, F.: Leading Attackers through Attack Graphs with Deceptions. Computers and Security\u00a022(5), 402\u2013411 (2003)","journal-title":"Computers and Security"},{"key":"6_CR13","unstructured":"The Honeynet Project (accessed June 2005), http:\/\/www.honeynet.org"},{"key":"6_CR14","unstructured":"Spitzner, L.: The Honeynet Project: Trapping the Hackers. In: Proc. IEEE Symposium on Security and Privacy (2005)"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Templeton, S., Levitt, K.: A Requires\/Provides Model for Computer Attacks. In: Proc. 2000 New Security Paradigms Workshop, pp. 31\u201338 (2000)","DOI":"10.1145\/366173.366187"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Cheung, S., Lindqvist, U., Fong, M.: Modeling Multistep Cyber Attacks for Scenario Recognition. In: Proc. DISCEX 2003 (2003)","DOI":"10.1109\/DISCEX.2003.1194892"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Michel, C., M\u00e9, L.: AdeLe: An Attack Description Language for Knowledge-Based Intrusion Detection. In: Trusted Information: The New Decade Challenge: IFIP TC11 16th International Conference on Information Security (IFIP\/SEC 2001), pp. 353\u2013368 (2001)","DOI":"10.1007\/0-306-46998-7_25"},{"key":"6_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/3-540-39945-3_13","volume-title":"Recent Advances in Intrusion Detection","author":"F. Cuppens","year":"2000","unstructured":"Cuppens, F., Ortalo, R.: LAMBDA: A language to model a database for detection of attacks. In: Debar, H., M\u00e9, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol.\u00a01907, pp. 197\u2013216. Springer, Heidelberg (2000)"},{"key":"6_CR19","unstructured":"Staniford-Chen, S., Tung, B., Schanckenberg, D.: The Common Intrusion Detection Framework (CIDF). In: Information Survivability Workshop (1998)"},{"key":"6_CR20","unstructured":"Debar, H., Curry, D., Feinstein, B.: The Intrusion Detection Message Exchange Format. Internet Draft (July 2004) (accessed July, 2005), http:\/\/xml.coverpages.org\/draft-ietf-idwg-idmef-xml-12.txt"},{"key":"6_CR21","unstructured":"Kim, G., Spafford, E.: The Design and Implementation of Tripwire: A File System Integrity Checker. Technical Report CSD-TR-93-071, Purdue University, West Lafayette, IN 47907-1398"},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"Lee, W., Fan, W., Miller, M., Stolfo, S., Zadok, E.: Toward Cost-Sensitive Modeling for Intrusion Detection and Response. Journal of Computer Security, 5\u201322 (2002)","DOI":"10.3233\/JCS-2002-101-202"},{"key":"6_CR23","unstructured":"Rossey, L., Cunningham, R., Fried, D., Rabek, J., Lippmann, R., Haines, J., Zissman, M.: LARIAT: Lincoln Adaptable Real-time Information Assurance Testbed. In: Recent Advances in Intrusion Detection (2001)"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasadm, S., Newboldm, M., Hiber, M., Barb, C., Joglekar, A.: An Integrated Experimental Environment for Distributed Systems and Networks. In: Proc. 5th USENIX Operating systems Design and Implementation Symposium (2002)","DOI":"10.1145\/1060289.1060313"},{"key":"6_CR25","unstructured":"McAlerney, J.M.: An Internet Worm Propagation Data Model\u201d. M.S. thesis, University of California, Davis (2004)"},{"key":"6_CR26","unstructured":"Lee, W., Stolfo, S.: Data Mining Approaches for Intrusion Detection. In: Proc. 7 th USENIX Security Symposium (1998)"},{"key":"6_CR27","unstructured":"Roesch, M.: Snort - Lightweight Intrusion Detection for Networks. In: Proc. 13th Systems Administration Conference, USENIX (1999)"},{"issue":"23-24","key":"6_CR28","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V. Paxson","year":"1999","unstructured":"Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks\u00a031(23-24), 2435\u20132463 (1999)","journal-title":"Computer Networks"},{"key":"6_CR29","unstructured":"Kruegel, C., Toth, T.: Flexible, Mobile Agent Based Intrusion Detection for Dynamic Networks. In: Proc. European Wireless (2002)"},{"key":"6_CR30","unstructured":"DNS Poisoning Summary (March 2005) (accessed July 2005), http:\/\/isc.sans.org\/presentations\/dnspoisoning.php"},{"key":"6_CR31","unstructured":"How to Prevent DNS Cache Pollution, Article ID 241352 (accessed July 2005), http:\/\/support.microsoft.com\/default.aspx?scid=kb;en-us;241352"}],"container-title":["Lecture Notes in Computer Science","Active and Programmable Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-00972-3_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,19]],"date-time":"2019-05-19T10:09:58Z","timestamp":1558260598000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-00972-3_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642009716","9783642009723"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-00972-3_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}