{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T01:00:03Z","timestamp":1771981203835,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642029172","type":"print"},{"value":"9783642029189","type":"electronic"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-02918-9_12","type":"book-chapter","created":{"date-parts":[[2009,6,26]],"date-time":"2009-06-26T14:15:11Z","timestamp":1246025711000},"page":"196-205","source":"Crossref","is-referenced-by-count":28,"title":["Learning SQL for Database Intrusion Detection Using Context-Sensitive Modelling (Extended Abstract)"],"prefix":"10.1007","author":[{"given":"Christian","family":"Bockermann","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Martin","family":"Apel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Meier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","unstructured":"Open Web Application\u00a0Security Project. The Top list of most severe web application vulnerabilities (2004)"},{"key":"12_CR2","unstructured":"Roesch, M.: Snort: Lightweight intrusion detection for networks. In: Proc. of LISA, pp. 229\u2013238. USENIX (1999)"},{"key":"12_CR3","unstructured":"Ristic, I.: ModSecurity - A Filter-Module for the Apache Webserver (1998)"},{"key":"12_CR4","first-page":"251","volume-title":"Proc. of ACM CCS","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Vigna, G.: Anomaly Detection of Web-based Attacks. In: Proc. of ACM CCS, pp. 251\u2013261. ACM Press, New York (2003)"},{"issue":"5","key":"12_CR5","doi-asserted-by":"publisher","first-page":"717","DOI":"10.1016\/j.comnet.2005.01.009","volume":"48","author":"C. Kruegel","year":"2005","unstructured":"Kruegel, C., Vigna, G., Robertson, W.: A Multi-model Approach to the Detection of Web-based Attacks. Computer Networks\u00a048(5), 717\u2013738 (2005)","journal-title":"Computer Networks"},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"Valeur, F., Vigna, G., Kruegel, C., Kirda, E.: An Anomaly-driven Reverse Proxy for Web Applications. In: Proc. of ACM SAC (2006)","DOI":"10.1145\/1141277.1141361"},{"key":"12_CR7","first-page":"554","volume-title":"Proc. of IEEE PerCom","author":"C. Bockermann","year":"2008","unstructured":"Bockermann, C., Mierswa, I., Morik, K.: On the automated creation of understandable positive security models for web applications. In: Proc. of IEEE PerCom, pp. 554\u2013559. IEEE Computer Society, Los Alamitos (2008)"},{"key":"12_CR8","unstructured":"Shezaf, O., Grossman, J.: Web Hacking Incident Database (2008)"},{"key":"12_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"264","DOI":"10.1007\/3-540-45853-0_16","volume-title":"Computer Security - ESORICS 2002","author":"S.-Y. Lee","year":"2002","unstructured":"Lee, S.-Y., Low, W.L., Wong, P.Y.: Learning fingerprints for a database intrusion detection system. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol.\u00a02502, pp. 264\u2013280. Springer, Heidelberg (2002)"},{"key":"12_CR10","first-page":"106","volume-title":"Proc. of SEM","author":"G. Buehrer","year":"2005","unstructured":"Buehrer, G., Weide, B.W., Sivilotti, P.A.G.: Using parse tree validation to prevent sql injection attacks. In: Proc. of SEM, pp. 106\u2013113. ACM, New York (2005)"},{"key":"12_CR11","unstructured":"Gerstenberger, R.: Anomaliebasierte Angriffserkennung im FTP-Protokoll. Master\u2019s thesis, University of Potsdam, Germany (2008)"},{"key":"12_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-540-89862-7_17","volume-title":"Information Systems Security","author":"P. D\u00fcssel","year":"2008","unstructured":"D\u00fcssel, P., Gehl, C., Laskov, P., Rieck, K.: Incorporation of application layer protocol syntax into anomaly detection. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol.\u00a05352, pp. 188\u2013202. Springer, Heidelberg (2008)"},{"key":"12_CR13","first-page":"711","volume-title":"Proc. of ACM SAC","author":"Y. Hu","year":"2004","unstructured":"Hu, Y., Panda, B.: A data mining approach for database intrusion detection. In: Proc. of ACM SAC, pp. 711\u2013716. ACM, New York (2004)"},{"issue":"4","key":"12_CR14","doi-asserted-by":"publisher","first-page":"8","DOI":"10.4304\/jcp.1.4.8-17","volume":"1","author":"A. Srivastava","year":"2006","unstructured":"Srivastava, A., Sural, S., Majumdar, A.K.: Database intrusion detection using weighted sequence mining. JCP\u00a01(4), 8\u201317 (2006)","journal-title":"JCP"},{"key":"12_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/978-3-540-70567-3_24","volume-title":"Data and Applications Security XXII","author":"A. Roichman","year":"2008","unstructured":"Roichman, A., Gudes, E.: DIWeDa - detecting intrusions in web databases. In: Atluri, V. (ed.) DAS 2008. LNCS, vol.\u00a05094, pp. 313\u2013329. Springer, Heidelberg (2008)"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/BFb0026666","volume-title":"Machine Learning: ECML-98","author":"D.D. Lewis","year":"1998","unstructured":"Lewis, D.D.: Naive (bayes) at forty: The independence assumption in information retrieval. In: N\u00e9dellec, C., Rouveirol, C. (eds.) ECML 1998. LNCS, vol.\u00a01398, pp. 4\u201315. Springer, Heidelberg (1998)"},{"key":"12_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/978-3-540-70542-0_6","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"K. Rieck","year":"2008","unstructured":"Rieck, K., Holz, T., Willems, C., D\u00fcssel, P., Laskov, P.: Learning and classification of malware behavior. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol.\u00a05137, pp. 108\u2013125. Springer, Heidelberg (2008)"},{"key":"12_CR18","unstructured":"Haussler, D.: Convolution kernels on discrete structures. Technical report, Dept. of Computer Science, UC Santa Cruz (1999)"},{"key":"12_CR19","first-page":"625","volume-title":"Advances in Neural Information Processing Systems 14","author":"M. Collins","year":"2001","unstructured":"Collins, M., Duffy, N.: Convolution kernels for natural language. In: Advances in Neural Information Processing Systems 14, pp. 625\u2013632. MIT Press, Cambridge (2001)"},{"key":"12_CR20","unstructured":"Zhou, G.D., Zhang, M., Ji, D.H., Zhu, Q.M.: Tree kernel-based relation extraction with context-sensitive structured parse tree information. In: Proc. of Joint Conf. on Empirical Methods in Natural Language Processing and Computational Natural Language Learning, pp. 728\u2013736. Assoc. for Computer Linguistics (2007)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-02918-9_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,9]],"date-time":"2019-03-09T00:52:36Z","timestamp":1552092756000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-02918-9_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642029172","9783642029189"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-02918-9_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}