{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,29]],"date-time":"2025-10-29T03:26:14Z","timestamp":1761708374574,"version":"3.37.0"},"publisher-location":"Berlin, Heidelberg","reference-count":19,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642029172"},{"type":"electronic","value":"9783642029189"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-02918-9_9","type":"book-chapter","created":{"date-parts":[[2009,6,26]],"date-time":"2009-06-26T14:15:11Z","timestamp":1246025711000},"page":"147-156","source":"Crossref","is-referenced-by-count":14,"title":["Using Contextual Information for IDS Alarm Classification (Extended Abstract)"],"prefix":"10.1007","author":[{"given":"Fran\u00e7ois","family":"Gagnon","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fr\u00e9d\u00e9ric","family":"Massicotte","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Babak","family":"Esfandiari","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"Gagnon, F., Esfandiari, B., Bertossi, L.: A Hybrid Approach to Operating System Discovery Using Answer Set Programming. In: Proceedings of the 10th IFIP\/IEEE Symposium on Integrated Management (IM 2007), pp. 391\u2013400 (2007)","DOI":"10.1109\/INM.2007.374804"},{"key":"9_CR2","unstructured":"Gagnon, F., Massicotte, F., Esfandiari, B.: On the Effectiveness of Target Configuration as Contextual Information for IDS Alarm Classification. Technical Report SCE-08-08, Department of Systems and Computer Engineering - Carleton University (2008), http:\/\/www.sce.carleton.ca\/~fgagnon\/Publications\/context.pdf"},{"key":"9_CR3","unstructured":"Dayioglu, B., Ozgit, A.: Use of Passive Network Mapping to Enhance Signature Quality of Misuse Network Intrusion Detection Systems. In: Proceedings of the 16th International Symposium on Computer and Information Science, ISCIS 2001 (2001)"},{"key":"9_CR4","unstructured":"Ettercap, http:\/\/ettercap.sourceforge.net"},{"key":"9_CR5","unstructured":"Kruegel, C., Robertson, W.: Alert Verification: Determining the Success of Intrusion Attempts. In: Proceedings of the 1st Workshop on Detection of Intrusions and Malware and Vulnerability Assessment, DIMVA 2004 (2004)"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClung, D., Weber, D., Webster, S.E., Wyschogrod, D., Cunnigham, R.K., Zissman, M.A.: Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation. In: Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX 2000), vol.\u00a02, pp. 12\u201326 (2000)","DOI":"10.1109\/DISCEX.2000.821506"},{"key":"9_CR7","doi-asserted-by":"crossref","unstructured":"Massicotte, F., Gagnon, F., Couture, M., Labiche, Y., Briand, L.: Automatic Evaluation of Intrusion Detection Systems. In: Proceedings of the 2006 Annual Computer Security Applications Conference (ACSAC 2006) (2006)","DOI":"10.1109\/ACSAC.2006.15"},{"issue":"4","key":"9_CR8","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J. McHugh","year":"2000","unstructured":"McHugh, J.: Testing Intrusion Detection Systems: A critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluation as Performed by Lincoln Laboratory. ACM Transactions on Information and System Security\u00a03(4), 262\u2013294 (2000)","journal-title":"ACM Transactions on Information and System Security"},{"key":"9_CR9","unstructured":"Nmap, http:\/\/www.insecure.org\/nmap\/"},{"key":"9_CR10","unstructured":"p0f, http:\/\/lcamtuf.coredump.cx\/p0f.shtml"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","volume-title":"Recent Advances in Intrusion Detection","author":"S. Patton","year":"2001","unstructured":"Patton, S., Yurcik, W., Doss, D.: An Achilles\u2019 Heel in Signature-Based IDS: Squealing False Positives in SNORT. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, Springer, Heidelberg (2001)"},{"key":"9_CR12","unstructured":"Security Focus, http:\/\/www.securityfocus.org\/"},{"key":"9_CR13","unstructured":"SinFP, http:\/\/www.gomor.org\/cgi-bin\/sinfp.pl"},{"issue":"4","key":"9_CR14","first-page":"35","volume":"24","author":"A. Singhal","year":"2001","unstructured":"Singhal, A.: Modern Information Retrieval: A Brief Overview. Bulletin of the IEEE Computer Society Technical Committee on Data Engineering\u00a024(4), 35\u201343 (2001)","journal-title":"Bulletin of the IEEE Computer Society Technical Committee on Data Engineering"},{"key":"9_CR15","unstructured":"Siphon, http:\/\/siphon.datanerds.net\/"},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Enhancing Byte-Level Network Intrusion Detection Signatures with Context. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003), pp. 262\u2013271 (2003)","DOI":"10.1145\/948109.948145"},{"key":"9_CR17","unstructured":"Wine, http:\/\/www.winehq.org"},{"key":"9_CR18","unstructured":"Xprobe, http:\/\/xprobe.sourceforge.net"},{"key":"9_CR19","unstructured":"Zhou, J., Carlson, A., Bishop, M.: Verify Results of Network Intrusion Alerts Using Lightweight Protocol Analysis. In: Proceedings of the 21st Annual Computer Security Applications Conference, ACSAC 2005 (2005)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-02918-9_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,10]],"date-time":"2025-02-10T12:00:32Z","timestamp":1739188832000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-02918-9_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642029172","9783642029189"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-02918-9_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}