{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T14:58:22Z","timestamp":1725548302146},"publisher-location":"Berlin, Heidelberg","reference-count":26,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642041167"},{"type":"electronic","value":"9783642041174"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-04117-4_12","type":"book-chapter","created":{"date-parts":[[2010,2,22]],"date-time":"2010-02-22T16:44:00Z","timestamp":1266857040000},"page":"221-234","source":"Crossref","is-referenced-by-count":2,"title":["Distributed Port Scan Detection"],"prefix":"10.1007","author":[{"given":"Himanshu","family":"Singh","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Robert","family":"Chun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","unstructured":"S.\u00a0Panjwani, S.\u00a0Tan, K.\u00a0Jarrin, M.\u00a0Cukier: An experimental evaluation to determine if port scans are precursors to an attack, Proc. 2005 International Conference on Dependable Systems and Networks (2005) pp. 602\u2013611"},{"key":"12_CR2","unstructured":"E. Mills: Just how vulnerable is the electrical grid? available at http:\/\/news.cnet.com\/8301-1009_3-10216702-83.html (last accessed April 2009)"},{"key":"12_CR3","unstructured":"S. Gorman: Electricity grid in U.S. penetrated by spies, available at http:\/\/online.wsj.com\/article\/SB123914805204099085.html (last accessed April 2009)"},{"key":"12_CR4","unstructured":"R. Deibert, R. Rohozinski: Tracking GhostNet: Investigating a cyber espionage network, online (March 2009)"},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"M.\u00a0Allman, V.\u00a0Paxson, J.\u00a0Terrell: A brief history of scanning, ACM Internet Measurement Conference 2007 (2007)","DOI":"10.1145\/1298306.1298316"},{"key":"12_CR6","volume-title":"Counter Hack Reloaded: a Step-by-Step Guide to Computer Attacks and Effective Defenses","author":"E. Skoudis","year":"2005","unstructured":"E.\u00a0Skoudis, T.\u00a0Liston: Counter Hack Reloaded: a\u00a0Step-by-Step Guide to Computer Attacks and Effective Defenses, 2nd edn. (Prentice Hall, Upper Saddle River, NJ 2005)","edition":"2"},{"key":"12_CR7","unstructured":"Fyodor: The art of port scanning, Phrack Magazine 7(51) (1997), available at http:\/\/www.phrack.com\/issues.html?issue=51&id=11 (last accessed January 2009)"},{"key":"12_CR8","unstructured":"F. Cohen: Simulating cyber attacks, defenses, and consequences, available at http:\/\/www.all.net\/journal\/ntb\/simulate\/simulate.html (last accessed April 2009)"},{"key":"12_CR9","unstructured":"A. Varga et al.: OMNeT++ (2009), available at http:\/\/www.omnetpp.org (last accessed March 2009)"},{"key":"12_CR10","unstructured":"J. Postel: IANA \u2013 Internet Assigned Numbers Authority Port Number Assignment, available at http:\/\/www.iana.org\/assignments\/port-numbers (last accessed April 2009)"},{"key":"12_CR11","unstructured":"O. Maor: Divide and conquer: real world distributed port scanning, RSA Conference, Feb 2006, available at http:\/\/www.hacktics.com\/frpresentations.html (last accessed March 2008)"},{"issue":"1\/2","key":"12_CR12","doi-asserted-by":"crossref","first-page":"105","DOI":"10.3233\/JCS-2002-101-205","volume":"10","author":"S. Staniford","year":"2002","unstructured":"S.\u00a0Staniford, J.A.\u00a0Hoagland, J.M.\u00a0McAlerney: Practical automated detection of stealthy portscans, J. Comput. Secur. 10(1\/2), 105\u2013136 (2002)","journal-title":"J. Comput. Secur."},{"key":"12_CR13","doi-asserted-by":"crossref","DOI":"10.21236\/ADA448156","volume-title":"Detecting scans at the ISP level","author":"C. Gates","year":"2006","unstructured":"C. Gates, J. McNutt, J. Kadane, M. Kellner: Detecting scans at the ISP level, Tech. Rep. CMU\/SEI-2006-TR-005 (Software Engineering Institute, Carnegie Mellon University Pittsburgh, PA 15213, 2006)"},{"key":"12_CR14","unstructured":"Various contributors: Squid: optimizing web delivery, available at http:\/\/www.squid-cache.org\/ (last accessed March 2008)"},{"key":"12_CR15","doi-asserted-by":"crossref","unstructured":"L. Heberlein, G. Dias, K. Levitt, B. Mukherjee, J. Wood, D. Wolber: A network security monitor (May 1990) pp. 296\u2013304","DOI":"10.2172\/6223037"},{"key":"12_CR16","unstructured":"M.\u00a0Roesch: Snort \u2013 lightweight intrusion detection for networks, LISA\u201999: Proc. 13th USENIX conference on System administration (USENIX Association, Berkeley, CA 1999) pp. 229\u2013238"},{"key":"12_CR17","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V. Paxson","year":"1999","unstructured":"V.\u00a0Paxson: Bro: a system for detecting network intruders in real-time, Comput. Netw. 31, 23\u201324 (1999)","journal-title":"Comput. Netw."},{"key":"12_CR18","unstructured":"J.\u00a0Jung, V.\u00a0Paxson, A.W.\u00a0Berger, H.\u00a0Balakrishnan: Fast portscan detection using sequential hypothesis testing, Proc. IEEE Symposium on Security and Privacy (2004)"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"R.R.\u00a0Kompella, S.\u00a0Singh, G.\u00a0Varghese: On scalable attack detection in the network. In: IMC 04: Proc. 4th ACM SIGCOMM Conference on Internet Measurement, ed. by A.\u00a0Lombardo, J.F.\u00a0Kurose (ACM Press, Taormina, Sicily, Italy 2004) pp. 187\u2013200","DOI":"10.1145\/1028788.1028812"},{"key":"12_CR20","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1145\/362686.362692","volume":"13","author":"B. Bloom","year":"1970","unstructured":"B.\u00a0Bloom: Space\/time trade-offs in hash coding with allowable errors, Commun. ACM 13, 422\u2013426 (1970)","journal-title":"Commun. ACM"},{"key":"12_CR21","first-page":"636","volume":"1","author":"A. Broder","year":"2002","unstructured":"A. Broder, M. Mitzenmacher: Network applications of bloom filters: a survey, Internet Math. 1, 636\u2013646 (2002)","journal-title":"Internet Math"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"A. Varga, R. Hornig: An overview of the OMNeT++ simulation environment, Simutools \u201908: Proc. 1st Int. Conference on Simulation Tools and Techniques for Communications, Networks and Systems and Workshops, ICST, Brussels, Belgium, Belgium (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, 2008) pp. 1\u201310","DOI":"10.4108\/ICST.SIMUTOOLS2008.3027"},{"key":"12_CR23","unstructured":"A. Varga et al.: INET framework for OMNeT++ 4.0, available at http:\/\/inet.omnetpp.org\/ (last accessed March 2009)"},{"key":"12_CR24","unstructured":"S. Sinha: TCP state transition diagram, available at http:\/\/www.winlab.rutgers.edu\/hongbol\/tcpWeb\/tcpTutorialNotes.html (last accessed April 2009)"},{"key":"12_CR25","unstructured":"M. Baxter: Header drawings, available at http:\/\/www.fatpipe.org\/mjb\/Drawings\/ (last accessed April 2009)"},{"key":"12_CR26","unstructured":"Wikipedia: Classless inter-domain routing \u2013 Wikipedia, the free encyclopedia, available at http:\/\/en.wikipedia.org\/w\/index.php?title=Classless_Inter-Domain_Rout ing&oldid=281677018 (last accessed April 2009)"}],"container-title":["Handbook of Information and Communication Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04117-4_12.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:39:20Z","timestamp":1606185560000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04117-4_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642041167","9783642041174"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04117-4_12","relation":{},"subject":[],"published":{"date-parts":[[2010]]}}}