{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T06:30:08Z","timestamp":1760596208962},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642043413"},{"type":"electronic","value":"9783642043420"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-04342-0_4","type":"book-chapter","created":{"date-parts":[[2009,9,28]],"date-time":"2009-09-28T23:00:22Z","timestamp":1254178822000},"page":"61-80","source":"Crossref","is-referenced-by-count":14,"title":["Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems"],"prefix":"10.1007","author":[{"given":"Martin","family":"Reh\u00e1k","sequence":"first","affiliation":[]},{"given":"Eugen","family":"Staab","sequence":"additional","affiliation":[]},{"given":"Volker","family":"Fusenig","sequence":"additional","affiliation":[]},{"given":"Michal","family":"P\u011bchou\u010dek","sequence":"additional","affiliation":[]},{"given":"Martin","family":"Grill","sequence":"additional","affiliation":[]},{"given":"Jan","family":"Stiborek","sequence":"additional","affiliation":[]},{"given":"Karel","family":"Barto\u0161","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Engel","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"4_CR1","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D.E. Denning","year":"1987","unstructured":"Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng.\u00a013, 222\u2013232 (1987)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"4_CR2","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-540-85834-8_6","volume-title":"Cooperative Information Agents XII","author":"E. Staab","year":"2008","unstructured":"Staab, E., Fusenig, V., Engel, T.: Towards trust-based acquisition of unverifiable information. In: Klusch, M., P\u011bchou\u010dek, M., Polleres, A. (eds.) CIA 2008. LNCS (LNAI), vol.\u00a05180, pp. 41\u201354. Springer, Heidelberg (2008)"},{"key":"4_CR3","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1007\/978-3-540-85834-8_11","volume-title":"Cooperative Information Agents XII","author":"M. Reh\u00e1k","year":"2008","unstructured":"Reh\u00e1k, M., Pechoucek, M., Grill, M., Bartos, K.: Trust-based classifier combination for network anomaly detection. In: Klusch, M., P\u011bchou\u010dek, M., Polleres, A. (eds.) CIA 2008. LNCS (LNAI), vol.\u00a05180, pp. 116\u2013130. Springer, Heidelberg (2008)"},{"key":"4_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1007\/978-3-540-87403-4_25","volume-title":"Recent Advances in Intrusion Detection","author":"M. Reh\u00e1k","year":"2008","unstructured":"Reh\u00e1k, M., Pechoucek, M., Bartos, K., Grill, M., Celeda, P., Krmicek, V.: Improving anomaly detection error rate by collective trust modeling. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 398\u2013399. Springer, Heidelberg (2008)"},{"key":"4_CR5","unstructured":"Cisco Systems: Cisco IOS NetFlow (2007), http:\/\/www.cisco.com\/go\/netflow"},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Scarfone, K., Mell, P.: Guide to intrusion detection and prevention systems (idps). Technical Report 800-94, NIST, US Dept. of Commerce (2007)","DOI":"10.6028\/NIST.SP.800-94"},{"key":"4_CR7","unstructured":"Xu, K., Zhang, Z.L., Bhattacharrya, S.: Reducing Unwanted Traffic in a Backbone Network. In: USENIX Workshop on Steps to Reduce Unwanted Traffic in the Internet (SRUTI), Boston, MA (2005)"},{"key":"4_CR8","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1145\/1080091.1080118","volume-title":"ACM SIGCOMM","author":"A. Lakhina","year":"2005","unstructured":"Lakhina, A., Crovella, M., Diot, C.: Mining Anomalies using Traffic Feature Distributions. In: ACM SIGCOMM, Philadelphia, PA, pp. 217\u2013228. ACM Press, New York (2005)"},{"key":"4_CR9","first-page":"219","volume-title":"ACM SIGCOMM 2004","author":"A. Lakhina","year":"2004","unstructured":"Lakhina, A., Crovella, M., Diot, C.: Diagnosis Network-Wide Traffic Anomalies. In: ACM SIGCOMM 2004, pp. 219\u2013230. ACM Press, New York (2004)"},{"key":"4_CR10","volume-title":"Next Generation Data Mining","author":"L. Ertoz","year":"2004","unstructured":"Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P.N., Kumar, V., Srivastava, J., Dokas, P.: Minds - minnesota intrusion detection system. In: Next Generation Data Mining. MIT Press, Cambridge (2004)"},{"key":"4_CR11","unstructured":"Sridharan, A., Ye, T., Bhattacharyya, S.: Connectionless port scan detection on the backbone, Phoenix, AZ, USA (2006)"},{"key":"4_CR12","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1109\/21.87068","volume":"18","author":"R. Yager","year":"1988","unstructured":"Yager, R.: On ordered weighted averaging aggregation operators in multicriteria decision making. IEEE Transactions on Systems, Man, and Cybernetics\u00a018, 183\u2013190 (1988)","journal-title":"IEEE Transactions on Systems, Man, and Cybernetics"},{"key":"4_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"394","DOI":"10.1007\/978-3-540-87403-4_23","volume-title":"Recent Advances in Intrusion Detection","author":"B.I.P. Rubinstein","year":"2008","unstructured":"Rubinstein, B.I.P., Nelson, B., Huang, L., Joseph, A.D., Lau, S.-h., Taft, N., Tygar, J.D.: Evading anomaly detection through variance injection attacks on PCA. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 394\u2013395. Springer, Heidelberg (2008)"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU\/SEI-2001-TN-001, CMU Software Engineering Institute (2001)","DOI":"10.21236\/ADA387544"},{"key":"4_CR15","doi-asserted-by":"publisher","first-page":"627","DOI":"10.2307\/2307285","volume":"62","author":"W. Quine","year":"1955","unstructured":"Quine, W.: A way to simplify truth functions. American Mathematical Monthly\u00a062, 627\u2013631 (1955)","journal-title":"American Mathematical Monthly"},{"key":"4_CR16","volume-title":"The Basic Practice of Statistics","author":"D.S. Moore","year":"2007","unstructured":"Moore, D.S.: The Basic Practice of Statistics, 4th edn. W. H. Freeman & Co., New York (2007)","edition":"4"},{"key":"4_CR17","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1109\/MCAS.2006.1688199","volume":"6","author":"R. Polikar","year":"2006","unstructured":"Polikar, R.: Esemble based systems in decision making. IEEE Circuits and Systems Mag.\u00a06, 21\u201345 (2006)","journal-title":"IEEE Circuits and Systems Mag."},{"key":"4_CR18","doi-asserted-by":"crossref","first-page":"273","DOI":"10.1109\/SECPRI.2002.1004377","volume-title":"SP 2002: Proceedings of the 2002 IEEE Symposium on Security and Privacy","author":"O. Sheyner","year":"2002","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: SP 2002: Proceedings of the 2002 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 273. IEEE Computer Society, Los Alamitos (2002)"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Fan, X., Wang, Y., Xue, Z.: Attack grammar: A new approach to modeling and analyzing network attack sequences. In: Proc. of the Annual Computer Security Applications Conference (ACSAC 2008), pp. 215\u2013224 (2008)","DOI":"10.1109\/ACSAC.2008.34"},{"key":"4_CR20","first-page":"337","volume-title":"CCGRID 2001: Proc. of the 1st Int. Symposium on Cluster Computing and the Grid","author":"L.F.G. Sarmenta","year":"2001","unstructured":"Sarmenta, L.F.G.: Sabotage-tolerance mechanisms for volunteer computing systems. In: CCGRID 2001: Proc. of the 1st Int. Symposium on Cluster Computing and the Grid, Washington, DC, USA, p. 337. IEEE Computer Society, Los Alamitos (2001)"},{"key":"4_CR21","first-page":"31","volume-title":"P2P 2005: Proc. of the 5th IEEE Int. Conf. on Peer-to-Peer Computing","author":"S. Zhao","year":"2005","unstructured":"Zhao, S., Lo, V., GauthierDickey, C.: Result verification and trust-based scheduling in peerto- peer grids. In: P2P 2005: Proc. of the 5th IEEE Int. Conf. on Peer-to-Peer Computing, Washington, DC, USA, pp. 31\u201338. IEEE Computer Society, Los Alamitos (2005)"},{"key":"4_CR22","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1016\/j.inffus.2006.10.002","volume":"9","author":"G. Giacinto","year":"2008","unstructured":"Giacinto, G., Perdisci, R., Rio, M.D., Roli, F.: Intrusion detection in computer networks by a modular ensemble of one-class classifiers. Information Fusion\u00a09, 69\u201382 (2008)","journal-title":"Information Fusion"},{"key":"4_CR23","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1109\/ICAC.2008.33","volume-title":"ICAC 2008: Proceedings of the 2008 International Conference on Autonomic Computing","author":"S. Ghanbari","year":"2008","unstructured":"Ghanbari, S., Amza, C.: Semantic-driven model composition for accurate anomaly diagnosis. In: ICAC 2008: Proceedings of the 2008 International Conference on Autonomic Computing, Washington, DC, USA, pp. 35\u201344. IEEE Computer Society, Los Alamitos (2008)"},{"key":"4_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45014-9_1","volume-title":"Multiple Classifier Systems","author":"T.G. Dietterich","year":"2000","unstructured":"Dietterich, T.G.: Ensemble methods in machine learning. In: Kittler, J., Roli, F. (eds.) MCS 2000. LNCS, vol.\u00a01857, pp. 1\u201315. Springer, Heidelberg (2000)"},{"key":"4_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/3-540-36084-0_7","volume-title":"Recent Advances in Intrusion Detection","author":"B. Morin","year":"2002","unstructured":"Morin, B., M\u00e9, L., Debar, H., Ducass\u00e9, M.: M2D2: A formal data model for IDS alert correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516, pp. 115\u2013137. Springer, Heidelberg (2002)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04342-0_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,26]],"date-time":"2023-05-26T23:04:47Z","timestamp":1685142287000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04342-0_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642043413","9783642043420"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04342-0_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}