{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T12:17:14Z","timestamp":1725538634493},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642043413"},{"type":"electronic","value":"9783642043420"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-04342-0_8","type":"book-chapter","created":{"date-parts":[[2009,9,28]],"date-time":"2009-09-28T19:00:22Z","timestamp":1254164422000},"page":"142-160","source":"Crossref","is-referenced-by-count":5,"title":["Automatically Adapting a Trained Anomaly Detector to Software Patches"],"prefix":"10.1007","author":[{"given":"Peng","family":"Li","sequence":"first","affiliation":[]},{"given":"Debin","family":"Gao","sequence":"additional","affiliation":[]},{"given":"Michael K.","family":"Reiter","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","volume-title":"Compilers: Principles, Techniques, and Tools","author":"A.V. Aho","year":"1986","unstructured":"Aho, A.V., Sethi, R., Ullman, J.D.: Compilers: Principles, Techniques, and Tools. Addison-Wesley, Reading (1986)"},{"key":"8_CR2","first-page":"353","volume-title":"Proxi-annotated control flow graphs: Deterministic context-sensitive monitoring for intrusion detection","author":"S. Basu","year":"2004","unstructured":"Basu, S., Uppuluri, P.: Proxi-annotated control flow graphs: Deterministic context-sensitive monitoring for intrusion detection, pp. 353\u2013362. Springer, Heidelberg (2004)"},{"key":"8_CR3","doi-asserted-by":"crossref","unstructured":"Buchanan, E., Roemer, R., Schacham, H., Savage, S.: When good instructions go bad: Generalizing return-oriented programming to RISC. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (October 2008)","DOI":"10.1145\/1455770.1455776"},{"key":"8_CR4","first-page":"3","volume":"9","author":"R.S. Cohn","year":"1998","unstructured":"Cohn, R.S., Goodwin, D.W., Lowney, P.G.: Optimizing Alpha executables on Windows NT with Spike. Digital Tech. J.\u00a09, 3\u201320 (1998)","journal-title":"Digital Tech. J."},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Feng, H., Giffin, J., Huang, Y., Jha, S., Lee, W., Miller, B.: Formalizing sensitivity in static analysis for intrusion detection. In: Proceedings of the 2004 IEEE Symposium on Security and Privacy (May 2004)","DOI":"10.1109\/SECPRI.2004.1301324"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Feng, H., Kolesnikov, O., Fogla, P., Lee, W., Gong, W.: Anomaly detection using call stack information. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy, May 2003, pp. 62\u201375 (2003)","DOI":"10.1109\/SECPRI.2003.1199328"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A sense of self for Unix processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, May 1996, pp. 120\u2013128 (1996)","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Gao, D., Reiter, M.K., Song, D.: Gray-box extraction of execution graph for anomaly detection. In: Proceedings of the 11th ACM Conference on Computer & Communication Security (CCS 2004) (2004)","DOI":"10.1145\/1030083.1030126"},{"key":"8_CR9","unstructured":"Gao, D., Reiter, M.K., Song, D.: On gray-box program tracking for anomaly detection. In: Proceedings of the 13th USENIX Security Symposium (2004)"},{"key":"8_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1007\/978-3-540-88625-9_16","volume-title":"Information and Communications Security","author":"D. Gao","year":"2008","unstructured":"Gao, D., Reiter, M.K., Song, D.: BinHunt: Automatically finding semantic differences in binary programs. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol.\u00a05308, pp. 238\u2013255. Springer, Heidelberg (2008)"},{"key":"8_CR11","unstructured":"Giffin, J., Jha, S., Miller, B.: Detecting manipulated remote call streams. In: Proceedings of the 11th USENIX Security Symposium (August 2002)"},{"key":"8_CR12","unstructured":"Giffin, J., Jha, S., Miller, B.: Efficient context-sensitive intrusion detection. In: Proceedings of the ISOC Symposium on Network and Distributed System Security (February 2004)"},{"key":"8_CR13","doi-asserted-by":"crossref","unstructured":"Gopalakkrishna, R., Spafford, E.H., Vitek, J.: Efficient intrusion detection using automaton inlining. In: Proceedings of the 2005 Symposium on Security and Privacy, pp. 18\u201331 (2005)","DOI":"10.1109\/SP.2005.1"},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of Computer Security, 151\u2013180 (1998)","DOI":"10.3233\/JCS-980109"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Sekar, R., Bendre, M., Dhurjati, D., Bollineni, P.: A fast automaton-based method for detecting anomalous program behaviors. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, May 2001, pp. 144\u2013155 (2001)","DOI":"10.1109\/SECPRI.2001.924295"},{"key":"8_CR16","doi-asserted-by":"crossref","unstructured":"Tan, K., Maxion, R.: \u201cWhy 6?\u201d\u2013 Defining the operational limits of stide, an anomaly-based intrusion detector. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, May 2002, pp. 188\u2013201 (2002)","DOI":"10.1109\/SECPRI.2002.1004371"},{"key":"8_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-36415-3_1","volume-title":"Information Hiding","author":"K. Tan","year":"2003","unstructured":"Tan, K., McHugh, J., Killourhy, K.: Hiding intrusions: From the abnormal to the normal and beyond. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol.\u00a02578, pp. 1\u201317. Springer, Heidelberg (2003)"},{"key":"8_CR18","doi-asserted-by":"crossref","unstructured":"Wagner, D., Dean, D.: Intrusion detection via static analysis. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy (May 2001)","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (2002)","DOI":"10.1145\/586110.586145"},{"key":"8_CR20","unstructured":"Wang, Z., Piece, K., Mcfarling, S.: BMAT \u2013 a binary matching tool for stale profile propagation. The Journal of Instruction-Level Parallelism\u00a02(2000) (2000)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04342-0_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,9]],"date-time":"2019-03-09T19:36:00Z","timestamp":1552160160000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04342-0_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642043413","9783642043420"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04342-0_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}