{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T17:56:47Z","timestamp":1775066207604,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642052835","type":"print"},{"value":"9783642052842","type":"electronic"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-05284-2_4","type":"book-chapter","created":{"date-parts":[[2009,10,13]],"date-time":"2009-10-13T08:06:00Z","timestamp":1255421160000},"page":"51-70","source":"Crossref","is-referenced-by-count":91,"title":["Baiting Inside Attackers Using Decoy Documents"],"prefix":"10.1007","author":[{"given":"Brian M.","family":"Bowen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shlomo","family":"Hershkop","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Angelos D.","family":"Keromytis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Salvatore J.","family":"Stolfo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"4_CR1","unstructured":"Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations, MITRE Corporation (1973)"},{"key":"4_CR2","volume-title":"Cheating and Deception","author":"J. Bell","year":"1982","unstructured":"Bell, J., Whaley, B.: Cheating and Deception. Transaction Publishers, New Brunswick (1982)"},{"key":"4_CR3","unstructured":"Butler, J., Sherri, S.: Security: Spyware and Rootkits. In: Login, December 2004, vol.\u00a029(6) (2004)"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Clark, D.D., Wilson, D.R.: A Comparison of Commercial and Military Computer Security Policies. In: IEEE Symposium on Security and Privacy, pp. 184\u2013194 (1987)","DOI":"10.1109\/SP.1987.10001"},{"key":"4_CR5","unstructured":"Demers, A., Gehrke, J., Hong, M., Panda, B., Riedewald, M., Sharma, V., White, W.: Cayuga: A General Purpose Event Monitoring System. In: CIDR, pp. 412\u2013422 (2007)"},{"key":"4_CR6","first-page":"61","volume":"11","author":"T. Detristan","year":"2003","unstructured":"Detristan, T., Ulenspiegel, T., Malcom, Y., Von Underduk, M.S.: Polymorphic Shellcode Engine Using Spectrum Analysis. Phrack\u00a011, 61\u201369 (2003)","journal-title":"Phrack"},{"key":"4_CR7","unstructured":"Friess, N., Aycock, J.: Black Market Botnets. Department of Computer Science, University of Calgary, TR 2007-873-25 (July 2007)"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Hoang, M.: Handling Today\u2019s Tough Security Threats. Symantec Security Response (2006)","DOI":"10.1016\/S1353-4858(06)70326-9"},{"key":"4_CR9","unstructured":"The Honeynet Project, http:\/\/www.honeynet.org"},{"key":"4_CR10","unstructured":"The Honeynet Project, Know Your Enemy: Sebek, A Kernel based data capture tool (November 2003)"},{"key":"4_CR11","unstructured":"Honeypot Mailing List, Security Focus, http:\/\/www.securityfocus.com\/archive\/119"},{"key":"4_CR12","doi-asserted-by":"crossref","DOI":"10.1201\/9781420010756","volume-title":"Introduction to Modern Cryptography","author":"J. Katz","year":"2007","unstructured":"Katz, J., Yehuda, L.: Introduction to Modern Cryptography. Chapman and Hall CRC Press, Boca Raton (2007)"},{"key":"4_CR13","unstructured":"Kravets, D.: From Riches to Prison: Hackers Rig Stock Prices. Wired Blog Network (September 2008)"},{"key":"4_CR14","unstructured":"Krebs, B.: Web Fraud 2.0: Validating Your Stolen Goods. The Washington Post (August 20, 2008)"},{"key":"4_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/978-3-540-73614-1_14","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"W. Li","year":"2007","unstructured":"Li, W., Stolfo, S.J., Stavrou, A., Androulaki, E., Keromytis, A.: A Study of Malcode-Bearing Documents. In: H\u00e4mmerli, B.M., Sommer, R. (eds.) DIMVA 2007. LNCS, vol.\u00a04579, pp. 231\u2013250. Springer, Heidelberg (2007)"},{"key":"4_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1007\/978-3-540-74320-0_8","volume-title":"Recent Advances in Intrusion Detection","author":"M. Maloof","year":"2007","unstructured":"Maloof, M., Stephens, G.D.: ELICIT: A System for Detecting Insiders Who Violate Need-to-know. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 146\u2013166. Springer, Heidelberg (2007)"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"McRae, C.M., Vaughn, R.B.: Phighting the Phisher: Using Web Bugs and Honeytokens to Investigate the Source of Phishing Attacks. In: Proceedings of the 40th Hawaii International Conference on System Sciences (2007)","DOI":"10.1109\/HICSS.2007.435"},{"key":"4_CR18","unstructured":"Orbiscom, http:\/\/www.orbiscom.com\/"},{"key":"4_CR19","unstructured":"Richardson, R.: CSI\/FBI Computer Crime and Security Survey (2007)"},{"key":"4_CR20","unstructured":"Smith, R.M.: Microsoft Word Documents that Phone Home. Privacy Foundation (August 2000)"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Song, Y., Locasto, M.E., Stavrou, A., Keromytis, A.D., Stolfo, S.J.: On the infeasibility of modeling polymorphic shellcode. In: Proceedings of the 14th ACM conference on Computer and communications security (CCS 2007), pp. 541\u2013551 (2007)","DOI":"10.1145\/1315245.1315312"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Spitzner, L.: Honeypots: Catching the Insider Threat. In: Proceedings of ACSAC, Las Vegas (December 2003)","DOI":"10.1109\/CSAC.2003.1254322"},{"key":"4_CR23","unstructured":"Spitzner, L.: Honeytokens: The Other Honeypot. Security Focus (2003)"},{"key":"4_CR24","unstructured":"Stoll, C.: The Cuckoo\u2019s Egg. Doubleday (1989)"},{"key":"4_CR25","unstructured":"Symantec. Global Internet Security Threat Report, Trends for July \u2013December 2007 (April 2008)"},{"key":"4_CR26","unstructured":"Webb, S., Caverlee, J., Pu, C.: Social Honeypots: Making Friends with a Spammer Near You. In: Proceedings of the Fifth Conference on Email and Anti-Spam (CEAS 2008), Mountain View, CA (August 2008)"},{"key":"4_CR27","unstructured":"Ye, N.: Markov Chain Model of Temporal Behavior for Anomaly Detection. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, June 2000, pp. 171\u2013174 (2000)"},{"issue":"3","key":"4_CR28","first-page":"26","volume":"5","author":"J. Yuill","year":"2006","unstructured":"Yuill, J., Denning, D., Feer, F.: Using Deception to Hide Things from Hackers: Processes, Principles, and Techniques. Journal of Information Warfare\u00a05(3), 26\u201340 (2006)","journal-title":"Journal of Information Warfare"},{"key":"4_CR29","doi-asserted-by":"crossref","unstructured":"Yuill, J., Zappe, M., Denning, D., Feer, F.: Honeyfiles: Deceptive Files for Intrusion Detection. In: Proceedings of the 2004 IEEE Workshop on Information Assurance, United States Military Academy, West Point, NY, June 2004, pp. 116\u2013122 (2004)","DOI":"10.1109\/IAW.2004.1437806"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-05284-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,23]],"date-time":"2019-05-23T00:16:25Z","timestamp":1558570585000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-05284-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642052835","9783642052842"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-05284-2_4","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}