{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T13:06:29Z","timestamp":1725541589206},"publisher-location":"Berlin, Heidelberg","reference-count":13,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642108464"},{"type":"electronic","value":"9783642108471"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-10847-1_3","type":"book-chapter","created":{"date-parts":[[2009,11,28]],"date-time":"2009-11-28T03:33:01Z","timestamp":1259379181000},"page":"18-25","source":"Crossref","is-referenced-by-count":1,"title":["Correlating Alerts into Compressed Graphs Using an Attribute-Based Method and Time Windows"],"prefix":"10.1007","author":[{"given":"Seyed Hossein","family":"Ahmadinejad","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Saeed","family":"Jalili","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"3_CR1","volume-title":"International Conference on Information Theory and Engineering","author":"S.H. Ahmadinejad","year":"2009","unstructured":"Ahmadinejad, S.H., Jalili, S.: Alert correlation using correlation probability estimation and time windows. In: International Conference on Information Theory and Engineering, Kota Kinabalu, Malaysia. IEEE Computer Society CPS, Los Alamitos (2009)"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Friedman, J., Hastie, T., Tibshirani, R.: Additive logistic regression: A statistical view of boosting. Annals of statistics, 337\u2013374 (2000)","DOI":"10.1214\/aos\/1016120463"},{"key":"3_CR3","unstructured":"http:\/\/www.ll.mit.edu\/mission\/communications\/ist\/corpora\/ideval\/data\/index.html Darpa 2000 intrusion detection evaluation datasets (2000)"},{"key":"3_CR4","unstructured":"Ning, P., Cui, Y.: An intrusion alert correlator based on prerequisites of intrusions. Submitted for publication. Technical report, Available as Technical Report TR-2002-01, Department of Computer Science, North Carolina State University (2002)"},{"key":"3_CR5","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1145\/948109.948137","volume-title":"Proceedings of the 10th ACM conference on Computer and communications security","author":"P. Ning","year":"2003","unstructured":"Ning, P., Xu, D.: Learning attack strategies from intrusion alerts. In: Proceedings of the 10th ACM conference on Computer and communications security, pp. 200\u2013209. ACM, New York (2003)"},{"key":"3_CR6","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1145\/366173.366187","volume-title":"Proceedings of the 2000 workshop on New security paradigms","author":"S. Templeton","year":"2001","unstructured":"Templeton, S., Levitt, K.: A requires\/provides model for computer attacks. In: Proceedings of the 2000 workshop on New security paradigms, pp. 31\u201338. ACM, New York (2001)"},{"issue":"15","key":"3_CR7","doi-asserted-by":"publisher","first-page":"2917","DOI":"10.1016\/j.comcom.2006.04.001","volume":"29","author":"L. Wang","year":"2006","unstructured":"Wang, L., Liu, A., Jajodia, S.: Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts. Computer Communications\u00a029(15), 2917\u20132933 (2006)","journal-title":"Computer Communications"},{"key":"3_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"218","DOI":"10.1007\/11427995_18","volume-title":"Intelligence and Security Informatics","author":"A. Siraj","year":"2005","unstructured":"Siraj, A., Vaughn, R.: A cognitive model for alert correlation in a distributed environment. In: Kantor, P., Muresan, G., Roberts, F., Zeng, D.D., Wang, F.-Y., Chen, H., Merkle, R.C. (eds.) ISI 2005. LNCS, vol.\u00a03495, pp. 218\u2013230. Springer, Heidelberg (2005)"},{"key":"3_CR9","first-page":"73","volume-title":"Proceedings of the IEEE International Conference on e-Business Engineering","author":"Z. Li","year":"2007","unstructured":"Li, Z., Zhang, A., Lei, J., Wang, L.: Real-Time Correlation of Network Security Alerts. In: Proceedings of the IEEE International Conference on e-Business Engineering, pp. 73\u201380. IEEE Computer Society, Washington (2007)"},{"key":"3_CR10","doi-asserted-by":"crossref","unstructured":"Dain, O., Cunningham, R.: Fusing a heterogeneous alert stream into scenarios. Applications of Data Mining and Computer Security (2002)","DOI":"10.1007\/978-1-4615-0953-0_5"},{"issue":"3","key":"3_CR11","first-page":"244","volume":"3","author":"B. Zhu","year":"2006","unstructured":"Zhu, B., Ghorbani, A.: Alert correlation for extracting attack strategies. International Journal of Network Security\u00a03(3), 244\u2013258 (2006)","journal-title":"International Journal of Network Security"},{"key":"3_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1007\/978-3-540-45248-5_5","volume-title":"Recent Advances in Intrusion Detection","author":"X. Qin","year":"2003","unstructured":"Qin, X., Lee, W.: Statistical causality analysis of infosec alert data. In: Vigna, G., Kr\u00fcgel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol.\u00a02820, pp. 73\u201393. Springer, Heidelberg (2003)"},{"key":"3_CR13","series-title":"Lecture Notes in Computer Science","first-page":"94","volume-title":"Recent Advances in Intrusion Detection","author":"M. Benjamin","year":"2003","unstructured":"Benjamin, M., Herve, D.: Correlation of Intrusion Symptoms: An Application of Chronicles. In: Vigna, G., Kr\u00fcgel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol.\u00a02820, pp. 94\u2013112. Springer, Heidelberg (2003)"}],"container-title":["Communications in Computer and Information Science","Security Technology"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-10847-1_3.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,27]],"date-time":"2023-05-27T18:06:30Z","timestamp":1685210790000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-10847-1_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642108464","9783642108471"],"references-count":13,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-10847-1_3","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2009]]}}}