{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T17:56:12Z","timestamp":1725558972346},"publisher-location":"Berlin, Heidelberg","reference-count":32,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642143786"},{"type":"electronic","value":"9783642143793"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-14379-3_13","type":"book-chapter","created":{"date-parts":[[2010,7,6]],"date-time":"2010-07-06T09:36:18Z","timestamp":1278408978000},"page":"151-164","source":"Crossref","is-referenced-by-count":4,"title":["Towards Early Warning Systems \u2013 Challenges, Technologies and Architecture"],"prefix":"10.1007","author":[{"given":"Martin","family":"Apel","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Joachim","family":"Biskup","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ulrich","family":"Flegel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Meier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"13_CR1","unstructured":"Grobauer, B., Mehlau, J., Sander, J.: Carmentis: A co-operative approach towards situation awareness and early warning for the internet. In: Proc. of IMF 2006. LNI, vol.\u00a097, pp. 55\u201366. GI (2006)"},{"key":"13_CR2","unstructured":"DShield: DShield website (2008), \n                  \n                    http:\/\/www.dshield.org"},{"key":"13_CR3","unstructured":"Network, T.E.C.: The European CSIRT Network Website (2008), \n                  \n                    http:\/\/www.ecsirt.net\/"},{"key":"13_CR4","unstructured":"Engelberth, M., Freiling, F., G\u00f6bel, J., Gorecki, C., Holz, T., Trinius, P., Willems, C.: Fr\u00fche Warnung durch Beobachten und Verfolgen von b\u00f6sartiger Software im Deutschen Internet: Das Internet-Malware-Analyse-System (IAS) (in German). In: Sichere Wege in der vernetzten Welt \u2013 Tagungsband zum 11. Deutscher IT-Sicherheitskongress (in German), pp. 353\u2013367. SecuMedia Verlag (2009)"},{"key":"13_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/11962977_9","volume-title":"Critical Information Infrastructures Security","author":"K. Bsufka","year":"2006","unstructured":"Bsufka, K., Kroll-Peters, O., Albayrak, S.: Intelligent network-based early warning systems. In: L\u00f3pez, J. (ed.) CRITIS 2006. LNCS, vol.\u00a04347, pp. 103\u2013111. Springer, Heidelberg (2006)"},{"key":"13_CR6","volume-title":"The Information Security Dictionary","author":"U. Gattiker","year":"2004","unstructured":"Gattiker, U.: The Information Security Dictionary. Kluwer, Dordrecht (2004)"},{"key":"13_CR7","unstructured":"Biskup, J., H\u00e4mmerli, B.M., Meier, M., Schmerl, S., T\u00f6lle, J., Vogel, M.: 08102 working group \u2013 early warning systems. In: Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, vol.\u00a008102 (2008)"},{"key":"13_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/11856214_9","volume-title":"Recent Advances in Intrusion Detection","author":"P. Baecher","year":"2006","unstructured":"Baecher, P., Koetter, M., Holz, T., Dornseif, M., Freiling, F.: The Nepenthes platform: An efficient approach to collect malware. In: Zamboni, D., Kr\u00fcgel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 165\u2013184. Springer, Heidelberg (2006)"},{"key":"13_CR9","unstructured":"Amun: Python Honeypot, \n                  \n                    http:\/\/amunhoney.sourceforge.net\/"},{"key":"13_CR10","volume-title":"Computer Viruses and Malware","author":"J. Aycock","year":"2006","unstructured":"Aycock, J.: Computer Viruses and Malware. Springer, Heidelberg (2006)"},{"key":"13_CR11","unstructured":"Dullien, T., Rolles, R.: Graph-based comparison of executable objects. In: Proc. of SSTIC 2005 (2005)"},{"key":"13_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/978-3-540-70542-0_6","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"K. Rieck","year":"2008","unstructured":"Rieck, K., Holz, T., Willems, C., D\u00fcssel, P., Laskov, P.: Learning and classification of malware behavior. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol.\u00a05137, pp. 108\u2013125. Springer, Heidelberg (2008)"},{"issue":"2","key":"13_CR13","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C. Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Security & Privacy\u00a05(2), 32\u201339 (2007)","journal-title":"IEEE Security & Privacy"},{"issue":"3","key":"13_CR14","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1093\/comjnl\/10.3.271","volume":"10","author":"G.N. Lance","year":"1967","unstructured":"Lance, G.N., Williams, W.T.: A general theory of classificatory sorting strategies: II. Clustering systems. The Computer Journal\u00a010(3), 271\u2013277 (1967)","journal-title":"The Computer Journal"},{"key":"13_CR15","volume-title":"Proc. of Computer Vision and Pattern Recognition","author":"H. Frigui","year":"1996","unstructured":"Frigui, H., Krishnapuram, R.: A robust clustering algorithm based on competitive agglomeration and soft rejection of outliers. In: Proc. of Computer Vision and Pattern Recognition, vol.\u00a0550. IEEE, Los Alamitos (1996)"},{"key":"13_CR16","unstructured":"Lee, T., Mody, J.: Behavioral classification. In: Proc. of EICAR 2006 (2006)"},{"key":"13_CR17","doi-asserted-by":"publisher","first-page":"1523","DOI":"10.1109\/TIT.2005.844059","volume":"51","author":"R. Cilibrasi","year":"2005","unstructured":"Cilibrasi, R., Vitanyi, P.: Clustering by compression. IEEE Trans. on Information Theory\u00a051, 1523\u20131545 (2005)","journal-title":"IEEE Trans. on Information Theory"},{"key":"13_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"178","DOI":"10.1007\/978-3-540-74320-0_10","volume-title":"Recent Advances in Intrusion Detection","author":"M. Bailey","year":"2007","unstructured":"Bailey, M., Oberheide, J., Andersen, J., Mao, Z., Jahanian, F., Nazario, J.: Automated classification and analysis of internet malware. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 178\u2013197. Springer, Heidelberg (2007)"},{"issue":"4","key":"13_CR19","doi-asserted-by":"crossref","first-page":"367","DOI":"10.4310\/CIS.2005.v5.n4.a1","volume":"5","author":"M. Cebrian","year":"2005","unstructured":"Cebrian, M., Alfonseca, M., Ortega, A.: Common pitfalls using the normalized compression distance. Comm. in Information and Systems\u00a05(4), 367\u2013384 (2005)","journal-title":"Comm. in Information and Systems"},{"key":"13_CR20","first-page":"23","volume":"9","author":"K. Rieck","year":"2008","unstructured":"Rieck, K., Laskov, P.: Linear-time computation of similarity measures for sequential data. Journal of Machine Learning Research\u00a09, 23\u201348 (2008)","journal-title":"Journal of Machine Learning Research"},{"key":"13_CR21","volume-title":"Proc. of 34th LCN 2009","author":"M. Apel","year":"2009","unstructured":"Apel, M., Bockermann, C., Meier, M.: Measuring similarity of malware behavior. In: Proc. of 34th LCN 2009. IEEE Computer Society Press, Los Alamitos (2009)"},{"issue":"3","key":"13_CR22","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1007\/BF01206331","volume":"14","author":"E. Ukkonen","year":"1995","unstructured":"Ukkonen, E.: On-line construction of suffix trees. Algorithmica\u00a014(3), 249\u2013260 (1995)","journal-title":"Algorithmica"},{"key":"13_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"188","DOI":"10.1007\/11506881_12","volume-title":"Intrusion and Malware Detection and Vulnerability Assessment","author":"M. Meier","year":"2005","unstructured":"Meier, M., Schmerl, S., Koenig, H.: Improving the Efficiency of Misuse Detection. In: Julisch, K., Kr\u00fcgel, C. (eds.) DIMVA 2005. LNCS, vol.\u00a03548, pp. 188\u2013205. Springer, Heidelberg (2005)"},{"key":"13_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"466","DOI":"10.1007\/11766155_33","volume-title":"Emerging Trends in Information and Communication Security","author":"U. Flegel","year":"2006","unstructured":"Flegel, U., Biskup, J.: Requirements of information reductions for cooperating intrusion detection agents. In: M\u00fcller, G. (ed.) ETRICS 2006. LNCS, vol.\u00a03995, pp. 466\u2013480. Springer, Heidelberg (2006)"},{"key":"13_CR25","volume-title":"Privacy-Respecting Intrusion Detection","author":"U. Flegel","year":"2007","unstructured":"Flegel, U.: Privacy-Respecting Intrusion Detection. Springer, Heidelberg (2007)"},{"key":"13_CR26","unstructured":"MyNetWatchman: MyNetWatchman website (2008), \n                  \n                    http:\/\/www.mynetwatchman.com"},{"key":"13_CR27","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Nazario, J., Watson, D.: The internet motion sensor - a distributed blackhole monitoring system. In: Proc. of NDSS 2005, The Internet Society, pp. 167\u2013179 (2005)"},{"key":"13_CR28","unstructured":"SURFids: SURFids Development Homepage (2008), \n                  \n                    http:\/\/ids.surfnet.nl"},{"key":"13_CR29","doi-asserted-by":"crossref","unstructured":"Zou, C., Gao, L., Gong, W., Towsley, D.: Monitoring and early warning for internet worms. In: Proc. of ACM CCS 2003, pp. 190\u2013199 (2003)","DOI":"10.1145\/948109.948136"},{"key":"13_CR30","unstructured":"Waibel, F.: Das Internet-Analyse-System (IAS) als Komponente einer IT-Sicherheitsarchitektur (in German). In: Sichere Wege in der vernetzten Welt \u2013 Tagungsband zum 11. Deutscher IT-Sicherheitskongress (in German), pp. 281\u2013296. SecuMedia Verlag (2009)"},{"key":"13_CR31","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/978-3-540-74565-5_5","volume-title":"KI 2007: Advances in Artificial Intelligence","author":"Y. Elovici","year":"2007","unstructured":"Elovici, Y., Shabtai, A., Moskovitch, R., Tahan, G., Glezer, C.: Applying machine learning techniques for detection of malicious code in network traffic. In: Hertzberg, J., Beetz, M., Englert, R. (eds.) KI 2007. LNCS (LNAI), vol.\u00a04667, pp. 44\u201350. Springer, Heidelberg (2007)"},{"key":"13_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"407","DOI":"10.1007\/11496618_30","volume-title":"Information Security and Cryptology \u2013 ICISC 2004","author":"K. Burbeck","year":"2005","unstructured":"Burbeck, K., Nadjm-Therani, S.: Adwice \u2013 anomaly detection with real-time incremental clustering. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol.\u00a03506, pp. 407\u2013424. Springer, Heidelberg (2005)"}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-14379-3_13.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T12:25:43Z","timestamp":1619785543000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-14379-3_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642143786","9783642143793"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-14379-3_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}