{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T04:37:01Z","timestamp":1764995821046},"publisher-location":"Berlin, Heidelberg","reference-count":14,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642143786"},{"type":"electronic","value":"9783642143793"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-14379-3_8","type":"book-chapter","created":{"date-parts":[[2010,7,6]],"date-time":"2010-07-06T09:36:18Z","timestamp":1278408978000},"page":"85-97","source":"Crossref","is-referenced-by-count":20,"title":["Cyber-Critical Infrastructure Protection Using Real-Time Payload-Based Anomaly Detection"],"prefix":"10.1007","author":[{"given":"Patrick","family":"D\u00fcssel","sequence":"first","affiliation":[]},{"given":"Christian","family":"Gehl","sequence":"additional","affiliation":[]},{"given":"Pavel","family":"Laskov","sequence":"additional","affiliation":[]},{"given":"Jens-Uwe","family":"Bu\u00dfer","sequence":"additional","affiliation":[]},{"given":"Christof","family":"St\u00f6rmann","sequence":"additional","affiliation":[]},{"given":"Jan","family":"K\u00e4stner","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"unstructured":"Security concept pcs6 and wincc-basic document. White paper, Siemens AG, A5E02128732-01 (April 2008)","key":"8_CR1"},{"key":"8_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1007\/978-3-540-45215-7_14","volume-title":"Computer Network Security","author":"J. Bigham","year":"2003","unstructured":"Bigham, J., Gamez, D., Lu, N.: Safeguarding scada systems with anomaly detection. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol.\u00a02776, pp. 171\u2013182. Springer, Heidelberg (2003)"},{"doi-asserted-by":"crossref","unstructured":"Bolzoni, D., Zambon, E., Etalle, S., Hartel, P.H.: Poseidon: a 2-tier anomaly-based network intrusion detection system. In: 4th IEEE Int. Information Assurance Workshop (IWIA 2006), pp. 144\u2013156 (2006)","key":"8_CR3","DOI":"10.1109\/IWIA.2006.18"},{"doi-asserted-by":"crossref","unstructured":"D\u2019Antonio, S., Oliviero, F., Setola, R.: High-speed intrusion detection in support of critical infrastructure protection. In: Proc. 1st International Workshop on Critical Information Infrastructures Security (2006)","key":"8_CR4","DOI":"10.1007\/11962977_18"},{"key":"8_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-540-89862-7_17","volume-title":"Information Systems Security","author":"P. D\u00fcssel","year":"2008","unstructured":"D\u00fcssel, P., Gehl, C., Laskov, P., Rieck, K.: Incorporation of application layer protocol syntax into anomaly detection. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol.\u00a05352, pp. 188\u2013202. Springer, Heidelberg (2008)"},{"doi-asserted-by":"crossref","unstructured":"Jin, X., Bigham, J., Rodaway, J., Gamez, D., Phillips, C.: Anomaly detection in electricity cyber infrastructures. In: Proceedings of the International Workshop on Complex Networks and Infrastructure Protection, CNIP 2006 (2006)","key":"8_CR6","DOI":"10.1504\/IJCIS.2006.011347"},{"doi-asserted-by":"crossref","unstructured":"Kruegel, C., Toth, T., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proc. of ACM Symposium on Applied Computing, pp. 201\u2013208 (2002)","key":"8_CR7","DOI":"10.1145\/508791.508835"},{"key":"8_CR8","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1145\/382912.382914","volume":"3","author":"W. Lee","year":"2000","unstructured":"Lee, W., Stolfo, S.: A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information Systems Security\u00a03, 227\u2013261 (2000)","journal-title":"ACM Transactions on Information Systems Security"},{"doi-asserted-by":"crossref","unstructured":"Mahoney, M., Chan, P.: Learning nonstationary models of normal network traffic for detecting novel attacks. In: Proc. of ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), pp. 376\u2013385 (2002)","key":"8_CR9","DOI":"10.1145\/775047.775102"},{"doi-asserted-by":"crossref","unstructured":"Paxson, V.: Bro: a system for detecting network intruders in real-time. In: Proc. of USENIX Security Symposium, pp. 31\u201351 (1998)","key":"8_CR10","DOI":"10.1016\/S1389-1286(99)00112-7"},{"issue":"4","key":"8_CR11","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/s11416-006-0030-0","volume":"2","author":"K. Rieck","year":"2007","unstructured":"Rieck, K., Laskov, P.: Language models for detection of unknown attacks in network traffic. Journal in Computer Virology\u00a02(4), 243\u2013256 (2007)","journal-title":"Journal in Computer Virology"},{"unstructured":"Roesch, M.: Snort: Lightweight intrusion detection for networks. In: Proc. of USENIX Large Installation System Administration Conference LISA, pp. 229\u2013238 (1999)","key":"8_CR12"},{"key":"8_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1007\/11856214_12","volume-title":"Recent Advances in Intrusion Detection","author":"K. Wang","year":"2006","unstructured":"Wang, K., Parekh, J., Stolfo, S.: Anagram: A content anomaly detector resistant to mimicry attack. In: Zamboni, D., Kr\u00fcgel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 226\u2013248. Springer, Heidelberg (2006)"},{"key":"8_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1007\/978-3-540-30143-1_11","volume-title":"Recent Advances in Intrusion Detection","author":"K. Wang","year":"2004","unstructured":"Wang, K., Stolfo, S.: Anomalous payload-based network intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 203\u2013222. Springer, Heidelberg (2004)"}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-14379-3_8.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:51:45Z","timestamp":1606186305000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-14379-3_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642143786","9783642143793"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-14379-3_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}