{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T19:18:14Z","timestamp":1725563894123},"publisher-location":"Berlin, Heidelberg","reference-count":34,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642155116"},{"type":"electronic","value":"9783642155123"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-15512-3_8","type":"book-chapter","created":{"date-parts":[[2010,8,31]],"date-time":"2010-08-31T08:27:39Z","timestamp":1283243259000},"page":"138-157","source":"Crossref","is-referenced-by-count":4,"title":["CANVuS: Context-Aware Network Vulnerability Scanning"],"prefix":"10.1007","author":[{"given":"Yunjing","family":"Xu","sequence":"first","affiliation":[]},{"given":"Michael","family":"Bailey","sequence":"additional","affiliation":[]},{"given":"Eric","family":"Vander Weele","sequence":"additional","affiliation":[]},{"given":"Farnam","family":"Jahanian","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","doi-asserted-by":"crossref","unstructured":"Abedin, M., Nessa, S., Al-Shaer, E., Khan, L.: Vulnerability analysis for evaluating quality of protection of security policies. In: Proceedings of the 2nd ACM Workshop on Quality of Protection (QoP 2006), Alexandria VA (October 2006)","DOI":"10.1145\/1179494.1179505"},{"key":"8_CR2","doi-asserted-by":"crossref","unstructured":"Ahmed, M.S., Al-Shaer, E., Khan, L.: Towards autonomic risk-aware security configuration. In: Proceedings of the 11th IEEE\/IFIP Network Operations and Management Symposium (NOMS 2008), Salvador, Bahia, Brazil (April 2008)","DOI":"10.1109\/NOMS.2008.4575198"},{"key":"8_CR3","unstructured":"Allman, M., Kreibich, C., Paxson, V., Sommer, R., Weaver, N.: Principles for developing comprehensive network visibility. In: Provos, N. (ed.) Proceedings of 3rd USENIX Workshop on Hot Topics in Security, San Jose, CA, USA, July 29, USENIX Association (2008)"},{"key":"8_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1007\/978-3-540-79232-1_10","volume-title":"Passive and Active Network Measurement","author":"M. Allman","year":"2008","unstructured":"Allman, M., Paxson, V.: A reactive measurement framework. In: Claypool, M., Uhlig, S. (eds.) PAM 2008. LNCS, vol.\u00a04979, pp. 92\u2013101. Springer, Heidelberg (2008)"},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington DC (November 2002)","DOI":"10.1145\/586110.586140"},{"key":"8_CR6","doi-asserted-by":"crossref","unstructured":"Bau, J., Bursztein, E., Gupta, D., Mitchell, J.: State of the art: Automated black-box web application vulnerability testing. In: Proceedings of the 31st IEEE Symposium on Security & Privacy (S&P 2010), Oakland, CA (May 2010)","DOI":"10.1109\/SP.2010.27"},{"key":"8_CR7","unstructured":"Beattie, S., Arnold, S., Cowan, C., Wagle, P., Wright, C., Shostack, A.: Timing the application of security patches for optimal uptime. In: Proceedings of the 16th Annual LISA System Administration Conference, Philadelphia, PA, USA (November 2002)"},{"key":"8_CR8","unstructured":"Edward Bjarte. Prads - passive real-time asset detection system, http:\/\/gamelinux.github.com\/prads"},{"key":"8_CR9","volume-title":"Firewalls and Internet Security; Repelling the Wily Hacker","author":"W.R. Cheswick","year":"1994","unstructured":"Cheswick, W.R., Bellovin, S.M.: Firewalls and Internet Security; Repelling the Wily Hacker. Addison Wesley, Reading (1994)"},{"key":"8_CR10","unstructured":"Cooke, E., Bailey, M., Jahanian, F., Mortier, R.: The dark oracle: Perspective-aware unused and unreachable address discovery. In: Proceedings of the 3rd USENIX Symposium on Networked Systems Design and Implementation (NSDI 2006) (May 2006)"},{"key":"8_CR11","unstructured":"eEye Digital Security. Retina - network security scanner, http:\/\/www.eeye.com\/Products\/Retina.aspx"},{"key":"8_CR12","unstructured":"Ilya Etingof. Pysnmp, http:\/\/pysnmp.sourceforge.net\/"},{"key":"8_CR13","doi-asserted-by":"crossref","unstructured":"Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of the 22nd Annual Computer Security Applications Conference, ACSAC 2006 (December 2006)","DOI":"10.1109\/ACSAC.2006.39"},{"key":"8_CR14","first-page":"385","volume-title":"ICDCS Workshops","author":"C. Kreibich","year":"2005","unstructured":"Kreibich, C., Sommer, R.: Policy-controlled event management for distributed intrusion detection. In: ICDCS Workshops, pp. 385\u2013391. IEEE Computer Society, Los Alamitos (2005)"},{"key":"8_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1007\/978-3-540-87403-4_11","volume-title":"Recent Advances in Intrusion Detection","author":"S. McAllister","year":"2008","unstructured":"McAllister, S., Kirda, E., Kruegel, C.: Leveraging user interactions for in-depth testing of web applications. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 191\u2013210. Springer, Heidelberg (2008)"},{"key":"8_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/11856214_7","volume-title":"Recent Advances in Intrusion Detection","author":"V. Mehta","year":"2006","unstructured":"Mehta, V., Bartzis, C., Zhu, H., Clarke, E., Wing, J.: Ranking attack graphs. In: Zamboni, D., Kr\u00fcgel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 127\u2013144. Springer, Heidelberg (2006)"},{"key":"8_CR17","unstructured":"Microsoft. Watcher - web security testing tool and passive, http:\/\/websecuritytool.codeplex.com"},{"key":"8_CR18","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: Cloudav: N-version antivirus in the network cloud. In: Proceedings of the 17th USENIX Security Symposium (Security 2008), San Jose, CA (July 2008)"},{"key":"8_CR19","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: If It Ain\u2019t Broke, Don\u2019t Fix It: Challenges and New Directions for Inferring the Impact of Software Patches. In: 12th Workshop on Hot Topics in Operating Systems (HotOS XII), Monte Verita, Switzerland (May 2009)"},{"key":"8_CR20","doi-asserted-by":"crossref","unstructured":"Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), Alexandria, VA (October 2006)","DOI":"10.1145\/1180405.1180446"},{"key":"8_CR21","unstructured":"Ou, X., Govindavajhala, S., Appel, A.W.: Mulval: A logic-based network security analyzer. In: Proceedings of the 14th USENIX Security Symposium (USENIX Security 2005), Baltimore, MD (August 2005)"},{"issue":"23-24","key":"8_CR22","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V. Paxson","year":"1999","unstructured":"Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks\u00a031(23-24), 2435\u20132463 (1999)","journal-title":"Computer Networks"},{"key":"8_CR23","unstructured":"Roesch, M.: Snort: Lightweight intrusion detection for networksx. In: Proceedings of the 13th Systems Administration Conference (LISA), pp. 229\u2013238 (1999)"},{"key":"8_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-540-88313-5_2","volume-title":"Computer Security - ESORICS 2008","author":"R.E. Sawilla","year":"2008","unstructured":"Sawilla, R.E., Ou, X.: Identifying critical attack assets in dependency attack graphs. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol.\u00a05283, pp. 18\u201334. Springer, Heidelberg (2008)"},{"key":"8_CR25","unstructured":"Tenable\u00a0Network Security. Nessus - vulnerability scanner, http:\/\/www.nessus.org"},{"key":"8_CR26","unstructured":"Tenable\u00a0Network Security. Nessus passive vulnerability scanner, http:\/\/www.nessus.org\/products\/pvs\/"},{"key":"8_CR27","doi-asserted-by":"crossref","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of 2002 IEEE Symposium on Security and Privacy (S&P 2002), Oakland, CA (May 2002)","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"8_CR28","unstructured":"Sinha, S., Bailey, M., Jahanian, F.: Shedding light on the configuration of dark addresses. In: Proceedings of Network and Distributed System Security Symposium (NDSS 2007) (February 2007)"},{"key":"8_CR29","doi-asserted-by":"crossref","unstructured":"Sinha, S., Bailey, M.D., Jahanian, F.: One Size Does Not Fit All: 10 Years of Applying Context Aware Security. In: Proceedings of the 2009 IEEE International Conference on Technologies for Homeland Security (HST 2009), Waltham, Massachusetts, USA (May 2009)","DOI":"10.1109\/THS.2009.5168009"},{"key":"8_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"290","DOI":"10.1007\/11856214_15","volume-title":"Recent Advances in Intrusion Detection","author":"S. Sinha","year":"2006","unstructured":"Sinha, S., Jahanian, F., Patel, J.M.: Wind: Workload-aware intrusion detection. In: Zamboni, D., Kr\u00fcgel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 290\u2013310. Springer, Heidelberg (2006)"},{"key":"8_CR31","unstructured":"Sourcefire. Sourcefire rna - real-time network awareness, http:\/\/www.sourcefire.com\/products\/3D\/rna"},{"key":"8_CR32","unstructured":"Sourcefire, Inc. Clamav antivirus (2008), http:\/\/www.clamav.net\/"},{"key":"8_CR33","unstructured":"University of Michigan. University of Michigan \u2014 ITS \u2014 Safe Computing \u2014 IT Security Services Office (April 2010), http:\/\/safecomputing.umich.edu\/about\/"},{"key":"8_CR34","unstructured":"Vallentin, M.: VAST: Network Visibility Across Space and Time. Master\u2019s thesis, Technische Universitat Munchen (January 2009)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-15512-3_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,2]],"date-time":"2019-06-02T14:48:35Z","timestamp":1559486915000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-15512-3_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642155116","9783642155123"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-15512-3_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}