{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T14:59:51Z","timestamp":1725893991179},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642171963"},{"type":"electronic","value":"9783642171970"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-17197-0_12","type":"book-chapter","created":{"date-parts":[[2010,11,22]],"date-time":"2010-11-22T10:35:06Z","timestamp":1290422106000},"page":"180-191","source":"Crossref","is-referenced-by-count":3,"title":["Effective Multimodel Anomaly Detection Using Cooperative Negotiation"],"prefix":"10.1007","author":[{"given":"Alberto","family":"Volpatto","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Federico","family":"Maggi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stefano","family":"Zanero","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","volume-title":"Inside Cyber Warfare: Mapping the Cyber Underworld","author":"J. Carr","year":"2009","unstructured":"Carr, J.: Inside Cyber Warfare: Mapping the Cyber Underworld. O\u2019Reilly Media, Inc., Sebastopol (2009)"},{"key":"12_CR2","unstructured":"The SANS Institute: Zero-day vulnerability trends (September 2009), \n                    \n                      http:\/\/www.sans.org\/top-cyber-security-risks\/zero-day.php"},{"issue":"4","key":"12_CR3","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1145\/149516.149530","volume":"2","author":"P.A. Fishwick","year":"1992","unstructured":"Fishwick, P.A.: An integrated approach to system modeling using a synthesis of artificial intelligence, software engineering and simulation methodologies. ACM Trans. Model. Comput. Simul.\u00a02(4), 307\u2013330 (1992)","journal-title":"ACM Trans. Model. Comput. Simul."},{"issue":"1","key":"12_CR4","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1145\/132277.132280","volume":"2","author":"P.A. Fishwick","year":"1992","unstructured":"Fishwick, P.A., Zeigler, B.P.: A multimodel methodology for qualitative model engineering. ACM Trans. Model. Comput. Simul.\u00a02(1), 52\u201381 (1992)","journal-title":"ACM Trans. Model. Comput. Simul."},{"issue":"2","key":"12_CR5","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D.E. Denning","year":"1987","unstructured":"Denning, D.E.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering\u00a013(2), 222\u2013232 (1987)","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"4","key":"12_CR6","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1145\/382912.382914","volume":"3","author":"W. Lee","year":"2000","unstructured":"Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. ACM Transactions on Information and System Security\u00a03(4), 227\u2013261 (2000)","journal-title":"ACM Transactions on Information and System Security"},{"key":"12_CR7","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Toth, T., Kirda, E.: Service-Specific Anomaly Detection for Network Intrusion Detection. In: Proceedings of the Symposium on Applied Computing (SAC 2002), Spain (March 2002)","DOI":"10.1145\/508791.508835"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Mutz, D., Valeur, F., Vigna, G.: On the detection of anomalous system call arguments. In: Proceedings of the 2003 European Symp. on Research in Computer Security, Gj\u00f8vik, Norway (October 2003)","DOI":"10.1007\/978-3-540-39650-5_19"},{"issue":"5","key":"12_CR9","doi-asserted-by":"publisher","first-page":"717","DOI":"10.1016\/j.comnet.2005.01.009","volume":"48","author":"C. Kruegel","year":"2005","unstructured":"Kruegel, C., Robertson, W., Vigna, G.: A Multi-model Approach to the Detection of Web-based Attacks. Journal of Computer Networks\u00a048(5), 717\u2013738 (2005)","journal-title":"Journal of Computer Networks"},{"issue":"1","key":"12_CR10","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1145\/1127345.1127348","volume":"9","author":"D. Mutz","year":"2006","unstructured":"Mutz, D., Valeur, F., Kruegel, C., Vigna, G.: Anomalous System Call Detection. ACM Transactions on Information and System Security\u00a09(1), 61\u201393 (2006)","journal-title":"ACM Transactions on Information and System Security"},{"key":"12_CR11","unstructured":"Maggi, F., Matteucci, M., Zanero, S.: Detecting intrusions through system call sequence and argument analysis. IEEE Transactions on Dependable and Secure Computing\u00a099(PrePrints) (2008)"},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"Criscione, C., Maggi, F., Salvaneschi, G., Zanero, S.: Integrated detection of attacks against browsers, web applications and databases. In: European Conference on Computer Network Defence - EC2ND 2009 (2009)","DOI":"10.1109\/EC2ND.2009.13"},{"issue":"2","key":"12_CR13","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1016\/S0164-1212(02)00092-4","volume":"67","author":"G. Helmer","year":"2003","unstructured":"Helmer, G., Wong, J.S.K., Honavar, V.G., Miller, L., Wang, Y.: Lightweight agents for intrusion detection. J. Syst. Softw.\u00a067(2), 109\u2013122 (2003)","journal-title":"J. Syst. Softw."},{"issue":"4","key":"12_CR14","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1145\/367211.367250","volume":"44","author":"N.R. Jennings","year":"2001","unstructured":"Jennings, N.R.: An agent-based approach for building complex software systems. Commun. ACM\u00a044(4), 35\u201341 (2001)","journal-title":"Commun. ACM"},{"issue":"4","key":"12_CR15","doi-asserted-by":"publisher","first-page":"547","DOI":"10.1016\/S1389-1286(00)00136-5","volume":"34","author":"E. Spafford","year":"2000","unstructured":"Spafford, E., Zamboni, D.: Intrusion detection using autonomous agents. Computer Networks\u00a034(4), 547\u2013570 (2000)","journal-title":"Computer Networks"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-540-30536-1_28","volume-title":"Distributed Computing - IWDC 2004","author":"A. Ghosh","year":"2004","unstructured":"Ghosh, A., Sen, S.: Agent-based distributed intrusion alert system. In: Sen, A., Das, N., Das, S.K., Sinha, B.P. (eds.) IWDC 2004. LNCS, vol.\u00a03326, pp. 240\u2013251. Springer, Heidelberg (2004)"},{"issue":"5","key":"12_CR17","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1016\/j.cose.2005.01.004","volume":"24","author":"D. Dasgupta","year":"2005","unstructured":"Dasgupta, D., Gonzalez, F., Yallapu, K., Gomez, J., Yarramsettii, R.: CIDS: An agent-based intrusion detection system. Computers & Security\u00a024(5), 387\u2013398 (2005)","journal-title":"Computers & Security"},{"issue":"7","key":"12_CR18","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1016\/j.cose.2005.06.008","volume":"24","author":"V. Gowadia","year":"2005","unstructured":"Gowadia, V., Farkas, C., Valtorta, M.: PAID: A probabilistic agent-based intrusion detection system. Computers & Security\u00a024(7), 529\u2013545 (2005)","journal-title":"Computers & Security"},{"key":"12_CR19","unstructured":"Rehak, M., Pechoucek, M., Celeda, P., Novotny, J., Minarik, P.: Camnep: agent-based network intrusion detection system. In: AAMAS 2008: Proceedings of the 7th International Joint Conference on Autonomous Agents and Multiagent Systems, Richland, SC, International Foundation for Autonomous Agents and Multiagent Systems, pp. 133\u2013136 (2008)"},{"key":"12_CR20","unstructured":"Allan, R.J.: Survey of agent based modelling and simulation tools. Technical report, STFC Daresbury Laboratory, Daresbury, Warrington WA4 4AD (May 2010)"},{"key":"12_CR21","first-page":"531","volume-title":"WI-IAT 2008","author":"F. Amigoni","year":"2008","unstructured":"Amigoni, F., Basilico, F., Basilico, N., Zanero, S.: Integrating partial models of network normality via cooperative negotiation: An approach to development of multiagent intrusion detection systems. In: WI-IAT 2008, Washington, DC, USA, pp. 531\u2013537. IEEE Computer Society, Los Alamitos (2008)"},{"issue":"4","key":"12_CR22","doi-asserted-by":"publisher","first-page":"579","DOI":"10.1016\/S1389-1286(00)00139-0","volume":"34","author":"R. Lippmann","year":"2000","unstructured":"Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Comput. Networks\u00a034(4), 579\u2013595 (2000)","journal-title":"Comput. Networks"},{"key":"12_CR23","unstructured":"Song, Y., Stolfo, S., Keromytis, A.: Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic. In: Proc. of the 16th Annual Network and Distributed System Security Symposium, NDSS (2009)"},{"key":"12_CR24","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1109\/34.667881","volume":"20","author":"J. Kittler","year":"1998","unstructured":"Kittler, J., Hatef, M., Duin, R.P., Matas, J.: On combining classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence\u00a020, 226\u2013239 (1998)","journal-title":"IEEE Transactions on Pattern Analysis and Machine Intelligence"},{"issue":"3","key":"12_CR25","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/s10458-007-9011-z","volume":"15","author":"F. Amigoni","year":"2007","unstructured":"Amigoni, F., Gatti, N.: A formal framework for connective stability of highly decentralized cooperative negotiations. Autonomous Agents and Multi-Agent Systems\u00a015(3), 253\u2013279 (2007)","journal-title":"Autonomous Agents and Multi-Agent Systems"},{"key":"12_CR26","unstructured":"Robert Hansen (RSnake): XSS (Cross Site Scripting) Cheat Sheet (June 2009), \n                    \n                      http:\/\/ha.ckers.org\/xss.html"},{"key":"12_CR27","unstructured":"Robert Hansen (RSnake): SQL Injection cheat sheet (June 2009), \n                    \n                      http:\/\/ha.ckers.org\/sqlinjection\/"},{"issue":"3","key":"12_CR28","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1145\/1541880.1541882","volume":"41","author":"V. Chandola","year":"2009","unstructured":"Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: A survey. ACM Computing Surveys (CSUR)\u00a041(3), 15 (2009)","journal-title":"ACM Computing Surveys (CSUR)"},{"key":"12_CR29","first-page":"41","volume-title":"RAID 2009: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection","author":"G.F. Cretu-Ciocarlie","year":"2009","unstructured":"Cretu-Ciocarlie, G.F., Stavrou, A., Locasto, M.E., Stolfo, S.J.: Adaptive anomaly detection via self-calibration and dynamic updating. In: RAID 2009: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, pp. 41\u201360. Springer, Heidelberg (2009)"},{"key":"12_CR30","first-page":"21","volume-title":"RAID 2009: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection","author":"F. Maggi","year":"2009","unstructured":"Maggi, F., Robertson, W., Kruegel, C., Vigna, G.: Protecting a moving target: Addressing web application concept drift. In: RAID 2009: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, pp. 21\u201340. Springer, Heidelberg (2009)"},{"key":"12_CR31","first-page":"61","volume-title":"RAID 2009: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection","author":"M. Reh\u00e1k","year":"2009","unstructured":"Reh\u00e1k, M., Staab, E., Fusenig, V., P\u011bchou\u010dek, M., Grill, M., Stiborek, J., Barto\u0161, K., Engel, T.: Runtime monitoring and dynamic reconfiguration for intrusion detection systems. In: RAID 2009: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, pp. 61\u201380. Springer, Heidelberg (2009)"}],"container-title":["Lecture Notes in Computer Science","Decision and Game Theory for Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-17197-0_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,22]],"date-time":"2019-03-22T05:38:00Z","timestamp":1553233080000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-17197-0_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642171963","9783642171970"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-17197-0_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}