{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T21:35:57Z","timestamp":1743111357466,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642204197"},{"type":"electronic","value":"9783642204203"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-20420-3_7","type":"book-chapter","created":{"date-parts":[[2012,1,9]],"date-time":"2012-01-09T14:49:47Z","timestamp":1326120587000},"page":"139-156","source":"Crossref","is-referenced-by-count":0,"title":["Collaborative Inter-domain Stealthy Port Scan Detection Using Esper Complex Event Processing"],"prefix":"10.1007","author":[{"given":"Paulo","family":"Esteves Verssimo","sequence":"first","affiliation":[]},{"given":"Leonardo","family":"Aniello","sequence":"additional","affiliation":[]},{"given":"Giuseppe Antonio","family":"Di Luna","sequence":"additional","affiliation":[]},{"given":"Giorgia","family":"Lodi","sequence":"additional","affiliation":[]},{"given":"Roberto","family":"Baldoni","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"7_CR1","unstructured":"2000 DARPA intrusion detection scenario specific data sets. http:\/\/www.ll.mit.edu\/mission\/communications\/ist\/corpora\/ideval\/data\/2000data.html"},{"key":"7_CR2","unstructured":"ITOC research: CDX datasets. http:\/\/www.itoc.usma.edu\/research\/dataset\/index.html"},{"key":"7_CR3","unstructured":"LBNL\/ICSI enterprise tracing project. http:\/\/www.icir.org\/enterprise-tracing\/"},{"key":"7_CR4","unstructured":"Where complex event processing meets open source: Esper and NEsper. http:\/\/esper.codehaus.org\/ (2009)"},{"key":"7_CR5","unstructured":"Bro: an open source Unix based Network intrusion detection system (NIDS). http:\/\/www.bro-ids.org\/ (2010)"},{"key":"7_CR6","unstructured":"Snort: an open source network intrusion prevention and detection system (IDS\/IPS). http:\/\/www.snort.org\/ (2010)"},{"key":"7_CR7","unstructured":"DShield: cooperative network security community\u2014internet security. http:\/\/www.dshield.org\/indexd.html\/ (2011)"},{"key":"7_CR8","unstructured":"System S. http:\/\/domino.research.ibm.com\/comm\/research_projects.nsf\/pages\/esps.index.html (2010)"},{"key":"7_CR9","unstructured":"WANem the wide area network emulator. http:\/\/wanem.sourceforge.net\/ (2011)"},{"key":"7_CR10","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"J. Jung","year":"2004","unstructured":"Jung, J., Paxson, V., Berger, A.W., Balakrishnan, H.: Fast portscan detection using sequential hypothesis testing. In: Proceedings of the IEEE Symposium on Security and Privacy (2004)"},{"key":"7_CR11","volume-title":"Proc. of the 10th IFIP\/IEEE International Symposium on Integrated Network Management","author":"C.V. Zhou","year":"2007","unstructured":"Zhou, C.V., Karunasekera, S., Leckie, C.: Evaluation of a decentralized architecture for large scale collaborative intrusion detection. In: Proc. of the 10th IFIP\/IEEE International Symposium on Integrated Network Management (2007)"},{"issue":"1","key":"7_CR12","first-page":"66","volume":"1","author":"M. Akdere","year":"2008","unstructured":"Akdere, M., \u00c7etintemel, U., Tatbul, N.: Plan-based complex event detection across distributed sources. PVLDB 1(1), 66\u201377 (2008)","journal-title":"PVLDB"},{"key":"7_CR13","volume-title":"IEEE Workshop on Information Assurance and Security","author":"M.E. Locasto","year":"2005","unstructured":"Locasto, M.E., Parekh, J.J., Keromytis, A.D., Stolfo, S.J.: Towards collaborative security and P2P intrusion detection. In: IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, 15\u201317 June (2005)"},{"key":"7_CR14","volume-title":"Advances in Knowledge Discovery and Management","author":"P. Poncelet","year":"2009","unstructured":"Poncelet, P., Verma, N., Trousset, F., Masseglia, F.: Intrusion detection in collaborative organizations by preserving privacy. In: Advances in Knowledge Discovery and Management, December (2009)"},{"key":"7_CR15","volume-title":"16th International Conference on World Wide Web","author":"C. Tang","year":"2007","unstructured":"Tang, C., Steinder, M., Spreitzer, M., Pacifici, G.: A\u00a0scalable application placement controller for enterprise data centers. In: 16th International Conference on World Wide Web (2007)"},{"key":"7_CR16","first-page":"43","volume-title":"ICNP","author":"Y. Xie","year":"2006","unstructured":"Xie, Y., Sekar, V., Reiter, M.K., Zhang, H.: Forensic analysis for epidemic attacks in federated networks. In: ICNP, pp.\u00a043\u201353 (2006)"},{"key":"7_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1645413.1645420","volume-title":"Proc. of the 2nd ACM Workshop on High Performance Computational Finance","author":"X.J. Zhang","year":"2009","unstructured":"Zhang, X.J., Andrade, H., Gedik, B., King, R., Morar, J., Nathan, S., Park, Y., Pavuluri, R., Pring, E., Schnier, R., Selo, P., Spicer, M., Uhlig, V., Venkatramani, C.: Implementing a high-volume, low-latency market data processing system on commodity hardware using IBM middleware. In: Proc. of the 2nd ACM Workshop on High Performance Computational Finance, New York, USA, pp.\u00a01\u20138 (2009)"},{"key":"7_CR18","volume-title":"13th IEEE International Conference on Networks","author":"C.V. Zhou","year":"2005","unstructured":"Zhou, C.V., Karunasekera, S., Leckie, C.: A peer-to-peer collaborative intrusion detection system. In: 13th IEEE International Conference on Networks, Kuala Lumpur, Malaysia, November (2005)"},{"issue":"2010","key":"7_CR19","first-page":"124","volume":"29","author":"C.V. Zhou","year":"2009","unstructured":"Zhou, C.V., Leckie, C., Karunasekera, S.: A\u00a0survey of coordinated attacks and collaborative intrusion detection. Comput. Secur. 29(2010), 124\u2013140 (2009)","journal-title":"Comput. Secur."},{"issue":"1\/2","key":"7_CR20","first-page":"3","volume":"4","author":"C.H. Hauser","year":"2008","unstructured":"Hauser, C.H., Bakken, D.E., Dionysiou, I., Gjermundr\u00f8d, K.H., Irava, V.S., Helkey, J., Bose, A.: Security, trust, and QoS in next-generation control and communication for large power systems. Int. J. Comput. Inf. Sci. 4(1\/2), 3\u201316 (2008)","journal-title":"Int. J. Comput. Inf. Sci."},{"key":"7_CR21","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1145\/1254882.1254890","volume-title":"Proc. of the 2007 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems","author":"Y. Huang","year":"2007","unstructured":"Huang, Y., Feamster, N., Lakhina, A., Xu, J.(Jun): Diagnosing network disruptions with network-wide analysis. In: Proc. of the 2007 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems, pp.\u00a061\u201372. ACM, New York (2007)"},{"key":"7_CR22","volume-title":"Proc. of 13th European Workshop on Dependable Computing","author":"L. Aniello","year":"2011","unstructured":"Aniello, L., Lodi, G., Baldoni, R.: Inter-domain stealthy port scan detection through complex event processing. In: Proc. of 13th European Workshop on Dependable Computing, Pisa, 11\u201312 May (2011)"},{"key":"7_CR23","volume-title":"Proceedings of the 30th Conference on System Safety, Reliability and Security (SAFECOMP)","author":"L. Aniello","year":"2011","unstructured":"Aniello, L., Lodi, G., Di Luna, G.A., Baldoni, R.: A\u00a0collaborative event processing system for protection of critical infrastructures from cyber attacks. In: Proceedings of the 30th Conference on System Safety, Reliability and Security (SAFECOMP), Napoli, September (2011)"}],"container-title":["Collaborative Financial Infrastructure Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-20420-3_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,9]],"date-time":"2023-02-09T06:23:56Z","timestamp":1675923836000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-20420-3_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642204197","9783642204203"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-20420-3_7","relation":{},"subject":[],"published":{"date-parts":[[2012]]}}}