{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T21:57:49Z","timestamp":1743112669503,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":34,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642236433"},{"type":"electronic","value":"9783642236440"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-23644-0_8","type":"book-chapter","created":{"date-parts":[[2012,2,11]],"date-time":"2012-02-11T05:06:20Z","timestamp":1328936780000},"page":"142-160","source":"Crossref","is-referenced-by-count":17,"title":["Cross-Domain Collaborative Anomaly Detection: So Far Yet So Close"],"prefix":"10.1007","author":[{"given":"Nathaniel","family":"Boggs","sequence":"first","affiliation":[]},{"given":"Sharath","family":"Hiremagalore","sequence":"additional","affiliation":[]},{"given":"Angelos","family":"Stavrou","sequence":"additional","affiliation":[]},{"given":"Salvatore J.","family":"Stolfo","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"8_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"427","DOI":"10.1007\/11836810_31","volume-title":"Information Security","author":"K.G. Anagnostakis","year":"2006","unstructured":"Anagnostakis, K.G., Greenwald, M.B., Ioannidis, S., Keromytis, A.D.: Robust Reactions to Potential Day-Zero Worms through Cooperation and Validation. In: Katsikas, S.K., L\u00f3pez, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol.\u00a04176, pp. 427\u2013442. Springer, Heidelberg (2006)"},{"key":"8_CR2","unstructured":"Anagnostakis, K.G., Greenwald, M.B., Ioannidis, S., Keromytis, A.D., Li, D.: A Cooperative Immunization System for an Untrusting Internet. In: IEEE International Conference on Networks (2003)"},{"issue":"7","key":"8_CR3","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1145\/362686.362692","volume":"13","author":"B.H. Bloom","year":"1970","unstructured":"Bloom, B.H.: Space\/time trade-offs in Hash Coding with Allowable Errors. Communications of the ACM\u00a013(7), 422\u2013426 (1970)","journal-title":"Communications of the ACM"},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Boggs, N., Hiremagalore, S., Stavrou, A., Stolfo, S.J.: Experimental results of cross-site exchange of web content anomaly detector alerts. In: IEEE Conference on Technologies for Homeland Security, HST 2010, pp. 8\u201314 (November 2010)","DOI":"10.1109\/THS.2010.5655103"},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Cretu, G., Stavrou, A., Locasto, M., Stolfo, S., Keromytis, A.: Casting out demons: Sanitizing training data for anomaly sensors. In: IEEE Symposium on Security and Privacy, SP 2008, pp. 81\u201395 (May 2008)","DOI":"10.1109\/SP.2008.11"},{"key":"8_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-04342-0_3","volume-title":"Recent Advances in Intrusion Detection","author":"G. Cretu-Ciocarlie","year":"2009","unstructured":"Cretu-Ciocarlie, G., Stavrou, A., Locasto, M., Stolfo, S.: Adaptive Anomaly Detection via Self-Calibration and Dynamic Updating. In: Balzarotti, D. (ed.) RAID 2009. LNCS, vol.\u00a05758, pp. 41\u201360. Springer, Heidelberg (2009)"},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Farroukh, A., Mukadam, N., Bassil, E., Elhajj, I.: Distributed and collaborative intrusion detection systems. In: IEEE Lebanon Communications Workshop, LCW 2008, pp. 41\u201345 (May 2008)","DOI":"10.1109\/LCW.2008.4545399"},{"key":"8_CR8","unstructured":"Gates, C.: Coordinated scan detection. In: Proceedings of the 16th Annual Network and Distributed System Security Symposium, NDSS 2009 (2009)"},{"key":"8_CR9","unstructured":"Kruegel, C., Toth, T.: Distributed Pattern for Intrusion Detection. In: Network and Distributed System Security, NDSS (2002)"},{"key":"8_CR10","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Toth, T., Kerer, C.: Decentralized Event Correlation for Intrusion Detection. In: International Conference on Information Security and Cryptology (2002)","DOI":"10.1007\/3-540-45861-1_10"},{"key":"8_CR11","doi-asserted-by":"crossref","first-page":"339","DOI":"10.1145\/1159913.1159952","volume-title":"Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications","author":"S. Kumar","year":"2006","unstructured":"Kumar, S., Dharmapurikar, S., Yu, F., Crowley, P., Turner, J.: Algorithms to accelerate multiple regular expressions matching for deep packet inspection. In: Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 339\u2013350. ACM, New York (2006)"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Lazarevic, A., Ozgur, A., Ertoz, L., Srivastava, J., Kumar, V.: A comparative study of anomaly detection schemes in network intrusion detection. In: Proceedings of the Third SIAM International Conference on Data Mining (2003)","DOI":"10.1137\/1.9781611972733.3"},{"issue":"8","key":"8_CR13","first-page":"707","volume":"10","author":"V.I. Levenshtein","year":"1966","unstructured":"Levenshtein, V.I.: Binary codes capable of correcting deletions, insertions and reversals. Soviet Physics Doklady\u00a010(8), 707\u2013710 (1966); doklady Akademii Nauk SSSR, V163 No4 845-848 (1965)","journal-title":"Soviet Physics Doklady"},{"issue":"4","key":"8_CR14","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1109\/MC.2008.138","volume":"41","author":"P. Lin","year":"2008","unstructured":"Lin, P., Lin, Y., Lee, T., Lai, Y.: Using string matching for deep packet inspection. Computer\u00a041(4), 23\u201328 (2008)","journal-title":"Computer"},{"key":"8_CR15","unstructured":"Locasto, M.E., Parekh, J.J., Keromytis, A.D., Stolfo, S.J.: Towards Collaborative Security and P2P Intrusion Detection. In: IEEE Information Assurance Workshop. West Point, NY (2005)"},{"key":"8_CR16","unstructured":"Norton, M., Roelker, D., Inc, D.R.S.: Snort 2.0: High performance multi-rule inspection engine"},{"key":"8_CR17","first-page":"3","volume-title":"SSYM 1998: Proceedings of the 7th Conference on USENIX Security Symposium","author":"V. Paxson","year":"1998","unstructured":"Paxson, V.: Bro: a system for detecting network intruders in real-time. In: SSYM 1998: Proceedings of the 7th Conference on USENIX Security Symposium, p. 3. USENIX Association, Berkeley (1998)"},{"key":"8_CR18","unstructured":"Porras, P., Neumann, P.G.: EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In: National Information Systems Security Conference (1997)"},{"key":"8_CR19","first-page":"262","volume-title":"CCS 2003: Proceedings of the 10th ACM Conference on Computer and Communications Security","author":"R. Sommer","year":"2003","unstructured":"Sommer, R., Paxson, V.: Enhancing byte-level network intrusion detection signatures with context. In: CCS 2003: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 262\u2013271. ACM, New York (2003)"},{"key":"8_CR20","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the closed world: On using machine learning for network intrusion detection. In: IEEE Symposium on Security and Privacy, pp. 305\u2013316 (2010)","DOI":"10.1109\/SP.2010.25"},{"key":"8_CR21","unstructured":"Song, Y., Keromytis, A.D., Stolfo, S.J.: Spectrogram: A mixture-of-markov-chains model for anomaly detection in web traffic. In: NDSS 2009: Proceedings of the 16th Annual Network and Distributed System Security Symposium (2009)"},{"key":"8_CR22","first-page":"541","volume-title":"Proceedings of the 14th ACM Conference on Computer and Communications Security CCS 2007","author":"Y. Song","year":"2007","unstructured":"Song, Y., Locasto, M.E., Stavrou, A., Keromytis, A.D., Stolfo, S.J.: On the infeasibility of modeling polymorphic shellcode. In: Proceedings of the 14th ACM Conference on Computer and Communications Security CCS 2007, pp. 541\u2013551. ACM, New York (2007), http:\/\/doi.acm.org\/10.1145\/1315245.1315312"},{"key":"8_CR23","unstructured":"Staniford-Chen, S., Cheung, S., Crawford, R., Dilger, M.: GrIDS - A Graph Based Intrusion Detection System for Large Networks. In: National Information Computer Security Conference, Baltimore, MD (1996)"},{"key":"8_CR24","first-page":"39","volume-title":"AISec 2009: Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence","author":"A. Stavrou","year":"2009","unstructured":"Stavrou, A., Cretu-Ciocarlie, G.F., Locasto, M.E., Stolfo, S.J.: Keep your friends close: the necessity for updating an anomaly sensor with legitimate environment changes. In: AISec 2009: Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, pp. 39\u201346. ACM, New York (2009)"},{"key":"8_CR25","unstructured":"Taylor, C., Gates, C.: Challenging the Anomaly Detection Paradigm: A Provocative Discussion. In: Proceedings of the 15th New Security Paradigms Workshop (NSPW), pp. xx\u2013yy (September 2006)"},{"key":"8_CR26","doi-asserted-by":"publisher","first-page":"765","DOI":"10.1109\/IAS.2009.26","volume-title":"IAS 2009: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security","author":"D. Tian","year":"2009","unstructured":"Tian, D., Changzhen, H., Qi, Y., Jianqiao, W.: Hierarchical distributed alert correlation model. In: IAS 2009: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security, pp. 765\u2013768. IEEE Computer Society, Washington, DC, USA (2009)"},{"key":"8_CR27","unstructured":"Ullrich, J.: DShield home page (2005), http:\/\/www.dshield.org"},{"key":"8_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/978-3-642-04342-0_14","volume-title":"Recent Advances in Intrusion Detection","author":"G. Vasiliadis","year":"2009","unstructured":"Vasiliadis, G., Polychronakis, M., Antonatos, S., Markatos, E., Ioannidis, S.: Regular expression matching on graphics hardware for intrusion detection. In: Balzarotti, D. (ed.) RAID 2009. LNCS, vol.\u00a05758, pp. 265\u2013283. Springer, Heidelberg (2009)"},{"key":"8_CR29","unstructured":"Vigna, G., Gwalani, S., Srinivasan, K., Belding-Royer, E.M., Kemmerer, R.A.: An Intrusion Detection Tool for AODV-based Ad hoc Wireless Networks. In: Computer Security Applications Conference (2004)"},{"key":"8_CR30","doi-asserted-by":"crossref","unstructured":"Wang, K., Parekh, J.J., Stolfo, S.J.: Anagram: A Content Anomaly Detector Resistant to Mimicry Attack. In: Symposium on Recent Advances in Intrusion Detection, Hamburg, Germany (2006)","DOI":"10.1007\/11856214_12"},{"key":"8_CR31","unstructured":"Websense: LizaMoon, http:\/\/community.websense.com\/blogs\/securitylabs\/archive\/2011\/03\/31\/update-on-lizamoon-mass-injection.aspx"},{"key":"8_CR32","doi-asserted-by":"crossref","unstructured":"Xu, D., Ning, P.: Privacy-preserving alert correlation: a concept hierarchy based approach. In: 21st Annual Computer Security Applications Conference, pp. 10\u2013546 (December 2005)","DOI":"10.1109\/CSAC.2005.45"},{"key":"8_CR33","unstructured":"Yegneswaran, V., Barford, P., Jha, S.: Global Intrusion Detection in the DOMINO Overlay System. In: NDSS (2004)"},{"key":"8_CR34","doi-asserted-by":"crossref","unstructured":"Zaman, S., Karray, F.: Collaborative architecture for distributed intrusion detection system. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1\u20137 (July 2009)","DOI":"10.1109\/CISDA.2009.5356567"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-23644-0_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,20]],"date-time":"2025-03-20T13:24:10Z","timestamp":1742477050000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-23644-0_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642236433","9783642236440"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-23644-0_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}