{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T22:46:31Z","timestamp":1743115591376,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642333378"},{"type":"electronic","value":"9783642333385"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-33338-5_16","type":"book-chapter","created":{"date-parts":[[2012,9,26]],"date-time":"2012-09-26T01:17:07Z","timestamp":1348622227000},"page":"314-333","source":"Crossref","is-referenced-by-count":9,"title":["A Lone Wolf No More: Supporting Network Intrusion Detection with Real-Time Intelligence"],"prefix":"10.1007","author":[{"given":"Johanna","family":"Amann","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Robin","family":"Sommer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aashish","family":"Sharma","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Seth","family":"Hall","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"16_CR1","unstructured":"Department of Energy Cyber Joint Cybersecurity Coordination Center, \n                      http:\/\/www.doecirc.energy.gov\/"},{"key":"16_CR2","unstructured":"National Software Reference Library, \n                      http:\/\/www.nsrl.nist.gov\/"},{"key":"16_CR3","unstructured":"Antonakakis, M., Perdisci, R., Dagon, D., Lee, W., Feamster, N.: Building a Dynamic Reputation System for DNS. In: USENIX Security (2010)"},{"key":"16_CR4","unstructured":"Blacklist.rules, ClamAV, and Data Mining, \n                      http:\/\/vrt-blog.snort.org\/2011\/02\/blacklistrules-clamav-and-data-mining.html"},{"key":"16_CR5","unstructured":"Collective Intelligence Framework, \n                      http:\/\/code.google.com\/p\/collective-intelligence-framework\/"},{"key":"16_CR6","unstructured":"Cyber Fed Model \u2013 Community-Wide Cyber Security Alert Distribution, \n                      http:\/\/web.anl.gov\/it\/cfm\/"},{"key":"16_CR7","unstructured":"Cymru, T.: Malware Hash Registry, \n                      http:\/\/www.team-cymru.org\/Services\/MHR\/"},{"key":"16_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/3-540-45474-8_6","volume-title":"Recent Advances in Intrusion Detection","author":"H. Debar","year":"2001","unstructured":"Debar, H., Wespi, A.: Aggregation and Correlation of Intrusion-Detection Alerts. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, pp. 85\u2013103. Springer, Heidelberg (2001)"},{"key":"16_CR9","doi-asserted-by":"crossref","unstructured":"Dreger, H., Feldmann, A., Paxson, V., Sommer, R.: Operational Experiences with High-Volume Network Intrusion Detection. In: ACM CCS (2004)","DOI":"10.1145\/1030083.1030086"},{"key":"16_CR10","unstructured":"DShield.org Recommended Block List, \n                      http:\/\/feeds.dshield.org\/block.txt"},{"key":"16_CR11","unstructured":"Google Safe Browsing API, \n                      http:\/\/code.google.com\/apis\/safebrowsing"},{"key":"16_CR12","unstructured":"Gu, G., Porras, P., Yegneswaran, V., Fong, M., Lee, W.: BotHunter: Detecting Malware Infection through IDS-driven Dialog Correlation. In: USENIX Security (2007)"},{"key":"16_CR13","unstructured":"Jung, J., Paxson, V., Berger, A.W., Balakrishnan, H.: Fast Portscan Detection Using Sequential Hypothesis Testing. In: IEEE Security and Privacy (2004)"},{"key":"16_CR14","doi-asserted-by":"crossref","unstructured":"Katti, S., Krishnamurthy, B., Katabi, D.: Collaborating against common enemies. In: IMC (2005)","DOI":"10.1145\/1330107.1330151"},{"key":"16_CR15","unstructured":"Ollmann, G.: Blacklists & Dynamic Reputation. White paper (2011), \n                      http:\/\/www.damballa.com\/downloads\/r_pubs\/WP_Blacklists_Dynamic_Reputation.pdf"},{"issue":"23\u201324","key":"16_CR16","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V. Paxson","year":"1999","unstructured":"Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks\u00a031(23\u201324), 2435\u20132463 (1999)","journal-title":"Computer Networks"},{"key":"16_CR17","unstructured":"Roesch, M.: Snort: Lightweight Intrusion Detection for Networks. In: Systems Administration Conference (1999)"},{"key":"16_CR18","unstructured":"Security Event System, \n                      http:\/\/www.ren-isac.net\/ses"},{"key":"16_CR19","doi-asserted-by":"crossref","unstructured":"Sharma, A., Kalbarczyk, Z., Barlow, J., Iyer, R.K.: Analysis of Security Data From a Large Computing Organization. In: IEEE DSN (2011)","DOI":"10.1109\/DSN.2011.5958263"},{"key":"16_CR20","unstructured":"Sinha, S., Bailey, M., Jahanian, F.: Improving SPAM Blacklisting through Dynamic Thresholding and Speculative Aggregation. In: NDSS (2010)"},{"key":"16_CR21","unstructured":"Snort 2.9.1 release announcement, \n                      http:\/\/blog.snort.org\/2011\/08\/snort-291-has-been-released-including.html"},{"key":"16_CR22","unstructured":"Sommer, R., Paxson, V.: Exploiting Independent State For Network Intrusion Detection. In: ACSAC (2005)"},{"key":"16_CR23","unstructured":"The Spamhaus Block List, \n                      http:\/\/www.spamhaus.org\/sbl"},{"key":"16_CR24","unstructured":"Open Information Security Foundation: Suricata Download, \n                      http:\/\/www.openinfosecfoundation.org\/index.php\/downloads"},{"key":"16_CR25","unstructured":"Symantec - Configuring blacklisting for base event types with IDS\/IPS on Symantec Gateway Security 5400 Series 2.x, \n                      http:\/\/www.symantec.com\/business\/support\/index?page=content&id=TECH81936"},{"key":"16_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/3-540-45474-8_4","volume-title":"Recent Advances in Intrusion Detection","author":"A. Valdes","year":"2001","unstructured":"Valdes, A., Skinner, K.: Probabilistic Alert Correlation. In: Lee, W., M\u00e9, L., Wespi, A. (eds.) RAID 2001. LNCS, vol.\u00a02212, pp. 54\u201368. Springer, Heidelberg (2001)"},{"key":"16_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-540-74320-0_6","volume-title":"Recent Advances in Intrusion Detection","author":"M. Vallentin","year":"2007","unstructured":"Vallentin, M., Sommer, R., Lee, J., Leres, C., Paxson, V., Tierney, B.: The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 107\u2013126. Springer, Heidelberg (2007)"},{"key":"16_CR28","unstructured":"Verizon: Data Breach Investigations Report. Tech. rep. (2012), \n                      http:\/\/www.wired.com\/images_blogs\/threatlevel\/2012\/03\/Verizon-Data-Breach-Report-2012.pdf"},{"key":"16_CR29","unstructured":"VirusTotal Public API, \n                      https:\/\/www.virustotal.com\/documentation\/public-api\/"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-33338-5_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T19:09:20Z","timestamp":1628536160000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-33338-5_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642333378","9783642333385"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-33338-5_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}