{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,9]],"date-time":"2025-05-09T15:35:22Z","timestamp":1746804922116,"version":"3.40.5"},"reference-count":16,"publisher":"Springer Science and Business Media LLC","issue":"5-6","license":[{"start":{"date-parts":[[2006,6,1]],"date-time":"2006-06-01T00:00:00Z","timestamp":1149120000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Ann. Telecommun."],"published-print":{"date-parts":[[2006,6]]},"DOI":"10.1007\/bf03219929","type":"journal-article","created":{"date-parts":[[2012,7,20]],"date-time":"2012-07-20T12:20:25Z","timestamp":1342786825000},"page":"682-704","source":"Crossref","is-referenced-by-count":4,"title":["WebAnalyzer: accurate detection of HTTP attack traces in web server logs","Webanalyzer : D\u00e9tection Pr\u00e9cise D\u2019attaques HTTP dans les Journaux de Serveurs Web"],"prefix":"10.1007","volume":"61","author":[{"given":"Herv\u00e9","family":"Debar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Elvis","family":"Tombini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"BF03219929_CR1","doi-asserted-by":"crossref","unstructured":"Almgren (M.),Debar (H.),Dacier (M.), \u201cA Lightweight Tool for Detecting Web Server Attacks\u201d,Proceedings of the 2000 isoc Symposium on Network and Distributed Systems Security, p. 157\u2013170, 2000.","DOI":"10.1016\/S1353-4858(00)85018-7"},{"key":"BF03219929_CR2","doi-asserted-by":"crossref","unstructured":"Cuppens (F.),Ortalo (R.), \u201cLambda : A Language to Model a Database for Detection of Attacks\u201d, H. Debar, L. M\u00e9,, S. F. Wu (eds),Lncs 1907 \u2014 Proceedings of the Third International Workshop on the Recent Advances in Intrusion Detection (Raid), Lecture Notes in Computer Science (Lncs), October, 2000.","DOI":"10.1007\/3-540-39945-3_13"},{"key":"BF03219929_CR3","unstructured":"Curry (D.),Debar (H.),Feinstein (B.), \u201cThe Intrusion Detection Message Exchange Format\u201d,Ietf Intrusion Detection Exchange Format Working Group, Internet Draft, January, 2004. Expires July 8, 2004."},{"key":"BF03219929_CR4","doi-asserted-by":"crossref","unstructured":"Debar (H.),Dacier (M.),Wespi (A.), \u201cA Revised Taxonomy for Intrusion-Detection Systems\u201d,Annales des T\u00e9l\u00e9communications,55, no 7\u20138, juillet\u2013ao\u00fbt 2000.","DOI":"10.1016\/S1389-1286(98)00017-6"},{"key":"BF03219929_CR5","doi-asserted-by":"crossref","unstructured":"Goland (Y.),Whitehead (E.),Faizi (A.),Carter (S.),Jensen (D.), \u201cHttp Extensions for Distributed Authoring \u2014Webdav\u201d,Rfc 2518, February, 1999. Proposed standard.","DOI":"10.17487\/rfc2518"},{"key":"BF03219929_CR6","unstructured":"Handley (M.),Kreibich (C),Paxson (V.), \u201cNetwork Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics\u201d, Proceedings of the 10thUsenix Security Symposium, Washington,Dc, August, 2001."},{"key":"BF03219929_CR7","unstructured":"Johns (M. S.), \u201cIdentification Protocol\u201d,Rfc 1413, February, 1993. Proposed standard."},{"key":"BF03219929_CR8","doi-asserted-by":"crossref","unstructured":"Kruegel (C),Vigna (G.),Robertson (W.), \u201cA multi-model approach to the detection of web-based attacks\u201dComputer Networks, July, 2005. Elsevier.","DOI":"10.1016\/j.comnet.2005.01.009"},{"key":"BF03219929_CR9","unstructured":"Low (W. L.),Lee (J.),Teoh (P.), \u201cDidafit: Detecting Intrusions in DAtabases Through Fingerprinting Transactions\u201d, 4th International Conference On Enterprise Information Systems (Iceis 2002), pp. 121\u2013128, 2002."},{"key":"BF03219929_CR10","doi-asserted-by":"crossref","unstructured":"Low (W. L.),Lee (S. Y.),Wong (P. Y), \u201cLearning Fingerprints For A Database Intrusion Detection System\u201d, 7th European Symposium on Research in Computer Security (Esorics 2002), pp. 264\u2013280, 2002.","DOI":"10.1007\/3-540-45853-0_16"},{"key":"BF03219929_CR11","doi-asserted-by":"crossref","unstructured":"Michel (C),M\u00e9 (L.), \u201cADeLe : An Attack Description Language for Knowledge-Based Intrusion Detection\u201d, Proceedings of the 16th International Conference on Information Security (Ifip\/sec 2001), pp. 353\u2013365, June 2001.","DOI":"10.1007\/0-306-46998-7_25"},{"key":"BF03219929_CR12","unstructured":"Network Working Group, Hypertext Transfer Protocol \u2014Http\/1.0,Rfc 1945,Ietf, May 1996."},{"key":"BF03219929_CR13","doi-asserted-by":"crossref","unstructured":"Pouzol (J.-R),Ducass\u00e9 (M.), \u201cFrom Declarative Signature to Misuse ids\u201d, 4th International Conference on Recent Advances in Intrusion Detection (Raid\u203201), Lecture Notes in Computer Science (Lncs), W.Lee, , L.M\u00e9, A.Wespi (eds),No 2212, Springer, Davis,Ca, usa, October, 2001.","DOI":"10.1007\/3-540-45474-8_1"},{"key":"BF03219929_CR14","unstructured":"Ptacek (T. H.),Newsham (T.), \u201cInsertion, Evasion and Denial of Service: Eluding Network Intrusion Detection\u201d,Secure Networks, Inc, 1998."},{"key":"BF03219929_CR15","unstructured":"Roesch (M.), \u201cSnort \u2014 Lightweight Intrusion Detection for Networks\u201d, Proceedings ofLisa\u203299,Usenix Association, Seattle, Washington,Usa, pp. 229\u2013238, Nov, 1999."},{"key":"BF03219929_CR16","doi-asserted-by":"crossref","unstructured":"Vigna (G.),Robertson (W),Kher (V.),Kemmerer (R.), \u201cA Stateful Intrusion Detection System for World-Wide Web Servers\u201d, Proceedings of the Annual Computer Security Applications Conference (Acsac 2003), Las Vegas,Nv, pp. 34\u201343, December, 2003.","DOI":"10.1109\/CSAC.2003.1254308"}],"container-title":["annals of telecommunications - annales des t\u00e9l\u00e9communications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/BF03219929.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/BF03219929\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/BF03219929","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,5]],"date-time":"2025-04-05T00:13:04Z","timestamp":1743811984000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/BF03219929"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,6]]},"references-count":16,"journal-issue":{"issue":"5-6","published-print":{"date-parts":[[2006,6]]}},"alternative-id":["BF03219929"],"URL":"https:\/\/doi.org\/10.1007\/bf03219929","relation":{},"ISSN":["0003-4347","1958-9395"],"issn-type":[{"type":"print","value":"0003-4347"},{"type":"electronic","value":"1958-9395"}],"subject":[],"published":{"date-parts":[[2006,6]]}}}