{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,1,2]],"date-time":"2023-01-02T00:50:00Z","timestamp":1672620600562},"reference-count":46,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2013,10,30]],"date-time":"2013-10-30T00:00:00Z","timestamp":1383091200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2014,6]]},"DOI":"10.1007\/s10207-013-0214-9","type":"journal-article","created":{"date-parts":[[2013,10,29]],"date-time":"2013-10-29T07:56:22Z","timestamp":1383033382000},"page":"255-269","source":"Crossref","is-referenced-by-count":1,"title":["Risk balance defense approach against intrusions for network server"],"prefix":"10.1007","volume":"13","author":[{"given":"Chengpo","family":"Mu","sequence":"first","affiliation":[]},{"given":"Meng","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Yingjiu","family":"Li","sequence":"additional","affiliation":[]},{"given":"Wanyu","family":"Zang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,10,30]]},"reference":[{"key":"214_CR1","unstructured":"Stakhanova, N., Basu, S., Wong, J.: A Taxonomy of Intrusion Response Systems. Technical Report 06\u201305. Department of Computer Science, Iowa State University (2006)"},{"issue":"3","key":"214_CR2","doi-asserted-by":"crossref","first-page":"2465","DOI":"10.1016\/j.eswa.2009.07.079","volume":"37","author":"C Mu","year":"2010","unstructured":"Mu, C., Li, Y.: An intrusion response decision-making model based on hierarchical task network planning. Expert Syst. Appl. 37(3), 2465\u20132472 (2010)","journal-title":"Expert Syst. Appl."},{"key":"214_CR3","unstructured":"Foo, B., Wu, Y.-S., Mao, Y.-C., et al.: ADEPTS: Adaptive intrusion response using attack graphs in an E-commerce environment. In: Proceeding of the DSN-DCC Symposium 2005. Yokohama, Japan (2005)"},{"key":"214_CR4","doi-asserted-by":"crossref","unstructured":"Gehani, A., Kedem, G.: RheoStat: Real-time risk management. In: Proceeding of 7th International Symposium on Recent Advances in Intrusion Detection. Sophia Antipolis, France (2004)","DOI":"10.1007\/978-3-540-30143-1_16"},{"issue":"4","key":"214_CR5","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1109\/MSP.2010.145","volume":"9","author":"QL Nguyen","year":"2011","unstructured":"Nguyen, Q.L., Sood, A.: A comparison of intrusion-tolerant system architectures. IEEE Secur. Priv. 9(4), 24\u201331 (2011)","journal-title":"IEEE Secur. Priv."},{"key":"214_CR6","doi-asserted-by":"crossref","unstructured":"Wang, F., Upppalli, R.: SITAR: a scalable intrusion-tolerant architecture for distributed services\u2014a technology summary. In: Proceeding of the DARPA Information Survivability Conference and Exposition. Washington, DC, U.S. (2003)","DOI":"10.1109\/DISCEX.2003.1194957"},{"key":"214_CR7","doi-asserted-by":"crossref","unstructured":"Valdes, A., Almgren, M., Cheung, S., et al.: An architecture for an adaptive intrusion-tolerant server, vol. 2845, pp. 158\u2013178. LNCS Springer, Berlin (2003)","DOI":"10.1007\/978-3-540-39871-4_14"},{"key":"214_CR8","unstructured":"Pal, P., Webber, F., Schantz, R.: The DPASA survivable JBI\u2014a high-water mark in intrusion-tolerant systems. In: Proceeding of 2007 Workshop on Recent Advances in Intrusion Tolerant Systems. Lisbon, Portugal (2007)"},{"issue":"1","key":"214_CR9","doi-asserted-by":"crossref","first-page":"45","DOI":"10.1109\/TDSC.2008.1","volume":"6","author":"A Saidane","year":"2009","unstructured":"Saidane, A., Nicomette, V., Deswarte, Y.: The design of a generic intrusion-tolerant architecture for web servers. IEEE Trans. Dependable Secur. Comput. 6(1), 45\u201358 (2009)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"214_CR10","doi-asserted-by":"crossref","unstructured":"Zhang, T., Zhuang, X., Pande, S.: Building intrusion-tolerant secure software. In: Proceeding of the international symposium on Code generation and optimization. CA, USA (2005)","DOI":"10.1109\/CGO.2005.8"},{"issue":"4","key":"214_CR11","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1109\/MSP.2006.95","volume":"4","author":"PE Verssimo","year":"2006","unstructured":"Verssimo, P.E., Neves, N.F., Cachin, C., et al.: Intrusion-tolerant middleware: the road to automatic security. IEEE Secur. Priv. 4(4), 54\u201362 (2006)","journal-title":"IEEE Secur. Priv."},{"issue":"11\u201312","key":"214_CR12","doi-asserted-by":"crossref","first-page":"1331","DOI":"10.1002\/spe.747","volume":"36","author":"P Pal","year":"2006","unstructured":"Pal, P., Rubel, P., Atighetchi, M., et al.: An architecture for adaptive intrusion-tolerant applications. Softw. Pract. Exp. 36(11\u201312), 1331\u20131354 (2006)","journal-title":"Softw. Pract. Exp."},{"key":"214_CR13","unstructured":"Chen, L., Jiang, J., Zhang, D., et al.: Intrusion tolerant system based on multi-version redundant process. JTsing Hua University. 51(S1), 1519\u20131526 (2011)"},{"key":"214_CR14","unstructured":"Aung, K.M.M., Park, K., Park, J.S.: A rejuvenation methodology of cluster recovery. In: Proceeding of the 05 IEEE International Symposium on Clustering Computing and Grid. Cardiff, UK (2005)"},{"key":"214_CR15","doi-asserted-by":"crossref","unstructured":"Huang, Y., Arsenault, D., Sood, A.: Secure, resilient computing clusters: self-cleansing intrusion tolerance with hardware enforced security (SCIT\/HES). In: Proceeding of the Second International Conference on Availability, Reliability, and Security. Vienna, Austria (2007)","DOI":"10.1109\/ARES.2007.134"},{"key":"214_CR16","doi-asserted-by":"crossref","unstructured":"Reiser, H.P., Kapitza, R.: Hypervisor-based efficient proactive recovery. In: Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems. Beijing, China (2007)","DOI":"10.1109\/SRDS.2007.25"},{"key":"214_CR17","doi-asserted-by":"crossref","unstructured":"Sousa, P., Bessani, A.N., Obelheiro, R.R.: The FOREVER service for fault\/intrusion removal. In: Proceedings of the 2nd Workshop on Recent Advances on Intrusiton-Tolerant Systems. Glasgow, Scotland (2008)","DOI":"10.1145\/1413901.1413906"},{"key":"214_CR18","doi-asserted-by":"crossref","unstructured":"Sousa, P., Bessani, A.N., Correia, M., et al.: Resilient intrusion tolerance through proactive and reactive recovery. In: Proceeding of 13th IEEE International Symposium on Pacific Rim Dependable Computing. Melbourne, Victoria, Australia (2007)","DOI":"10.1109\/PRDC.2007.52"},{"key":"214_CR19","doi-asserted-by":"crossref","unstructured":"Garcia, M., Bessani, A.N., Gashi, I., et al.: OS diversity for intrusion tolerance: Myth or reality? In: Proceedings of the 41st International Conference on Dependable Systems & Networks (DSN). Hong Kong (2011)","DOI":"10.1109\/DSN.2011.5958251"},{"key":"214_CR20","unstructured":"Bass, T., Robichaux, R.: Defence-In-Depth: Qualitative Risk Analysis Methodology for Complex Network Centric Operation. http:\/\/www.silkroad.com\/papers\/pdf\/archives\/defense-in-depth-revisited-origintal.pdf (2004)"},{"key":"214_CR21","unstructured":"http:\/\/en.wikipedia.org\/wiki\/Dujiangyan_Irrigation_System. Acc- essed 2012"},{"key":"214_CR22","doi-asserted-by":"crossref","unstructured":"Han, J., Gao, D., Deng, R.H.: On the effectiveness of software diversity: a systematic study on real-world vulnerabilities. In: Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Como, Italy (2009)","DOI":"10.1007\/978-3-642-02918-9_8"},{"key":"214_CR23","doi-asserted-by":"crossref","unstructured":"Thomas, A.: RAPID: reputation based approach for improving intrusion detection effectiveness. In: Proceedings of Sixth International Conference on Information Assurance and Security (IAS). Atlanta, GA, USA (2010)","DOI":"10.1109\/ISIAS.2010.5604064"},{"issue":"8","key":"214_CR24","first-page":"0975","volume":"5","author":"GJ Victor","year":"2010","unstructured":"Victor, G.J., Rao, M.S., Venkaiah, V.C.H.: Intrusion detection systems-analysis and containment of false positive alerts. Int. J. Comput. Appl. 5(8), 0975\u20138887 (2010)","journal-title":"Int. J. Comput. Appl."},{"key":"214_CR25","unstructured":"Stiennon, R.: Intrusion Detection Is Dead Long Live Intrusion Prevention. http:\/\/www.sans.org\/rr\/papers\/index.php?id=1028 , 2003-06-11"},{"issue":"1","key":"214_CR26","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1360\/crad20060101","volume":"43","author":"M Chengpo","year":"2006","unstructured":"Chengpo, M., Houkuan, H., Shengfeng, T.: A survey of intrusion-detection alert aggregation and correlation techniques. J. Comput. Res. Dev. 43(1), 1\u20138 (2006)","journal-title":"J. Comput. Res. Dev."},{"issue":"2","key":"214_CR27","doi-asserted-by":"crossref","first-page":"5","DOI":"10.3233\/JCS-2002-101-202","volume":"10","author":"W Lee","year":"2002","unstructured":"Lee, W.: Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Secur. 10(2), 5\u201322 (2002)","journal-title":"J. Comput. Secur."},{"key":"214_CR28","doi-asserted-by":"crossref","unstructured":"Balepin, I., Maltsev, S., Rowe, J., Levitt, K.: Using specification-based intrusion detection for automated response. In: Proceeding of the 6th International Symposium on Recent Advances in Intrusion Detection. Pittsburgh, PA, USA (2003)","DOI":"10.1007\/978-3-540-45248-5_8"},{"key":"214_CR29","doi-asserted-by":"crossref","unstructured":"Toth, T., Kruegel, C.: Evaluating the impact of automated intrusion response mechanisms. In: Proceeding of 18th Annual Computer Security Application Conference. Las Vegas, Nevada, USA (2002)","DOI":"10.1109\/CSAC.2002.1176302"},{"key":"214_CR30","unstructured":"Carver, C.A.: Adaptive-Based Intrusion Response: [PhD dissertation]. Texas A &M University, College Station (2001)"},{"key":"214_CR31","doi-asserted-by":"crossref","unstructured":"Goldman, R.P., Heimerdinger, W., Haro, S.A.: Information modeling for intrusion report aggregation. In: Proceeding of DARPA Information Survivability Conference and Exposition (DISCEX II). Anaheim, California, USA (2001)","DOI":"10.1109\/DISCEX.2001.932228"},{"key":"214_CR32","unstructured":"Valeur, F., Vigna, G., Kruegel, et al.: A comprehensive approach to intrusion detection alert correlation. IEEE Trans. Dependable Secur. Comput. 1(3), 146\u2013169 (2004)"},{"issue":"1","key":"214_CR33","doi-asserted-by":"crossref","first-page":"46","DOI":"10.1109\/MSECP.2003.1176995","volume":"1","author":"J Maines","year":"2003","unstructured":"Maines, J., Kewley, D., Tinnel, L., Taylor, S.: Validation of sensor alert correlators. Secur. Priv. Mag. 1(1), 46\u201356 (2003)","journal-title":"Secur. Priv. Mag."},{"key":"214_CR34","doi-asserted-by":"crossref","unstructured":"Schnackenberg, D., Holliday, H., Smith, R., et al.: Cooperative intrusion traceback and response architecture. In: Proceeding of DARPA Information Survivability Conference and Exposition. Anaheim, CA, USA (2001)","DOI":"10.1109\/DISCEX.2001.932192"},{"key":"214_CR35","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Mige, A.: Alert correlation in a cooperative intrusion detection framework. In: Proceeding of the IEEE Symposium on Security and Privacy, Oakland, CA, USA (2002)","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"214_CR36","doi-asserted-by":"crossref","unstructured":"Mu, C., Shuai, B.: Research on preprocessing technique of alert aggregation. In: Proceeding of Fifth International Joint Conference on Computational Sciences and Optimization. Harbin, China (2012)","DOI":"10.1109\/CSO.2012.136"},{"issue":"10","key":"214_CR37","doi-asserted-by":"crossref","first-page":"1679","DOI":"10.1360\/crad20051006","volume":"42","author":"C Mu","year":"2005","unstructured":"Mu, C., Huang, H., Tian, S., et al.: Intrusion-detection alerts processing based on fuzzy comprehensive evaluation. J. Comput. Res. Dev. 42(10), 1679\u20131685 (2005)","journal-title":"J. Comput. Res. Dev."},{"key":"214_CR38","doi-asserted-by":"crossref","unstructured":"Mu, C., Huang, H., Tian, S.: Intrusion detection alert verification based on multi-level fuzzy comprehensive evaluation. In: Proceedings of 2005 International Conference on Computational Intelligence and Security, LNAI 3801. Springer. Berlin, Germany (2005)","DOI":"10.1007\/11596448_2"},{"key":"214_CR39","doi-asserted-by":"crossref","unstructured":"Pietraszek, T.: Using adaptive alert classification to reduce false positive in intrusion detection. In: Proceeding of 2004 Recent Advances in Intrusion Detection. Lecture Notes in Computer Science vol. 3224, pp. 102\u2013124 (2004)","DOI":"10.1007\/978-3-540-30143-1_6"},{"key":"214_CR40","unstructured":"Elshoush, H.T., Qsman, I.M.: Improved framework for intrusion correlation. In: Proceeding of the World Congress on Engineering. London (2012)"},{"key":"214_CR41","unstructured":"Carver, C.A., Hill, J.M.D., Pooch, U.W.: Limiting uncertainty in intrusion response. In: Proceedings of the 2nd IEEE Information Assurance and Security Workshop, West Point, NY (2001)"},{"key":"214_CR42","doi-asserted-by":"crossref","unstructured":"Mu, C., Li, Y., Huang, H., et al.: Online risk assessment of intrusion scenarios using D\u2013S evidence theory. In: Proceedings of 13th European Symposium on Research in Computer Security. Malaga, Spain (2008)","DOI":"10.1007\/978-3-540-88313-5_3"},{"key":"214_CR43","unstructured":"Vacca, J.R.: Computer and Information Security Handbook, p. 232. Morgan Kaufmann Publications. Elsevier Inc., Los Altos, CA (2009)"},{"key":"214_CR44","unstructured":"Zhang, Y.-Z., Fang, B.-X., Yun, X.-C.: A risk assessment approach for network information system. In: Proceeding of the Third International Conference on Machine Learning and Cybernetics. Shanghai, China (2004)"},{"key":"214_CR45","unstructured":"http:\/\/www.cisco.com\/en\/US\/tech\/tk648\/tk361\/technologies_q_and_a_item09186a00800e523b.shtml (2011). Accessed 2011"},{"issue":"4","key":"214_CR46","first-page":"85","volume":"2","author":"J-C Liu","year":"2008","unstructured":"Liu, J.-C., Li, C.-H., Yu, J.-L., et al.: Anomaly detection using LibSVM training tools. Int. J. Secur. Appl. 2(4), 85\u201398 (2008)","journal-title":"Int. J. Secur. Appl."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-013-0214-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10207-013-0214-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-013-0214-9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,7,31]],"date-time":"2019-07-31T12:10:26Z","timestamp":1564575026000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10207-013-0214-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,10,30]]},"references-count":46,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2014,6]]}},"alternative-id":["214"],"URL":"https:\/\/doi.org\/10.1007\/s10207-013-0214-9","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,10,30]]}}}