{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T00:24:13Z","timestamp":1771633453754,"version":"3.50.1"},"reference-count":36,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2010,12,29]],"date-time":"2010-12-29T00:00:00Z","timestamp":1293580800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Comput Virol"],"published-print":{"date-parts":[[2011,8]]},"DOI":"10.1007\/s11416-010-0150-4","type":"journal-article","created":{"date-parts":[[2010,12,28]],"date-time":"2010-12-28T05:12:48Z","timestamp":1293513168000},"page":"221-232","source":"Crossref","is-referenced-by-count":20,"title":["Heliza: talking dirty to the attackers"],"prefix":"10.1007","volume":"7","author":[{"given":"G\u00e9rard","family":"Wagener","sequence":"first","affiliation":[]},{"given":"Radu","family":"State","sequence":"additional","affiliation":[]},{"given":"Alexandre","family":"Dulaunoy","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Engel","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,12,29]]},"reference":[{"key":"150_CR1","volume-title":"Honeypots: Tracking Hackers","author":"L. Spitzner","year":"2002","unstructured":"Spitzner L.: Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., Boston, MA (2002)"},{"key":"150_CR2","doi-asserted-by":"crossref","unstructured":"Baecher, P., Koetter, M., Dornseif, M., Freiling, F.: The nepenthes platform: an efficient approach to collect malware. In: Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection RAID, Springer, pp. 165\u2013184 (2006)","DOI":"10.1007\/11856214_9"},{"issue":"1","key":"150_CR3","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1145\/365153.365168","volume":"9","author":"J. Weizenbaum","year":"1966","unstructured":"Weizenbaum J.: Eliza\u2014a computer program for the study of natural language communication between man and machine. Commun. ACM 9(1), 36\u201345 (1966)","journal-title":"Commun. ACM"},{"key":"150_CR4","unstructured":"Sutton, R.S., Barto, A.G.: Reinforcement Learning: An Introduction (Adaptive Computation and Machine Learning). The MIT Press, Cambridge, MA (1998)"},{"key":"150_CR5","doi-asserted-by":"crossref","unstructured":"Ramsbrock, D., Berthier, R., Cukier, M.: Profiling attacker behavior following SSH compromises. In: DSN \u201907: Proceedings of the 37th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks, Washington, DC, USA, IEEE Computer Society, 119\u2013124 (2007)","DOI":"10.1109\/DSN.2007.76"},{"key":"150_CR6","doi-asserted-by":"crossref","unstructured":"Wagener, G., State, R., Dulaunoy, A., Engel, T.: Self adaptive high interaction honeypots driven by game theory. In: SSS \u201909: Proceedings of the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems, Berlin, Heidelberg, Springer-Verlag, 741\u2013755 (2009)","DOI":"10.1007\/978-3-642-05118-0_51"},{"key":"150_CR7","unstructured":"Newham, C., Vossen, J., Albing, C., Vossen, J.: Bash Cookbook: Solutions and Examples for Bash Users. O\u2019Reilly Media, Inc., Sebastopol (2007)"},{"key":"150_CR8","doi-asserted-by":"crossref","unstructured":"Xu, X., Xie, T.: A reinforcement learning approach for host-based intrusion detection using sequences of system calls. In: ICIC (1). 995\u20131003 (2005)","DOI":"10.1007\/11538059_103"},{"key":"150_CR9","unstructured":"Provos, N., Mcnamee, D., Mavrommatis, P., Wang, K., Modadugu, N.G.: The ghost in the browser analysis of web-based malware. In: Proceedings of the 1st conference on First Workshop on Hot Topics in Understanding Botnets, USENIX Association, Cambridge (2007)"},{"key":"150_CR10","unstructured":"Coates, A.L., Baird, H.S., Fateman, R.J.: Pessimal print: a Reverse Turing Test. In: Proceedings of the International Conference on Document Analysis and Recognition (ICDAR), 1154\u20131158 (2001)"},{"key":"150_CR11","doi-asserted-by":"crossref","unstructured":"Alata, E., Nicomette, V., Kaaniche, M., Dacier, M., Herrb, M.: Lessons learned from the deployment of a high-interaction honeypot. In: EDCC \u201906: Proceedings of the Sixth European Dependable Computing Conference, Washington, DC, USA, IEEE Computer Society, 39\u201346 (2006)","DOI":"10.1109\/EDCC.2006.17"},{"issue":"1","key":"150_CR12","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1145\/375360.375365","volume":"33","author":"G. Navarro","year":"2001","unstructured":"Navarro G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31\u201388 (2001)","journal-title":"ACM Comput. Surv."},{"issue":"3","key":"150_CR13","doi-asserted-by":"crossref","first-page":"287","DOI":"10.1023\/A:1007678930559","volume":"38","author":"S.P. Singh","year":"2000","unstructured":"Singh S.P., Jaakkola T., Littman M.L., Szepesv\u00e1ri C.: Convergence results for single-step on-policy reinforcement-learning algorithms. Mach. Learn. 38(3), 287\u2013308 (2000)","journal-title":"Mach. Learn."},{"key":"150_CR14","first-page":"743","volume":"11","author":"T. Schaul","year":"2010","unstructured":"Schaul T., Bayer J., Wierstra D., Sun Y., Felder M., Sehnke F., R\u00fcckstie\u00df T., Schmidhuber J.: PyBrain. J. Mach. Learn. Res. 11, 743\u2013746 (2010)","journal-title":"J. Mach. Learn. Res."},{"key":"150_CR15","unstructured":"Wright, C., Cowan, C., Morris, J.: Linux security modules: General security support for the linux kernel. In: Proceedings of the 11th USENIX Security Symposium. 17\u201331 (2002)"},{"key":"150_CR16","unstructured":"Holz, T., Raynal, F.: Detecting honeypots and other suspicious environments. In: 6th IEEE Information Assurance Workshop, United States Military Academy, West Point (2005)"},{"key":"150_CR17","unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings Network and Distributed Systems Security Symposium, 191\u2013206 (2003)"},{"issue":"139","key":"150_CR18","first-page":"8","volume":"2005","author":"R. Love","year":"2005","unstructured":"Love R.: Kernel korner: intro to inotify. Linux J. 2005(139), 8\u201312 (2005)","journal-title":"Linux J."},{"key":"150_CR19","unstructured":"Provos, N., Friedl, M., Honeyman, P.: Preventing privilege escalation. In: SSYM\u201903: Proceedings of the 12th conference on USENIX Security Symposium, Berkeley, CA, USA, USENIX Association, 231\u2013242 (2003)"},{"key":"150_CR20","unstructured":"Wagener, G.: Aha source code repository. http:\/\/git.quuxlabs.com"},{"issue":"110","key":"150_CR21","first-page":"2","volume":"2003","author":"M. Owens","year":"2003","unstructured":"Owens M.: Embedding an SQL database with SQLite. Linux J. 2003(110), 2\u20135 (2003)","journal-title":"Linux J."},{"key":"150_CR22","unstructured":"Wagener, G.: Aha dataset. http:\/\/quuxlabs.com\/~gerard\/datasets"},{"key":"150_CR23","unstructured":"Alata, E., Nicomette, V., Kaaniche, M., Dacier, M., Herrb, M.: Lessons learned from the deployment of a high-interaction honeypot. In: Dependable Computing Conference, 2006. EDCC\u201906. Sixth European, 39\u201346 (2006)"},{"key":"150_CR24","doi-asserted-by":"crossref","first-page":"237","DOI":"10.1613\/jair.301","volume":"4","author":"L. Kaelbling","year":"1996","unstructured":"Kaelbling L., Littman M., Moore A.: Reinforcement learning: A survey. J. Artif. Intell. Res. 4, 237\u2013285 (1996)","journal-title":"J. Artif. Intell. Res."},{"key":"150_CR25","doi-asserted-by":"crossref","unstructured":"Abbeel, P., Coates, A., Quigley, M., Ng, A.Y.: An application of reinforcement learning to aerobatic helicopter flight. In: Advances in Neural Information Processing Systems 19, MIT Press (2007)","DOI":"10.7551\/mitpress\/7503.003.0006"},{"key":"150_CR26","doi-asserted-by":"crossref","unstructured":"Tan, M.: Multi-agent reinforcement learning: independent vs. cooperative agents. In: Proceedings of the Tenth International Conference on Machine Learning, Morgan Kaufmann, 330\u2013337 (1993)","DOI":"10.1016\/B978-1-55860-307-3.50049-6"},{"issue":"1\u20132","key":"150_CR27","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1023\/A:1022140919877","volume":"13","author":"A.G. Barto","year":"2003","unstructured":"Barto A.G., Mahadevan S.: Recent advances in hierarchical reinforcement learning. Discrete Event Dyn. Syst. 13(1\u20132), 41\u201377 (2003)","journal-title":"Discrete Event Dyn. Syst."},{"key":"150_CR28","doi-asserted-by":"crossref","unstructured":"Gambardella, L.M., Dorigo, M.: Ant-Q: a reinforcement learning approach to the traveling salesman problem. In: Proceedings of the ML-95, 12th International Conference on Machine Learning, Morgan Kaufmann, 252\u2013260 (1995)","DOI":"10.1016\/B978-1-55860-377-6.50039-6"},{"key":"150_CR29","unstructured":"Cheswick, B.: An evening with Berferd in which a cracker is lured, endured, and studied. In: Proceedings of Winter USENIX Conference, 163\u2013174 (1992)"},{"key":"150_CR30","unstructured":"Bellovin, S.M.: There be dragons. In: Proceedings of the Third Usenix Unix Security Symposium, 1\u201316, September 1992"},{"issue":"6","key":"150_CR31","doi-asserted-by":"crossref","first-page":"483","DOI":"10.1016\/S0167-4048(98)80071-0","volume":"17","author":"F. Cohen","year":"1998","unstructured":"Cohen F.: A note on the role of deception in information protection. Computers & Security 17(6), 483\u2013506 (1998)","journal-title":"Computers & Security"},{"issue":"6","key":"150_CR32","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1109\/MSECP.2003.1253575","volume":"1","author":"B. McCarty","year":"2003","unstructured":"McCarty B.: The honeynet arms race. IEEE Secur Priv 1(6), 79\u201382 (2003)","journal-title":"IEEE Secur Priv"},{"key":"150_CR33","unstructured":"Xuxian, J., Xinyuan, W.: \u201cout-of-the-box\u201d Monitoring of VM-Based High-Interaction honeypots. In: RAID, 198\u2013218 (2007)"},{"key":"150_CR34","doi-asserted-by":"crossref","unstructured":"Chowdhary, V., Tongaonkar, A., Chiueh, T.: Towards automatic learning of valid services for honeypots. In: ICDCIT, 469\u2013470 (2004)","DOI":"10.1007\/978-3-540-30555-2_55"},{"key":"150_CR35","doi-asserted-by":"crossref","unstructured":"Monrose, F., Rubin, A.: Authentication via keystroke dynamics. In: CCS \u201997: Proceedings of the 4th ACM Conference on Computer and Communications Security, New York, NY, USA, ACM, 48\u201356 (1997)","DOI":"10.1145\/266420.266434"},{"key":"150_CR36","doi-asserted-by":"crossref","unstructured":"Pouget, F., Pouget, F., Holz, T., Holz, T.: A pointillist approach for comparing honeypots. In: Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2005), LNCS 3448, Springer-Verlag, 51\u201368 (2005)","DOI":"10.1007\/11506881_4"}],"container-title":["Journal in Computer Virology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-010-0150-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-010-0150-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-010-0150-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,2]],"date-time":"2024-04-02T09:35:20Z","timestamp":1712050520000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-010-0150-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,12,29]]},"references-count":36,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2011,8]]}},"alternative-id":["150"],"URL":"https:\/\/doi.org\/10.1007\/s11416-010-0150-4","relation":{},"ISSN":["1772-9890","1772-9904"],"issn-type":[{"value":"1772-9890","type":"print"},{"value":"1772-9904","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,12,29]]}}}