{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T23:05:10Z","timestamp":1770073510706,"version":"3.49.0"},"reference-count":41,"publisher":"Elsevier BV","issue":"5","license":[{"start":{"date-parts":[[2003,7,1]],"date-time":"2003-07-01T00:00:00Z","timestamp":1057017600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers & Security"],"published-print":{"date-parts":[[2003,7]]},"DOI":"10.1016\/s0167-4048(03)00512-1","type":"journal-article","created":{"date-parts":[[2003,7,22]],"date-time":"2003-07-22T20:46:14Z","timestamp":1058906774000},"page":"435-449","source":"Crossref","is-referenced-by-count":37,"title":["A new taxonomy of Web attacks suitable for efficient encoding"],"prefix":"10.1016","volume":"22","author":[{"given":"Gonzalo","family":"\u00c1lvarez","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Slobodan","family":"Petrovi\u0107","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/S0167-4048(03)00512-1_BIB1","unstructured":"McClure, S., Shah, S. and Shah, S., 2002. Web Hacking. Addison Wesley Professional, 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB2","unstructured":"Scambray, J. and Shema, M., 2002. Hacking Exposed Web Applications. McGraw-Hill Osborne Media, 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB3","doi-asserted-by":"crossref","unstructured":"Cohen, F.B., 1997. Information system attacks: A preliminary classification scheme. Computers & Security, Vol. 16(1), 1997, pp. 29-46.","DOI":"10.1016\/S0167-4048(97)85785-9"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB4","unstructured":"Howard, J.D. and Longstaff, T.A., 1998. A common language for computer security incidents. Technical Report SAND98-8667, Sandia National Laboratories, October 1998."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB5","doi-asserted-by":"crossref","unstructured":"Lindqvist, U. and Jonsson, E., 1997. How to systematically classify computer security intrusions. Proceedings of the 1997 IEEE Symposium on Security & Privacy, 1997.","DOI":"10.1109\/SECPRI.1997.601330"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB6","unstructured":"Lough, D.L., 2001. A Taxonomy of Computer Attacks with Applications to Wireless Networks. PhD thesis, Virginia Polytechnic Institute and State University, 2001."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB7","unstructured":"Richardson, T.W., 2001. The Development of a Database Taxonomy of Vulnerabilities to Support the Study of Denial of Service Attacks. PhD thesis, Iowa State University, 2001."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB8","unstructured":"Schneier, B., 1999. Attack trees: Modeling security threats. Dr. Dobb\u2019s Journal, Vol. 12(24), 1999, pp. 21-29."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB9","doi-asserted-by":"crossref","unstructured":"Stallings, W., 1995. Network and Internetwork Security, chapter 1. Prentice Hall, IEEE Press, 1995.","DOI":"10.1016\/1353-4858(95)90168-X"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB10","unstructured":"Petrovi\u0107, S., 1997. Clustering unequal length binary data using graph-theoretic techniques. Proc. 4th Balkan Conference on Operational Research, 1997."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB11","doi-asserted-by":"crossref","unstructured":"Amoroso, E.G., 1994. Fundamentals of Computer Security Technology. Prentice-Hall PTR, 1994.","DOI":"10.1016\/0142-0496(94)90187-2"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB12","doi-asserted-by":"crossref","unstructured":"Scott, D. and Sharp, R., 2002. Abstracting application-level Web security. WWW2002, May 2002.","DOI":"10.1145\/511446.511498"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB13","unstructured":"Microsoft. Cross-site scripting security exposure executive summary. http:\/\/www.microsoft.com\/technet\/security\/topics\/ExSumCS.asp, 2000."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB14","unstructured":"Owasp. http:\/\/www.owasp.org."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB15","unstructured":"Anley, C., 2002. Advanced sql injection in sql server applications. Technical report, Next Generation Security Software, January 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB16","unstructured":"Anley, C., 2002. (more) advanced sql injection in sql server applications. Technical report, Next Generation Security Software, June 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB17","unstructured":"Cerrudo, C., 2002. Manipulating Microsoft sql server using sql injection. Technical report, Application Security, Inc., 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB18","unstructured":"Howard, M. and LeBlanc, D., 2001. Writing Secure Code, chapter 12. Microsoft Press, 2001."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB19","doi-asserted-by":"crossref","unstructured":"Cowan, C., Wagle, P., Pu, C., Beattie, S. and Walpole, J., 2000. Buffer overflows: Attacks and defenses for the vulnerability of the decade. DARPA Information Survivability Conference and Exposition, 2:1119-1129, January 2000.","DOI":"10.1109\/DISCEX.2000.821514"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB20","unstructured":"Ford, W., 1994. Computer Communications Security, chapter 2. Prentice Hall PTR, 1994."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB21","unstructured":"Purser, M., 1993. Secure Data Networking, chapter 1. Artech House, 1993."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB22","unstructured":"Kolsek, M., 2002. Session fixation vulnerability in web-based applications. Technical report, Acros Security, 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB23","unstructured":"Teleport pro. http:\/\/www.tenmax.com\/teleport\/."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB24","unstructured":"wget. http:\/\/www.gnu.org\/software\/wget\/wget.html."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB25","unstructured":"Whisker. http:\/\/www.wiretrip.net\/rfp\/p\/doc.asp\/i2\/d21.htm."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB26","unstructured":"Nikto. http:\/\/www.cirt.net\/code\/nikto.shtml."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB27","unstructured":"Abramson, N., 1963. Information Theory and Coding. McGraw-Hill, 1963."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB28","doi-asserted-by":"crossref","unstructured":"Elias, P., 1975. Universal codeword sets and representation of the integers. IEEE Trans. Inform. Theory 21,2, March 1975.","DOI":"10.1109\/TIT.1975.1055349"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB29","unstructured":"Fano, R.M., 1949. Transmission of Information. MIT Press, 1949."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB30","doi-asserted-by":"crossref","unstructured":"Huffman, D.A., 1952. A method for the construction of minimum-redundancy codes. Proc. IRE 40,9, September 1952.","DOI":"10.1109\/JRPROC.1952.273898"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB31","unstructured":"Shannon, C.E. and Weaver, W., 1949. The Mathematical Theory of Communication. University of Illinois Press, 1949."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB32","unstructured":"Faller, N., 1973. An adaptive system for data compression. Record of the 7th Asilomar Conf. on Circuits, Systems and Computers, 1973."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB33","doi-asserted-by":"crossref","unstructured":"Vitter, J.S., 1987. Design and analysis of dynamic Huffman codes. J. ACM, Vol, 34(4), 1987.","DOI":"10.1145\/31846.42227"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB34","doi-asserted-by":"crossref","unstructured":"Ziv, J. and Lempel, A., 1977. A universal algorithm for sequential data compression. IEEE Trans. Inform. Theory, Vol. 23(3), May 1977.","DOI":"10.1109\/TIT.1977.1055714"},{"key":"10.1016\/S0167-4048(03)00512-1_BIB35","unstructured":"Common vulnerabilities and exposures. http:\/\/cve.mitre.org."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB36","unstructured":"Northcutt, S., 2002. Network Intrusion Detection, Third Edition. New Riders Publishing, 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB37","unstructured":"Petrovi\u0107, S. and \u03c4lvarez, G., 2003. A method for clustering different length vectors using edit distance. http:\/\/arXiv.org\/abs\/cs.IR\/0304007, 2003."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB38","unstructured":"Frank, J., 1994. Artificial Intelligence and intrusion detection: Current and future directions. Proceedings of the 17th National Computer Security Conference, Baltimore, MD, 1994."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB39","unstructured":"\u00c1lvarez, G. and Petrovi\u0107, S., 2003. Anomaly-based Web attack detection system. Submitted to 6th Information Security Conference (ISC\u201903), 2003."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB40","unstructured":"Lindstrom, P., 2002. Guide to intrusion prevention. Information Security, October 2002."},{"key":"10.1016\/S0167-4048(03)00512-1_BIB41","unstructured":"Zwicky, E.D., Cooper, S., Chapman, D.B. and Russell, D., 2000. Building Internet Firewalls (2nd Edition). O\u2019Reilly & Associates, 2000."}],"container-title":["Computers & Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404803005121?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404803005121?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2024,12,13]],"date-time":"2024-12-13T07:31:23Z","timestamp":1734075083000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404803005121"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003,7]]},"references-count":41,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2003,7]]}},"alternative-id":["S0167404803005121"],"URL":"https:\/\/doi.org\/10.1016\/s0167-4048(03)00512-1","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2003,7]]}}}