{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,13]],"date-time":"2026-05-13T07:05:54Z","timestamp":1778655954030,"version":"3.51.4"},"reference-count":34,"publisher":"Elsevier BV","issue":"4","license":[{"start":{"date-parts":[[2000,10,1]],"date-time":"2000-10-01T00:00:00Z","timestamp":970358400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computer Networks"],"published-print":{"date-parts":[[2000,10]]},"DOI":"10.1016\/s1389-1286(00)00136-5","type":"journal-article","created":{"date-parts":[[2003,4,7]],"date-time":"2003-04-07T17:19:33Z","timestamp":1049735973000},"page":"547-570","source":"Crossref","is-referenced-by-count":201,"title":["Intrusion detection using autonomous agents"],"prefix":"10.1016","volume":"34","author":[{"given":"Eugene H","family":"Spafford","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Diego","family":"Zamboni","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/S1389-1286(00)00136-5_BIB1","doi-asserted-by":"crossref","unstructured":"J.S. Balasubramaniyan, J.O. Garcia-Fernandez, E. Spafford, D. Zamboni, An architecture for intrusion detection using autonomous agents, Technical Report 98-05, COAST Laboratory, Purdue University, May 1998","DOI":"10.1109\/CSAC.1998.738563"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB2","doi-asserted-by":"crossref","unstructured":"K.A. Bradley, S. Cheung, N. Puketza, B. Mukherjee, R.A. Olsson, Detecting disruptive routers: a distributed network monitoring approach, in: Proceedings of the 1998 IEEE Symposium on Security and Privacy, May 1998","DOI":"10.1109\/SECPRI.1998.674828"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB3","unstructured":"J.M. Bradshaw, An introduction to software agents, in: J.M. Bradshaw (Ed.), Software Agents, AAA1 Press\/MIT Press, Cambridge, MA, 1997, pp. 3\u201346 (Chapter 1)"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB4","unstructured":"S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, J. Rowe, S. Staniford-Chen, R. Yip, D. Zerkle, The design of GrIDS: a graph-based intrusion detection system, Technical Report CSE-99-2, Department of Computer Science, University of California at Davis, Davis, CA, January 1999"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB5","unstructured":"T. Christiansen, Tom's object-oriented tutorial for Perl manual page included with the Perl 5 distribution, April 1998"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB6","unstructured":"Cisco Systems, Cisco netranger. Web page at http:\/\/www.wheelgroup.com\/univercd\/cc\/td\/doc\/pcat\/nerg.htm, accessed in May 2000"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB7","unstructured":"M. Crosbie, B. Dole, T. Ellis, I. Irsul, E. Spafford, IDIOT \u2013 Users Guide, COAST Laboratory, Purdue University, 1398 Computer Science Building, West Lafayette, IN 47907-1398. ftp:\/\/coast.cs.purdue.edu\/pub\/COAST\/papers\/IDIOT\/IDIOT_Users_Guide.ps, September 1996"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB8","unstructured":"M. Crosbie, E. Spafford, Defending a computer system using autonomous agents, Technical Report 95-022, COAST Laboratory, Department of Computer Sciences, Purdue University, West Lafayette, IN 47907-1398, March 1994"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB9","unstructured":"M. Crosbie, E. Spafford, Defending a computer system using autonomous agents, in: Proceedings of the 18th National Information Systems Security Conference, October 1995"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB10","unstructured":"M. Crosbie, G. Spafford, Active defense of a computer system using autonomous agents, Technical Report 95-008, COAST Group, Department of Computer Sciences, Purdue University, West Lafayette, IN 47907-1398, February 1995"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB11","unstructured":"D.E. Denning, D.L. Edwards, R. Jagannathan, T.F. Lunt, P.G. Neumann, A prototype IDES \u2013 a real-time intrusion detection expert system, Technical Report, Computer Science Laboratory, SRI International, 1987"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB12","unstructured":"D.E. Denning, P.G. Neumann, Requirements and model for IDES \u2013 a real-time instrusion detection system, Technical Report, Computer Science Laboratory, SRI International, August 1985"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB13","unstructured":"D. Farmer, W. Venema, Computer forensics analysis class handouts. Web page at http:\/\/www.fish.com\/forensics\/, accessed in May 2000, August 1999"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB14","unstructured":"W.M. Farmer, J.D. Guttman, V. Swarup, Security for mobile agents: issues and requirements, in: Proceedings of the 19th National Information Sytems Security Conference, vol. 2, National Institute of Standards and Technology, October 1996"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB15","doi-asserted-by":"crossref","unstructured":"R. Heady, G. Luger, A. Maccabe, M. Servilla, The architecture of a network level intrusion detection system, Technical Report, University of New Mexico, Department of Computer Science, August 1990","DOI":"10.2172\/425295"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB16","doi-asserted-by":"crossref","unstructured":"L. Heberlein, G. Dias, K. Levitt, B. Mukherjee, J. Wood, D. Wolber, A network security monitor, in: Proceedings of the IEEE Symposium on Research in Security and Privacy, May 1990","DOI":"10.1109\/RISP.1990.63859"},{"issue":"3","key":"10.1016\/S1389-1286(00)00136-5_BIB17","doi-asserted-by":"crossref","first-page":"235","DOI":"10.1016\/0167-4048(93)90110-Q","article-title":"NADIR: an automated system for detecting network intrusion and misuse","volume":"12","author":"Hochberg","year":"1993","journal-title":"Computers and Security"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB18","unstructured":"S.A. Hofmeyr, An immunological model of distributed detection and its application to computer security, Ph.D. thesis, University of New Mexico, May 1999"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB19","unstructured":"IEEE, IEEE Journal on Selected Areas in Communications (Special issue on Secure Communications), May 1989"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB20","doi-asserted-by":"crossref","unstructured":"G.H. Kim, E.H. Spafford, The design and implementataion of Tripwire: a file system integrity checker, in: J. Stern (Ed.), The Second ACM Conference on Computer and Communications Security, ACM Press, Fairfax, VA, November 1994","DOI":"10.1145\/191177.191183"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB21","unstructured":"S. Kumar, Classification and detection of computer intrusions, Ph.D. Thesis, Purdue University, West Lafayette, IN 47907, 1995"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB22","unstructured":"T.F. Lunt, R. Jagannathan, R. Lee, S. Listgarten, D.L. Edwards, P.G. Neumann, H.S. Javitz, A. Valdes, Development and application of IDES: a real-time intrusion detection expert system, Technical Report, SRI International, 1988"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB23","unstructured":"T.F. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, P.G. Neumann, H.S. Javitz, A. Valdes, T.D. Garvey, A real-time intrusion detection expert system (IDES) \u2013 Final Technical Report, Technical Report, SRI Computer Science Laboratory, SRI International, Melno Park, CA, February 1992"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB24","unstructured":"Merriam-Webster, Intrusion Merriam-Webster OnLine: WWWebster Dictionary. http:\/\/www.m-w.com\/dictionary, accessed on 16 May 1998"},{"issue":"3","key":"10.1016\/S1389-1286(00)00136-5_BIB25","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1109\/65.283931","article-title":"Network intrusion detection","volume":"8","author":"Mukherjee","year":"1994","journal-title":"IEEE Network"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB26","unstructured":"P.A. Porras, P.G. Neumann, EMERALD: Event monitoring enabling responses to anomalous live disturbances, in: Proceedings of the 20th National Information Systems Security Conference, National Institute of Standards and Technology, 1997"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB27","unstructured":"T.H. Ptacek, T.N. Newsham, Insertion, evasion, and denial of service: eluding network intrusion detection, Technical Report, Secure Networks, January 1998"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB28","unstructured":"E. Siever, D. Futato, Perl Module Reference, vol. 1&2, O'Reilly, Sebastopol, CA, included in the Perl Resource Kit, November 1997"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB29","unstructured":"S.R. Snapp, J. Brentano, G.V. Dias, T.L. Goan, L.T. Heberlein, C. Lin Ho, K.N. Levitt, B. Mukherjee, S.E. Smaha, T. Grance, D.M. Teal, D. Mansur, DIDS (distributed intrusion detection system) \u2013 motivation, architecture, and an early prototype, in: Proceedings of the 14th National Computer Security Conference, Washington, DC, October 1991"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB30","unstructured":"S.R. Snapp, S. Smaha, D.M. Teal, T. Grance, The DIDS (distributed intrusion detection system) prototype, in: Proceedings of the USENIX Summer 1992 Technical Conference, San Antonio, TX, June 1992"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB31","unstructured":"S. Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, D. Zerkle, GrIDS: a graph based intrusion detection system for large networks, in: Proceedings of the 19th National Information Systems Security Conference, vol. 1, National Institute of Standards and Technology, October 1996"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB32","unstructured":"K.M.C. Tan, D. Thompson, A.B. Ruighaver, Intrusion detection systems and a view to its forensic applications, Technical Report, Department of Computer Science, University of Melbourne, Parkville 3052, Australia. http:\/\/www.securityfocus.com\/data\/library\/idsforensics.ps"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB33","unstructured":"L. Wall, T. Christiansen, R.L. Schwartz, Programming Perl, 2nd ed., O'Reilly, Sebastopol, CA, September 1996"},{"key":"10.1016\/S1389-1286(00)00136-5_BIB34","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1109\/65.484228","article-title":"Cooperating security managers: a peer-based intrusion detection system","author":"White","year":"1996","journal-title":"IEEE Network"}],"container-title":["Computer Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128600001365?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128600001365?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2020,1,9]],"date-time":"2020-01-09T01:45:47Z","timestamp":1578534347000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1389128600001365"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2000,10]]},"references-count":34,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2000,10]]}},"alternative-id":["S1389128600001365"],"URL":"https:\/\/doi.org\/10.1016\/s1389-1286(00)00136-5","relation":{},"ISSN":["1389-1286"],"issn-type":[{"value":"1389-1286","type":"print"}],"subject":[],"published":{"date-parts":[[2000,10]]}}}