{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T13:10:31Z","timestamp":1771679431485,"version":"3.50.1"},"reference-count":26,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009,3]]},"DOI":"10.1109\/cicybs.2009.4925101","type":"proceedings-article","created":{"date-parts":[[2009,5,19]],"date-time":"2009-05-19T19:53:08Z","timestamp":1242762788000},"page":"136-143","source":"Crossref","is-referenced-by-count":7,"title":["Generating mimicry attacks using genetic programming: A benchmarking study"],"prefix":"10.1109","author":[{"given":"H.","family":"Gunes Kayacik","sequence":"first","affiliation":[]},{"given":"A. Nur","family":"Zincir-Heywood","sequence":"additional","affiliation":[]},{"given":"Malcolm I.","family":"Heywood","sequence":"additional","affiliation":[]},{"given":"Stefan","family":"Burschka","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"19","first-page":"164","volume":"41","author":"baum","year":"1970","journal-title":"A Maximization Technique Occurring in the Statistical Analysis of Probabilistic Functions of Markov Chains Annuals of Mathematical Statistics"},{"key":"17","doi-asserted-by":"crossref","DOI":"10.1007\/11856214_2","article-title":"behavioral distance measurement using hidden markov models","author":"gao","year":"2006","journal-title":"In Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection (RAID 2006)"},{"key":"18","first-page":"144","article-title":"a fast automation-based method for detecting anomalous program behaviors","author":"sekar","year":"2001","journal-title":"Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy"},{"key":"15","article-title":"lookahead pairs and full sequences: a tale of two anomaly detection methods","author":"inoue","year":"2007","journal-title":"2nd Annual Symposium on Information Assurance (academic track of the 10th NYS Cyber Security Conference)"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1016\/S0031-3203(02)00026-2"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"14","article-title":"operating system stability and security through process homeostasis","author":"somayaji","year":"2002","journal-title":"Doctoral Thesis UMI Order Number AAI3058952"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-71805-5_2"},{"key":"12","article-title":"genetic programming: an introduction","author":"banzhaf","year":"1998","journal-title":"Morgan Kaufmann"},{"key":"21","year":"2006"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/CNSR.2005.35"},{"key":"22","year":"0","journal-title":"SecurityFocus Vulnerability archives LBNL Traceroute Heap Corruption Vulnerability"},{"key":"23","year":"0","journal-title":"SecurityFocus Vulnerability archives RedHat Linux restore Insecure Environment Variables Vulnerability"},{"key":"24","year":"0","journal-title":"SecurityFocus Vulnerability archives Samba 'call-trans2open' Remote Buffer Overflow Vulnerability"},{"key":"25","year":"0","journal-title":"SecurityFocus Vulnerability archives Wu-Ftpd Remote Format String Stack Overwrite Vulnerability"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1162\/106365602760234117"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030088"},{"key":"2","first-page":"374","author":"mutz","year":"2003","journal-title":"An Experience Developing an IDS Stimulator for the Black-Box Testing of Network Intrusion Detection Systems 19th Annual Computer Security Applications Conference"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1145\/1143997.1144271"},{"key":"1","author":"ptacek","year":"1998","journal-title":"Insertion Evasion and Denial of Service Eluding Network Intrusion Detection Technical Report"},{"key":"7","first-page":"717","article-title":"automating mimicry attacks using static binary analysis","author":"kruegel","year":"2005","journal-title":"USENIX Security Symposium"},{"key":"6","first-page":"54","article-title":"undermining an anomaly-based intrusion detection system using common exploits","author":"tan","year":"2002","journal-title":"RAID'2002 LNCS 2516"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.23"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806130"},{"key":"8","first-page":"1","author":"tan","year":"2002","journal-title":"Hiding Intrusions From the Abnormal to the Normal and Beyond Symposium on Information Hiding"}],"event":{"name":"2009 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)","location":"Nashville, TN, USA","start":{"date-parts":[[2009,3,30]]},"end":{"date-parts":[[2009,4,2]]}},"container-title":["2009 IEEE Symposium on Computational Intelligence in Cyber Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/4910763\/4925076\/04925101.pdf?arnumber=4925101","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,18]],"date-time":"2017-06-18T20:02:37Z","timestamp":1497816157000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/4925101\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,3]]},"references-count":26,"URL":"https:\/\/doi.org\/10.1109\/cicybs.2009.4925101","relation":{},"subject":[],"published":{"date-parts":[[2009,3]]}}}