{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,29]],"date-time":"2024-10-29T14:19:18Z","timestamp":1730211558184,"version":"3.28.0"},"reference-count":43,"publisher":"IEEE","license":[{"start":{"date-parts":[[2021,7,26]],"date-time":"2021-07-26T00:00:00Z","timestamp":1627257600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2021,7,26]],"date-time":"2021-07-26T00:00:00Z","timestamp":1627257600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2021,7,26]],"date-time":"2021-07-26T00:00:00Z","timestamp":1627257600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,7,26]]},"DOI":"10.1109\/csr51186.2021.9527923","type":"proceedings-article","created":{"date-parts":[[2021,9,6]],"date-time":"2021-09-06T17:35:06Z","timestamp":1630949706000},"page":"396-402","source":"Crossref","is-referenced-by-count":5,"title":["Frankenstack: Real-time Cyberattack Detection and Feedback System for Technical Cyber Exercises"],"prefix":"10.1109","author":[{"given":"Mauno","family":"Pihelgas","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Markus","family":"Kont","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","article-title":"Finding the Bad Guys, Yes Really","author":"leblond","year":"2017","journal-title":"SuriCon 2017"},{"article-title":"Finding the Bad Guys, Yes Really","year":"2017","author":"leblond","key":"ref38"},{"journal-title":"IDS for logs Towards implementing a streaming Sigma rule engine","year":"2020","author":"kont","key":"ref33"},{"article-title":"Sigma rule engine","year":"2020","author":"kont","key":"ref32"},{"year":"2021","key":"ref31","article-title":"The Go Programming Language"},{"article-title":"Sigma","year":"2021","author":"roth","key":"ref30"},{"year":"2020","key":"ref37","article-title":"Emerging Threats rules"},{"year":"2021","key":"ref36","article-title":"Kibana"},{"year":"2021","key":"ref35","article-title":"Att&ck navigator"},{"article-title":"Alerta","year":"2021","author":"satterly","key":"ref34"},{"key":"ref10","article-title":"From Simple Scoring Towards a Meaningful Interpretation of Learning in Cybersecurity Exercises","author":"ernits","year":"2020","journal-title":"ICCWS 2020 15th International Conference on Cyber Warfare and Security"},{"year":"2018","key":"ref40","article-title":"Cyber deception & NATO red teams"},{"key":"ref11","article-title":"From Text Mining to Evidence Team Learning in Cybersecurity Exercises","author":"maennel","year":"2020","journal-title":"Companion Proceedings 10th International Conference on Learning Analytics and Knowledge (LAK20)"},{"year":"2021","key":"ref12","article-title":"MITRE ATT&CK"},{"key":"ref13","article-title":"Utilizing MITRE ATT&CK to Create Adversary Reports of Live-Fire Cybersecurity Exercises for Feedback Purposes","author":"chmela?","year":"2020","journal-title":"Tech Rep"},{"year":"2021","key":"ref14","article-title":"Suricata"},{"year":"2021","key":"ref15","article-title":"Arkime"},{"year":"2021","key":"ref16","article-title":"Windows Sysinternals - Sysmon"},{"article-title":"sysmon-modular","year":"2021","author":"hartong","key":"ref17"},{"year":"2021","key":"ref18","article-title":"sysmon-config"},{"article-title":"Snoopy Logger","year":"2021","author":"jese","key":"ref19"},{"year":"2021","key":"ref28","article-title":"Logstash"},{"key":"ref4","first-page":"1","article-title":"Machine Learning-based Detection of C&C Channels with a Focus on the Locked Shields Cyber Defense Exercise","volume":"900","author":"k\u00e4nzig","year":"2019","journal-title":"2019 11th International Conference on Cyber Conflict (CyCon)"},{"year":"2021","key":"ref27","article-title":"The rocket-fast Syslog Server"},{"journal-title":"Mitigating Risks arising from False-Flag and No-Flag Cyber Attacks","year":"2015","author":"pihelgas","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/VIZSEC.2016.7739584"},{"year":"2020","key":"ref29","article-title":"Peek"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/WI.2018.00017"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2016.7795423"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/VIZSEC.2015.7312763"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2017.8170852"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-70290-2_8"},{"year":"2021","key":"ref1","article-title":"Crossed Swords Exercise"},{"year":"2021","key":"ref20","article-title":"Ansible"},{"year":"2021","key":"ref22","article-title":"syslog-ng"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-47560-8_6"},{"year":"2021","key":"ref42","article-title":"Stamus Networks at XS20"},{"year":"2021","key":"ref24","article-title":"Apache Kafka"},{"year":"2019","key":"ref41","article-title":"Greycortex supports Crossed Shields for second year"},{"year":"2021","key":"ref23","article-title":"Elasticsearch"},{"year":"2019","key":"ref26","article-title":"frankenSEC"},{"key":"ref43","first-page":"10?1","article-title":"EVE and ADAM: Situation Awareness Tools for NATO CCDCOE Cyber Exercises","author":"mel\u00f3n","year":"2018","journal-title":"STO-MP-SCI-300 Cyber Physical Security of Defense Systems"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/COGSIMA.2015.7108181"}],"event":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","start":{"date-parts":[[2021,7,26]]},"location":"Rhodes, Greece","end":{"date-parts":[[2021,7,28]]}},"container-title":["2021 IEEE International Conference on Cyber Security and Resilience (CSR)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9527731\/9527900\/09527923.pdf?arnumber=9527923","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,10]],"date-time":"2022-05-10T11:45:45Z","timestamp":1652183145000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9527923\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,26]]},"references-count":43,"URL":"https:\/\/doi.org\/10.1109\/csr51186.2021.9527923","relation":{},"subject":[],"published":{"date-parts":[[2021,7,26]]}}}