{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,30]],"date-time":"2025-10-30T01:52:28Z","timestamp":1761789148693,"version":"3.28.0"},"reference-count":30,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,6]]},"DOI":"10.1109\/cycon.2014.6916403","type":"proceedings-article","created":{"date-parts":[[2014,10,8]],"date-time":"2014-10-08T21:36:10Z","timestamp":1412804170000},"page":"191-206","source":"Crossref","is-referenced-by-count":10,"title":["Towards multi-layered intrusion detection in high-speed networks"],"prefix":"10.1109","author":[{"given":"Mario","family":"Golling","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rick","family":"Hofstede","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Robert","family":"Koch","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1109\/CNSM.2013.6727841"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1145\/948187.948190"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2004.06.011"},{"key":"15","first-page":"7011","article-title":"Specifi cation of the IP flow information export (IPFIX) protocol for the exchange of flow information","author":"claise","year":"2013","journal-title":"RFC"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2008.4483667"},{"key":"13","doi-asserted-by":"crossref","first-page":"361","DOI":"10.1007\/BF02994844","article-title":"A revised taxonomy for intrusion-detection systems","volume":"55","author":"debar","year":"2000","journal-title":"Annales des T\ufffdl\ufffdcommunications"},{"journal-title":"Intrusion Detection Systems A Survey and Taxonomy","year":"2000","author":"axelsson","key":"14"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/ICSMC.2009.5345951"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(98)00017-6"},{"key":"21","first-page":"81","article-title":"Advanced algorithms for fast and scalable deep packet inspection","author":"kumar","year":"2016","journal-title":"Proceedings of the 2006 ACM\/IEEE symposium on Architecture for networking and communications systems"},{"key":"20","article-title":"Requirements for a future EWS-cyber defence in the internet of the future","author":"golling","year":"2011","journal-title":"Proceedings of the 3rd International Conference on Cyber Confl Ict (ICCC)"},{"key":"22","article-title":"Cisco systems netflow services export version 9","volume":"3954","author":"claise","year":"2004","journal-title":"RFC"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2009.10.021"},{"key":"24","article-title":"Evaluation of state of the art IDS message exchange protocols","author":"koch","year":"2013","journal-title":"International Conference on Communication and Network Security (ICCNS)"},{"key":"25","doi-asserted-by":"crossref","first-page":"86","DOI":"10.1007\/978-3-642-30633-4_11","article-title":"SSHCure: A flow-based SSH intrusion detection system","volume":"7279","author":"hellemons","year":"2012","journal-title":"Lecture Notes in Computer Science"},{"key":"26","article-title":"Advanced geolocation of IP addresses","author":"koch","year":"2013","journal-title":"International Conference on Communication and Network Security (ICCNS)"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-03584-0_12"},{"journal-title":"Lib Idmef","year":"0","key":"28"},{"key":"29","article-title":"Architecture for evaluating and correlating NIDS in real-world networks","author":"koch","year":"2013","journal-title":"Proceedings of the 5th International Conference on Cyber Confl Ict (CyCon)"},{"journal-title":"WorldWide Infrastructure Security Report","year":"0","key":"3"},{"journal-title":"Worldwide ISP Security Report","year":"0","key":"2"},{"key":"10","article-title":"A common language for computer security incidents","author":"howard","year":"1998","journal-title":"Sandia Tech Rep SAND98-8667"},{"journal-title":"Can A DDoS Break the Internet? Sure Just Not All of It","year":"0","key":"1"},{"key":"30","article-title":"From just-in-time intrusion detection to pro-active response by means of collaborated cross-domain multilayered intrusion detection","author":"golling","year":"0","journal-title":"9th International Conference on Cyber Warfare and Security ICCWS-2014"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2010.032210.00054"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04117-4_9"},{"journal-title":"Worldwide Infrastructure Security Report-2012 Volume VIII","year":"0","key":"5"},{"journal-title":"Worldwide Infrastructure Security Report-2011 Volume VII","year":"0","key":"4"},{"key":"9","first-page":"1","article-title":"Attack trends in present computer networks","author":"koch","year":"2012","journal-title":"Proceedings of the 4th International Conference on Cyber Confl Ict (CyCon)"},{"key":"8","first-page":"49","article-title":"Anomaly detection and mitigation at internet scale: A survey","author":"steinberger","year":"2013","journal-title":"Lecture Notes in Computer Science Vol 7943 Springer Berlin Heidelberg"}],"event":{"name":"2014 6th International Conference on Cyber Conflict (CyCon)","start":{"date-parts":[[2014,6,3]]},"location":"Tallinn, Estonia","end":{"date-parts":[[2014,6,6]]}},"container-title":["2014 6th International Conference On Cyber Conflict (CyCon 2014)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6876058\/6916383\/06916403.pdf?arnumber=6916403","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,19]],"date-time":"2022-04-19T15:39:12Z","timestamp":1650382752000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6916403\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,6]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/cycon.2014.6916403","relation":{},"subject":[],"published":{"date-parts":[[2014,6]]}}}