{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T01:54:54Z","timestamp":1729648494698,"version":"3.28.0"},"reference-count":39,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008,11]]},"DOI":"10.1109\/icdim.2008.4746821","type":"proceedings-article","created":{"date-parts":[[2009,1,16]],"date-time":"2009-01-16T15:29:46Z","timestamp":1232119786000},"page":"334-339","source":"Crossref","is-referenced-by-count":1,"title":["NIDS based on payload word frequencies and anomaly of transitions"],"prefix":"10.1109","author":[{"given":"Sasa","family":"Mrdovic","sequence":"first","affiliation":[]},{"given":"Branislava","family":"Perunicic","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"doi-asserted-by":"publisher","key":"19","DOI":"10.1109\/HICSS.2007.75"},{"key":"35","doi-asserted-by":"crossref","DOI":"10.1007\/3-540-39945-3_10","article-title":"the 1998 lincoln lab ids evaluation- a critique","author":"mchugh","year":"2000","journal-title":"3rd International Workshop on Recent Advances in Intrusion Detection (RAID)"},{"key":"17","article-title":"polymorphic worm detection using structural information of executables","author":"kruegel","year":"2005","journal-title":"8th International Symposium on Recent Advances in Intrusion Detection (RAID)"},{"doi-asserted-by":"publisher","key":"36","DOI":"10.1145\/382912.382923"},{"doi-asserted-by":"publisher","key":"18","DOI":"10.1109\/TDSC.2008.30"},{"doi-asserted-by":"publisher","key":"33","DOI":"10.1109\/DISCEX.2000.821506"},{"key":"15","article-title":"a fast static analysis approach to detect exploit code inside network flows","author":"chinchani","year":"2005","journal-title":"8th International Symposium on Recent Advances in Intrusion Detection (RAID)"},{"doi-asserted-by":"publisher","key":"34","DOI":"10.1016\/S1389-1286(00)00139-0"},{"key":"16","article-title":"stride: polymorphic sled detection through instruction sequence analysis","author":"akritidis","year":"2005","journal-title":"20th IFIP International Information Security Conference"},{"doi-asserted-by":"publisher","key":"39","DOI":"10.1109\/NETWKS.2008.4763730"},{"key":"13","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-30143-1_11","article-title":"anomalous payload-based network intrusion detection","author":"wang","year":"2004","journal-title":"7th International Symposium on Recent Advances in Intrusion Detection (RAID)"},{"key":"14","article-title":"anomalous payload-based worm detection and signature generation","author":"wang","year":"2005","journal-title":"8th International Symposium on Recent Advances in Intrusion Detection (RAID)"},{"doi-asserted-by":"publisher","key":"37","DOI":"10.1145\/1128817.1128824"},{"doi-asserted-by":"publisher","key":"11","DOI":"10.1145\/586143.586146"},{"key":"38","first-page":"229","article-title":"snort-lightweight intrusion detection for networks","author":"roesch","year":"1999","journal-title":"1999 USENIX LISA Systems Administration Conference"},{"doi-asserted-by":"publisher","key":"12","DOI":"10.1145\/967900.967988"},{"key":"21","first-page":"17","article-title":"polymorphic blending attacks","volume":"15","author":"fogla","year":"2006","journal-title":"15th conference on USENIX Security Symposium"},{"year":"2005","author":"kolesnikov","journal-title":"Advanced Polymorphic Worms Evading IDS by Blending in with Normal Traffic","key":"20"},{"key":"22","doi-asserted-by":"crossref","first-page":"274","DOI":"10.1007\/3-540-36084-0_15","article-title":"accurate buffer overflow detection via abstract pay load execution","author":"toth","year":"2002","journal-title":"Recent Advances in Intrusion Detection (RAID)"},{"doi-asserted-by":"publisher","key":"23","DOI":"10.1109\/ICAC.2008.25"},{"key":"24","article-title":"boundary detection in tokenizing network application payload for anomaly detection","author":"vargiya","year":"2003","journal-title":"Workshop on Data Mining for Computer Security"},{"key":"25","doi-asserted-by":"crossref","first-page":"226","DOI":"10.1007\/11856214_12","article-title":"anagram: a content anomaly detector resistant to mimicry attack","author":"wang","year":"2006","journal-title":"Recent Advances in Intrusion Detection (RAID)"},{"doi-asserted-by":"publisher","key":"26","DOI":"10.1007\/s11416-006-0030-0"},{"doi-asserted-by":"publisher","key":"27","DOI":"10.1145\/948143.948144"},{"doi-asserted-by":"publisher","key":"28","DOI":"10.1016\/j.comnet.2005.01.009"},{"key":"29","article-title":"using generalization and characterization techniques in the anomaly-based detection of web attacks","author":"robertson","year":"2006","journal-title":"13th Symposium on Network and Distributed System Security (NDSS)"},{"year":"2008","journal-title":"IronPort and Cisco","key":"3"},{"year":"0","key":"2"},{"doi-asserted-by":"publisher","key":"10","DOI":"10.1145\/952589.952601"},{"doi-asserted-by":"publisher","key":"1","DOI":"10.1109\/TSE.1987.232894"},{"doi-asserted-by":"publisher","key":"30","DOI":"10.1016\/j.comnet.2006.09.016"},{"year":"0","journal-title":"National Vulnerability Database Home","key":"7"},{"key":"6","first-page":"541","article-title":"on the infeasibility of modeling polymorphic shellcode","author":"song","year":"2007","journal-title":"14th ACM Conference on Computer and Communications Security"},{"key":"32","first-page":"2007","article-title":"comparing anomaly detection techniques for http","author":"ingham","year":"2007","journal-title":"Conference on Recent Advances in Intrusion Detection (RAID)"},{"year":"0","key":"5"},{"year":"0","journal-title":"SANS Top-20 2007 Security Risks (2007 Annual Update)","key":"31"},{"year":"0","key":"4"},{"doi-asserted-by":"publisher","key":"9","DOI":"10.1145\/508791.508835"},{"key":"8","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1145\/1278940.1278945","article-title":"challenging the anomaly detection paradigm: a provocative discussion","author":"gates","year":"2006","journal-title":"2006 workshop on New security paradigms"}],"event":{"name":"2008 Third International Conference on Digital Information Management (ICDIM)","start":{"date-parts":[[2008,11,13]]},"location":"London, United Kingdom","end":{"date-parts":[[2008,11,16]]}},"container-title":["2008 Third International Conference on Digital Information Management"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/4733742\/4746691\/04746821.pdf?arnumber=4746821","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,9]],"date-time":"2024-03-09T06:08:05Z","timestamp":1709964485000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/4746821\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,11]]},"references-count":39,"URL":"https:\/\/doi.org\/10.1109\/icdim.2008.4746821","relation":{},"subject":[],"published":{"date-parts":[[2008,11]]}}}