{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T08:56:43Z","timestamp":1767085003120,"version":"3.28.0"},"reference-count":27,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2007,7]]},"DOI":"10.1109\/icif.2007.4408131","type":"proceedings-article","created":{"date-parts":[[2008,1,4]],"date-time":"2008-01-04T20:29:00Z","timestamp":1199478540000},"page":"1-7","source":"Crossref","is-referenced-by-count":6,"title":["Terrain and behavior modeling for projecting multistage cyber attacks"],"prefix":"10.1109","author":[{"given":"Daniel","family":"Fava","sequence":"first","affiliation":[]},{"given":"Jared","family":"Holsopple","sequence":"additional","affiliation":[]},{"given":"Shanchieh Jay","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Brian","family":"Argauer","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"doi-asserted-by":"publisher","key":"ref10","DOI":"10.1109\/MILCOM.2005.1605934"},{"year":"1991","journal-title":"Data Fusion Lexicon","article-title":"Technical panel for C3","key":"ref11"},{"doi-asserted-by":"publisher","key":"ref12","DOI":"10.1109\/5.554205"},{"key":"ref13","first-page":"1218","article-title":"Revisions and extensions to the JDL data fusion model II","author":"llinas","year":"2004","journal-title":"Proceedings of the 7th International Conference on Information Fusion"},{"doi-asserted-by":"publisher","key":"ref14","DOI":"10.1145\/310889.310919"},{"key":"ref15","article-title":"Using vulnerability trees for decision making in threat assessment","author":"vidalis","year":"2003","journal-title":"University of Glamorgan School of Computing Tech Rep CS-03-2"},{"doi-asserted-by":"publisher","key":"ref16","DOI":"10.1117\/12.604240"},{"key":"ref17","article-title":"Attack plan recognition and prediction using causal networks","author":"qin","year":"2004","journal-title":"Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04)"},{"key":"ref18","article-title":"TANDI: Threat assessment for networked data and information","volume":"6242","author":"holsopple","year":"2006","journal-title":"Proceedings of SPIE Defense and Security Symposium"},{"year":"1990","author":"bell","journal-title":"Text Compression","key":"ref19"},{"doi-asserted-by":"publisher","key":"ref4","DOI":"10.1145\/586143.586144"},{"doi-asserted-by":"publisher","key":"ref27","DOI":"10.1109\/IAW.2006.1652097"},{"doi-asserted-by":"publisher","key":"ref3","DOI":"10.1109\/SECPRI.2002.1004372"},{"doi-asserted-by":"publisher","key":"ref6","DOI":"10.1145\/996943.996947"},{"doi-asserted-by":"publisher","key":"ref5","DOI":"10.1109\/TDSC.2004.21"},{"key":"ref8","first-page":"114","article-title":"Situational awareness of a coordinated cyber attack","author":"sudit","year":"2005","journal-title":"Proceedings of SPIE Defense and Security Symposium"},{"key":"ref7","first-page":"360","article-title":"Alert correlation through triggering events and common resources","author":"xu","year":"2004","journal-title":"Proceedings of 20th Annual Computer Security Applications Conference"},{"key":"ref2","doi-asserted-by":"crossref","DOI":"10.1007\/3-540-45474-8_4","article-title":"Probabilistic alert correlation","author":"valdes","year":"2001","journal-title":"Recent Advances in Intrusion Detection (RAID 2001) ser Lecture Notes in Computer Science"},{"key":"ref9","article-title":"Enriching intrusion alerts through multi-host causality","author":"king","year":"2005","journal-title":"Proceedings of the 2005 Network and Distributed System Security Symposium (NDSS'05)"},{"doi-asserted-by":"publisher","key":"ref1","DOI":"10.1145\/332051.332079"},{"key":"ref20","article-title":"Context-based intrusion detection using Snort, Nessus and Bugtraq databases","author":"massicotte","year":"2005","journal-title":"Proceedings of the Third Annual Conference on Privacy Security and Trust Fredericton"},{"year":"2006","journal-title":"Tenable Network Security Inc","article-title":"Nessus vulnerability scanner","key":"ref22"},{"year":"2006","article-title":"Snort: an open source network intrusion prevention and detection system","key":"ref21"},{"year":"2007","journal-title":"MITRE","article-title":"Common vulnerabilities and exposures (CVE dictionary)","key":"ref24"},{"year":"2006","journal-title":"SecurityFocus","article-title":"Bugtraq vulnerability database","key":"ref23"},{"key":"ref26","doi-asserted-by":"crossref","first-page":"385","DOI":"10.1613\/jair.1491","article-title":"On prediction using variable order markov models","volume":"22","author":"begleiter","year":"2004","journal-title":"Journal of Artificial Intelligence"},{"year":"2006","journal-title":"Insecure com","article-title":"Nmap (Network Mapper): a free open source utility for network exploration or security auditing","key":"ref25"}],"event":{"name":"10th Conference of the International Society of Information Fusion","start":{"date-parts":[[2007,7,9]]},"location":"Quebec, Que.","end":{"date-parts":[[2007,7,12]]}},"container-title":["2007 10th International Conference on Information Fusion"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/4407957\/4407958\/04408131.pdf?arnumber=4408131","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,7]],"date-time":"2020-02-07T08:36:21Z","timestamp":1581064581000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/4408131\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,7]]},"references-count":27,"URL":"https:\/\/doi.org\/10.1109\/icif.2007.4408131","relation":{},"subject":[],"published":{"date-parts":[[2007,7]]}}}