{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,8]],"date-time":"2026-06-08T23:30:01Z","timestamp":1780961401645,"version":"3.54.1"},"reference-count":38,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,11]]},"DOI":"10.1109\/issre.2013.6698896","type":"proceedings-article","created":{"date-parts":[[2014,1,6]],"date-time":"2014-01-06T12:09:09Z","timestamp":1389010149000},"page":"431-440","source":"Crossref","is-referenced-by-count":38,"title":["A host-based anomaly detection approach by representing system calls as states of kernel modules"],"prefix":"10.1109","author":[{"given":"Syed Shariyar","family":"Murtaza","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Wael","family":"Khreich","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Abdelwahab","family":"Hamou-Lhadj","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mario","family":"Couture","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"19","first-page":"103","article-title":"Enhancing system called-based intrusion detection with protocol context","author":"liu","year":"2011","journal-title":"Fifth Intl Conf on Emerging Security Information Systems and Technologies"},{"key":"17","first-page":"1","article-title":"Using system call information to reveal hidden attack manifestations","author":"larson","year":"2009","journal-title":"Proc of 1st International Workshop on Security and Communication Networks"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4615-4625-2"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2002.1007776"},{"key":"36","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2002.1017701"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2004.1378514"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2009.4804323"},{"key":"16","first-page":"111","article-title":"Multi-resolution abnormal trace detection using varied-length N-grams and automata","author":"jiang","year":"2005","journal-title":"Proc 2nd Intl Conf on Automatic Comp"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2009.05.004"},{"key":"14","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","article-title":"Intrusion detection using sequences of system calls","volume":"6","author":"hofmeyr","year":"1998","journal-title":"J Comput Security"},{"key":"37","doi-asserted-by":"publisher","DOI":"10.1016\/S0031-3203(02)00026-2"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/ICECCS.2005.57"},{"key":"38","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.05.007"},{"key":"12","first-page":"531","article-title":"A multi-layer model for anomaly intrusion detection using program sequences of system calls","author":"hoang","year":"2003","journal-title":"11th IEEE Conf on Network"},{"key":"21","year":"2012","journal-title":"Metasploit Pentration Testing Software"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2008.69"},{"key":"22","year":"2012"},{"key":"23","year":"2012","journal-title":"National Vulnerability Database"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM.2003.1250987"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2007.02.001"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1109\/5.18626"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1145\/382912.382914"},{"key":"28","author":"tandon","year":"2008","journal-title":"Machine Learning for Host-based Anomaly Detection"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806130"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.12"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/ICET.2009.5353204"},{"key":"1","first-page":"385","article-title":"Performance analysis of of artifical neural network intrusion detection systems","author":"abdel-azim","year":"2009","journal-title":"Intl Conf on Electrical and Elctronics Engineering"},{"key":"10","article-title":"Techniques to simplify the analysis of execution traces for program comprehension","author":"hamou-lhadj","year":"2006","journal-title":"School of Information Technology and Engineering (SITE) University of Ottawa"},{"key":"30","article-title":"R: A language and environment for statistical computing","year":"2011","journal-title":"R Foundation for Statistical Computing"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"6","article-title":"Clustering and visualizing study state sequences","author":"desmarais","year":"2013","journal-title":"Proc Educational Data Mining Conf"},{"key":"32","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1007\/3-540-39945-3_6","article-title":"Adaptive, model-based monitoring for cyber attack detection","author":"valdes","year":"2000","journal-title":"Proc of 3rd Intl Workshop on Recent Advances in Intrusion Detection LNCS"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2013.13"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(03)00112-3"},{"key":"31","year":"1998","journal-title":"University of New Mexico Dataset"},{"key":"9","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1007\/3-540-39945-3_7","article-title":"A real-time intrusion detection system based on learning program behavior","author":"ghosh","year":"2000","journal-title":"Proc of the Third Intl Workshop on Recent Advances in Intrusion Detection"},{"key":"8","doi-asserted-by":"crossref","first-page":"1","DOI":"10.18637\/jss.v040.i04","article-title":"Analyzing and visualizing state sequences in R with traminer","volume":"40","author":"gabadinho","year":"2011","journal-title":"Journal of Statistical Software"}],"event":{"name":"2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE)","location":"Pasadena, CA, USA","start":{"date-parts":[[2013,11,4]]},"end":{"date-parts":[[2013,11,7]]}},"container-title":["2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6689494\/6698873\/06698896.pdf?arnumber=6698896","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,5]],"date-time":"2019-08-05T18:22:32Z","timestamp":1565029352000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6698896\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,11]]},"references-count":38,"URL":"https:\/\/doi.org\/10.1109\/issre.2013.6698896","relation":{},"subject":[],"published":{"date-parts":[[2013,11]]}}}