{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,3]],"date-time":"2024-09-03T16:51:27Z","timestamp":1725382287233},"reference-count":30,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,11]]},"DOI":"10.1109\/milcom.2016.7795459","type":"proceedings-article","created":{"date-parts":[[2016,12,26]],"date-time":"2016-12-26T16:49:56Z","timestamp":1482770996000},"page":"988-997","source":"Crossref","is-referenced-by-count":0,"title":["MART: Targeted attack detection on a compromised network"],"prefix":"10.1109","author":[{"given":"Jack W.","family":"Stokes","sequence":"first","affiliation":[]},{"given":"Himanshu","family":"Chandola","sequence":"additional","affiliation":[]},{"given":"Christian","family":"Seifert","sequence":"additional","affiliation":[]},{"given":"Tim","family":"Burrell","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/357830.357849"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(02)00514-X"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1967.1053964"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.14778\/1454159.1454166"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36084-0_4"},{"year":"0","key":"ref14","article-title":"Apt1 exposing one of china's cyber espionage units"},{"article-title":"A survey of intrusion detection systems","year":"2002","author":"brown","key":"ref15"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2661172.2661186"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"ref18","article-title":"Snort - Lightweight Intrusion Detection for Networks","author":"roesch","year":"1999","journal-title":"Proc USENIX Systems Administration Conf (LISA 99)"},{"key":"ref19","first-page":"50","article-title":"Learning Patterns from Unix Process Execution Traces for Intrusion Detection","author":"lee","year":"1999","journal-title":"Proceedings of AAAI Workshop on AI Methods in Fraud and Risk Management"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660282"},{"article-title":"Recent cyberattacks","year":"2013","author":"thomlinson","key":"ref4"},{"key":"ref27","first-page":"246","article-title":"Improved consistent sampling, weighted minhash and 11 sketching","author":"ioffe","year":"2010","journal-title":"Proc IEEE Int Conf Data Mining (ICDM)"},{"year":"2014","key":"ref3","article-title":"Mitigating pass-the-hash and other credential theft, version 2"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.33"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.5244\/C.22.50"},{"key":"ref5","article-title":"Scalable, behavior-based malware clustering","author":"bayer","year":"0","journal-title":"Proceedings Annual Network and Distributed System Security Symposium (NDSS) 2009"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046742"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/2523514.2523596"},{"journal-title":"Mining of Massive Datasets","year":"2014","author":"rajaraman","key":"ref9"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2013.6596053"},{"key":"ref20","first-page":"120","article-title":"A Data Mining Framework for Building Intrusion Detection Models","author":"lee","year":"1999","journal-title":"Proc IEEE Symposium on Security and Privacy (SP)"},{"key":"ref22","article-title":"Automated response using system-call delays","author":"somayaji","year":"2000","journal-title":"Proceedings of the USENIX Security Symposium"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"ref24","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1007\/3-540-45474-8_6","article-title":"Aggregation and Correlation of Intrusion-Detection Alerts","author":"debar","year":"2001","journal-title":"Proceedings of Recent Advances in Intrusion Detection (RAID)"},{"key":"ref23","first-page":"85","article-title":"Intrusion detection with unlabeled data using clustering","author":"portnoy","year":"2001","journal-title":"Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA)"},{"key":"ref26","doi-asserted-by":"crossref","first-page":"630","DOI":"10.1006\/jcss.1999.1690","article-title":"Min-wise independent permutations","author":"brode","year":"2000","journal-title":"J Computer and System Sciences"},{"key":"ref25","first-page":"21","article-title":"On the resemblance and containment of documents","author":"brode","year":"1997","journal-title":"Proc Compression and Complexity of SEQUENCES 97"}],"event":{"name":"MILCOM 2016 - 2016 IEEE Military Communications Conference (MILCOM)","start":{"date-parts":[[2016,11,1]]},"location":"Baltimore, MD, USA","end":{"date-parts":[[2016,11,3]]}},"container-title":["MILCOM 2016 - 2016 IEEE Military Communications Conference"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7784513\/7795145\/07795459.pdf?arnumber=7795459","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,16]],"date-time":"2019-09-16T19:52:53Z","timestamp":1568663573000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7795459\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,11]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/milcom.2016.7795459","relation":{},"subject":[],"published":{"date-parts":[[2016,11]]}}}