{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T10:45:56Z","timestamp":1756896356758,"version":"3.28.0"},"reference-count":27,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1109\/secpri.2004.1301324","type":"proceedings-article","created":{"date-parts":[[2004,6,10]],"date-time":"2004-06-10T10:19:45Z","timestamp":1086862785000},"page":"194-208","source":"Crossref","is-referenced-by-count":26,"title":["Formalizing sensitivity in static analysis for intrusion detection"],"prefix":"10.1109","author":[{"family":"Henry Hanping Feng","sequence":"first","affiliation":[]},{"given":"J.T.","family":"Giffin","sequence":"additional","affiliation":[]},{"family":"Yong Huang","sequence":"additional","affiliation":[]},{"given":"S.","family":"Jha","sequence":"additional","affiliation":[]},{"family":"Wenke Lee","sequence":"additional","affiliation":[]},{"given":"B.P.","family":"Miller","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2001.924295"},{"key":"17","article-title":"Insertion, evasion, and denial of service: Eluding network intrusion detection","author":"ptacek","year":"1998","journal-title":"Technical Report"},{"journal-title":"Model-checking Pushdown Systems","year":"2002","author":"schwoon","key":"18"},{"key":"15","article-title":"Automated audit trail analysis and intrusion detection: A survey","author":"lunt","year":"1988","journal-title":"11th National Computer Security Conference (NCSC)"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"13","article-title":"EEL: Machine independent executable editing","author":"larus","year":"1995","journal-title":"Proc ACM SIGPLAN Conf Programming Language Design and Implementation (PLDI)"},{"key":"14","article-title":"A data mining framework for building intrusion detection models","author":"lee","year":"1999","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.1994.367313"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1145\/322510.322526"},{"key":"21","article-title":"Hiding intrusions: From the abnormal to the normal and beyond","volume":"2578","author":"tan","year":"2002","journal-title":"5th International Workshop on Information Hiding LNCS #2578"},{"key":"20","first-page":"54","article-title":"Undermining an anomaly-based intrusion detection system using common exploits","volume":"2516","author":"tan","year":"2002","journal-title":"Recent Advances in Intrusion Detection (RAID) 2002 LNCS #2516"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1990.63857"},{"journal-title":"Static analysis and computer security New techniques for software assurance","year":"2000","author":"wagner","key":"23"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"27","first-page":"110","article-title":"Intrusion detection using variable-length audit trail patterns","volume":"1907","author":"wespi","year":"2000","journal-title":"Recent Advances in Intrusion Detection (RAID) 2000 LNCS #1907"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2003.1199328"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1109\/32.372146"},{"key":"1","first-page":"187","article-title":"Context-free grammars and pushdown storage","volume":"65","author":"chomsky","year":"1962","journal-title":"Quarterly Progress Report No 65"},{"key":"7","article-title":"Efficient context-sensitive intrusion detection","author":"giffin","year":"2004","journal-title":"11th Annual Network and Distributed Systems Security Symposium (NDSS)"},{"key":"6","article-title":"Detecting manipulated remote call streams","author":"giffin","year":"2002","journal-title":"11th USENIX Security Symposium"},{"key":"5","article-title":"Learning program behavior profiles for intrusion detection","author":"ghosh","year":"1999","journal-title":"Proc 1st USENIX Workshop Intrusion Detection Network Monitoring"},{"key":"4","article-title":"Model-based intrusion detection","author":"garvey","year":"1991","journal-title":"14th National Computer Security Conference (NCSC)"},{"journal-title":"Introduction to Automata Theory Languages and Computation","year":"2001","author":"hopcroft","key":"9"},{"key":"8","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","article-title":"Intrusion detection system using sequences of system calls","volume":"6","author":"hofmeyr","year":"1998","journal-title":"Journal of Computer Security"}],"event":{"name":"IEEE Symposium on Security and Privacy, 2004. 2004","location":"Berkeley, CA, USA"},"container-title":["IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/9120\/28916\/01301324.pdf?arnumber=1301324","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,5,30]],"date-time":"2018-05-30T11:08:30Z","timestamp":1527678510000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/1301324\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"references-count":27,"URL":"https:\/\/doi.org\/10.1109\/secpri.2004.1301324","relation":{},"subject":[]}}