{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:55:28Z","timestamp":1750308928687,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":17,"publisher":"ACM","license":[{"start":{"date-parts":[[2003,10,31]],"date-time":"2003-10-31T00:00:00Z","timestamp":1067558400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2003,10,31]]},"DOI":"10.1145\/1036921.1036932","type":"proceedings-article","created":{"date-parts":[[2005,1,30]],"date-time":"2005-01-30T17:55:16Z","timestamp":1107107716000},"page":"99-104","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Continual repair for windows using the event log"],"prefix":"10.1145","author":[{"given":"James C.","family":"Reynolds","sequence":"first","affiliation":[{"name":"Teknowledge Corporation, VA"}]},{"given":"Lawrence A.","family":"Clough","sequence":"additional","affiliation":[{"name":"Teknowledge Corporation, VA"}]}],"member":"320","published-online":{"date-parts":[[2003,10,31]]},"reference":[{"volume-title":"Proceedings of the 2000 DARPA Information Survivability Conference and EXhibition (DISCEX)","year":"2000","author":"Balzer B.","key":"e_1_3_2_1_1_1"},{"volume-title":"IN.","year":"1998","author":"Daniels","key":"e_1_3_2_1_2_1"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_3_2_1_5_1","unstructured":"Department of Defense Trusted Security Evaluation Criteria DOD 5200.28-STD Library No. S225 711 December 1985.  Department of Defense Trusted Security Evaluation Criteria DOD 5200.28-STD Library No. S225 711 December 1985."},{"key":"e_1_3_2_1_6_1","unstructured":"Graff I. and R. Lippmann \"Results of DARPA 1998 Offline Intrusion Detection Evaluation \" 1998 Intrusion Detection DARPA ID PI Meeting December 1998. URL http:\/\/www.li.mit.edu\/IST\/ideval\/results-html-dir\/sld001.htm.  Graff I. and R. Lippmann \"Results of DARPA 1998 Offline Intrusion Detection Evaluation \" 1998 Intrusion Detection DARPA ID PI Meeting December 1998. URL http:\/\/www.li.mit.edu\/IST\/ideval\/results-html-dir\/sld001.htm."},{"volume-title":"3rd Workshop on Recent Advances in Intrusion Detection","year":"2000","author":"Julisch K.","key":"e_1_3_2_1_7_1"},{"key":"e_1_3_2_1_8_1","unstructured":"Kuperman Benjamin A. and Eugene H. Spafford. Generation of application level audit data via library interposition. CERIAS TR 99-11 COAST Laboratory Purdue University West Lafayette IN. October 1998.  Kuperman Benjamin A. and Eugene H. Spafford. Generation of application level audit data via library interposition. CERIAS TR 99-11 COAST Laboratory Purdue University West Lafayette IN. October 1998."},{"volume-title":"Oakland CA","year":"1999","author":"Lindqvist U.","key":"e_1_3_2_1_9_1"},{"key":"e_1_3_2_1_10_1","first-page":"623","volume-title":"Proceedings of the International Conference on Dependable Systems and Networks","author":"Maxion R. A.","year":"2000"},{"key":"e_1_3_2_1_11_1","unstructured":"Mayer Frank L. et al. Final Evaluation Report Windows NT National Computer Security Center CSC-FER-95\/003 Library No. 243 073 Ft. George Meade Maryland April 1996. There is a later Final Evaluation Report for NT 4.  Mayer Frank L. et al. Final Evaluation Report Windows NT National Computer Security Center CSC-FER-95\/003 Library No. 243 073 Ft. George Meade Maryland April 1996. There is a later Final Evaluation Report for NT 4."},{"key":"e_1_3_2_1_12_1","unstructured":"Microsoft Corporation \"Windows 2000 Security Event Descriptions \" http:\/\/support.microsoft.com\/support\/kb\/articles\/Q299\/4\/75.ASP.  Microsoft Corporation \"Windows 2000 Security Event Descriptions \" http:\/\/support.microsoft.com\/support\/kb\/articles\/Q299\/4\/75.ASP."},{"key":"e_1_3_2_1_13_1","unstructured":"Murray J. D. Windows NT Event Logging O'Reilly and Associates Inc. Sebastopol CA: 1998.   Murray J. D. Windows NT Event Logging O'Reilly and Associates Inc. Sebastopol CA: 1998."},{"key":"e_1_3_2_1_14_1","unstructured":"Price Katherine E. Host-based misuse detection and conventional operating systems' audit data collection. Master's Thesis. Purdue University. December 1997.  Price Katherine E. Host-based misuse detection and conventional operating systems' audit data collection. Master's Thesis. Purdue University. December 1997."},{"key":"e_1_3_2_1_15_1","unstructured":"Restrepo Tomas \"Getting the Command line for any process on NT \" URL http:\/\/www.mvps.org\/windev\/ptk\/cmdline.html.  Restrepo Tomas \"Getting the Command line for any process on NT \" URL http:\/\/www.mvps.org\/windev\/ptk\/cmdline.html."},{"volume-title":"West Lafayette IN","year":"1999","author":"Schwartzbard A.","key":"e_1_3_2_1_16_1"},{"key":"e_1_3_2_1_17_1","unstructured":"Solomon David A. Inside Windows NT Second Edition Microsoft Press Redmond WA: 1998. There is a later edition of this book called inside Windows 2000.   Solomon David A. Inside Windows NT Second Edition Microsoft Press Redmond WA: 1998. There is a later edition of this book called inside Windows 2000."},{"volume-title":"IEEE Computer Society Press","year":"1998","author":"Welch L. R.","key":"e_1_3_2_1_18_1"}],"event":{"name":"CCS03: Tenth ACM Conference on Computer and Communications Security 2003","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Fairfax VA","acronym":"CCS03"},"container-title":["Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1036921.1036932","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1036921.1036932","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T21:36:48Z","timestamp":1750282608000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1036921.1036932"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003,10,31]]},"references-count":17,"alternative-id":["10.1145\/1036921.1036932","10.1145\/1036921"],"URL":"https:\/\/doi.org\/10.1145\/1036921.1036932","relation":{},"subject":[],"published":{"date-parts":[[2003,10,31]]},"assertion":[{"value":"2003-10-31","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}