{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:27:51Z","timestamp":1750307271987,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":16,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,10,4]],"date-time":"2010-10-04T00:00:00Z","timestamp":1286150400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,10,4]]},"DOI":"10.1145\/1866898.1866910","type":"proceedings-article","created":{"date-parts":[[2010,10,12]],"date-time":"2010-10-12T15:38:31Z","timestamp":1286897911000},"page":"71-74","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Cost-aware systemwide intrusion defense via online forensics and on-demand detector deployment"],"prefix":"10.1145","author":[{"given":"Saman A.","family":"Zonouz","sequence":"first","affiliation":[{"name":"University of Illinois, Urbana, IL, USA"}]},{"given":"Kaustubh R.","family":"Joshi","sequence":"additional","affiliation":[{"name":"AT&T Labs Research, Florham Park, NJ, USA"}]},{"given":"William H.","family":"Sanders","sequence":"additional","affiliation":[{"name":"University of Illinois, Urbana, IL, USA"}]}],"member":"320","published-online":{"date-parts":[[2010,10,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"}}Secerno available at http:\/\/www.secerno.com\/ 2010.  }}Secerno available at http:\/\/www.secerno.com\/ 2010."},{"key":"e_1_3_2_1_2_1","unstructured":"}}Zabbix available at http:\/\/www.zabbix.org\/ 2010.  }}Zabbix available at http:\/\/www.zabbix.org\/ 2010."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_4_1","volume-title":"Cisco Secure PIX Firewalls","author":"Chapman D.","year":"2001","unstructured":"}} D. Chapman . Cisco Secure PIX Firewalls . 2001 . }}D. Chapman. Cisco Secure PIX Firewalls. 2001."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294274"},{"key":"e_1_3_2_1_6_1","first-page":"62","volume-title":"Anomaly detection using call stack information","author":"Feng H.","year":"2003","unstructured":"}} H. Feng , O. Kolesnikov , P. Fogla , W. Lee , and W. Gong . Anomaly detection using call stack information . In IEEE - S &P, page 62 , 2003 . }}H. Feng, O. Kolesnikov, P. Fogla, W. Lee, and W. Gong. Anomaly detection using call stack information. In IEEE - S&P, page 62, 2003."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1963.10500830"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165389.945467"},{"key":"e_1_3_2_1_9_1","volume-title":"Clamav: http:\/\/www.clamav.net\/","author":"Kojm T.","year":"2009","unstructured":"}} T. Kojm . Clamav: http:\/\/www.clamav.net\/ , 2009 . }}T. Kojm. Clamav: http:\/\/www.clamav.net\/, 2009."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1571-0661(04)81042-9"},{"key":"e_1_3_2_1_11_1","first-page":"229","volume-title":"USENIX-LISA","author":"Roesch M.","year":"1999","unstructured":"}} M. Roesch . Snort - lightweight intrusion detection for networks . In USENIX-LISA , pages 229 -- 238 , 1999 . }}M. Roesch. Snort - lightweight intrusion detection for networks. In USENIX-LISA, pages 229--38, 1999."},{"key":"e_1_3_2_1_12_1","volume-title":"Attack trees. Dr. Dobb's Journal","author":"Schneier B.","year":"1999","unstructured":"}} B. Schneier . Attack trees. Dr. Dobb's Journal , 1999 . }}B. Schneier. Attack trees. Dr. Dobb's Journal, 1999."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1272998.1273010"},{"key":"e_1_3_2_1_15_1","volume-title":"Host Integrity Monitoring Using Osiris and Samhain","author":"Wotring B.","year":"2005","unstructured":"}} B. Wotring , B. Potter , M. Ranum , and R. Wichmann . Host Integrity Monitoring Using Osiris and Samhain . Syngress Publishing , 2005 . }}B. Wotring, B. Potter, M. Ranum, and R. Wichmann. Host Integrity Monitoring Using Osiris and Samhain. Syngress Publishing, 2005."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2009.5270307"}],"event":{"name":"CCS '10: 17th ACM Conference on Computer and Communications Security 2010","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Chicago Illinois USA","acronym":"CCS '10"},"container-title":["Proceedings of the 3rd ACM workshop on Assurable and usable security configuration"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866898.1866910","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1866898.1866910","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T10:53:00Z","timestamp":1750243980000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866898.1866910"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,10,4]]},"references-count":16,"alternative-id":["10.1145\/1866898.1866910","10.1145\/1866898"],"URL":"https:\/\/doi.org\/10.1145\/1866898.1866910","relation":{},"subject":[],"published":{"date-parts":[[2010,10,4]]},"assertion":[{"value":"2010-10-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}