{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T03:12:43Z","timestamp":1761621163139,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":36,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,3,3]],"date-time":"2014-03-03T00:00:00Z","timestamp":1393804800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,3,3]]},"DOI":"10.1145\/2557547.2557562","type":"proceedings-article","created":{"date-parts":[[2014,2,25]],"date-time":"2014-02-25T13:21:11Z","timestamp":1393334471000},"page":"111-122","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Situational awareness through reasoning on network incidents"],"prefix":"10.1145","author":[{"given":"Anna Cinzia","family":"Squicciarini","sequence":"first","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]},{"given":"Giuseppe","family":"Petracca","sequence":"additional","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]},{"given":"William G.","family":"Horne","sequence":"additional","affiliation":[{"name":"Hewlett-Packard Laboratories, Princeton, NJ, USA"}]},{"given":"Aurnob","family":"Nath","sequence":"additional","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]}],"member":"320","published-online":{"date-parts":[[2014,3,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Snort a lightweight network intrusion detection system. http:\/\/www.snort.org\/.  Snort a lightweight network intrusion detection system. http:\/\/www.snort.org\/."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/357830.357849"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420969"},{"volume-title":"NDSS","year":"2011","author":"Bilge Leyla","key":"e_1_3_2_1_4_1"},{"key":"e_1_3_2_1_5_1","unstructured":"BitTorrent. Official website for bittorrent. http:\/\/www.bittorrent.com.  BitTorrent. Official website for bittorrent. http:\/\/www.bittorrent.com."},{"key":"e_1_3_2_1_6_1","unstructured":"Eleazar Eskin. Anomaly detection over noisy data using learned probability distributions. 2000. http:\/\/academiccommons.columbia.edu\/item\/ac:125813.   Eleazar Eskin. Anomaly detection over noisy data using learned probability distributions. 2000. http:\/\/academiccommons.columbia.edu\/item\/ac:125813."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.5555\/784588.784621"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2003.12.016"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2008.08.003"},{"key":"e_1_3_2_1_10_1","first-page":"315","volume-title":"Proceedings of the 17th International Symposium on Computer and Information Sciences","author":"Guha R.","year":"2002"},{"key":"e_1_3_2_1_11_1","unstructured":"Paul Hick. The CAIDA DDoS Attack 2007 Dataset (collection). http:\/\/imdc.datcat.org\/collection\/1-06Y1-W=The+CAIDA+DDoS+Attack+2007+Dataset (accessed on 2013).  Paul Hick. The CAIDA DDoS Attack 2007 Dataset (collection). http:\/\/imdc.datcat.org\/collection\/1-06Y1-W=The+CAIDA+DDoS+Attack+2007+Dataset (accessed on 2013)."},{"volume-title":"Proc. 11th IEEE Int'l. Conf. Citeseer.","author":"Hoang Xuan Dau","key":"e_1_3_2_1_12_1"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-980109"},{"key":"e_1_3_2_1_14_1","first-page":"45","volume-title":"in Conf. AFIA99 Raisonnement \u00e0 Partir de Cas","author":"H\u00fcllermeier Eyke","year":"1999"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45248-5_10"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1017\/S0269888900006585"},{"key":"e_1_3_2_1_17_1","first-page":"120","volume-title":"Proceedings of the 1999 IEEE Symposium on Security and Privacy","author":"Lee Wenke","year":"1999"},{"key":"e_1_3_2_1_18_1","unstructured":"Malware Domain List. http:\/\/www.malwaredomainlist.com.  Malware Domain List. http:\/\/www.malwaredomainlist.com."},{"key":"e_1_3_2_1_19_1","unstructured":"Microsoft. Windows based performance counter data logger. http:\/\/technet.microsoft.com\/en-us\/library\/bb490960.aspx.  Microsoft. Windows based performance counter data logger. http:\/\/technet.microsoft.com\/en-us\/library\/bb490960.aspx."},{"key":"e_1_3_2_1_20_1","unstructured":"Mitre. Common attack pattern enumeration and classification. http:\/\/capec.mitre.org\/data\/definitions\/113.html.  Mitre. Common attack pattern enumeration and classification. http:\/\/capec.mitre.org\/data\/definitions\/113.html."},{"key":"e_1_3_2_1_21_1","unstructured":"Mitre. Structured threat information expression. http:\/\/stix.mitre.org\/.  Mitre. Structured threat information expression. http:\/\/stix.mitre.org\/."},{"key":"e_1_3_2_1_22_1","unstructured":"Soumyo D. Moitra. Situational awareness metrics from flow and other data sources. 2013.  Soumyo D. Moitra. Situational awareness metrics from flow and other data sources. 2013."},{"key":"e_1_3_2_1_23_1","unstructured":"Official Website for uTorrent. http:\/\/www.utorrent.com.  Official Website for uTorrent. http:\/\/www.utorrent.com."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855711.1855737"},{"key":"e_1_3_2_1_25_1","unstructured":"Predict. Protected repository for the defense of infrastructure against cyberthreats. http:\/\/www.predict.org.  Predict. Protected repository for the defense of infrastructure against cyberthreats. http:\/\/www.predict.org."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"J. Reason. Too little and too late: A commentary on accident and incident reporting systems. 1991.  J. Reason. Too little and too late: A commentary on accident and incident reporting systems. 1991.","DOI":"10.1016\/B978-0-7506-1178-7.50006-X"},{"volume-title":"John Wiley & Sons","year":"2010","author":"Ross Timothy J.","key":"e_1_3_2_1_27_1"},{"key":"e_1_3_2_1_28_1","unstructured":"Sans Education. https:\/\/isc.sans.edu\/feeds\/suspiciousdomains_high.txt.  Sans Education. https:\/\/isc.sans.edu\/feeds\/suspiciousdomains_high.txt."},{"key":"e_1_3_2_1_29_1","unstructured":"Shalla Secure Services KG. Shalla list website blacklist database. http:\/\/www.shallalist.de\/Downloads\/shallalist.tar.gz.  Shalla Secure Services KG. Shalla list website blacklist database. http:\/\/www.shallalist.de\/Downloads\/shallalist.tar.gz."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-38998-6_7"},{"key":"e_1_3_2_1_31_1","unstructured":"Vimal Vaidya. Dynamic signature inspection-based network intrusion detection August 21 2001. US Patent 6 279 113.  Vimal Vaidya. Dynamic signature inspection-based network intrusion detection August 21 2001. US Patent 6 279 113."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"crossref","unstructured":"M. West-Brown D. Stikvoort K.-P. Kossakowski G. Killcrece R. Ruefle and M. Zajicek. Handbook for computer security incident response teams (csirts) 2003. Technical Report Carnegie Mellon University\/SEI-2003-HB-002.  M. West-Brown D. Stikvoort K.-P. Kossakowski G. Killcrece R. Ruefle and M. Zajicek. Handbook for computer security incident response teams (csirts) 2003. Technical Report Carnegie Mellon University\/SEI-2003-HB-002.","DOI":"10.21236\/ADA413778"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0031-3203(02)00026-2"},{"key":"e_1_3_2_1_35_1","unstructured":"Zeus Tracker Domain Blocklist. https:\/\/secure.mayhemiclabs.com\/malhosts\/malhosts.txt.  Zeus Tracker Domain Blocklist. https:\/\/secure.mayhemiclabs.com\/malhosts\/malhosts.txt."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046684.2046694"}],"event":{"name":"CODASPY'14: Fourth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"San Antonio Texas USA","acronym":"CODASPY'14"},"container-title":["Proceedings of the 4th ACM conference on Data and application security and privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2557547.2557562","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2557547.2557562","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:09:50Z","timestamp":1750234190000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2557547.2557562"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,3,3]]},"references-count":36,"alternative-id":["10.1145\/2557547.2557562","10.1145\/2557547"],"URL":"https:\/\/doi.org\/10.1145\/2557547.2557562","relation":{},"subject":[],"published":{"date-parts":[[2014,3,3]]},"assertion":[{"value":"2014-03-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}