{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,13]],"date-time":"2026-05-13T12:50:12Z","timestamp":1778676612843,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":17,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,4,8]],"date-time":"2014-04-08T00:00:00Z","timestamp":1396915200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Fraunhofer USA Special Funds grant"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,4,8]]},"DOI":"10.1145\/2600176.2600185","type":"proceedings-article","created":{"date-parts":[[2014,8,12]],"date-time":"2014-08-12T13:53:50Z","timestamp":1407851630000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Human factors in webserver log file analysis"],"prefix":"10.1145","author":[{"given":"Lucas","family":"Layman","sequence":"first","affiliation":[{"name":"Fraunhofer CESE, College Park, MD"}]},{"given":"Sylvain David","family":"Diffo","sequence":"additional","affiliation":[{"name":"Karlsruhe U. of Applied Sciences, Karlsruhe, Germany"}]},{"given":"Nico","family":"Zazworka","sequence":"additional","affiliation":[{"name":"Elsevier Information Systems, GmbH, Frankfurt am Main, Germany"}]}],"member":"320","published-online":{"date-parts":[[2014,4,8]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1280680.1280693"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0020-7373(83)80031-5"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1113034.1113068"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCC.2012.2217325"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCG.2004.26"},{"key":"e_1_3_2_1_7_1","volume-title":"Information and Processes Used When Investigating Web Server Log Files for Malicious Activity. Technical report","author":"Layman L.","year":"2013","unstructured":"L. Layman . Information and Processes Used When Investigating Web Server Log Files for Malicious Activity. Technical report , Fraunhofer Center for Experimental Software Engineering , College Park, MD , 2013 . L. Layman. Information and Processes Used When Investigating Web Server Log Files for Malicious Activity. Technical report, Fraunhofer Center for Experimental Software Engineering, College Park, MD, 2013."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM.2013.42"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2600176.2600191"},{"key":"e_1_3_2_1_10_1","volume-title":"http:\/\/goo.gl\/umM0Br","author":"SP.","year":"2013","unstructured":"OWA SP. Top 10 2013 , http:\/\/goo.gl\/umM0Br , 2013 . OWASP. Top 10 2013, http:\/\/goo.gl\/umM0Br, 2013."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2004.94"},{"key":"e_1_3_2_1_12_1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"102","DOI":"10.1007\/978-3-540-30143-1_6","volume-title":"Recent Advances in Instrusion Detection","author":"Pietraszek T.","year":"2004","unstructured":"T. Pietraszek . Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection . In E. Jonsson, A. Valdes, and M. Almgren, editors, Recent Advances in Instrusion Detection , volume 3224 of Lecture Notes in Computer Science , pages 102 -- 124 . Springer Berlin Heidelberg , Berlin, Heidelberg , 2004 . T. Pietraszek. Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In E. Jonsson, A. Valdes, and M. Almgren, editors, Recent Advances in Instrusion Detection, volume 3224 of Lecture Notes in Computer Science, pages 102--124. Springer Berlin Heidelberg, Berlin, Heidelberg, 2004."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1037\/0033-295X.106.4.643"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TVCG.2011.144"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/IPOM.2003.1251233"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.21"},{"key":"e_1_3_2_1_17_1","volume-title":"Verizon","year":"2010","unstructured":"Verizon. 2010 Data Breach Investigations Report, http:\/\/goo.gl\/28pPGM. Technical report , Verizon , 2010. Verizon. 2010 Data Breach Investigations Report, http:\/\/goo.gl\/28pPGM. Technical report, Verizon, 2010."}],"event":{"name":"HotSoS '14: Symposium and Bootcamp on the Science of Security","location":"Raleigh North Carolina USA","acronym":"HotSoS '14","sponsor":["No. Carolina State Univeresity North Carolina State University"]},"container-title":["Proceedings of the 2014 Symposium and Bootcamp on the Science of Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2600176.2600185","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2600176.2600185","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:10:25Z","timestamp":1750234225000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2600176.2600185"}},"subtitle":["a controlled experiment on investigating malicious activity"],"short-title":[],"issued":{"date-parts":[[2014,4,8]]},"references-count":17,"alternative-id":["10.1145\/2600176.2600185","10.1145\/2600176"],"URL":"https:\/\/doi.org\/10.1145\/2600176.2600185","relation":{},"subject":[],"published":{"date-parts":[[2014,4,8]]},"assertion":[{"value":"2014-04-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}