{"id":"https://openalex.org/W2034362794","doi":"https://doi.org/10.1145/1030083.1030088","title":"Testing network-based intrusion detection signatures using mutant exploits","display_name":"Testing network-based intrusion detection signatures using mutant exploits","publication_year":2004,"publication_date":"2004-10-25","ids":{"openalex":"https://openalex.org/W2034362794","doi":"https://doi.org/10.1145/1030083.1030088","mag":"2034362794"},"language":"en","primary_location":{"id":"doi:10.1145/1030083.1030088","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1030083.1030088","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM conference on Computer and communications security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075685499","display_name":"Giovanni Vigna","orcid":"https://orcid.org/0000-0002-3422-5369"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Giovanni Vigna","raw_affiliation_strings":["University of California, Santa Barbara, CA","University of California, Santa Barbara, Ca#TAB#"],"affiliations":[{"raw_affiliation_string":"University of California, Santa Barbara, CA","institution_ids":["https://openalex.org/I154570441"]},{"raw_affiliation_string":"University of California, Santa Barbara, Ca#TAB#","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085358980","display_name":"William Robertson","orcid":"https://orcid.org/0000-0002-6968-0273"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"William Robertson","raw_affiliation_strings":["University of California, Santa Barbara, CA","University of California, Santa Barbara, Ca#TAB#"],"affiliations":[{"raw_affiliation_string":"University of California, Santa Barbara, CA","institution_ids":["https://openalex.org/I154570441"]},{"raw_affiliation_string":"University of California, Santa Barbara, Ca#TAB#","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002025561","display_name":"Davide Balzarotti","orcid":"https://orcid.org/0000-0001-5957-6213"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]},{"id":"https://openalex.org/I4210109270","display_name":"Reliable Software Resources (United States)","ror":"https://ror.org/01v5fm873","country_code":"US","type":"company","lineage":["https://openalex.org/I4210109270"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Davide Balzarotti","raw_affiliation_strings":["Reliable Software Group and University of California, Santa Barbara, CA"],"affiliations":[{"raw_affiliation_string":"Reliable Software Group and University of California, Santa Barbara, CA","institution_ids":["https://openalex.org/I4210109270","https://openalex.org/I154570441"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5075685499"],"corresponding_institution_ids":["https://openalex.org/I154570441"],"apc_list":null,"apc_paid":null,"fwci":14.7079,"has_fulltext":false,"cited_by_count":194,"citation_normalized_percentile":{"value":0.98975642,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"21","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7819198369979858},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7217286825180054},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6421377658843994},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4201236963272095},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4142743647098541},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.266373872756958},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.22772839665412903},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.10270720720291138}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7819198369979858},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7217286825180054},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6421377658843994},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4201236963272095},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4142743647098541},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.266373872756958},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.22772839665412903},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.10270720720291138}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/1030083.1030088","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1030083.1030088","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM conference on Computer and communications security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.219.483","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.219.483","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.ucsb.edu/~wkr/publications/ccs_2004_sploit/ccs2004sploit.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.59.5912","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.59.5912","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.elet.polimi.it/upload/balzarot/publications/download.php?doc=sploit-ccs04.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.76.6060","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.76.6060","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.ucsb.edu/~wkr/publications/ccs04sploit.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8100000023841858,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W162098268","https://openalex.org/W1490025813","https://openalex.org/W1674877186","https://openalex.org/W1779735989","https://openalex.org/W1952056635","https://openalex.org/W1964073704","https://openalex.org/W1988918299","https://openalex.org/W2016559036","https://openalex.org/W2049695835","https://openalex.org/W2081706040","https://openalex.org/W2107409339","https://openalex.org/W2120860555","https://openalex.org/W2129798683","https://openalex.org/W2167423345","https://openalex.org/W2737058386","https://openalex.org/W4239578735"],"related_works":["https://openalex.org/W2061466315","https://openalex.org/W2376886931","https://openalex.org/W1992118813","https://openalex.org/W2010561419","https://openalex.org/W2374845301","https://openalex.org/W2351448539","https://openalex.org/W1977863481","https://openalex.org/W2384741105","https://openalex.org/W1495178644","https://openalex.org/W2185594426"],"abstract_inverted_index":{"Misuse-based":[0],"intrusion":[1,143,186],"detection":[2,64,124,136,144,187,211],"systems":[3,21,193],"rely":[4],"on":[5,151],"models":[6,73,94,137],"of":[7,13,19,32,51,123,141,159,161,191,205,208],"attacks":[8,25],"to":[9,22,46,112,119,131,168],"identify":[10],"the":[11,17,30,49,121,139,192,203,206,209],"manifestation":[12],"intrusive":[14],"behavior.":[15],"Therefore,":[16],"ability":[18],"these":[20,196],"reliably":[23],"detect":[24,47],"is":[26,77,102,149],"strongly":[27],"affected":[28],"by":[29,164,183],"quality":[31,207],"their":[33],"models,":[34],"which":[35],"are":[36,117,175],"often":[37],"called":[38],"\"signatures.\"":[39],"A":[40],"perfect":[41],"model":[42],"would":[43,60,109],"be":[44,110],"able":[45,118],"all":[48,99],"instances":[50],"an":[52,162,169],"attack":[53],"without":[54],"making":[55],"mistakes,":[56],"that":[57,80,95,116,154],"is,":[58],"it":[59,108],"produce":[61],"a":[62,82,129,152,156,179,184,199],"100%":[63],"rate":[65],"with":[66],"0":[67],"false":[68],"alarms.":[69],"Unfortunately,":[70],"writing":[71,93],"good":[72,75],"(or":[74],"signatures)":[76],"hard.":[78],"Attacks":[79],"exploit":[81,163,170],"specific":[83],"vulnerability":[84],"may":[85],"do":[86],"so":[87],"in":[88,138,194],"completely":[89],"different":[90],"ways,":[91],"and":[92,133],"take":[96],"into":[97],"account":[98],"possible":[100],"variations":[101,160,197],"very":[103],"difficult.":[104],"For":[105],"this":[106],"reason,":[107],"beneficial":[111],"have":[113],"testing":[114,147],"tools":[115],"evaluate":[120,134],"\"goodness\"":[122],"signatures.":[125],"This":[126],"work":[127],"describes":[128],"technique":[130,148],"test":[132],"misuse":[135],"case":[140],"network-based":[142,185],"systems.":[145],"The":[146,189],"based":[150],"mechanism":[153],"generates":[155],"large":[157],"number":[158],"applying":[165],"mutant":[166,173],"operators":[167],"template.":[171],"These":[172],"exploits":[174],"then":[176],"run":[177],"against":[178],"victim":[180],"host":[181],"protected":[182],"system.":[188],"results":[190],"detecting":[195],"provide":[198],"quantitative":[200],"basis":[201],"for":[202],"evaluation":[204],"corresponding":[210],"model.":[212]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":8},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":10},{"year":2018,"cited_by_count":5},{"year":2017,"cited_by_count":9},{"year":2016,"cited_by_count":9},{"year":2015,"cited_by_count":8},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":4},{"year":2012,"cited_by_count":10}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}