{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T17:49:16Z","timestamp":1743097756835,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":39,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540494966"},{"type":"electronic","value":"9783540494973"}],"license":[{"start":{"date-parts":[[2006,1,1]],"date-time":"2006-01-01T00:00:00Z","timestamp":1136073600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11935308_22","type":"book-chapter","created":{"date-parts":[[2006,11,15]],"date-time":"2006-11-15T11:26:42Z","timestamp":1163590002000},"page":"302-321","source":"Crossref","is-referenced-by-count":1,"title":["Estimating Accuracy of Mobile-Masquerader Detection Using Worst-Case and Best-Case Scenario"],"prefix":"10.1007","author":[{"given":"Oleksiy","family":"Mazhelis","sequence":"first","affiliation":[]},{"given":"Seppo","family":"Puuronen","sequence":"additional","affiliation":[]},{"given":"Mika","family":"Raento","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"22_CR1","unstructured":"Pointsec Mobile Technologies: IT professionals turn blind eye to mobile security as survey reveals sloppy handheld habits. Pointsec news releases (2005), available from: http:\/\/www.pointsec.com\/news\/release.cfm?PressId=108 (read 09.02.2006)"},{"key":"22_CR2","unstructured":"Pointsec Mobile Technologies: Half of all corporate PDAs unprotected despite employer risk. Pointsec News Letter\u00a02 (2004), available from: http:\/\/www.pointsec.com\/news\/mediakit\/ (read 09.02.2006)"},{"issue":"1","key":"22_CR3","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1214\/ss\/998929476","volume":"16","author":"M. Schonlau","year":"2001","unstructured":"Schonlau, M., DuMouchel, W., Ju, W., Karr, A., Theus, M., Vardi, Y.: Computer intrusion: Detecting masquerades. Statistical Science\u00a016(1), 58\u201374 (2001)","journal-title":"Statistical Science"},{"key":"22_CR4","doi-asserted-by":"publisher","first-page":"386","DOI":"10.1145\/775047.775103","volume-title":"Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining","author":"K. Sequeira","year":"2002","unstructured":"Sequeira, K., Zaki, M.: ADMIT: anomaly-based data mining for intrusions. In: Hand, D., Keim, D., Ng, R. (eds.) Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, Edmonton, Alberta, Canada, pp. 386\u2013395. ACM Press, New York (2002)"},{"key":"22_CR5","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1109\/DSN.2002.1028903","volume-title":"Proceedings of the International Conference on Dependable Systems and Networks","author":"R.A. Maxion","year":"2002","unstructured":"Maxion, R.A., Townsend, T.N.: Masquerade detection using truncated command lines. In: Proceedings of the International Conference on Dependable Systems and Networks, pp. 219\u2013228. IEEE Computer Society Press, Los Alamitos (2002)"},{"issue":"1","key":"22_CR6","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1023\/A:1021830128811","volume":"51","author":"T. Lane","year":"2003","unstructured":"Lane, T., Brodley, C.E.: An empirical study of two approaches to sequence learning for anomaly detection. Machine Learning\u00a051(1), 73\u2013107 (2003)","journal-title":"Machine Learning"},{"key":"22_CR7","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1145\/1014052.1014084","volume-title":"Proceedings of the 2004 ACM SIGKDD international conference on Knowledge discovery and data mining","author":"J. Shavlik","year":"2004","unstructured":"Shavlik, J., Shavlik, M.: Selection, combination, and evaluation of effective software sensors for detecting abnormal computer usage. In: Proceedings of the 2004 ACM SIGKDD international conference on Knowledge discovery and data mining, pp. 276\u2013285. ACM Press, New York (2004)"},{"key":"22_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/11555827_14","volume-title":"Computer Security \u2013 ESORICS 2005","author":"I. Ray","year":"2005","unstructured":"Ray, I., Poolsapassit, N.: Using attack trees to identify malicious attacks from authorized insiders. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol.\u00a03679, pp. 231\u2013246. Springer, Heidelberg (2005)"},{"key":"22_CR9","doi-asserted-by":"crossref","unstructured":"Clarke, N.L., Furnell, S.M.: Authenticating mobile phone users using keystroke analysis. International Journal of Information Security, 1\u201314 (2006)","DOI":"10.1007\/s10207-006-0006-6"},{"key":"22_CR10","doi-asserted-by":"crossref","unstructured":"M\u00e4ntyj\u00e4rvi, J., Lindholm, M., Vildjiounaite, E., M\u00e4kel\u00e4, S.M., Ailisto, H.: Identifying users of portable devices from gait pattern with accelerometers. In: Proc. of IEEE International Conference on Acoustics, Speech, and Signal Processing, vol.\u00a0II, pp. 973\u2013976 (2005)","DOI":"10.1109\/ICASSP.2005.1415569"},{"key":"22_CR11","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1145\/1023646.1023658","volume-title":"Proceedings of the 2004 ACM workshop on Wireless security","author":"B. Sun","year":"2004","unstructured":"Sun, B., Yu, F., Wu, K., Leung, V.C.M.: Mobility-based anomaly detection in cellular mobile networks. In: Jakobsson, M., Perrig, A. (eds.) Proceedings of the 2004 ACM workshop on Wireless security, pp. 61\u201369. ACM Press, New York (2004)"},{"issue":"3","key":"22_CR12","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1023\/A:1009700419189","volume":"1","author":"T. Fawcett","year":"1997","unstructured":"Fawcett, T., Provost, F.J.: Adaptive fraud detection. Data Mining and Knowledge Discovery\u00a01(3), 291\u2013316 (1997)","journal-title":"Data Mining and Knowledge Discovery"},{"issue":"7","key":"22_CR13","doi-asserted-by":"publisher","first-page":"1373","DOI":"10.1109\/49.622919","volume":"15","author":"D. Samfat","year":"1997","unstructured":"Samfat, D., Molva, R.: IDAMN: An intrusion detection architecture for mobile networks. IEEE Journal on Selected Areas in Communications\u00a015(7), 1373\u20131380 (1997)","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"22_CR14","unstructured":"Howard, P., Gosset, P.: D20 - Project final report and results of trials. ASPeCT: Advanced security for personal communications technologies. Final report AC095\/VOD\/W31\/DS\/P\/20\/E (1998)"},{"key":"22_CR15","unstructured":"Hollmen, J.: User Profiling and Classification for Fraud Detection in Mobile Communications Networks. PhD thesis, Helsinki University of Technology (2000)"},{"key":"22_CR16","unstructured":"Kumar, S.: Classification and Detection of Computer Intrusions. Ph.D. thesis, Purdue University, West Lafayette, USA (1995)"},{"key":"22_CR17","unstructured":"Tax, D.: One-class classification. Ph.D. thesis, Delft University of Technology (2001)"},{"issue":"2","key":"22_CR18","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1109\/3477.558812","volume":"27","author":"M.S. Obaidat","year":"1997","unstructured":"Obaidat, M.S., Sadoun, B.: Verification of computer users using keystroke dynamics. IEEE Trans. Syst. Man, and Cybernet. Part B: Cybernet.\u00a027(2), 261\u2013269 (1997)","journal-title":"IEEE Trans. Syst. Man, and Cybernet. Part B: Cybernet."},{"issue":"3","key":"22_CR19","doi-asserted-by":"publisher","first-page":"312","DOI":"10.1145\/1085126.1085129","volume":"8","author":"D. Gunetti","year":"2005","unstructured":"Gunetti, D., Picardi, C.: Keystroke analysis of free text. ACM Trans. Inf. Syst. Secur.\u00a08(3), 312\u2013347 (2005)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"22_CR20","unstructured":"Mazhelis, O., Puuronen, S.: Characteristics and measures for mobile-masquerader detection. In: Dowland, P., Furnell, S., Thuraisingham, B., Wang, X.S. (eds.) Proc. IFIP TC-11 WG 11.1 & WG 11.5 Joint Working Conference on Security Management, Integrity, and Internal Control in Information Systems, pp. 303\u2013318. Springer Science+Business Media (2005)"},{"key":"22_CR21","series-title":"IFIP International Federation for Information Processing","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1007\/0-387-33406-8_23","volume-title":"Security and Privacy in Dynamic Environments","author":"O. Mazhelis","year":"2006","unstructured":"Mazhelis, O., Puuronen, S., Raento, M.: Evaluating classifiers for mobile-masquerader detection. In: Fischer-H\u00fcbner, S., Rannenberg, K., Yngstr\u00f6m, L., Lindskog, S. (eds.) Security and Privacy in Dynamic Environments. IFIP International Federation for Information Processing, Boston, vol.\u00a0201, pp. 271\u2013283. Springer, Heidelberg (2006)"},{"key":"22_CR22","unstructured":"Anderson, D., Lunt, T., Javitz, H., Tamaru, A., Valdes, A.: Detecting unusual program behavior using the statistical components of NIDES. SRI Technical Report SRI-CRL-95-06, Computer Science Laboratory, SRI International, Menlo Park, California (1995)"},{"key":"22_CR23","first-page":"1","volume-title":"Technical Report of AAAI-1997 Workshop on AI Approaches to Fraud Detection and Risk Management, WS-97-07","author":"P. Burge","year":"1997","unstructured":"Burge, P., Shawe-Taylor, J.: Detecting cellular fraud using adaptive prototypes. In: Fawcett, T. (ed.) Technical Report of AAAI-1997 Workshop on AI Approaches to Fraud Detection and Risk Management, WS-97-07, pp. 1\u20138. AAAI Press, Menlo Park (1997)"},{"issue":"2","key":"22_CR24","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1002\/qre.392","volume":"17","author":"N. Ye","year":"2001","unstructured":"Ye, N., Chen, Q.: An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. Quality and Reliability Engineering International\u00a017(2), 105\u2013112 (2001)","journal-title":"Quality and Reliability Engineering International"},{"key":"22_CR25","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1145\/375663.375668","volume-title":"Proceedings of the 2001 ACM SIGMOD international conference on Management of data","author":"C.C. Aggarwal","year":"2001","unstructured":"Aggarwal, C.C., Yu, P.S.: Outlier detection for high dimensional data. In: Proceedings of the 2001 ACM SIGMOD international conference on Management of data, pp. 37\u201346. ACM Press, New York (2001)"},{"key":"22_CR26","volume-title":"Data Mining for Security Applications","author":"E. Eskin","year":"2002","unstructured":"Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. In: Data Mining for Security Applications. Kluwer, Dordrecht (2002)"},{"issue":"3","key":"22_CR27","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1109\/21.155943","volume":"22","author":"L. Xu","year":"1992","unstructured":"Xu, L., Krzyzak, A., Suen, C.Y.: Methods for combining multiple classifiers and their applications to handwriting recognition. IEEE Transactions on Systems, Man, and Cybernetics\u00a022(3), 418\u2013435 (1992)","journal-title":"IEEE Transactions on Systems, Man, and Cybernetics"},{"key":"22_CR28","volume-title":"Decision Fusion","author":"B.V. Dasarathy","year":"1994","unstructured":"Dasarathy, B.V.: Decision Fusion. IEEE Computer Society Press, Los Alamitos (1994)"},{"key":"22_CR29","doi-asserted-by":"crossref","unstructured":"Raento, M., Oulasvirta, A., Petit, R., Toivonen, H.: Contextphone, a prototyping platform for context-aware mobile applications. IEEE Pervasive Computing\u00a04(2) (2005)","DOI":"10.1109\/MPRV.2005.29"},{"key":"22_CR30","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1145\/1085777.1085805","volume-title":"Proceedings of the 7th International Conference on Human Computer Interaction with Mobile Devices and Services, MOBILEHCI 2005","author":"A. Oulasvirta","year":"2005","unstructured":"Oulasvirta, A., Raento, M., Tiitta, S.: Contextcontacts: Re-designing smartphone\u2019s contact book to support mobile awareness and collaboration. In: Proceedings of the 7th International Conference on Human Computer Interaction with Mobile Devices and Services, MOBILEHCI 2005, pp. 167\u2013174. ACM, New York (2005)"},{"key":"22_CR31","volume-title":"Pattern Classification","author":"R.O. Duda","year":"2000","unstructured":"Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. John Wily & Sons, Inc., New York (2000)","edition":"2"},{"issue":"3","key":"22_CR32","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1109\/34.667881","volume":"20","author":"J. Kittler","year":"1998","unstructured":"Kittler, J., Hatef, M., Duin, R.P., Matas, J.: On combining classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence\u00a020(3), 226\u2013239 (1998)","journal-title":"IEEE Transactions on Pattern Analysis and Machine Intelligence"},{"issue":"1-2","key":"22_CR33","first-page":"91","volume":"47","author":"S. Puuronen","year":"2001","unstructured":"Puuronen, S., Tsymbal, A.: Local feature selection with dynamic integration of classifiers. Fundamenta Informaticae, Special Issue \u201dIntelligent Information Systems\u201d\u00a047(1-2), 91\u2013117 (2001)","journal-title":"Fundamenta Informaticae, Special Issue \u201dIntelligent Information Systems\u201d"},{"issue":"2","key":"22_CR34","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1109\/34.982906","volume":"24","author":"L. Kuncheva","year":"2002","unstructured":"Kuncheva, L.: A theoretical study on six classifier fusion strategies. IEEE Transactions on Pattern Analysis and Machine Intelligence\u00a024(2), 281\u2013286 (2002)","journal-title":"IEEE Transactions on Pattern Analysis and Machine Intelligence"},{"key":"22_CR35","doi-asserted-by":"crossref","unstructured":"Mazhelis, O., Puuronen, S.: Combining one-class classifiers for mobile-user substitution detection. In: Seruca, I., Filipe, J., Hammoudi, S., Cordeiro, J. (eds.) Proceedings of the 6th International Conference on Enterprise Information Systems (ICEIS 2004), Portugal, vol.\u00a04, pp. 130\u2013137. INSTICC Press (2004)","DOI":"10.5220\/0002639901300137"},{"key":"22_CR36","volume-title":"Data Mining: Practical Machine Learning Tools and Techniques","author":"I.H. Witten","year":"2000","unstructured":"Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann Publishers, San Francisco (2000)"},{"key":"22_CR37","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1148\/radiology.143.1.7063747","volume":"143","author":"J.A. Hanley","year":"1982","unstructured":"Hanley, J.A., McNeil, B.J.: The meaning and use of the area under a receiver operating characteristic (ROC) curve. Radiology\u00a0143, 29\u201336 (1982)","journal-title":"Radiology"},{"key":"22_CR38","unstructured":"Maxion, R.A., Roberts, R.R.: Proper use of roc curves in intrusion\/anomaly detection. Technical Report Series CS-TR-871, School of Computing Science, University of Newcastle (2004)"},{"key":"22_CR39","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1145\/586110.586145","volume-title":"CCS 2002: Proceedings of the 9th ACM conference on Computer and communications security","author":"D. Wagner","year":"2002","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Atluri, V. (ed.) CCS 2002: Proceedings of the 9th ACM conference on Computer and communications security, pp. 255\u2013264. ACM Press, New York (2002) (General Chair-Sushil Jajodia and Program Chair-Ravi Sandhu)"}],"container-title":["Lecture Notes in Computer Science","Information and Communications Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11935308_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,11]],"date-time":"2025-01-11T23:14:36Z","timestamp":1736637276000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11935308_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540494966","9783540494973"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/11935308_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2006]]}}}