{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T20:23:05Z","timestamp":1725999785146},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030037475"},{"type":"electronic","value":"9783030037482"}],"license":[{"start":{"date-parts":[[2018,11,11]],"date-time":"2018-11-11T00:00:00Z","timestamp":1541894400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-03748-2_6","type":"book-chapter","created":{"date-parts":[[2018,11,10]],"date-time":"2018-11-10T09:45:22Z","timestamp":1541843122000},"page":"44-52","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Attack Pattern Mining Algorithm Based on Fuzzy Clustering and Sequence Pattern from Security Log"],"prefix":"10.1007","author":[{"given":"Jianyi","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Keyi","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yang","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ru","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xi","family":"Duan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,11,11]]},"reference":[{"key":"6_CR1","volume-title":"2015 China Internet Security Report","author":"National Computer Network Emergency Response Coordination Center","year":"2015","unstructured":"National Computer Network Emergency Response Coordination Center: 2015 China Internet Security Report. People\u2019s Posts and Telecommunications Press, Beijing (2015)"},{"key":"6_CR2","doi-asserted-by":"crossref","unstructured":"Kokila, R.T., Thamarai Selvi, S., Govindarajan, K.: DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: 2014 Sixth International Conference on Advanced Computing (ICoAC) pp. 205\u2013210 (2014)","DOI":"10.1109\/ICoAC.2014.7229711"},{"key":"6_CR3","doi-asserted-by":"crossref","unstructured":"Templeton Steven, J., Levitt, K.: A requires\/provides model for computer attacks. In: Proceedings of the 2000 workshop on New security paradigms, pp. 31\u201338 (2000)","DOI":"10.1145\/366173.366187"},{"key":"6_CR4","doi-asserted-by":"crossref","unstructured":"Ning, P., Cui, Y., Reeves, D.S.: Constructing attack scenarios through correlation of intrusion alert. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 245\u2013254 (2002)","DOI":"10.1145\/586110.586144"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Cuppens, F.: Managing alerts in a multi-intrusion detection environment. In: Proceedings of the 17th Annual Computer Security Applications Conference, pp. 22\u201331 (2001)","DOI":"10.1109\/ACSAC.2001.991518"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Miege, A.: Alert correlation in a cooperative intrusion detection framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 202\u2013215 (2002)","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"6_CR7","unstructured":"Cuppens, F., Autrel, F., Miege, A., et al.: Correlation in an intrusion detection process. In: Proceedings of the SECI02 Workshop, pp. 153\u2013171 (2002)"},{"key":"6_CR8","unstructured":"Qin, X., Lee, W.: Causal discovery-based alert correlation. In: Proceedings of the 21st Annual Computer Security Application Conference, pp. 33\u201340 (2005)"},{"key":"6_CR9","doi-asserted-by":"publisher","first-page":"439","DOI":"10.1007\/978-3-540-30108-0_27","volume-title":"Computer Security \u2013 ESORICS 2004","author":"Xinzhou Qin","year":"2004","unstructured":"Qin, X, Lee, W.: Discovering novel attack strategies from INFOSEC alerts. In: Proceedings of the 9th European Symposium on Research in Computer Security, pp. 439\u2013456 (2004)"},{"key":"6_CR10","unstructured":"Zhu, B., Ghorbani, A.A.: Alert correlation for extracting attack strategies. Int. J. Netw. Secur. 3(3) (2006)"},{"issue":"7","key":"6_CR11","doi-asserted-by":"publisher","first-page":"833","DOI":"10.1002\/sec.786","volume":"7","author":"F Kavousi","year":"2014","unstructured":"Kavousi, F., Akbari, B.: A Bayesian network-based approach for learning attack strategies from intrusion alerts. Secur. Commun. Netw. 7(7), 833\u2013853 (2014)","journal-title":"Secur. Commun. Netw."},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Zhang, A.F., Li, Z.T., Li, D, Wang, L.: Discovering novel multistage attack patterns in alert streams. In: 2007 International Conference on Networking, Architecture, and Storage (NAS 2007), pp. 115\u2013121 (2007)","DOI":"10.1109\/NAS.2007.20"},{"key":"6_CR13","unstructured":"Hellerstein, J.L., Ma, S.: Mining event data for actionable patterns. In: International Computer Measurement Group Conference, pp. 307\u2013318 (2000)"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Treinen, J.J., Thurimella, R.: A framework for the application of association rule mining in large intrusion detection infrastructures. Recent. Adv. Intrusion Detect. 23\u201338 (2006)","DOI":"10.1007\/11856214_1"},{"key":"6_CR15","unstructured":"Theodoridis, S., Koutroumbas, K., Ridis, T., et al.: Pattern Recognition, 2nd edn. Electronic Industry Press, Beijing (2004)"},{"key":"6_CR16","unstructured":"Lin, Z., Shi-tong, W., Zhao-hong, D.: Generalized study of FCM clustering algorithm based on improved fuzzy partition. J. Comput. Res. Dev. 5, 814\u2013822 (2009)"},{"key":"6_CR17","unstructured":"MIT Lincoln Laboratory DDoS 1.0 Intrusion Detection Dataset [DB\/OL]. \nhttp:\/\/www.ll.mit.edu\/IST\/ideval\/data\/2000\/LLS_DDOS_1.0.html"},{"key":"6_CR18","unstructured":"DDo S 2.0.2 Intrusion Detection Dataset Host [EB\/OL]. \nhttp:\/\/www.ll.mit.edu\/IST\/ideval\/docs\/2000\/2000_LLS_DDOS_2.0.2_hosts.html"}],"container-title":["Smart Innovation, Systems and Technologies","Recent Advances in Intelligent Information Hiding and Multimedia Signal Processing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-03748-2_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,11,10]],"date-time":"2018-11-10T09:48:16Z","timestamp":1541843296000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-03748-2_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11,11]]},"ISBN":["9783030037475","9783030037482"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-03748-2_6","relation":{},"ISSN":["2190-3018","2190-3026"],"issn-type":[{"type":"print","value":"2190-3018"},{"type":"electronic","value":"2190-3026"}],"subject":[],"published":{"date-parts":[[2018,11,11]]},"assertion":[{"value":"IIH-MSP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Intelligent Information Hiding and Multimedia Signal Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sendai","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iih2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/iihmsp2018.github.io\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}