{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:57:10Z","timestamp":1740099430882,"version":"3.37.3"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030249069"},{"type":"electronic","value":"9783030249076"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-24907-6_9","type":"book-chapter","created":{"date-parts":[[2019,7,10]],"date-time":"2019-07-10T19:02:46Z","timestamp":1562785366000},"page":"102-116","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A Data-Driven Network Intrusion Detection Model Based on Host Clustering and Integrated Learning: A Case Study on Botnet Detection"],"prefix":"10.1007","author":[{"given":"Lena","family":"Ara","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3649-9785","authenticated-orcid":false,"given":"Xiao","family":"Luo","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,7,11]]},"reference":[{"key":"9_CR1","doi-asserted-by":"publisher","unstructured":"Akramifard, H., Khanli, L.M., ABalafar, M., Davtalab, R.: Intrusion detection in the cloud environment using multi-level fuzzy neural networks. In: Proceedings of International Conference on Security and Management, pp. 152\u2013159 (2015). https:\/\/doi.org\/10.1109\/CSE.2015.26","DOI":"10.1109\/CSE.2015.26"},{"issue":"3","key":"9_CR2","doi-asserted-by":"crossref","first-page":"175","DOI":"10.1080\/00031305.1992.10475879","volume":"46","author":"NS Altman","year":"1992","unstructured":"Altman, N.S.: An introduction to kernel and nearest-neighbor nonparametric regression. Am. Stat. 46(3), 175\u2013185 (1992)","journal-title":"Am. Stat."},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Amor, N.B., Benferhat, S., Elouedi, Z.: Naive bayes vs. decision trees in intrusion detection systems. In: Proceedings of the 2004 ACM Symposium on Applied Computing, pp. 420\u2013424. ACM (2004)","DOI":"10.1145\/967900.967989"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Andrzejak, A., Langner, F., Zabala, S.: Interpretable models from distributed data via merging of decision trees. In: 2013 IEEE Symposium on Computational Intelligence and Data Mining (CIDM), pp. 1\u20139. IEEE (2013)","DOI":"10.1109\/CIDM.2013.6597210"},{"key":"9_CR5","unstructured":"Chong, M., Abraham, A., Paprzycki, M.: Traffic accident analysis using machine learning paradigms. Informatica 29(1) (2005)"},{"key":"9_CR6","unstructured":"Clements, J., Yang, Y., Sharma, A., Hu, H., Lao, Y.: Rallying adversarial techniques against deep learning for network security. arXiv preprint arXiv:1903.11688 (2019)"},{"issue":"3","key":"9_CR7","first-page":"273","volume":"20","author":"C Cortes","year":"1995","unstructured":"Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273\u2013297 (1995)","journal-title":"Mach. Learn."},{"key":"9_CR8","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.cose.2014.05.011","volume":"45","author":"S Garc\u00eda","year":"2014","unstructured":"Garc\u00eda, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100\u2013123 (2014)","journal-title":"Comput. Secur."},{"issue":"01","key":"9_CR9","first-page":"45","volume":"6","author":"MAM Hasan","year":"2014","unstructured":"Hasan, M.A.M., Nasser, M., Pal, B., Ahmad, S.: Support vector machine and random forest modeling for intrusion detection system (IDS). J. Intell. Learn. Syst. Appl. 6(01), 45 (2014)","journal-title":"J. Intell. Learn. Syst. Appl."},{"key":"9_CR10","unstructured":"Huang, H., Al-Azzawi, H., Brani, H.: Network traffic anomaly detection. arXiv preprint arXiv:1402.0856 (2014)"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Huster, T.P., Chiang, C.Y.J., Chadha, R., Swami, A.: Towards the development of robust deep neural networks in adversarial settings. In: MILCOM 2018\u20132018 IEEE Military Communications Conference (MILCOM), pp. 419\u2013424. IEEE (2018)","DOI":"10.1109\/MILCOM.2018.8599814"},{"issue":"4","key":"9_CR12","doi-asserted-by":"publisher","first-page":"1690","DOI":"10.1016\/j.eswa.2013.08.066","volume":"41","author":"G Kim","year":"2014","unstructured":"Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Exp. Syst. Appl. 41(4), 1690\u20131700 (2014)","journal-title":"Exp. Syst. Appl."},{"key":"9_CR13","doi-asserted-by":"crossref","unstructured":"Le, D.C., Zincir-Heywood, A.N., Heywood, M.I.: Data analytics on network traffic flows for botnet behaviour detection. In: 2016 IEEE Symposium Series on Computational Intelligence (SSCI), pp. 1\u20137. IEEE (2016)","DOI":"10.1109\/SSCI.2016.7850078"},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Li, B., Gunes, M.H., Bebis, G., Springer, J.: A supervised machine learning approach to classify host roles on line using sflow. In: Proceedings of the First Edition Workshop on High Performance and Programmable Networking, pp. 53\u201360. ACM (2013)","DOI":"10.1145\/2465839.2465847"},{"key":"9_CR15","unstructured":"Lin, W.Y., Hu, Y.H., Tsai, C.F.: Machine learning in financial crisis prediction: a survey. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 42(4), 421\u2013436 (2012)"},{"issue":"6","key":"9_CR16","doi-asserted-by":"publisher","first-page":"1185","DOI":"10.1007\/s00521-010-0487-0","volume":"21","author":"Mansour Sheikhan","year":"2010","unstructured":"Sheikhan, M., Jadidi, Z., Farrokhi, A.: Intrusion detection using reduced-size rnn based on feature grouping, neural computing and applications. Neural Comput. Appl. 21(6), 1185\u20131190 (2012)","journal-title":"Neural Computing and Applications"},{"key":"9_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/978-3-030-18419-3_10","volume-title":"Foundations and Practice of Security","author":"EEB Martinez","year":"2019","unstructured":"Martinez, E.E.B., Oh, B., Li, F., Luo, X.: Evading deep neural network and random forest classifiers by generating adversarial samples. In: Zincir-Heywood, N., Bonfante, G., Debbabi, M., Garcia-Alfaro, J. (eds.) FPS 2018. LNCS, vol. 11358, pp. 143\u2013155. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-18419-3_10"},{"key":"9_CR18","unstructured":"Moh\u2019d A Mesleh, A.: Chi square feature extraction based Svms Arabic language text categorization system. J. Comput. Sci. 3(6), 430\u2013435 (2007)"},{"issue":"1\u20133","key":"9_CR19","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1016\/S0166-218X(01)00290-6","volume":"120","author":"PR \u00d6sterg\u00e5rd","year":"2002","unstructured":"\u00d6sterg\u00e5rd, P.R.: A fast algorithm for the maximum clique problem. Disc. Appl. Math. 120(1\u20133), 197\u2013207 (2002)","journal-title":"Disc. Appl. Math."},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 506\u2013519. ACM (2017)","DOI":"10.1145\/3052973.3053009"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 372\u2013387. IEEE (2016)","DOI":"10.1109\/EuroSP.2016.36"},{"issue":"1","key":"9_CR22","first-page":"81","volume":"1","author":"JR Quinlan","year":"1986","unstructured":"Quinlan, J.R.: Induction of decision trees. Mach. Learn. 1(1), 81\u2013106 (1986)","journal-title":"Mach. Learn."},{"key":"9_CR23","doi-asserted-by":"crossref","unstructured":"Reddy, R.R., Ramadevi, Y., Sunitha, K.: Real time anomaly detection using ensembles. In: 2014 International Conference on Information Science and Applications (ICISA), pp. 1\u20134. IEEE (2014)","DOI":"10.1109\/ICISA.2014.6847454"},{"issue":"1","key":"9_CR24","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1109\/TETCI.2017.2772792","volume":"2","author":"N Shone","year":"2018","unstructured":"Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Computat. Intell. 2(1), 41\u201350 (2018)","journal-title":"IEEE Trans. Emerg. Top. Computat. Intell."},{"issue":"10","key":"9_CR25","doi-asserted-by":"publisher","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"CF Tsai","year":"2009","unstructured":"Tsai, C.F., Hsu, Y.F., Lin, C.Y., Lin, W.Y.: Intrusion detection by machine learning: A review. Exp. Syst. Appl. 36(10), 11994\u201312000 (2009)","journal-title":"Exp. Syst. Appl."},{"key":"9_CR26","doi-asserted-by":"crossref","unstructured":"Vanerio, J., Casas, P.: Ensemble-learning approaches for network security and anomaly detection. In: Proceedings of the Workshop on Big Data Analytics and Machine Learning for Data Communication Networks, pp. 1\u20136. ACM (2017)","DOI":"10.1145\/3098593.3098594"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Vinayakumar, R., Soman, K., Poornachandran, P.: Applying convolutional neural network for network intrusion detection. In: 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1222\u20131228. IEEE (2017)","DOI":"10.1109\/ICACCI.2017.8126009"},{"issue":"8","key":"9_CR28","doi-asserted-by":"publisher","first-page":"662","DOI":"10.1016\/j.cose.2005.05.003","volume":"24","author":"Y Wang","year":"2005","unstructured":"Wang, Y.: A multinomial logistic regression modeling approach for anomaly intrusion detection. Comput. Secur. 24(8), 662\u2013674 (2005)","journal-title":"Comput. Secur."},{"key":"9_CR29","first-page":"269","volume":"6","author":"S Wei","year":"2006","unstructured":"Wei, S., Mirkovic, J., Kissel, E.: Profiling and clustering internet hosts. DMIN 6, 269\u201375 (2006)","journal-title":"DMIN"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Xu, K., Wang, F., Gu, L.: Network-aware behavior clustering of internet end hosts. In: 2011 Proceedings of the IEEE INFOCOM, pp. 2078\u20132086. IEEE (2011)","DOI":"10.1109\/INFCOM.2011.5935017"},{"key":"9_CR31","unstructured":"Zhang, J., Zulkernine, M., Haque, A.: Random-forests-based network intrusion detection systems. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 38(5), 649\u2013659 (2008)"},{"issue":"3","key":"9_CR32","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1109\/MCE.2019.2893673","volume":"8","author":"S Zhang","year":"2019","unstructured":"Zhang, S., Yang, L.T., Kuang, L., Feng, J., Chen, J., Piuri, V.: A tensor-based forensics framework for virtualized network functions in the internet of things: Utilizing tensor algebra in facilitating more efficient network forensic investigations. IEEE Consum. Electron. Mag. 8(3), 23\u201327 (2019)","journal-title":"IEEE Consum. Electron. Mag."}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Anonymity in Computation, Communication, and Storage"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-24907-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,20]],"date-time":"2024-07-20T21:16:14Z","timestamp":1721510174000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-24907-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030249069","9783030249076"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-24907-6_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"11 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SpaCCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Atlanta, GA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 July 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"spaccs2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/cse.stfx.ca\/~cybermatics\/2019\/spaccs\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}