{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T16:45:52Z","timestamp":1762015552860,"version":"build-2065373602"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030268336"},{"type":"electronic","value":"9783030268343"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-26834-3_11","type":"book-chapter","created":{"date-parts":[[2019,8,6]],"date-time":"2019-08-06T23:05:29Z","timestamp":1565132729000},"page":"189-206","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["IDS Alert Priority Determination Based on Traffic Behavior"],"prefix":"10.1007","author":[{"given":"Shohei","family":"Hiruta","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Satoshi","family":"Ikeda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shigeyoshi","family":"Shima","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hiroki","family":"Takakura","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,7,24]]},"reference":[{"key":"11_CR1","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"DE Denning","year":"1987","unstructured":"Denning, D.E.: An intrusion-detection model. J. IEEE Trans. Softw. Eng. 13, 222\u2013232 (1987)","journal-title":"J. IEEE Trans. Softw. Eng."},{"key":"11_CR2","unstructured":"Lunt, T.F., Jagannathan, R., Lee, R., Whitehurst, A., Listgarten, S.: Knowledge-based intrusion detection. In: AI Systems in Government Conference, Washington, USA, pp. 102\u2013107 (1989)"},{"key":"11_CR3","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","volume":"28","author":"P Garcia-Teodoro","year":"2009","unstructured":"Garcia-Teodoro, P., Diaz-Verdejp, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. J. Comput. Secur. 28, 18\u201328 (2009)","journal-title":"J. Comput. Secur."},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Lv, Y., Xiang, S., Geng, J., Li, Y., Xia, C.: An alert correlation algorithm based on the sequence pattern mining. In: 2015 IEEE Advanced Technology, Electronic and Automation Control Conference, Chongqing, China, pp. 1146\u20131151 (2015)","DOI":"10.1109\/IAEAC.2015.7428739"},{"key":"11_CR5","unstructured":"Pei, J., Han, J., Mortazavi-Asl, B., Chen, Q., Dayal, U., Hsu, M.-C.: PrefixSpan: mining sequential patterns efficiently by prefix-projected pattern growth. In: 17th International Conference on Data Engineering, Heidelberg, Germany, pp. 215\u2013224 (2001)"},{"key":"11_CR6","doi-asserted-by":"publisher","first-page":"2917","DOI":"10.1016\/j.comcom.2006.04.001","volume":"29","author":"L Wang","year":"2006","unstructured":"Wang, L., Liu, A., Jajodia, S.: Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts. J. Comput. Commun. 29, 2917\u20132933 (2006)","journal-title":"J. Comput. Commun."},{"key":"11_CR7","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1109\/35.492975","volume":"34","author":"SA Yemini","year":"1996","unstructured":"Yemini, S.A., Kliger, S., Mozes, E., Yemini, Y., Ohsie, D.: High speed and robust event correlation. J. IEEE Commun. Mag. 34, 82\u201390 (1996)","journal-title":"J. IEEE Commun. Mag."},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Zan, X., Gao, F., Han, J., Sun, Y.: A hidden Markov model based framework for tracking and predicting of attack intention. In: 2009 International Conference on Multimedia Information Networking and Security, Hubei, China, pp. 498\u2013501 (2009)","DOI":"10.1109\/MINES.2009.277"},{"key":"11_CR9","unstructured":"Zhicai, S., Yongxiang, X.: A novel hidden Markov model for detecting complicate network attacks. In: 2010 IEEE International Conference on Wireless Communications, Networking and Information Security, Beijing, China, pp. 312\u2013315 (2010)"},{"key":"11_CR10","doi-asserted-by":"publisher","first-page":"809","DOI":"10.1109\/TNET.2004.836121","volume":"12","author":"M Steinder","year":"2004","unstructured":"Steinder, M., Sethi, A.S.: Probabilistic fault localization in communication systems using belief networks. J. IEEE\/ACM Trans. Netw. 12, 809\u2013822 (2004)","journal-title":"J. IEEE\/ACM Trans. Netw."},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Shittu, R., Healing, A., Ghanea-Hercock, R., Bloomfield, R., Muttukrishnan, R.: OutMet: a new metric for prioritising intrusion alerts using correlation and outlier analysis. In: 39th Annual IEEE Conference on Local Computer Networks, Edmonton, Canada, pp. 322\u2013330 (2014)","DOI":"10.1109\/LCN.2014.6925787"},{"key":"11_CR12","unstructured":"Njogu, H.W., Jiawei, L.: Using alert cluster to reduce IDS alerts. In: 2010 3rd International Conference on Computer Science and Information Technology, Chengdu, China, pp. 467\u2013471 (2010)"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Vaarandi, R., Podins, K.: Network IDS alert classification with frequent itemset mining and data clustering. In: 2010 International Conference on Network and Service Management, Niagara Falls, Canada, pp. 451\u2013456 (2010)","DOI":"10.1109\/CNSM.2010.5691262"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"GhasemiGol, M., Ghaemi-Bafghi, A.: A new alert correlation framework based on entropy. In: 3rd International eConference on Computer and Knowledge Engineering, Mashhad, Iran, pp. 184\u2013189 (2013)","DOI":"10.1109\/ICCKE.2013.6682843"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Gupta, D., Joshi, P.S., Bhattacharjee, A.K., Mundada, R.S.: IDS alerts classification using knowledge-based evaluation. In: 2012 Fourth International Conference on Communication Systems and Networks, Bangalore, India, pp. 1\u20138 (2012)","DOI":"10.1109\/COMSNETS.2012.6151339"},{"key":"11_CR16","unstructured":"Mell, P., Scarfone, K., Romansky, S.: A Complete Guide to the Common Vulnerability Scoring System Version 2.0, National Infrastracture Advisory Council. \n                      https:\/\/ws680.nist.gov\/publication\/get_pdf.cfm?pub_id=51198\n                      \n                    . Accessed 15 Feb 2019"},{"key":"11_CR17","unstructured":"The Global Internet Phenomena Report. \n                      https:\/\/www.sandvine.com\/hubfs\/downloads\/phenomena\/2018-phenomena-report.pdf\n                      \n                    . Accessed 15 Feb 2019"},{"key":"11_CR18","unstructured":"Uncovering Hidden Threats within Encrypted Traffic. \n                      https:\/\/www.a10networks.com\/sites\/default\/files\/A10-EB-14106-EN.pdf\n                      \n                    . Accessed 15 Feb 2019"},{"key":"11_CR19","unstructured":"Evangelos, S., Jiawei, H., Usama, M.F.: A density-based algorithm for discovering clusters in large spatial databases with noise. In: The Second International Conference on Knowledge Discovery and Data Mining, Oregon, USA, pp. 226\u2013231 (1996)"},{"key":"11_CR20","unstructured":"How many Alerts is Too Many to Handle?. \n                      https:\/\/www2.fireeye.com\/StopTheNoise-IDC-Numbers-Game-Special-Report.html\n                      \n                    . Accessed 5 Jun 2019"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-26834-3_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,6]],"date-time":"2019-08-06T23:06:43Z","timestamp":1565132803000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-26834-3_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030268336","9783030268343"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-26834-3_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"24 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IWSEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tokyo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 August 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 August 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iwsec2019a","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iwsec.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"61","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"30% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.9","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5.6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"https:\/\/www.iwsec.org\/2019\/","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}