{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T00:40:28Z","timestamp":1743122428157,"version":"3.40.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030373368"},{"type":"electronic","value":"9783030373375"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37337-5_1","type":"book-chapter","created":{"date-parts":[[2020,1,3]],"date-time":"2020-01-03T02:02:51Z","timestamp":1578016971000},"page":"3-12","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Research and Application of Anomaly Detection of Industrial Control System Based on Improved Zoe Algorithm"],"prefix":"10.1007","author":[{"given":"Xin","family":"Xie","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bin","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tiancheng","family":"Wan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xunyi","family":"Jiang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Weiru","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"WenLiang","family":"Tang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,1,3]]},"reference":[{"issue":"6","key":"1_CR1","first-page":"670","volume":"42","author":"Z Sun","year":"2013","unstructured":"Sun, Z., Liang, G., Bai, Y.: A hierarchical intrusion detection model in wireless sensor networks. Inf. Control 42(6), 670\u2013676 (2013)","journal-title":"Inf. Control"},{"issue":"4","key":"1_CR2","doi-asserted-by":"publisher","first-page":"744","DOI":"10.1109\/TII.2010.2051556","volume":"6","author":"S Shn","year":"2010","unstructured":"Shn, S., Kwon, T., Jo, G.Y.: An experimental study of hierarchical intrusion detection for wireless industrial sensor networks. IEEE Trans. Industr. Inf. 6(4), 744\u2013757 (2010)","journal-title":"IEEE Trans. Industr. Inf."},{"issue":"2","key":"1_CR3","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1002\/sys.21206","volume":"15","author":"RA Jones","year":"2012","unstructured":"Jones, R.A., Horowitz, B.: A system-aware cyber security architecture. Syst. Eng. 15(2), 225\u2013240 (2012)","journal-title":"Syst. Eng."},{"key":"1_CR4","unstructured":"Cherepanov, A.: Win32\/industroyer \u2013 a new threat for industrial control systems. Technical report, ESET (2017)"},{"key":"1_CR5","unstructured":"K. Lab: The DUQU 2.0 \u2013 technical details. Technical report, Kaspersky Lab (2015)"},{"key":"1_CR6","doi-asserted-by":"crossref","unstructured":"Yingxu, L., Jiao, J., Jing, L.: Analysis of industrial control systems traffic based on time series. In: 2015 IEEE Twelfth International Symposium on Autonomous Decentralized Systems, pp. 123\u2013129. IEEE Press, Taichung (2015)","DOI":"10.1109\/ISADS.2015.28"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Ar\u00e9valo, F., Rernenter\u00eda, J., Schwung, A.: Fault detection assessment architectures based on classification methods and information fusion. In: 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1343\u20131350. IEEE Press, Turin (2018)","DOI":"10.1109\/ETFA.2018.8502604"},{"issue":"2","key":"1_CR8","first-page":"906","volume":"7","author":"J Tsai","year":"2016","unstructured":"Tsai, J., Lo, N.: Secure anonymous key distribution scheme for smart grid. IEEE Trans. Smart Grid 7(2), 906\u2013914 (2016)","journal-title":"IEEE Trans. Smart Grid"},{"key":"1_CR9","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1016\/j.future.2014.10.002","volume":"49","author":"T Liu","year":"2015","unstructured":"Liu, T., Sun, Y., Liu, Y., et al.: Abnormal traffic-indexed state estimation: a cyber-physical fusion approach for smart grid attack detection. Future Gener. Comput. Syst. 49, 94\u2013103 (2015)","journal-title":"Future Gener. Comput. Syst."},{"issue":"8","key":"1_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TIFS.2018.2800908","volume":"13","author":"MN Kurt","year":"2018","unstructured":"Kurt, M.N., Y\u0131lmaz, Y., Wang, X.: Distributed quickest detection of cyber-attacks in smart grid. IEEE Trans. Inf. Forensics Secur. 13(8), 1 (2018)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"12","key":"1_CR11","doi-asserted-by":"publisher","first-page":"3377","DOI":"10.1007\/s00500-015-2015-8","volume":"21","author":"N Jiang","year":"2017","unstructured":"Jiang, N., Li, B., Wan, T., Liu, L.: C-POEM: comprehensive performance optimization evaluation model for wireless sensor networks. Soft. Comput. 21(12), 3377\u20133385 (2017)","journal-title":"Soft. Comput."},{"issue":"1\u20134","key":"1_CR12","first-page":"1","volume":"26","author":"N Jiang","year":"2015","unstructured":"Jiang, N., Xiao, X., Liu, L.: Localization scheme for wireless sensor networks based on \u201cshortcut\u201d constraint. Ad Hoc Sens. Wirel. Netw. 26(1\u20134), 1\u201319 (2015)","journal-title":"Ad Hoc Sens. Wirel. Netw."},{"issue":"2","key":"1_CR13","first-page":"143","volume":"38","author":"YX Lai","year":"2017","unstructured":"Lai, Y.X., Liu, Z.H., Cai, X.T., et al.: Research on intrusion detection of industrial control system. J. Commun. 38(2), 143\u2013156 (2017)","journal-title":"J. Commun."},{"issue":"01","key":"1_CR14","first-page":"54","volume":"47","author":"BB Yu","year":"2018","unstructured":"Yu, B.B., Wang, H.Z., Yan, B.Y.: Intrusion detection of industrial control systems based on long and short time memory networks. Inf. Control 47(01), 54\u201359 (2018)","journal-title":"Inf. Control"},{"key":"1_CR15","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1016\/j.aei.2017.05.005","volume":"33","author":"LK Song","year":"2017","unstructured":"Song, L.K., Fei, C.W., Bai, G.C., et al.: Dynamic neural network method-based improved PSO and BR algorithms for transient probabilistic analysis of flexible mechanism. Adv. Eng. Inform. 33, 144\u2013153 (2017)","journal-title":"Adv. Eng. Inform."},{"key":"1_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-642-33338-5_18","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"D Had\u017eiosmanovi\u0107","year":"2012","unstructured":"Had\u017eiosmanovi\u0107, D., Simionato, L., Bolzoni, D., Zambon, E., Etalle, S.: N-gram against the machine: on the feasibility of the N-gram network analysis for binary protocols. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 354\u2013373. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-33338-5_18"},{"issue":"02","key":"1_CR17","first-page":"159","volume":"36","author":"YW Huang","year":"2019","unstructured":"Huang, Y.W., Chen, G., Ye, J.F.: Weighted K-nearest neighbor indoor positioning algorithm based on cosine similarity. Comput. Appl. Softw. 36(02), 159\u2013162 (2019)","journal-title":"Comput. Appl. Softw."},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Wressnegger, C., Kellner, A., Rieck, K.: Zoe: content-based anomaly detection for industrial control systems. In: 2018 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks, pp. 127\u2013138. IEEE Press, Luxembourg City (2018)","DOI":"10.1109\/DSN.2018.00025"},{"issue":"4","key":"1_CR19","doi-asserted-by":"publisher","first-page":"994","DOI":"10.1109\/TIFS.2018.2868614","volume":"14","author":"P-F Marteau","year":"2019","unstructured":"Marteau, P.-F.: Sequence covering for efficient host-based intrusion detection. IEEE Trans. Inf. Forensics Secur. 14(4), 994\u20131006 (2019)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"1_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"561","DOI":"10.1007\/978-3-642-35289-8_30","volume-title":"Neural Networks: Tricks of the Trade","author":"A Coates","year":"2012","unstructured":"Coates, A., Ng, Andrew Y.: Learning feature representations with K-means. In: Montavon, G., Orr, G.B., M\u00fcller, K.-R. (eds.) Neural Networks: Tricks of the Trade. LNCS, vol. 7700, pp. 561\u2013580. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-35289-8_30"},{"issue":"1","key":"1_CR21","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1109\/MS.2011.127","volume":"29","author":"G Cormode","year":"2012","unstructured":"Cormode, G., Muthukrishnan, M.: Approximating data with the count-min sketch. IEEE Softw. 29(1), 64\u201369 (2012)","journal-title":"IEEE Softw."},{"issue":"4","key":"1_CR22","doi-asserted-by":"publisher","first-page":"807","DOI":"10.1109\/TC.2013.13","volume":"63","author":"G Creech","year":"2014","unstructured":"Creech, G., Hu, J.: A semantic approach to host-based intrusion detection systems using contiguous and discontiguous system call patterns. IEEE Trans. Comput. 63(4), 807\u2013819 (2014)","journal-title":"IEEE Trans. Comput."},{"key":"1_CR23","unstructured":"Deng, F., Rafiei, D.: New estimation algorithms for streaming data: Count-min can do more. \nhttp:\/\/www.cs.ualberta.ca\/~fandeng\/paper\/cmm.pdf"},{"issue":"4","key":"1_CR24","doi-asserted-by":"publisher","first-page":"2308","DOI":"10.1109\/TII.2014.2330796","volume":"10","author":"P Nader","year":"2014","unstructured":"Nader, P., Honeine, P., Beauseroy, P.: One-class classification for intrusion detection in SCADA systems. IEEE Trans. Industr. Inf. 10(4), 2308\u20132317 (2014)","journal-title":"IEEE Trans. Industr. Inf."},{"key":"1_CR25","unstructured":"Frank, A., Asuncion, A.: UCI machine learning repository. School Information and Computer Science, University of California, Irvine, CA, USA. \nhttp:\/\/archive.ics.uci.edu\/ml\n\n. Accessed 10 2018"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Suthaharan, S., Alzahrani, M., Rajasegarar, S., et al.: Labelled data collection for anomaly detection in wireless sensor networks. In: Sixth International Conference on Intelligent Sensors, pp. 269\u2013274. IEEE Press, Brisbane (2010)","DOI":"10.1109\/ISSNIP.2010.5706782"},{"issue":"5","key":"1_CR27","doi-asserted-by":"publisher","first-page":"893","DOI":"10.1109\/TIFS.2015.2512522","volume":"11","author":"A Almalawi","year":"2016","unstructured":"Almalawi, A., Fahad, A., Tari, Z., et al.: An efficient data-driven clustering technique to detect attacks in SCADA systems. IEEE Trans. Inf. Forensics Secur. 11(5), 893\u2013906 (2016)","journal-title":"IEEE Trans. Inf. Forensics Secur."}],"container-title":["Lecture Notes in Computer Science","Cyberspace Safety and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37337-5_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,25]],"date-time":"2020-04-25T15:04:39Z","timestamp":1587827079000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37337-5_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030373368","9783030373375"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37337-5_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"3 January 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Cyberspace Safety and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"css2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/css2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"235","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"61","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"40","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}