{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T15:45:02Z","timestamp":1775144702268,"version":"3.50.1"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030415785","type":"print"},{"value":"9783030415792","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-41579-2_1","type":"book-chapter","created":{"date-parts":[[2020,2,17]],"date-time":"2020-02-17T16:09:09Z","timestamp":1581955749000},"page":"3-17","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Prototype-Based Malware Traffic Classification with Novelty Detection"],"prefix":"10.1007","author":[{"given":"Lixin","family":"Zhao","sequence":"first","affiliation":[]},{"given":"Lijun","family":"Cai","sequence":"additional","affiliation":[]},{"given":"Aimin","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Zhen","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Dan","family":"Meng","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,2,18]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1723\u20131732. ACM (2017)","DOI":"10.1145\/3097983.3098163"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Bekerman, D., Shapira, B., Rokach, L., Bar, A.: Unknown malware detection using network traffic classification. In: 2015 IEEE Conference on Communications and Network Security (CNS), pp. 134\u2013142. IEEE (2015)","DOI":"10.1109\/CNS.2015.7346821"},{"key":"1_CR3","unstructured":"Bonilla, E.V., Robles-Kelly, A.: Discriminative Probabilistic Prototype Learning (2012)"},{"key":"1_CR4","unstructured":"Celik, Z.B., Walls, R.J., McDaniel, P., Swami, A.: Malware traffic detection using tamper resistant features. In: MILCOM 2015\u20132015 IEEE Military Communications Conference, pp. 330\u2013335. IEEE (2015)"},{"key":"1_CR5","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1016\/j.ins.2017.04.044","volume":"433","author":"Z Chen","year":"2018","unstructured":"Chen, Z., et al.: Machine learning based mobile malware detection using highly imbalanced network traffic. Inf. Sci. 433, 346\u2013364 (2018)","journal-title":"Inf. Sci."},{"issue":"1","key":"1_CR6","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1109\/TIT.1967.1053964","volume":"13","author":"T Cover","year":"1967","unstructured":"Cover, T., Hart, P.: Nearest neighbor pattern classification. IEEE Trans. Inf. Theory 13(1), 21\u201327 (1967)","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"2","key":"1_CR7","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1016\/S0031-3203(96)00072-6","volume":"30","author":"C Decaestecker","year":"1997","unstructured":"Decaestecker, C.: Finding prototypes for nearest neighbour classification by means of gradient descent and deterministic annealing. Pattern Recogn. 30(2), 281\u2013288 (1997)","journal-title":"Pattern Recogn."},{"key":"1_CR8","doi-asserted-by":"crossref","unstructured":"Huang, Y.-S., et al.: A simulated annealing approach to construct optimized prototypes for nearest-neighbor classification. In: Proceedings of 13th International Conference on Pattern Recognition, vol. 4, pp. 483\u2013487. IEEE (1996)","DOI":"10.1109\/ICPR.1996.547612"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Javaid, A.Y., Niyaz, Q., Sun, W., Alam, M.: A deep learning approach for network intrusion detection system. In: EAI International Conference on Bio-inspired Information & Communications Technologies (2016)","DOI":"10.4108\/eai.3-12-2015.2262516"},{"key":"1_CR10","series-title":"Springer Series in Information Sciences","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1007\/978-3-642-97610-0_6","volume-title":"Self-Organizing Maps","author":"T Kohonen","year":"1995","unstructured":"Kohonen, T.: Learning vector quantization. In: Kohonen, T. (ed.) Self-Organizing Maps. Springer Series in Information Sciences, vol. 30, pp. 175\u2013189. Springer, Heidelberg (1995). https:\/\/doi.org\/10.1007\/978-3-642-97610-0_6"},{"issue":"1","key":"1_CR11","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1109\/5326.661099","volume":"28","author":"LI Kuncheva","year":"1998","unstructured":"Kuncheva, L.I., Bezdek, J.C.: Nearest prototype classification: clustering, genetic algorithms, or random search? IEEE Trans. Syst. Man Cybern. Part C Appl. Rev 28(1), 160\u2013164 (1998)","journal-title":"IEEE Trans. Syst. Man Cybern. Part C Appl. Rev"},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"858","DOI":"10.1007\/978-3-319-70139-4_87","volume-title":"Neural Information Processing","author":"Z Li","year":"2017","unstructured":"Li, Z., Qin, Z., Huang, K., Yang, X., Ye, S.: Intrusion detection using convolutional neural networks for representation learning. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017, Part V. LNCS, vol. 10638, pp. 858\u2013866. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70139-4_87"},{"issue":"2","key":"1_CR13","doi-asserted-by":"publisher","first-page":"430","DOI":"10.1109\/TNN.2004.824263","volume":"15","author":"C-L Liu","year":"2004","unstructured":"Liu, C.-L., Sako, H., Fujisawa, H.: Discriminative learning quadratic discriminant function for handwriting recognition. IEEE Trans. Neural Networks 15(2), 430\u2013444 (2004)","journal-title":"IEEE Trans. Neural Networks"},{"issue":"11","key":"1_CR14","doi-asserted-by":"publisher","first-page":"1395","DOI":"10.1109\/TPAMI.2004.104","volume":"26","author":"C-L Liu","year":"2004","unstructured":"Liu, C.-L., Sako, H., Fujisawa, H.: Effects of classifier structures and training regimes on integrated segmentation and recognition of handwritten numeral strings. IEEE Trans. Pattern Anal. Mach. Intell. 26(11), 1395\u20131407 (2004)","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Mar\u00edn, G., Casas, P., Capdehourat, G.: Rawpower: deep learning based anomaly detection from raw network traffic measurements. In: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos, pp. 75\u201377. ACM (2018)","DOI":"10.1145\/3234200.3234238"},{"issue":"3","key":"1_CR16","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1145\/3308897.3308960","volume":"46","author":"G Mar\u00edn","year":"2019","unstructured":"Mar\u00edn, G., Casas, P., Capdehourat, G.: Deepsec meets rawpower-deep learning for detection of network attacks using raw representations. ACM SIGMETRICS Perform. Eval. Rev. 46(3), 147\u2013150 (2019)","journal-title":"ACM SIGMETRICS Perform. Eval. Rev."},{"issue":"12","key":"1_CR17","doi-asserted-by":"publisher","first-page":"3108","DOI":"10.1109\/78.553484","volume":"44","author":"D Miller","year":"1996","unstructured":"Miller, D., Rao, A.V., Rose, K.: A global optimization technique for statistical classifier design. IEEE Trans. Signal Process. 44(12), 3108\u20133122 (1996)","journal-title":"IEEE Trans. Signal Process."},{"issue":"1","key":"1_CR18","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1007\/s00500-014-1511-6","volume":"20","author":"FA Narudin","year":"2016","unstructured":"Narudin, F.A., Feizollah, A., Anuar, N.B., Gani, A.: Evaluation of machine learning classifiers for mobile malware detection. Soft Comput. 20(1), 343\u2013357 (2016)","journal-title":"Soft Comput."},{"issue":"Oct","key":"1_CR19","first-page":"2825","volume":"12","author":"F Pedregosa","year":"2011","unstructured":"Pedregosa, F., et al.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12(Oct), 2825\u20132830 (2011)","journal-title":"J. Mach. Learn. Res."},{"key":"1_CR20","unstructured":"Radford, B.J., Apolonio, L.M., Trias, A.J., Simpson, J.A.: Network traffic anomaly detection using recurrent neural networks. arXiv preprint arXiv:1803.10769 (2018)"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Saad, S., et al.: Detecting P2P botnets through network behavior analysis and machine learning. In: 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp. 174\u2013180. IEEE (2011)","DOI":"10.1109\/PST.2011.5971980"},{"key":"1_CR22","unstructured":"Sato, A., Yamada, K.: Generalized learning vector quantization. In: Advances in Neural Information Processing Systems, pp. 423\u2013429 (1996)"},{"key":"1_CR23","unstructured":"Sato, A., Yamada, K.: A formulation of learning vector quantization using a new misclassification measure. In: Proceedings of the Fourteenth International Conference on Pattern Recognition (Cat. No. 98EX170), vol. 1, pp. 322\u2013325. IEEE (1998)"},{"key":"1_CR24","unstructured":"Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), pp. 712\u2013717. IEEE (2017)"}],"container-title":["Lecture Notes in Computer Science","Information and Communications Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-41579-2_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,26]],"date-time":"2020-11-26T20:07:40Z","timestamp":1606421260000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-41579-2_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030415785","9783030415792"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-41579-2_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"18 February 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information and Communications Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Beijing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icics2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easy Chair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"199","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"47","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"24% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}