{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,20]],"date-time":"2025-07-20T03:34:20Z","timestamp":1752982460882,"version":"3.40.3"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030578046"},{"type":"electronic","value":"9783030578053"}],"license":[{"start":{"date-parts":[[2020,8,28]],"date-time":"2020-08-28T00:00:00Z","timestamp":1598572800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,8,28]],"date-time":"2020-08-28T00:00:00Z","timestamp":1598572800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-57805-3_40","type":"book-chapter","created":{"date-parts":[[2020,8,27]],"date-time":"2020-08-27T13:04:15Z","timestamp":1598533455000},"page":"426-435","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Systematic Mapping of Detection Techniques for Advanced Persistent Threats"],"prefix":"10.1007","author":[{"given":"David","family":"Sobr\u00edn-Hidalgo","sequence":"first","affiliation":[]},{"given":"Adri\u00e1n","family":"Campazas Vega","sequence":"additional","affiliation":[]},{"given":"\u00c1ngel Manuel","family":"Guerrero Higueras","sequence":"additional","affiliation":[]},{"given":"Francisco Javier","family":"Rodr\u00edguez Lera","sequence":"additional","affiliation":[]},{"given":"Camino","family":"Fern\u00e1ndez-Llamas","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,8,28]]},"reference":[{"key":"40_CR1","unstructured":"Descubriendo amenazas a nivel gubernamental. \nhttps:\/\/www.ccn-cert.cni.es\/documentos-publicos\/x-jornadas-stic-ccn-cert\/1849-p1-02-descubriendoamenazasgov\/file.html"},{"issue":"1","key":"40_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/LSENS.2018.2879990","volume":"3","author":"R Abdulhammed","year":"2019","unstructured":"Abdulhammed, R., Faezipour, M., Abuzneid, A., AbuMallouh, A.: Deep and machine learning approaches for anomaly-based intrusion detection of imbalanced network traffic. IEEE Sens. Lett. 3(1), 1\u20134 (2019). \nhttps:\/\/doi.org\/10.1109\/LSENS.2018.2879990","journal-title":"IEEE Sens. Lett."},{"key":"40_CR3","doi-asserted-by":"publisher","unstructured":"Al-Rabiaah, S.: The \u2018Stuxnet\u2019 virus of 2010 as an example of A \u2018APT\u2019 and its \u2018Recent\u2019 variances. In: 21st Saudi Computer Society National Computer Conference, NCC 2018, Institute of Electrical and Electronics Engineers Inc. (2018). \nhttps:\/\/doi.org\/10.1109\/NCG.2018.8593143","DOI":"10.1109\/NCG.2018.8593143"},{"key":"40_CR4","doi-asserted-by":"publisher","unstructured":"Chen, S., Zuo, Z., Huang, Z.P., Guo, X.J.: A graphical feature generation approach for intrusion detection. In: MATEC Web of Conferences , vol. 44, 02041 (2016). \nhttps:\/\/doi.org\/10.1051\/matecconf\/20164402041","DOI":"10.1051\/matecconf\/20164402041"},{"issue":"6","key":"40_CR5","doi-asserted-by":"publisher","first-page":"54","DOI":"10.9781\/ijimai.2017.05.002","volume":"4","author":"B Harish","year":"2017","unstructured":"Harish, B., Kumar, S.: Anomaly based intrusion detection using modified fuzzy clustering. Int. J. Interact. Multimed. Artif. Intell. 4(6), 54 (2017). \nhttps:\/\/doi.org\/10.9781\/ijimai.2017.05.002","journal-title":"Int. J. Interact. Multimed. Artif. Intell."},{"key":"40_CR6","unstructured":"Holgu\u00edn, J.M., Moreno, M., Merino, B.: Detecci\u00f3n de APTs. Technical report, INCIBE & CSIRT-CV, May 2013"},{"key":"40_CR7","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1016\/j.procs.2018.01.095","volume":"127","author":"M Idhammad","year":"2018","unstructured":"Idhammad, M., Afdel, K., Belouch, M.: Distributed intrusion detection system for cloud environments based on data mining techniques. Proc. Comput. Sci. 127, 35\u201341 (2018). \nhttps:\/\/doi.org\/10.1016\/j.procs.2018.01.095","journal-title":"Proc. Comput. Sci."},{"key":"40_CR8","unstructured":"INCIBE: Gu\u00eda nacional de notificaci\u00f3n y gesti\u00f3n de ciberincidentes. Technical report, INCIBE, January 2019"},{"key":"40_CR9","doi-asserted-by":"publisher","first-page":"89507","DOI":"10.1109\/ACCESS.2019.2925838","volume":"7","author":"IA Khan","year":"2019","unstructured":"Khan, I.A., Pi, D., Khan, Z.U., Hussain, Y., Nawaz, A.: HML-IDS: A hybrid-multilevel anomaly prediction approach for intrusion detection in SCADA systems. IEEE Access 7, 89507\u201389521 (2019). \nhttps:\/\/doi.org\/10.1109\/ACCESS.2019.2925838","journal-title":"IEEE Access"},{"key":"40_CR10","doi-asserted-by":"crossref","unstructured":"Kitchenham, B.A., Budgen, D., Brereton, P.: Evidence-Based Software Engineering and Systematic Reviews, vol.\u00a04. CRC Press (2016)","DOI":"10.1201\/b19467"},{"issue":"1","key":"40_CR11","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1007\/s11416-016-0273-3","volume":"13","author":"R Luh","year":"2017","unstructured":"Luh, R., Marschalek, S., Kaiser, M., Janicke, H., Schrittwieser, S.: Semantics-aware detection of targeted attacks: A survey. J. Comput. Virol. Hack. Tech. 13(1), 47\u201385 (2017). \nhttps:\/\/doi.org\/10.1007\/s11416-016-0273-3","journal-title":"J. Comput. Virol. Hack. Tech."},{"key":"40_CR12","doi-asserted-by":"publisher","first-page":"148363","DOI":"10.1109\/ACCESS.2019.2946708","volume":"7","author":"C Ma","year":"2019","unstructured":"Ma, C., Du, X., Cao, L.: Analysis of multi-types of flow features based on hybrid neural network for improving network anomaly detection. IEEE Access 7, 148363\u2013148380 (2019). \nhttps:\/\/doi.org\/10.1109\/ACCESS.2019.2946708","journal-title":"IEEE Access"},{"key":"40_CR13","doi-asserted-by":"publisher","unstructured":"Moher, D., Liberati, A., Tetzlaff, J., Altman, D.G., ATP Group: Preferred reporting items for systematic reviews and meta-analyses: The PRISMA statement. Ann. Internal Med. 151(4), 264\u2013269 (2009). \nhttps:\/\/doi.org\/10.7326\/0003-4819-151-4-200908180-00135","DOI":"10.7326\/0003-4819-151-4-200908180-00135"},{"key":"40_CR14","doi-asserted-by":"publisher","first-page":"48231","DOI":"10.1109\/ACCESS.2018.2863036","volume":"6","author":"S Naseer","year":"2018","unstructured":"Naseer, S., Saleem, Y., Khalid, S., Bashir, M.K., Han, J., Iqbal, M.M., Han, K.: Enhanced network anomaly detection based on deep neural networks. IEEE Access 6, 48231\u201348246 (2018). \nhttps:\/\/doi.org\/10.1109\/ACCESS.2018.2863036","journal-title":"IEEE Access"},{"key":"40_CR15","doi-asserted-by":"publisher","first-page":"012015","DOI":"10.1088\/1742-6596\/1018\/1\/012015","volume":"1018","author":"M Nawir","year":"2018","unstructured":"Nawir, M., Amir, A., Lynn, O.B., Yaakob, N., Badlishah Ahmad, R.: Performances of machine learning algorithms for binary classification of network anomaly detection system. J. Phys. Conf. Ser. 1018, 012015 (2018). \nhttps:\/\/doi.org\/10.1088\/1742-6596\/1018\/1\/012015","journal-title":"J. Phys. Conf. Ser."},{"key":"40_CR16","doi-asserted-by":"publisher","unstructured":"Nawir, M., Amir, A., Yaakob, N., Bi\u00a0Lynn, O.: Effective and efficient network anomaly detection system using machine learning algorithm. Bull. Electric. Eng. Inform. 8(1), 46\u201351 (2019). \nhttps:\/\/doi.org\/10.11591\/eei.v8i1.1387","DOI":"10.11591\/eei.v8i1.1387"},{"key":"40_CR17","doi-asserted-by":"publisher","unstructured":"Ring, M., Dallmann, A., Landes, D., Hotho, A.: IP2Vec: Learning similarities between IP addresses. In: 2017 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 657\u2013666, November 2017. \nhttps:\/\/doi.org\/10.1109\/ICDMW.2017.93","DOI":"10.1109\/ICDMW.2017.93"},{"key":"40_CR18","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1016\/j.cose.2019.06.005","volume":"86","author":"M Ring","year":"2019","unstructured":"Ring, M., Wunderlich, S., Scheuring, D., Landes, D., Hotho, A.: A survey of network-based intrusion detection data sets. Comput. Secur. 86, 147\u2013167 (2019)","journal-title":"Comput. Secur."},{"key":"40_CR19","doi-asserted-by":"publisher","unstructured":"Roehrs, A., Da\u00a0Costa, C., Da\u00a0Rosa\u00a0Righi, R., De\u00a0Oliveira, K.: Personal health records: A systematic literature review. J. Med. Internet Res. 19(1) (2017). \nhttps:\/\/doi.org\/10.2196\/jmir.5876","DOI":"10.2196\/jmir.5876"},{"issue":"1","key":"40_CR20","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1186\/1472-6947-7-16","volume":"7","author":"C Schardt","year":"2007","unstructured":"Schardt, C., Adams, M.B., Owens, T., Keitz, S., Fontelo, P.: Utilization of the PICO framework to improve searching PubMed for clinical questions. BMC Med. Inform. Decis. Making 7(1), 16 (2007). \nhttps:\/\/doi.org\/10.1186\/1472-6947-7-16","journal-title":"BMC Med. Inform. Decis. Making"},{"key":"40_CR21","doi-asserted-by":"publisher","first-page":"94497","DOI":"10.1109\/ACCESS.2019.2928048","volume":"7","author":"BA Tama","year":"2019","unstructured":"Tama, B.A., Comuzzi, M., Rhee, K.H.: TSE-IDS: A two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE Access 7, 94497\u201394507 (2019). \nhttps:\/\/doi.org\/10.1109\/ACCESS.2019.2928048","journal-title":"IEEE Access"},{"key":"40_CR22","first-page":"1307","volume":"26","author":"A Verma","year":"2018","unstructured":"Verma, A., Ranga, V.: On evaluation of network intrusion detection systems: Statistical analysis of CIDDS-001 dataset using machine learning techniques. Pertanika J. Sci. Technol. 26, 1307\u20131332 (2018)","journal-title":"Pertanika J. Sci. Technol."},{"key":"40_CR23","doi-asserted-by":"publisher","first-page":"709","DOI":"10.1016\/j.procs.2017.12.091","volume":"125","author":"A Verma","year":"2018","unstructured":"Verma, A., Ranga, V.: Statistical analysis of CIDDS-001 dataset for network intrusion detection systems using distance-based machine learning. Proc. Comput. Sci. 125, 709\u2013716 (2018). \nhttps:\/\/doi.org\/10.1016\/j.procs.2017.12.091","journal-title":"Proc. Comput. Sci."}],"container-title":["Advances in Intelligent Systems and Computing","13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020)"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-57805-3_40","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,9,7]],"date-time":"2020-09-07T11:14:30Z","timestamp":1599477270000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-57805-3_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,28]]},"ISBN":["9783030578046","9783030578053"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-57805-3_40","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2020,8,28]]},"assertion":[{"value":"28 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}