{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,9]],"date-time":"2025-05-09T16:38:14Z","timestamp":1746808694975,"version":"3.40.5"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031575365"},{"type":"electronic","value":"9783031575372"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-57537-2_4","type":"book-chapter","created":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T19:02:38Z","timestamp":1713985358000},"page":"53-68","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Unsupervised Clustering of\u00a0Honeypot Attacks by\u00a0Deep HTTP Packet Inspection"],"prefix":"10.1007","author":[{"given":"Victor","family":"Aurora","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christopher","family":"Neal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alexandre","family":"Proulx","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nora","family":"Boulahia Cuppens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fr\u00e9d\u00e9ric","family":"Cuppens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,4,25]]},"reference":[{"unstructured":"Censys\u2014industry-leading cloud and internet asset discovery solutions. https:\/\/censys.io\/","key":"4_CR1"},{"unstructured":"curl. https:\/\/curl.se\/","key":"4_CR2"},{"unstructured":"CVE - CVE-2019-16759. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-16759","key":"4_CR3"},{"unstructured":"difflib - Helpers for computing deltas - Python 3.10.6 documentation. https:\/\/docs.python.org\/3\/library\/difflib.html","key":"4_CR4"},{"unstructured":"\u201cl9explore,\u201d original-date: 2020-12-15T00:39:15Z. https:\/\/github.com\/LeakIX\/l9explore","key":"4_CR5"},{"unstructured":"Azhar, N.B.: \u201cgohttp,\u201d original-date: 2017-11-08T15:28:32Z. https:\/\/github.com\/nahid\/gohttp","key":"4_CR6"},{"unstructured":"NDI\/LDAP service provider. https:\/\/docs.oracle.com\/javase\/8\/docs\/technotes\/guides\/jndi\/jndi-ldap.html","key":"4_CR7"},{"unstructured":"Overview - OkHttp. https:\/\/square.github.io\/okhttp\/","key":"4_CR8"},{"unstructured":"Prince $$\\cdot $$ PyPI. https:\/\/pypi.org\/project\/prince\/","key":"4_CR9"},{"unstructured":"Product catalog\u2014mercury security access control hardware & solutions. https:\/\/mercury-security.com\/portal\/","key":"4_CR10"},{"unstructured":"Projectdiscovery.io. https:\/\/projectdiscovery.io\/#\/","key":"4_CR11"},{"unstructured":"PycURL home page. http:\/\/pycurl.io\/","key":"4_CR12"},{"unstructured":"Graham, R.D.: \u201cMASSCAN: Mass IP port scanner,\u201d original-date: 2013-07-28T05:35:33Z. https:\/\/github.com\/robertdavidgraham\/masscan","key":"4_CR13"},{"unstructured":"Requests $$\\cdot $$ PyPI. https:\/\/pypi.org\/project\/requests\/","key":"4_CR14"},{"unstructured":"urllib - URL handling modules - python 3.11.0 documentation. https:\/\/docs.python.org\/3\/library\/urllib.html","key":"4_CR15"},{"unstructured":"vBulletin 5 connect, the world\u2019s leading community software. https:\/\/www.vbulletin.com\/","key":"4_CR16"},{"unstructured":"Welcome to AIOHTTP - aiohttp 3.8.3 documentation. https:\/\/docs.aiohttp.org\/en\/stable\/","key":"4_CR17"},{"unstructured":"\u201cZGrab 2.0,\u201d original-date: 2016-08-19T23:22:02Z. https:\/\/github.com\/zmap\/zgrab2","key":"4_CR18"},{"unstructured":"ZmEu, \u201cZmeubot - module for ZNC (v0.1),\u201d original-date: 2016-01-22T12:00:27Z. https:\/\/github.com\/happyhater\/zmeubot-znc","key":"4_CR19"},{"unstructured":"Abdi, H., Valentin, D.: Multiple correspondence analysis, p.\u00a013 (2007)","key":"4_CR20"},{"doi-asserted-by":"publisher","unstructured":"Ahmetoglu, H., Das, R.: A comprehensive review on detection of cyber-attacks: data sets, methods, challenges, and future research directions. Internet of Things 20, 100615 (2022). https:\/\/doi.org\/10.1016\/j.iot.2022.100615, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S254266052200097X","key":"4_CR21","DOI":"10.1016\/j.iot.2022.100615"},{"doi-asserted-by":"crossref","unstructured":"Bejarano, J., et al.: Sampling within k-means algorithm to cluster large datasets. UMBC Student Collection (2011)","key":"4_CR22","DOI":"10.2172\/1025410"},{"issue":"4","key":"4_CR23","doi-asserted-by":"publisher","first-page":"743","DOI":"10.3233\/IDA-194656","volume":"24","author":"L Boukela","year":"2020","unstructured":"Boukela, L., Zhang, G., Bouzefrane, S., Zhou, J.: An outlier ensemble for unsupervised anomaly detection in honeypots data. Intell. Data Anal. 24(4), 743\u2013758 (2020)","journal-title":"Intell. Data Anal."},{"doi-asserted-by":"crossref","unstructured":"Faker, O., Dogdu, E.: Intrusion detection using big data and deep learning techniques. In: Proceedings of the 2019 ACM Southeast Conference, ACM SE 2019, pp. 86\u201393. Association for Computing Machinery (2019)","key":"4_CR24","DOI":"10.1145\/3299815.3314439"},{"doi-asserted-by":"crossref","unstructured":"Ghurab, M., Gaphari, G., Alshami, F., Alshamy, R., Othman, S.: A detailed analysis of benchmark datasets for network intrusion detection system (2021)","key":"4_CR25","DOI":"10.9734\/ajrcos\/2021\/v7i430185"},{"doi-asserted-by":"crossref","unstructured":"Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Comput. Netw. 34(4), 579\u2013595 (2000)","key":"4_CR26","DOI":"10.1016\/S1389-1286(00)00139-0"},{"doi-asserted-by":"crossref","unstructured":"Matin, I.M.M., Rahardjo, B.: Malware detection using honeypot and machine learning. In: 2019 7th International Conference on Cyber and IT Service Management (CITSM), vol.\u00a07, pp.\u00a01\u20134. IEEE (2019)","key":"4_CR27","DOI":"10.1109\/CITSM47753.2019.8965419"},{"issue":"11","key":"4_CR28","doi-asserted-by":"publisher","first-page":"4477","DOI":"10.1007\/s12652-019-01417-9","volume":"11","author":"J Meira","year":"2020","unstructured":"Meira, J., et al.: Performance evaluation of unsupervised techniques in cyber-attack anomaly detection. J. Ambient Intell. Human Comput. 11(11), 4477\u20134489 (2020)","journal-title":"J. Ambient Intell. Human Comput."},{"doi-asserted-by":"crossref","unstructured":"Mokube, I., Adams, M.: Honeypots: concepts, approaches, and challenges. In: Proceedings of the 45th Annual Southeast Regional Conference, pp. 321\u2013326 (2007)","key":"4_CR29","DOI":"10.1145\/1233341.1233399"},{"doi-asserted-by":"crossref","unstructured":"Owezarski, P.: Unsupervised classification and characterization of honeypot attacks. In: 10th International Conference on Network and Service Management (CNSM) and Workshop, pp. 10\u201318. IEEE (2014)","key":"4_CR30","DOI":"10.1109\/CNSM.2014.7014136"},{"key":"4_CR31","first-page":"479","volume":"7","author":"R Panigrahi","year":"2018","unstructured":"Panigrahi, R., Borah, S.: A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. Int. J. Eng. Technol. 7, 479\u2013482 (2018)","journal-title":"Int. J. Eng. Technol."},{"unstructured":"Pelletier, Z., Abualkibash, M.: Evaluating the CIC IDS-2017 dataset using machine learning methods and creating multiple predictive models in the statistical computing language R. Int. Res. J. Adv. Eng. Sci. 5(2), 5 (2020)","key":"4_CR32"},{"key":"4_CR33","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1016\/j.cose.2019.06.005","volume":"86","author":"M Ring","year":"2019","unstructured":"Ring, M., Wunderlich, S., Scheuring, D., Landes, D., Hotho, A.: A survey of network-based intrusion detection data sets. Comput. Secur. 86, 147\u2013167 (2019)","journal-title":"Comput. Secur."},{"key":"4_CR34","doi-asserted-by":"publisher","first-page":"80716","DOI":"10.1109\/ACCESS.2020.2988796","volume":"8","author":"KP Sinaga","year":"2020","unstructured":"Sinaga, K.P., Yang, M.S.: Unsupervised k-means clustering algorithm. IEEE Access 8, 80716\u201380727 (2020)","journal-title":"IEEE Access"},{"doi-asserted-by":"crossref","unstructured":"Takyi, K., Bagga, A., Goopta, P.: Clustering techniques for traffic classification: a comprehensive review. In: 2018 7th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), pp. 224\u2013230 (2018)","key":"4_CR35","DOI":"10.1109\/ICRITO.2018.8748772"},{"key":"4_CR36","doi-asserted-by":"publisher","first-page":"e8872923","DOI":"10.1155\/2020\/8872923","volume":"2020","author":"Y Wu","year":"2020","unstructured":"Wu, Y., Wei, D., Feng, J.: Network attacks detection methods based on deep learning techniques: a survey. Secur. Commun. Netw. 2020, e8872923 (2020)","journal-title":"Secur. Commun. Netw."},{"doi-asserted-by":"crossref","unstructured":"Yavanoglu, O., Aydos, M.: A review on cyber security datasets for machine learning algorithms. In: 2017 IEEE International Conference on Big Data (Big Data), pp. 2186\u20132193 (2017)","key":"4_CR37","DOI":"10.1109\/BigData.2017.8258167"},{"doi-asserted-by":"crossref","unstructured":"Zanero, S., Savaresi, S.M.: Unsupervised learning techniques for an intrusion detection system. In: Proceedings of the 2004 ACM Symposium on Applied Computing, SAC 2004, pp. 412\u2013419. Association for Computing Machinery (2004)","key":"4_CR38","DOI":"10.1145\/967900.967988"},{"key":"4_CR39","doi-asserted-by":"publisher","first-page":"91992","DOI":"10.1109\/ACCESS.2019.2927465","volume":"7","author":"X Zhang","year":"2019","unstructured":"Zhang, X., Chen, J., Zhou, Y., Han, L., Lin, J.: A multiple-layer representation learning model for network-based attack detection. IEEE Access 7, 91992\u201392008 (2019)","journal-title":"IEEE Access"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-57537-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T19:03:18Z","timestamp":1713985398000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-57537-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031575365","9783031575372"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-57537-2_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"25 April 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bordeaux","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.fps-2023.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}