{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,14]],"date-time":"2025-06-14T05:23:26Z","timestamp":1749878606508,"version":"3.40.3"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319018539"},{"type":"electronic","value":"9783319018546"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-01854-6_49","type":"book-chapter","created":{"date-parts":[[2013,8,8]],"date-time":"2013-08-08T06:47:25Z","timestamp":1375944445000},"page":"479-488","source":"Crossref","is-referenced-by-count":3,"title":["Classification of SSH Anomalous Connections"],"prefix":"10.1007","author":[{"given":"Silvia","family":"Gonz\u00e1lez","sequence":"first","affiliation":[]},{"given":"Javier","family":"Sedano","sequence":"additional","affiliation":[]},{"given":"Urko","family":"Zurutuza","sequence":"additional","affiliation":[]},{"given":"Enaitz","family":"Ezpeleta","sequence":"additional","affiliation":[]},{"given":"Diego","family":"Mart\u00ednez","sequence":"additional","affiliation":[]},{"given":"\u00c1lvaro","family":"Herrero","sequence":"additional","affiliation":[]},{"given":"Emilio","family":"Corchado","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"49_CR1","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1002\/nem.433","volume":"12","author":"J.M. Myerson","year":"2002","unstructured":"Myerson, J.M.: Identifying Enterprise Network Vulnerabilities. International Journal of Network Management\u00a012, 135\u2013144 (2002)","journal-title":"International Journal of Network Management"},{"key":"49_CR2","unstructured":"Computer Security Threat Monitoring and Surveillance. Technical Report. James P. Anderson Co. (1980)"},{"key":"49_CR3","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D.E. Denning","year":"1987","unstructured":"Denning, D.E.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering\u00a013, 222\u2013232 (1987)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"49_CR4","doi-asserted-by":"publisher","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"T. Chih-Fong","year":"2009","unstructured":"Chih-Fong, T., Yu-Feng, H., Chia-Ying, L., Wei-Yang, L.: Intrusion Detection by Machine Learning: A Review. Expert Systems with Applications\u00a036, 11994\u201312000 (2009)","journal-title":"Expert Systems with Applications"},{"key":"49_CR5","first-page":"328","volume":"4","author":"A. Abraham","year":"2007","unstructured":"Abraham, A., Grosan, C., Martin-Vide, C.: Evolutionary Design of Intrusion Detection Programs. International Journal of Network Security\u00a04, 328\u2013339 (2007)","journal-title":"International Journal of Network Security"},{"key":"49_CR6","doi-asserted-by":"crossref","unstructured":"Julisch, K.: Data Mining for Intrusion Detection: A Critical Review. In: Barbar\u00e1, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security, pp. 33\u201362. Kluwer Academic Publishers (2002)","DOI":"10.1007\/978-1-4615-0953-0_2"},{"key":"49_CR7","doi-asserted-by":"publisher","first-page":"1795","DOI":"10.1016\/S0167-8655(03)00004-7","volume":"24","author":"G. Giacinto","year":"2003","unstructured":"Giacinto, G., Roli, F., Didaci, L.: Fusion of Multiple Classifiers for Intrusion Detection in Computer Networks. Pattern Recognition Letters\u00a024, 1795\u20131803 (2003)","journal-title":"Pattern Recognition Letters"},{"key":"49_CR8","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1016\/j.cose.2004.09.008","volume":"24","author":"S. Chebrolu","year":"2005","unstructured":"Chebrolu, S., Abraham, A., Thomas, J.P.: Feature Deduction and Ensemble Design of Intrusion Detection Systems. Computers & Security\u00a024, 295\u2013307 (2005)","journal-title":"Computers & Security"},{"key":"49_CR9","doi-asserted-by":"publisher","first-page":"852","DOI":"10.1016\/j.eswa.2009.05.100","volume":"37","author":"H.K. Kim","year":"2010","unstructured":"Kim, H.K., Im, K.H., Park, S.C.: DSS for Computer Security Incident Response Applying CBR and Collaborative Response. Expert Systems with Applications\u00a037, 852\u2013870 (2010)","journal-title":"Expert Systems with Applications"},{"key":"49_CR10","doi-asserted-by":"publisher","first-page":"462","DOI":"10.1016\/j.asoc.2008.06.001","volume":"9","author":"A. Tajbakhsh","year":"2009","unstructured":"Tajbakhsh, A., Rahmati, M., Mirzaei, A.: Intrusion Detection using Fuzzy Association Rules. Applied Soft Computing\u00a09, 462\u2013469 (2009)","journal-title":"Applied Soft Computing"},{"key":"49_CR11","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1109\/TSMCB.2005.843274","volume":"35","author":"S.T. Sarasamma","year":"2005","unstructured":"Sarasamma, S.T., Zhu, Q.M.A., Huff, J.: Hierarchical Kohonenen Net for Anomaly Detection in Network Security. IEEE Transactions on Systems Man and Cybernetics, Part B\u00a035, 302\u2013312 (2005)","journal-title":"IEEE Transactions on Systems Man and Cybernetics, Part B"},{"key":"49_CR12","doi-asserted-by":"publisher","first-page":"3649","DOI":"10.1016\/j.neucom.2008.12.038","volume":"72","author":"\u00c1. Herrero","year":"2009","unstructured":"Herrero, \u00c1., Corchado, E., Gastaldo, P., Zunino, R.: Neural Projection Techniques for the Visual Inspection of Network Traffic. Neurocomputing\u00a072, 3649\u20133658 (2009)","journal-title":"Neurocomputing"},{"key":"49_CR13","doi-asserted-by":"publisher","first-page":"779","DOI":"10.1016\/j.patrec.2004.09.045","volume":"26","author":"C. Zhang","year":"2005","unstructured":"Zhang, C., Jiang, J., Kamel, M.: Intrusion Detection using Hierarchical Neural Networks. Pattern Recognition Letters\u00a026, 779\u2013791 (2005)","journal-title":"Pattern Recognition Letters"},{"key":"49_CR14","doi-asserted-by":"crossref","unstructured":"Marchette, D.J.: Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint. Springer-Verlag New York, Inc. (2001)","DOI":"10.1007\/978-1-4757-3458-4"},{"key":"49_CR15","unstructured":"Roesch, M.: Snort\u2013Lightweight Intrusion Detection for Networks. In: 13th Systems Administration Conference (LISA 1999), pp. 229\u2013238 (1999)"},{"key":"49_CR16","unstructured":"SANS Institute\u2019s Internet Storm Center, \n                    https:\/\/isc.sans.edu\/port.html?port=22"},{"key":"49_CR17","unstructured":"Charles, K.A.: Decoy Systems: A New Player in Network Security and Computer Incident Response. International Journal of Digital Evidence\u00a02 (2004)"},{"key":"49_CR18","unstructured":"Provos, N.: A Virtual Honeypot Framework. In: 13th USENIX Security Symposium, vol.\u00a0132 (2004)"},{"key":"49_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/11856214_9","volume-title":"Recent Advances in Intrusion Detection","author":"P. Baecher","year":"2006","unstructured":"Baecher, P., Koetter, M., Holz, T., Dornseif, M., Freiling, F.: The Nepenthes Platform: An Efficient Approach to Collect Malware. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 165\u2013184. Springer, Heidelberg (2006)"},{"key":"49_CR20","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1145\/1132026.1132027","volume":"24","author":"D. Moore","year":"2006","unstructured":"Moore, D., Shannon, C., Brown, D.J., Voelker, G.M., Savage, S.: Inferring Internet Denial-of-service Activity. ACM Transactions on Computer Systems\u00a024, 115\u2013139 (2006)","journal-title":"ACM Transactions on Computer Systems"},{"key":"49_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1142\/S0129065712500050","volume":"22","author":"\u00c1. Herrero","year":"2012","unstructured":"Herrero, \u00c1., Zurutuza, U., Corchado, E.: A Neural-Visualization IDS for Honeynet Data. International Journal of Neural Systems\u00a022, 1\u201318 (2012)","journal-title":"International Journal of Neural Systems"},{"key":"49_CR22","first-page":"25","volume-title":"Proceedings of the 10th Conference on USENIX Security Symposium","author":"D.X. Song","year":"2001","unstructured":"Song, D.X., Wagner, D., Tian, X.: Timing Analysis of Keystrokes and Timing Attacks on SSH. In: Proceedings of the 10th Conference on USENIX Security Symposium, vol.\u00a010, p. 25. USENIX Association, Washington, D.C. (2001)"},{"key":"49_CR23","unstructured":"Coster, D.D., Woutersen, D.: Beyond the SSH Brute Force Attacks. In: 10th GOVCERT.NL Symposium (2011)"},{"key":"49_CR24","doi-asserted-by":"crossref","unstructured":"Koniaris, I., Papadimitriou, G., Nicopolitidis, P.: Analysis and Visualization of SSH Attacks Using Honeypots. In: IEEE European Conference on Computer as a Tool (IEEE EUROCON 2013) (2013)","DOI":"10.1109\/EUROCON.2013.6624967"},{"key":"49_CR25","doi-asserted-by":"publisher","first-page":"881","DOI":"10.1109\/T-C.1974.224051","volume":"23","author":"J.H. Friedman","year":"1974","unstructured":"Friedman, J.H., Tukey, J.W.: A Projection Pursuit Algorithm for Exploratory Data-Analysis. IEEE Transactions on Computers\u00a023, 881\u2013890 (1974)","journal-title":"IEEE Transactions on Computers"},{"key":"49_CR26","unstructured":"Bishop, C.M.: Pattern Recognition and Machine Learning. Springer (2007)"},{"key":"49_CR27","doi-asserted-by":"crossref","unstructured":"Seni, G., Elder, J.: Ensemble Methods in Data Mining: Improving Accuracy Through Combining Predictions. Morgan and Claypool Publishers (2010)","DOI":"10.1007\/978-3-031-01899-2"},{"key":"49_CR28","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1023\/A:1007662407062","volume":"37","author":"Y. Freund","year":"1999","unstructured":"Freund, Y., Schapire, R.E.: Large Margin Classification Using the Perceptron Algorithm. Mach. Learn.\u00a037, 277\u2013296 (1999)","journal-title":"Mach. Learn."},{"key":"49_CR29","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1162\/neco.1989.1.2.281","volume":"1","author":"J. Moody","year":"1989","unstructured":"Moody, J., Darken, C.J.: Fast Learning in Networks of Locally-tuned Processing Units. Neural Computation\u00a01, 281\u2013294 (1989)","journal-title":"Neural Computation"},{"key":"49_CR30","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1109\/TSMC.1978.4309958","volume":"8","author":"T. Bailey","year":"1978","unstructured":"Bailey, T., Jain, A.: A Note on Distance-Weighted k-Nearest Neighbor Rules. IEEE Transactions on Systems, Man and Cybernetics\u00a08, 311\u2013313 (1978)","journal-title":"IEEE Transactions on Systems, Man and Cybernetics"},{"key":"49_CR31","first-page":"358","volume-title":"Classification and Regression Trees","author":"L. Breiman","year":"1984","unstructured":"Breiman, L., Friedman, J.H., Olshen, R.A., Stone, C.J.: Classification and Regression Trees, p. 358. Wadsworth Inc., Belmont (1984)"},{"key":"49_CR32","doi-asserted-by":"publisher","first-page":"1955","DOI":"10.1016\/j.asr.2007.07.020","volume":"41","author":"Y. Zhao","year":"2008","unstructured":"Zhao, Y., Zhang, Y.: Comparison of Decision Tree Methods for Finding Active Objects. Advances in Space Research\u00a041, 1955\u20131959 (2008)","journal-title":"Advances in Space Research"},{"key":"49_CR33","first-page":"123","volume":"24","author":"L. Breiman","year":"1996","unstructured":"Breiman, L.: Bagging Predictors. Machine Learning\u00a024, 123\u2013140 (1996)","journal-title":"Machine Learning"},{"key":"49_CR34","unstructured":"Freund, Y., Schapire, R.E.: Experiments with a New Boosting Algorithm. In: International Conference on Machine Learning, pp. 148\u2013156 (1996)"},{"key":"49_CR35","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1214\/aos\/1016218223","volume":"28","author":"J. Friedman","year":"2000","unstructured":"Friedman, J., Hastie, T., Tibshirani, R.: Additive Logistic Regression: a Statistical View of Boosting. The Annals of Statistics\u00a028, 337\u2013407 (2000)","journal-title":"The Annals of Statistics"},{"key":"49_CR36","unstructured":"Seewald, A.K.: How to Make Stacking Better and Faster While Also Taking Care of an Unknown Weakness. In: Nineteenth International Conference on Machine Learning. Morgan Kaufmann Publishers Inc. (2002)"},{"key":"49_CR37","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/1656274.1656278","volume":"11","author":"M. Hall","year":"2009","unstructured":"Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA Data Mining Software: An Update. ACM SIGKDD Explorations Newsletter\u00a011, 10\u201318 (2009)","journal-title":"ACM SIGKDD Explorations Newsletter"}],"container-title":["Advances in Intelligent Systems and Computing","International Joint Conference SOCO\u201913-CISIS\u201913-ICEUTE\u201913"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-01854-6_49","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,19]],"date-time":"2023-02-19T15:09:17Z","timestamp":1676819357000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-01854-6_49"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319018539","9783319018546"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-01854-6_49","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2014]]}}}