{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T15:15:23Z","timestamp":1771514123188,"version":"3.50.1"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319086170","type":"print"},{"value":"9783319086187","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-08618-7_36","type":"book-chapter","created":{"date-parts":[[2014,8,25]],"date-time":"2014-08-25T10:59:47Z","timestamp":1408964387000},"page":"373-385","source":"Crossref","is-referenced-by-count":4,"title":["Detecting Zero-Day Attacks Using Contextual Relations"],"prefix":"10.1007","author":[{"given":"Ahmed","family":"Aleroud","sequence":"first","affiliation":[]},{"given":"George","family":"Karabatis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,8,26]]},"reference":[{"key":"36_CR1","doi-asserted-by":"crossref","unstructured":"Song, J., Takakura, H., Kwon, Y.: A Generalized feature extraction scheme to detect 0-day attacks via IDS alerts. In: Proceedings of the International Symposium on Applications and the Internet, pp. 55\u201361. IEEE Press (2008)","DOI":"10.1109\/SAINT.2008.85"},{"key":"36_CR2","unstructured":"Common Vulnerabilities and Exposures, http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2007-5616"},{"key":"36_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/11663812_12","volume-title":"Recent Advances in Intrusion Detection","author":"K Wang","year":"2006","unstructured":"Wang, K., Cretu, G.F., Stolfo, S.J.: Anomalous payload-based worm detection and signature generation. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 227\u2013246. Springer, Heidelberg (2006)"},{"key":"36_CR4","unstructured":"Binkley, J.R., Singh, S.: An algorithm for anomaly-based Botnet detection. In: Proceedings of USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI), pp. 43\u201348 (2006)"},{"key":"36_CR5","doi-asserted-by":"publisher","first-page":"3799","DOI":"10.1016\/j.ins.2007.03.025","volume":"177","author":"T Shon","year":"2007","unstructured":"Shon, T., Moon, J.: A hybrid machine learning approach to network anomaly detection. Inf. Sci. 177, 3799\u20133821 (2007)","journal-title":"Inf. Sci."},{"key":"36_CR6","doi-asserted-by":"crossref","unstructured":"Guan, Y., Ghorbani, A.A., Belacel, N.: Y-means: a clustering method for intrusion detection. In: IEEE Canadian Conference on Electrical and Computer Engineering, pp. 1083\u20131086. IEEE, New York (2003)","DOI":"10.1109\/CCECE.2003.1226084"},{"key":"36_CR7","doi-asserted-by":"crossref","unstructured":"Vigna, G., Robertson, W., Balzarotti, D.: Testing network-based intrusion detection signatures using mutant exploits. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 21\u201330. ACM (2004)","DOI":"10.1145\/1030083.1030088"},{"key":"36_CR8","doi-asserted-by":"crossref","unstructured":"Hendry, G.R., Yang, S.J.: Intrusion signature creation via clustering anomalies. In: Proceedings of SPIE Security and Defense Symposium, Bellingham, WA, pp. 69730C\u201369731 (2008)","DOI":"10.1117\/12.775886"},{"key":"36_CR9","unstructured":"Portnoy, L.: Intrusion detection with unlabeled data using clustering. Technical report, Department of Computer Science, Columbia University (2001)"},{"key":"36_CR10","doi-asserted-by":"crossref","unstructured":"Zhichun, L., Manan, S., Yan, C., Ming-Yang, K., Chavez, B.: Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience. In: IEEE Symposium on Security and Privacy, pp. 15\u201347. IEEE Press, New York (2006)","DOI":"10.1109\/SP.2006.18"},{"key":"36_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1007\/978-3-540-76929-3_23","volume-title":"Advances in Computer Science \u2013 ASIAN 2007","author":"J Song","year":"2007","unstructured":"Song, J., Ohba, H., Takakura, H., Okabe, Y., Ohira, K., Kwon, Y.-J.: A comprehensive approach to detect unknown attacks via intrusion detection alerts. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 247\u2013253. Springer, Heidelberg (2007)"},{"key":"36_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"573","DOI":"10.1007\/978-3-642-15497-3_35","volume-title":"Computer Security \u2013 ESORICS 2010","author":"L Wang","year":"2010","unstructured":"Wang, L., Jajodia, S., Singhal, A., Noel, S.: k-zero day safety: measuring the security risk of networks against unknown attacks. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 573\u2013587. Springer, Heidelberg (2010)"},{"key":"36_CR13","unstructured":"Lincoln Laboratory, Massachusetts Institute of Technology. http:\/\/www.ll.mit.edu\/mission\/communications\/cyber\/CSTcorpora\/ideval\/docs\/index.html"},{"key":"36_CR14","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/TDSC.2008.20","volume":"7","author":"KK Gupta","year":"2010","unstructured":"Gupta, K.K., Nath, B., Kotagiri, R.: Layered approach using conditional random fields for intrusion detection. IEEE Trans. Dependable Secure Comput. 7, 35\u201349 (2010)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"36_CR15","doi-asserted-by":"crossref","unstructured":"Boriah, S., Chandola, V., Kumar, V.: Similarity measures for categorical data: a comparative evaluation. In: Proceedings of the Eighth SIAM International Conference on Data Mining, pp. 243\u2013254 (2008)","DOI":"10.1137\/1.9781611972788.22"},{"key":"36_CR16","first-page":"63","volume":"6","author":"A Aleroud","year":"2014","unstructured":"Aleroud, A., Karabatis, G., Sharma, P., He, P.: Context and semantics for detection of cyber attacks. Int. J. Inf. Comput. Secur. 6, 63\u201392 (2014)","journal-title":"Int. J. Inf. Comput. Secur."},{"key":"36_CR17","doi-asserted-by":"crossref","unstructured":"Mika, S., Ratsch, G., Weston, J., Scholkopf, B., Mullers, K.R.: Fisher discriminant analysis with kernels. In: Proceedings of the IEEE Signal Processing Society Workshop, pp. 41\u201348. IEEE Press, New York (1999)","DOI":"10.1109\/NNSP.1999.788121"},{"key":"36_CR18","doi-asserted-by":"crossref","unstructured":"Tuerk, A.: Implicit softmax transforms for dimensionality reduction. In: IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP\u201908), pp. 1973\u20131976. IEEE (2008)","DOI":"10.1109\/ICASSP.2008.4518024"},{"key":"36_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-642-04968-2_4","volume-title":"IP Operations and Management","author":"A Sperotto","year":"2009","unstructured":"Sperotto, A., Sadre, R., van Vliet, F., Pras, A.: A labeled data set for flow-based intrusion detection. In: Nunzi, G., Scoglio, C., Li, X. (eds.) IPOM 2009. LNCS, vol. 5843, pp. 39\u201350. Springer, Heidelberg (2009)"},{"key":"36_CR20","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1016\/j.cose.2013.08.003","volume":"39","author":"C Guo","year":"2013","unstructured":"Guo, C., Zhou, Y.-J., Ping, Y., Luo, S.-S., Lai, Y.-P., Zhang, Z.-K.: Efficient intrusion detection using representative instances. Comput. Secur. 39, 255\u2013267 (2013)","journal-title":"Comput. Secur."},{"key":"36_CR21","unstructured":"Sabhnani, M., Serpen, G.: Application of machine learning algorithms to kdd intrusion detection dataset within misuse detection context. In: Proceedings of the International Conference on Machine Learning: Models, Technologies, and Applications, pp. 209\u2013215. CSREA Press (2003)"},{"key":"36_CR22","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1016\/j.cose.2011.12.012","volume":"31","author":"A Shiravi","year":"2012","unstructured":"Shiravi, A., Shiravi, H., Tavallaee, M., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31, 357\u2013374 (2012)","journal-title":"Comput. Secur."},{"key":"36_CR23","unstructured":"Bolzoni, D., Zambon, E., Etalle, S., Hartel, P.: Poseidon: A 2-tier anomaly-based intrusion detection system. In: Fourth IEEE International Workshop on Information Assurance, pp. 146\u2013156 (2005)"}],"container-title":["Lecture Notes in Business Information Processing","Knowledge Management in Organizations"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-08618-7_36","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,4]],"date-time":"2025-05-04T10:02:18Z","timestamp":1746352938000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-08618-7_36"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319086170","9783319086187"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-08618-7_36","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"value":"1865-1348","type":"print"},{"value":"1865-1356","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014]]}}}