{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,6]],"date-time":"2025-05-06T04:02:23Z","timestamp":1746504143048,"version":"3.40.4"},"publisher-location":"Cham","reference-count":11,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319126425"},{"type":"electronic","value":"9783319126432"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-12643-2_44","type":"book-chapter","created":{"date-parts":[[2014,10,22]],"date-time":"2014-10-22T02:58:17Z","timestamp":1413946697000},"page":"357-364","source":"Crossref","is-referenced-by-count":2,"title":["A Classification Method of Darknet Traffic for Advanced Security Monitoring and Response"],"prefix":"10.1007","author":[{"given":"Sangjun","family":"Ko","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kyuil","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Younsu","family":"Lee","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jungsuk","family":"Song","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"44_CR1","doi-asserted-by":"crossref","unstructured":"Denning, D.E.: An intrusion detection model. IEEE Transactions on Software Engineering SE\u201313, 222\u2013232 (1987)","DOI":"10.1109\/TSE.1987.232894"},{"issue":"4","key":"44_CR2","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1145\/950191.950192","volume":"6","author":"K. Julisch","year":"2003","unstructured":"Julisch, K.: Clustering intrusion detection alarms to support root cause analysis. ACM Transactions on Information and System Security\u00a06(4), 443\u2013471 (2003)","journal-title":"ACM Transactions on Information and System Security"},{"issue":"4","key":"44_CR3","doi-asserted-by":"publisher","first-page":"571","DOI":"10.1016\/S1389-1286(00)00138-9","volume":"34","author":"S. Manganaris","year":"2000","unstructured":"Manganaris, S., Christensen, M., Zerkle, D., Hermiz, K.: A Data Mining Analysis of RTID Alarms. Computer Networks\u00a034(4), 571\u2013577 (2000)","journal-title":"Computer Networks"},{"key":"44_CR4","doi-asserted-by":"crossref","unstructured":"Humphrey, W.N., Luo, J.: Using alert cluster to reduce IDS alerts. In: ICCIT 2010, pp. 467\u2013471. IEEE (2010)","DOI":"10.1109\/ICCSIT.2010.5563925"},{"key":"44_CR5","unstructured":"Choi, S.S., Kim, S.H., Park, H.S.: An advanced security monitoring and response framework using darknet traffic. In: 2012 International Workshop on Information & Security, pp. 9\u201310 (2012)"},{"issue":"2","key":"44_CR6","first-page":"171","volume":"2","author":"S.S. Choi","year":"2012","unstructured":"Choi, S.S., Song, J.S., Park, H.S., Choi, J.K.: An advanced incident response framework based on suspicious traffic. The Journal of Future Game Technology\u00a02(2), 171\u2013176 (2012)","journal-title":"The Journal of Future Game Technology"},{"key":"44_CR7","unstructured":"Choi, S.S., Kim, S.H., Park, H.S.: A fusion framework of IDS alerts and darknet traffic for effective incident monitoring and response. Applied Mathematics & Information Sciences (2013)"},{"key":"44_CR8","unstructured":"Moore, D., Shannon, C., Voelker, G.M., Savage, S.: Network telescopes, technical report. CAIDA (April 2004)"},{"key":"44_CR9","doi-asserted-by":"crossref","unstructured":"Bailey, M., Cooke, E., Jahanian, F., Myrick, A., Sinha, S.: Practical darknet measurement. In: 2006 40th Annual Conference on Information Sciences and Systems, pp. 1496\u20131501. IEEE (2007)","DOI":"10.1109\/CISS.2006.286376"},{"issue":"5","key":"44_CR10","doi-asserted-by":"publisher","first-page":"787","DOI":"10.1587\/transinf.E92.D.787","volume":"92","author":"K. Nakao","year":"2009","unstructured":"Nakao, K., Inoue, D., Eto, M., Yoshioka, K.: Practical correlation analysis between scan and malware profiles against zero-day attacks based on darknet monitoring. IEICE Transactions on Information and Systems\u00a092(5), 787\u2013798 (2009)","journal-title":"IEICE Transactions on Information and Systems"},{"key":"44_CR11","first-page":"37","volume-title":"Workshop on Development of Large Scale Security-Related Data Collection and Analysis Initiatives (BADGERS 2011)","author":"M. Eto","year":"2011","unstructured":"Eto, M., Inoue, D., Song, J., Junji, N., Kazuhiro, O., Nakao, K.: Nicter: A large-scale network incident analysis system. In: Workshop on Development of Large Scale Security-Related Data Collection and Analysis Initiatives (BADGERS 2011), pp. 37\u201345. ACM, Salzburg (2011)"}],"container-title":["Lecture Notes in Computer Science","Neural Information Processing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-12643-2_44","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T09:25:55Z","timestamp":1746437155000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-12643-2_44"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319126425","9783319126432"],"references-count":11,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-12643-2_44","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]}}}