{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T17:18:32Z","timestamp":1743095912736,"version":"3.40.3"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319171265"},{"type":"electronic","value":"9783319171272"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-17127-2_1","type":"book-chapter","created":{"date-parts":[[2015,4,27]],"date-time":"2015-04-27T02:12:01Z","timestamp":1430100721000},"page":"1-16","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Detecting Anomalies in Printed Intelligence Factory Network"],"prefix":"10.1007","author":[{"given":"Matti","family":"Mantere","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mirko","family":"Sailio","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sami","family":"Noponen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,4,28]]},"reference":[{"key":"1_CR1","unstructured":"The Self-Organizing Map Program Package. http:\/\/www.cis.hut.fi\/research\/som_pak\/. (Accessed July 2 2013)"},{"key":"1_CR2","unstructured":"Bro NSM. http:\/\/www.bro.org\/. (Accessed February 12 2013)"},{"issue":"2","key":"1_CR3","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"SE\u201313","author":"D Denning","year":"1987","unstructured":"Denning, D.: An intrusion-detection model. IEEE Trans. Softw. Eng. SE\u201313(2), 222\u2013232 (1987)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"1_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/978-3-540-87403-4_8","volume-title":"Recent Advances in Intrusion Detection","author":"H Dreger","year":"2008","unstructured":"Dreger, H., Feldmann, A., Paxson, V., Sommer, R.: Predicting the resource consumption of network intrusion detection systems. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 135\u2013154. Springer, Heidelberg (2008). http:\/\/www.dx.doi.org\/10.1007\/978-3-540-87403-4_8"},{"key":"1_CR5","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1007\/BF00201801","volume":"67","author":"E Erwin","year":"1992","unstructured":"Erwin, E., Obermayer, K., Schulten, K.: Self-organizing maps: Ordering, convergence properties and energy functions. Biol. Cybern. 67, 47\u201355 (1992)","journal-title":"Biol. Cybern."},{"key":"1_CR6","first-page":"13","volume":"122","author":"U Fiore","year":"2013","unstructured":"Fiore, U., Palmieri, F., Castiglione, A., Santis, A.D.: Network anomaly detection with the restricted boltzmann machine. Neurocomputing Adv. Cogn. Ubiquitous Comput. 122, 13\u201323 (2013). http:\/\/www.sciencedirect.com\/science\/article\/pii\/S0925231213005547. Advances in cognitive and ubiquitous computing","journal-title":"Neurocomputing Adv. Cogn. Ubiquitous Comput."},{"issue":"2","key":"1_CR7","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1016\/j.ijcip.2013.05.001","volume":"6","author":"N Goldenberg","year":"2013","unstructured":"Goldenberg, N., Wool, A.: Accurate modeling of modbus\/tcp for intrusion detection in SCADA systems. Int. J. Crit. Infrastruct. Prot. 6(2), 63\u201375 (2013). http:\/\/www.sciencedirect.com\/science\/article\/pii\/S1874548213000243","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"1_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1007\/11856214_14","volume-title":"Recent Advances in Intrusion Detection","author":"JM Gonzalez","year":"2006","unstructured":"Gonzalez, J.M., Paxson, V.: Enhancing network intrusion detection with integrated sampling and filtering. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol. 4219, pp. 272\u2013289. Springer, Heidelberg (2006). doi:10.1007\/11856214_14. http:\/\/dx.doi.org\/10.1007\/11856214_14"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Hadeli, H., Schierholz, R., Braendle, M., Tuduce, C.: Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration. In: IEEE Conference on Emerging Technologies Factory Automation, ETFA 2009, pp. 1\u20138 (2009)","DOI":"10.1109\/ETFA.2009.5347134"},{"issue":"3","key":"1_CR10","doi-asserted-by":"publisher","first-page":"1618","DOI":"10.1109\/TSMCB.2004.826829","volume":"34","author":"W Hu","year":"2004","unstructured":"Hu, W., Xie, D., Tan, T., Maybank, S.: Learning activity patterns using fuzzy self-organizing neural network. IEEE Trans. Syst. Man Cybern. Part B Cybern. 34(3), 1618\u20131626 (2004)","journal-title":"IEEE Trans. Syst. Man Cybern. Part B Cybern."},{"issue":"4","key":"1_CR11","doi-asserted-by":"publisher","first-page":"439","DOI":"10.1016\/j.engappai.2006.09.005","volume":"20","author":"H Kayacik","year":"2007","unstructured":"Kayacik, H., Zincir-Heywood, A., Heywood, M.: A hierarchical som-based intrusion detection system. Eng. Appl. Artif. Intell 20(4), 439\u2013451 (2007). http:\/\/dx.doi.org\/10.1016\/j.engappai.2006.09.005","journal-title":"Eng. Appl. Artif. Intell"},{"key":"1_CR12","unstructured":"Knapp, E.: Industrial network security: securing critical infrastructure networks for smart grid, SCADA, and other industrial control systems. Elsevier Science (2011). http:\/\/books.google.fi\/books?id=Et9u-mxq0B4C"},{"volume-title":"Self-Organizing Maps","year":"2001","key":"1_CR13","unstructured":"Kohonen, T., Schroeder, M.R., Huang, T.S. (eds.): Self-Organizing Maps. Springer, New York (2001)"},{"issue":"4","key":"1_CR14","doi-asserted-by":"publisher","first-page":"294","DOI":"10.1109\/3468.935046","volume":"31","author":"S Lee","year":"2001","unstructured":"Lee, S., Heinbuch, D.: Training a neural-network based intrusion detector to recognize novel attacks. IEEE Trans. Syst. Man Cybern. Part A Syst. Hum. 31(4), 294\u2013299 (2001)","journal-title":"IEEE Trans. Syst. Man Cybern. Part A Syst. Hum."},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Lin, H., Slagell, A., Di Martino, C., Kalbarczyk, Z., Iyer, R.K.: Adapting bro into scada: building a specification-based intrusion detection system for the dnp3 protocol. In: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, CSIIRW 2013, pp. 5:1\u20135:4. ACM, New York (2013). http:\/\/doi.acm.org\/10.1145\/2459976.2459982","DOI":"10.1145\/2459976.2459982"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Linda, O., Vollmer, T., Manic, M.: Neural network based intrusion detection system for critical infrastructures. In: Proceedings of the 2009 International Joint Conference on Neural Networks, IJCNN 2009, pp. 102\u2013109. IEEE Press, Piscataway (2009). http:\/\/dl.acm.org\/citation.cfm?id=1704175.1704190","DOI":"10.1109\/IJCNN.2009.5178592"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Mantere, M., Uusitalo, I., Sailio, M., Noponen, S.: Challenges of machine learning based monitoring for industrial control system networks. In: 2012 26th International Conference on Advanced Information Networking and Applications Workshops, March 2012","DOI":"10.1109\/WAINA.2012.135"},{"issue":"4","key":"1_CR18","doi-asserted-by":"publisher","first-page":"460","DOI":"10.3390\/fi5040460","volume":"5","author":"M Mantere","year":"2013","unstructured":"Mantere, M., Sailio, M., Noponen, S.: Network traffic features for anomaly detection in specific industrial control system network. Future Internet 5(4), 460\u2013473 (2013). http:\/\/www.mdpi.com\/1999-5903\/5\/4\/460","journal-title":"Future Internet"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"Mantere, M., Sailio, M., Noponen, S.: A module for anomaly detection in ics networks. In: Proceedings of the 3rd International Conference on High Confidence Networked Systems, HiCoNS 2014, pp. 49\u201356. ACM, New York (2014). http:\/\/doi.acm.org\/10.1145\/2566468.2566478","DOI":"10.1145\/2566468.2566478"},{"key":"1_CR20","unstructured":"Nessus Vulnerability Scanner. http:\/\/www.tenable.com\/products\/nessus\/. Accessed 2 January 2014"},{"key":"1_CR21","unstructured":"Nikto2 Web Server Scanner. https:\/\/www.cirt.net\/nikto2\/. Accessed 3 February 2014"},{"key":"1_CR22","unstructured":"Nmap Network Security Scanner. http:\/\/www.nmap.org\/. Accessed 2 July 2013"},{"issue":"23\u201324","key":"1_CR23","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V Paxson","year":"1999","unstructured":"Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23\u201324), 2435\u20132463 (1999). http:\/\/www.sciencedirect.com\/science\/article\/pii\/S1389128699001127","journal-title":"Comput. Netw."},{"key":"1_CR24","unstructured":"PrintoCent. http:\/\/www.printocent.net. (Accessed 6 January 2013)"},{"key":"1_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/978-3-540-45248-5_3","volume-title":"Recent Advances in Intrusion Detection","author":"M Ramadas","year":"2003","unstructured":"Ramadas, M., Ostermann, S., Tjaden, B.C.: Detecting anomalous network traffic with self-organizing maps. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 36\u201354. Springer, Heidelberg (2003)"},{"issue":"2","key":"1_CR26","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1109\/TSMCB.2005.843274","volume":"35","author":"S Sarasamma","year":"2005","unstructured":"Sarasamma, S., Zhu, Q., Huff, J.: Hierarchical kohonenen net for anomaly detection in network security. IEEE Trans. Syst. Man Cybern. Part B: Cybern. 35(2), 302\u2013312 (2005)","journal-title":"IEEE Trans. Syst. Man Cybern. Part B: Cybern."},{"key":"1_CR27","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Exploiting independent state for network intrusion detection. In: Proceedings of the 21st Annual Computer Security Applications Conference, ACSAC 2005, pp. 59\u201371. IEEE Computer Society, Washington, DC (2005). http:\/\/dx.doi.org\/10.1109\/CSAC.2005.24","DOI":"10.1109\/CSAC.2005.24"},{"key":"1_CR28","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the closed world: On using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 305\u2013316, May 2010","DOI":"10.1109\/SP.2010.25"},{"key":"1_CR29","unstructured":"Tcpdump. http:\/\/www.tcpdump.org\/. (Accessed 6 July 2013)"},{"issue":"8","key":"1_CR30","doi-asserted-by":"publisher","first-page":"2191","DOI":"10.1109\/TSP.2003.814797","volume":"51","author":"M Thottan","year":"2003","unstructured":"Thottan, M., Ji, C.: Anomaly detection in ip networks. IEEE Trans. Sig. Process. 51(8), 2191\u20132204 (2003)","journal-title":"IEEE Trans. Sig. Process."},{"key":"1_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-540-74320-0_6","volume-title":"Recent Advances in Intrusion Detection","author":"M Vallentin","year":"2007","unstructured":"Vallentin, M., Sommer, R., Lee, J., Leres, C., Paxson, V., Tierney, B.: The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 107\u2013126. Springer, Heidelberg (2007)"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Weaver, N., Paxson, V., Sommer, R.: Work in progress: Bro-lan pervasive network inspection and control for lan traffic. In: Securecomm and Workshops, pp. 1\u20132 August 28\u2013September 1 2006 (2006)","DOI":"10.1109\/SECCOMW.2006.359568"},{"key":"1_CR33","unstructured":"Wireshark. http:\/\/www.wireshark.org\/. (Accessed 5 February 2013)"},{"key":"1_CR34","unstructured":"Yang, D., Usynin, A., Hines, J.: Anomaly-based intrusion detection for scada systems. In: Proceedings of the 5th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human Machine Interface Technologies. NPIC&HMIT 05 (2006)"}],"container-title":["Lecture Notes in Computer Science","Risks and Security of Internet and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-17127-2_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,10]],"date-time":"2023-02-10T08:09:30Z","timestamp":1676016570000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-17127-2_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319171265","9783319171272"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-17127-2_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"28 April 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}