{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T08:24:54Z","timestamp":1742977494514,"version":"3.40.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319200330"},{"type":"electronic","value":"9783319200347"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-20034-7_9","type":"book-chapter","created":{"date-parts":[[2015,6,3]],"date-time":"2015-06-03T19:25:48Z","timestamp":1433359548000},"page":"73-86","source":"Crossref","is-referenced-by-count":2,"title":["Learning to Detect Network Intrusion from a Few Labeled Events and Background Traffic"],"prefix":"10.1007","author":[{"given":"Gustav","family":"\u0160ourek","sequence":"first","affiliation":[]},{"given":"Ond\u0159ej","family":"Ku\u017eelka","sequence":"additional","affiliation":[]},{"given":"Filip","family":"\u017delezn\u00fd","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"9_CR1","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1007\/978-3-540-74958-5_39","volume-title":"Machine Learning: ECML 2007","author":"A. Assche Van","year":"2007","unstructured":"Van Assche, A., Blockeel, H.: Seeing the forest through the trees: Learning a comprehensible model from an ensemble. In: Kok, J.N., Koronacki, J., Lopez de Mantaras, R., Matwin, S., Mladeni\u010d, D., Skowron, A. (eds.) ECML 2007. LNCS (LNAI), vol.\u00a04701, pp. 418\u2013429. Springer, Heidelberg (2007)"},{"unstructured":"Bartos, K., Rehak, M.: Trust-based solution for robust self-configuration of distributed intrusion detection systems, pp. 121\u2013126 (2012)","key":"9_CR2"},{"key":"9_CR3","series-title":"AISC","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1007\/978-3-319-00969-8_26","volume-title":"Proceedings of the 8th International Conference on Computer Recognition Systems CORES 2013","author":"J. B\u0142aszczy\u0144ski","year":"2013","unstructured":"B\u0142aszczy\u0144ski, J., Stefanowski, J., Idkowiak, \u0141.: Extending bagging for imbalanced data. In: Burduk, R., Jackowski, K., Kurzynski, M., Wozniak, M., Zolnierek, A. (eds.) CORES 2013. AISC, vol.\u00a0226, pp. 269\u2013278. Springer, Heidelberg (2013)"},{"issue":"1","key":"9_CR4","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L. Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Machine Learning\u00a045(1), 5\u201332 (2001)","journal-title":"Machine Learning"},{"doi-asserted-by":"crossref","unstructured":"Chaudhary, U.K., Papapanagiotou, I., Devetsikiotis, M.: Flow classification using clustering and association rule mining. In: 2010 15th IEEE International Workshop on Computer Aided Modeling, Analysis and Design of Communication Links and Networks (CAMAD), pp. 76\u201380. IEEE (2010)","key":"9_CR5","DOI":"10.1109\/CAMAD.2010.5686959"},{"key":"9_CR6","volume-title":"Using random forest to learn imbalanced data","author":"C. Chen","year":"2004","unstructured":"Chen, C., Liaw, A., Breiman, L.: Using random forest to learn imbalanced data. University of California, Berkeley (2004)"},{"doi-asserted-by":"crossref","unstructured":"Claise, B.: Cisco systems netflow services export version 9 (September 2004)","key":"9_CR7","DOI":"10.17487\/rfc3954"},{"issue":"4","key":"9_CR8","doi-asserted-by":"publisher","first-page":"753","DOI":"10.1016\/j.asej.2013.01.003","volume":"4","author":"R.M. Elbasiony","year":"2013","unstructured":"Elbasiony, R.M., Sallam, E.A., Eltobely, T.E., Fahmy, M.M.: A hybrid network intrusion detection framework based on random forests and weighted k-means. Ain Shams Engineering Journal\u00a04(4), 753\u2013762 (2013)","journal-title":"Ain Shams Engineering Journal"},{"issue":"9","key":"9_CR9","doi-asserted-by":"publisher","first-page":"1194","DOI":"10.1016\/j.peva.2007.06.014","volume":"64","author":"J. Erman","year":"2007","unstructured":"Erman, J., Mahanti, A., Arlitt, M., Cohen, I., Williamson, C.: Offline\/realtime traffic classification using semi-supervised learning. Performance Evaluation\u00a064(9), 1194\u20131213 (2007)","journal-title":"Performance Evaluation"},{"issue":"1","key":"9_CR10","first-page":"3133","volume":"15","author":"M. Fern\u00e1ndez-Delgado","year":"2014","unstructured":"Fern\u00e1ndez-Delgado, M., Cernadas, E., Barro, S., Amorim, D.: Do we need hundreds of classifiers to solve real world classification problems? The Journal of Machine Learning Research\u00a015(1), 3133\u20133181 (2014)","journal-title":"The Journal of Machine Learning Research"},{"key":"9_CR11","series-title":"Lecture Notes in Artificial Intelligence","doi-asserted-by":"publisher","first-page":"802","DOI":"10.1007\/978-3-540-30134-9_107","volume-title":"Knowledge-Based Intelligent Information and Engineering Systems","author":"T.M. Huang","year":"2004","unstructured":"Huang, T.M., Kecman, V.: Semi-supervised learning from unbalanced labeled data\u2013an improvement. In: Negoita, M.G., Howlett, R.J., Jain, L.C. (eds.) KES 2004. LNCS (LNAI), vol.\u00a03215, pp. 802\u2013808. Springer, Heidelberg (2004)"},{"doi-asserted-by":"crossref","unstructured":"Jiang, H., Moore, A.W., Ge, Z., Jin, S., Wang, J.: Lightweight application classification for network management. In: Proceedings of the 2007 SIGCOMM Workshop on Internet Network Management, pp. 299\u2013304. ACM (2007)","key":"9_CR12","DOI":"10.1145\/1321753.1321771"},{"doi-asserted-by":"crossref","unstructured":"Karagiannis, T., Papagiannaki, K., Faloutsos, M.: Blinc: multilevel traffic classification in the dark. In: ACM SIGCOMM Computer Communication Review, vol.\u00a035, pp. 229\u2013240. ACM (2005)","key":"9_CR13","DOI":"10.1145\/1090191.1080119"},{"key":"9_CR14","series-title":"LNAI","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-642-17080-5_21","volume-title":"Artificial Intelligence and Cognitive Science","author":"S.S. Khan","year":"2010","unstructured":"Khan, S.S., Madden, M.G.: A survey of recent trends in one class classification. In: Coyle, L., Freyne, J. (eds.) AICS 2009. LNCS (LNAI), vol.\u00a06206, pp. 188\u2013197. Springer, Heidelberg (2010)"},{"key":"9_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1007\/11553595_6","volume-title":"Image Analysis and Processing \u2013 ICIAP 2005","author":"P. Laskov","year":"2005","unstructured":"Laskov, P., D\u00fcssel, P., Sch\u00e4fer, C., Rieck, K.: Learning intrusion detection: supervised or unsupervised? In: Roli, F., Vitulano, S. (eds.) ICIAP 2005. LNCS, vol.\u00a03617, pp. 50\u201357. Springer, Heidelberg (2005)"},{"unstructured":"Leung, K., Leckie, C.: Unsupervised anomaly detection in network intrusion detection using clusters, pp. 333\u2013342 (2005)","key":"9_CR16"},{"issue":"4","key":"9_CR17","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J. McHugh","year":"2000","unstructured":"McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Transactions on Information and system Security\u00a03(4), 262\u2013294 (2000)","journal-title":"ACM Transactions on Information and system Security"},{"doi-asserted-by":"crossref","unstructured":"Mizutani, M., Takeda, K., Murai, J.: Behavior rule based intrusion detection, pp. 57\u201358 (2009)","key":"9_CR18","DOI":"10.1145\/1658997.1659028"},{"unstructured":"Adetunmbi, A., Olusola, A.S.: Oladele, and Daramola\u00a0O Abosede. Analysis of kdd99 intrusion detection dataset for selection of relevance features. In: Proceedings of the World Congress on Engineering and Computer Science, vol.\u00a01, pp. 20\u201322 (2010)","key":"9_CR19"},{"doi-asserted-by":"crossref","unstructured":"Perdisci, R., Gu, V., Lee, W.: Using an ensemble of one-class svm classifiers to harden payload-based anomaly detection systems. In: Sixth International Conference on Data Mining, ICDM 2006, pp. 488\u2013498. IEEE (2006)","key":"9_CR20","DOI":"10.1109\/ICDM.2006.165"},{"doi-asserted-by":"crossref","unstructured":"Pevn\u00fd, T., Ker, A.D.: The challenges of rich features in universal steganalysis (2013)","key":"9_CR21","DOI":"10.21236\/ADA616034"},{"unstructured":"Rehak, M., Pechoucek, M., Celeda, P., Novotny, J., Minarik, P.: Camnep: agent-based network intrusion detection system, pp. 133\u2013136 (2008)","key":"9_CR22"},{"doi-asserted-by":"crossref","unstructured":"Rehak, M., Pechoucek, M., Grill, M., Stiborek, J., Barto\u0161, K., Celeda, P.: Adaptive multiagent system for network traffic monitoring. IEEE Intelligent Systems (3), 16\u201325 (2009)","key":"9_CR23","DOI":"10.1109\/MIS.2009.42"},{"doi-asserted-by":"crossref","unstructured":"Rossi, D., Valenti, S.: Fine-grained traffic classification with netflow data, pp. 479\u2013483 (2010)","key":"9_CR24","DOI":"10.1145\/1815396.1815507"},{"unstructured":"So-In, C.: A survey of network traffic monitoring and analysis tools. Cse 576m Computer System Analysis Project, Washington University in St. Louis (2009)","key":"9_CR25"},{"issue":"3","key":"9_CR26","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1109\/SURV.2010.032210.00054","volume":"12","author":"A. Sperotto","year":"2010","unstructured":"Sperotto, A., Schaffrath, G., Sadre, R., Morariu, C., Pras, A., Stiller, B.: An overview of ip flow-based intrusion detection. IEEE Communications Surveys Tutorials\u00a012(3), 343\u2013356 (2010)","journal-title":"IEEE Communications Surveys Tutorials"},{"doi-asserted-by":"crossref","unstructured":"Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.-A.: A detailed analysis of the kdd cup 99 data set (2009)","key":"9_CR27","DOI":"10.1109\/CISDA.2009.5356528"},{"issue":"10","key":"9_CR28","doi-asserted-by":"publisher","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"C.-F. Tsai","year":"2009","unstructured":"Tsai, C.-F., Hsu, Y.-F., Lin, C.-Y., Lin, W.-Y.: Intrusion detection by machine learning: A review. Expert Systems with Applications\u00a036(10), 11994\u201312000 (2009)","journal-title":"Expert Systems with Applications"},{"issue":"5","key":"9_CR29","doi-asserted-by":"publisher","first-page":"649","DOI":"10.1109\/TSMCC.2008.923876","volume":"38","author":"J. Zhang","year":"2008","unstructured":"Zhang, J., Zulkernine, M., Haque, A.: Random-forests-based network intrusion detection systems. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews\u00a038(5), 649\u2013659 (2008)","journal-title":"IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews"}],"container-title":["Lecture Notes in Computer Science","Intelligent Mechanisms for Network Configuration and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-20034-7_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,7]],"date-time":"2019-06-07T20:08:35Z","timestamp":1559938115000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-20034-7_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319200330","9783319200347"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-20034-7_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]}}}