{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T07:09:53Z","timestamp":1743059393560,"version":"3.40.3"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319701387"},{"type":"electronic","value":"9783319701394"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-70139-4_88","type":"book-chapter","created":{"date-parts":[[2017,10,28]],"date-time":"2017-10-28T01:24:18Z","timestamp":1509153858000},"page":"867-877","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Detect Malicious Attacks from Entire TCP Communication Process"],"prefix":"10.1007","author":[{"given":"Peng","family":"Fang","sequence":"first","affiliation":[]},{"given":"Liusheng","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Xinyuan","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Hongli","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Shaowei","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,29]]},"reference":[{"key":"88_CR1","unstructured":"Moore, D., Keys, K., Koga, R., Lagache, E., Claffy, K.C.: The coralreef software suite as a tool for system and network administrators. In: 15th USENIX Conference on System Administration, pp. 133\u2013144. USENIX Association, San Diego (2001)"},{"key":"88_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-540-31966-5_4","volume-title":"Passive and Active Network Measurement","author":"AW Moore","year":"2005","unstructured":"Moore, A.W., Papagiannaki, K.: Toward the accurate identification of network applications. In: Dovrolis, C. (ed.) PAM 2005. LNCS, vol. 3431, pp. 41\u201354. Springer, Heidelberg (2005). doi:10.1007\/978-3-540-31966-5_4"},{"key":"88_CR3","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1145\/1129582.1129589","volume":"36","author":"L Bernaille","year":"2006","unstructured":"Bernaille, L., Teixeira, R., Akodkenou, I., Soule, A., Salamatian, K.: Traffic classification on the fly. J. ACM SIGCOMM Comput. Commun. Rev. 36, 23\u201326 (2006)","journal-title":"J. ACM SIGCOMM Comput. Commun. Rev."},{"key":"88_CR4","doi-asserted-by":"crossref","unstructured":"Nguyen, T.T., Armitage, G.: Training on multiple sub-flows to optimise the use of machine learning classifiers in real-world ip networks. In: 31th IEEE Conference on Local Computer Networks, pp. 369\u2013376. IEEE Press, Tampa (2006)","DOI":"10.1109\/LCN.2006.322122"},{"key":"88_CR5","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/1198255.1198257","volume":"37","author":"M Crotti","year":"2007","unstructured":"Crotti, M., Dusi, M., Gringoli, F., Salgarelli, L.: Traffic classification through simple statistical fingerprinting. J. ACM SIGCOMM Comput. Commun. Rev. 37, 5\u201316 (2007)","journal-title":"J. ACM SIGCOMM Comput. Commun. Rev."},{"key":"88_CR6","first-page":"2745","volume":"7","author":"CV Wright","year":"2006","unstructured":"Wright, C.V., Monrose, F., Masson, G.M.: On inferring application protocol behaviors in encrypted network traffic. J. Mach. Learn. Res. 7, 2745\u20132769 (2006)","journal-title":"J. Mach. Learn. Res."},{"key":"88_CR7","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"623","DOI":"10.1007\/978-3-319-23829-6_47","volume-title":"International Conference on Security and Privacy in Communication Networks","author":"S Zhioua","year":"2015","unstructured":"Zhioua, S., Jabeur, A.B., Langar, M., Ilahi, W.: Detecting malicious sessions through traffic fingerprinting using hidden Markov models. In: Tian, J., Jing, J., Srivatsa, M. (eds.) SecureComm 2014. LNICSSITE, vol. 152, pp. 623\u2013631. Springer, Cham (2015). doi:10.1007\/978-3-319-23829-6_47"},{"key":"88_CR8","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1109\/5.18626","volume":"77","author":"LR Rabiner","year":"1989","unstructured":"Rabiner, L.R.: A tutorial on hidden Markov models and selected applications in speech recognition. J. Proc. IEEE 77, 257\u2013286 (1989)","journal-title":"J. Proc. IEEE"},{"key":"88_CR9","doi-asserted-by":"crossref","first-page":"695","DOI":"10.1110\/ps.8.3.695","volume":"8","author":"R Durbin","year":"1999","unstructured":"Durbin, R., Eddy, S.R., Krogh, A., Mitchison, G.: Biological sequence analysis: probabilistic models of proteins and nucleic acids. J. Pro. Sci. 8, 695\u2013695 (1999)","journal-title":"J. Pro. Sci."},{"key":"88_CR10","doi-asserted-by":"publisher","first-page":"548","DOI":"10.1016\/j.procs.2013.06.073","volume":"19","author":"A Boukhtouta","year":"2013","unstructured":"Boukhtouta, A., Lakhdari, N.E., Mokhov, S.A., Debbabi, M.: Towards fingerprinting malicious traffic. J. Proc. Com. Sci. 19, 548\u2013555 (2013)","journal-title":"J. Proc. Com. Sci."},{"key":"88_CR11","doi-asserted-by":"crossref","unstructured":"Alshammari, R.: Automatically generating robust signatures using a machine learning approach to unveil encrypted VOIP traffic without using port numbers, IP addresses and payload inspection. Doctoral Dissertation (2012)","DOI":"10.1016\/j.comnet.2010.12.002"},{"key":"88_CR12","unstructured":"Moore, A., Zuev, D., Crogan, M.: Discriminators for use in flow-based classification. Queen Mary and Westfield College, Department of Computer Science (2005)"},{"key":"88_CR13","unstructured":"Yu, L., Liu, H.: Feature selection for high-dimensional data: A fast correlation-based filter solution. In: 20th International Conference on Machine Learning, pp. 856\u2013863. AAAI Press, Washington (2003)"},{"key":"88_CR14","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1145\/1071690.1064220","volume":"33","author":"AW Moore","year":"2005","unstructured":"Moore, A.W., Zuev, D.: Internet traffic classification using Bayesian analysis techniques. J. ACM SIGMETRICS Perform. Eval. Rev. 33, 50\u201360 (2005)","journal-title":"J. ACM SIGMETRICS Perform. Eval. Rev."},{"key":"88_CR15","doi-asserted-by":"crossref","unstructured":"Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA data mining software: an Update. J. ACM SIGKDD Explor. Newsl. 11, 10\u201318 (2009)","DOI":"10.1145\/1656274.1656278"},{"key":"88_CR16","unstructured":"John, G.H., Langley, P.: Estimating continuous distributions in Bayesian classifiers. In: 11th Conference on Uncertainty in Artificial Intelligence, pp. 338\u2013345. Morgan Kaufmann, Montreal (1995)"},{"key":"88_CR17","doi-asserted-by":"crossref","unstructured":"Tegeler, F., Fu, X., Vigna, G., Kruegel, C.: Botfinder: finding bots in network traffic without deep packet inspection. In: 8th International Conference on Emerging Networking Experiments and Technologies, pp. 349\u2013360. ACM, Nice (2012)","DOI":"10.1145\/2413176.2413217"},{"key":"88_CR18","unstructured":"Real World Intrusions Trace. https:\/\/www.netresec.com\/?page=PcapFiles"}],"container-title":["Lecture Notes in Computer Science","Neural Information Processing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-70139-4_88","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T13:07:01Z","timestamp":1710335221000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-70139-4_88"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319701387","9783319701394"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-70139-4_88","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"29 October 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICONIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Neural Information Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 November 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 November 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iconip2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.iconip2017.org\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}