{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T14:07:15Z","timestamp":1725977235079},"publisher-location":"Cham","reference-count":47,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319907741"},{"type":"electronic","value":"9783319907758"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-90775-8_12","type":"book-chapter","created":{"date-parts":[[2018,5,8]],"date-time":"2018-05-08T04:43:57Z","timestamp":1525754637000},"page":"137-149","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Designing Anomaly Detection System for Cloud Servers by Frequency Domain Features of System Call Identifiers and Machine Learning"],"prefix":"10.1007","author":[{"given":"Waqas","family":"Haider","sequence":"first","affiliation":[]},{"given":"Jiankun","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Nour","family":"Moustafa","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,5,9]]},"reference":[{"key":"12_CR1","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/978-3-642-04117-4_11","volume-title":"Handbook of Information and Communication Security","author":"I Pabla","year":"2010","unstructured":"Pabla, I., Khalil, I., Hu, J.: Intranet security via firewalls. In: Stavroulakis, P., Stamp, M. (eds.) Handbook of Information and Communication Security, pp. 207\u2013219. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-04117-4_11"},{"issue":"8","key":"12_CR2","doi-asserted-by":"publisher","first-page":"870","DOI":"10.1016\/j.future.2007.07.011","volume":"24","author":"H Wang","year":"2008","unstructured":"Wang, H., Zhang, Y., Cao, J.: Access control management for ubiquitous computing. Future Gener. Comput. Syst. 24(8), 870\u2013878 (2008)","journal-title":"Future Gener. Comput. Syst."},{"key":"12_CR3","doi-asserted-by":"crossref","unstructured":"Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military Communications and Information Systems Conference (MilCIS), pp. 1\u20136. IEEE (2015)","DOI":"10.1109\/MilCIS.2015.7348942"},{"issue":"2","key":"12_CR4","doi-asserted-by":"publisher","first-page":"942","DOI":"10.1109\/SURV.2013.100913.00195","volume":"16","author":"Y Wang","year":"2014","unstructured":"Wang, Y., Wen, S., Xiang, Y., Zhou, W.: Modeling the propagation of worms in networks: a survey. IEEE Commun. Surv. Tutor. 16(2), 942\u2013960 (2014)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Moustafa, N., Slay, J.: The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection systems. In: 2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), pp. 25\u201331. IEEE (2015)","DOI":"10.1109\/BADGERS.2015.014"},{"issue":"6","key":"12_CR6","doi-asserted-by":"publisher","first-page":"1193","DOI":"10.1109\/TC.2012.65","volume":"62","author":"S Cesare","year":"2013","unstructured":"Cesare, S., Xiang, Y., Zhou, W.: Malwisean effective and efficient classification system for packed and polymorphic malware. IEEE Trans. Comput. 62(6), 1193\u20131206 (2013)","journal-title":"IEEE Trans. Comput."},{"issue":"2","key":"12_CR7","doi-asserted-by":"publisher","first-page":"1145","DOI":"10.1109\/COMST.2016.2636078","volume":"19","author":"E Rudd","year":"2017","unstructured":"Rudd, E., Rozsa, A., Gunther, M., Boult, T.: A survey of stealth malware: attacks, mitigation measures, and steps toward autonomous open world solutions. IEEE Commun. Surv. Tutor. 19(2), 1145\u20131172 (2017)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"12_CR8","unstructured":"Moustaf, N., Slay, J.: Creating novel features to anomaly network detection using DARPA-2009 data set. In: Proceedings of the 14th European Conference on Cyber Warfare and Security, p. 204. Academic Conferences Limited (2015)"},{"issue":"2","key":"12_CR9","doi-asserted-by":"publisher","first-page":"460","DOI":"10.1109\/JSYST.2015.2414822","volume":"11","author":"M Ficco","year":"2017","unstructured":"Ficco, M., Palmieri, F.: Introducing fraudulent energy consumption in cloud infrastructures: a new generation of denial-of-service attacks. IEEE Syst. J. 11(2), 460\u2013470 (2017)","journal-title":"IEEE Syst. J."},{"issue":"6","key":"12_CR10","doi-asserted-by":"publisher","first-page":"790","DOI":"10.1016\/j.jpdc.2013.02.004","volume":"73","author":"H Kumarage","year":"2013","unstructured":"Kumarage, H., Khalil, I., Tari, Z., Zomaya, A.: Distributed anomaly detection for industrial wireless sensor networks based on fuzzy data modelling. J. Parallel Distrib. Comput. 73(6), 790\u2013806 (2013)","journal-title":"J. Parallel Distrib. Comput."},{"issue":"9","key":"12_CR11","doi-asserted-by":"publisher","first-page":"2573","DOI":"10.1109\/TC.2014.2366755","volume":"64","author":"H Kumarage","year":"2015","unstructured":"Kumarage, H., Khalil, I., Tari, Z.: Granular evaluation of anomalies in wireless sensor networks using dynamic data partitioning with an entropy criteria. IEEE Trans. Comput. 64(9), 2573\u20132585 (2015)","journal-title":"IEEE Trans. Comput."},{"key":"12_CR12","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1016\/j.jcss.2017.03.001","volume":"90","author":"A Alabdulatif","year":"2017","unstructured":"Alabdulatif, A., Kumarage, H., Khalil, I., Yi, X.: Privacy-preserving anomaly detection in cloud with lightweight homomorphic encryption. J. Comput. Syst. Sci. 90, 28\u201345 (2017)","journal-title":"J. Comput. Syst. Sci."},{"key":"12_CR13","unstructured":"Haider, W., Hu, J., Xie, Y., Yu, X., Wu, Q.: Detecting anomalous behavior in cloud servers by nested arc hidden SEMI-Markov model with state summarization. IEEE Trans. Big Data (2017)"},{"key":"12_CR14","volume-title":"Cloud Computing: Implementation, Management, and Security","author":"JW Rittinghouse","year":"2016","unstructured":"Rittinghouse, J.W., Ransome, J.F.: Cloud Computing: Implementation, Management, and Security. CRC Press, Boca Raton (2016)"},{"issue":"3","key":"12_CR15","doi-asserted-by":"publisher","first-page":"583","DOI":"10.1016\/j.future.2010.12.006","volume":"28","author":"D Zissis","year":"2012","unstructured":"Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583\u2013592 (2012)","journal-title":"Future Gener. Comput. Syst."},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Haider, W., Hu, J., Xie, M.: Towards reliable data feature retrieval and decision engine in host-based anomaly detection systems. In: 2015 IEEE 10th Conference on Industrial Electronics and Applications (ICIEA), pp. 513\u2013517. IEEE (2015)","DOI":"10.1109\/ICIEA.2015.7334166"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Haider, W., Hu, J., Yu, X., Xie, Y.: Integer data zero-watermark assisted system calls abstraction and normalization for host based anomaly detection systems. In: 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing (CSCloud), pp. 349\u2013355. IEEE (2015)","DOI":"10.1109\/CSCloud.2015.11"},{"key":"12_CR18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45300-2","volume-title":"Ethics and Policies for Cyber Operations: A NATO Cooperative Cyber Defence Centre of Excellence Initiative","author":"M Taddeo","year":"2017","unstructured":"Taddeo, M., Glorioso, L.: Ethics and Policies for Cyber Operations: A NATO Cooperative Cyber Defence Centre of Excellence Initiative, vol. 124. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-45300-2"},{"key":"12_CR19","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-642-41205-9_14","volume-title":"Cyber Security and Privacy","author":"S Herpig","year":"2013","unstructured":"Herpig, S.: Anti-war era: the need for proactive cyber security. In: Felici, M. (ed.) CSP 2013. CCIS, vol. 182, pp. 165\u2013176. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-41205-9_14"},{"key":"12_CR20","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1016\/j.jnca.2017.03.018","volume":"87","author":"W Haider","year":"2017","unstructured":"Haider, W., Hu, J., Slay, J., Turnbull, B., Xie, Y.: Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling. J. Netw. Comput. Appl. 87, 185\u2013192 (2017)","journal-title":"J. Netw. Comput. Appl."},{"issue":"3","key":"12_CR21","doi-asserted-by":"publisher","first-page":"1509","DOI":"10.1016\/j.patcog.2013.09.030","volume":"47","author":"K-A Toh","year":"2014","unstructured":"Toh, K.-A., Tan, G.-C.: Exploiting the relationships among several binary classifiers via data transformation. Pattern Recogn. 47(3), 1509\u20131522 (2014)","journal-title":"Pattern Recogn."},{"issue":"1","key":"12_CR22","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/s10994-006-9455-4","volume":"65","author":"K-A Toh","year":"2006","unstructured":"Toh, K.-A.: Training a reciprocal-sigmoid classifier by feature scaling-space. Mach. Learn. 65(1), 273\u2013308 (2006)","journal-title":"Mach. Learn."},{"issue":"5","key":"12_CR23","doi-asserted-by":"publisher","first-page":"1079","DOI":"10.1109\/TSMCB.2005.847745","volume":"35","author":"Q-L Tran","year":"2005","unstructured":"Tran, Q.-L., Toh, K.-A., Srinivasan, D., Wong, K.-L., Low, S.Q.-C.: An empirical comparison of nine pattern classifiers. IEEE Trans. Syst. Man Cybern. Part B (Cybern.) 35(5), 1079\u20131091 (2005)","journal-title":"IEEE Trans. Syst. Man Cybern. Part B (Cybern.)"},{"issue":"3","key":"12_CR24","doi-asserted-by":"publisher","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"SA Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. J. Comput. Secur. 6(3), 151\u2013180 (1998)","journal-title":"J. Comput. Secur."},{"issue":"3","key":"12_CR25","doi-asserted-by":"publisher","first-page":"29","DOI":"10.3390\/fi8030029","volume":"8","author":"W Haider","year":"2016","unstructured":"Haider, W., Creech, G., Xie, Y., Hu, J.: Windows based data sets for evaluation of robustness of host based intrusion detection systems (IDS) to zero-day and stealth attacks. Future Internet 8(3), 29 (2016)","journal-title":"Future Internet"},{"issue":"4","key":"12_CR26","doi-asserted-by":"publisher","first-page":"807","DOI":"10.1109\/TC.2013.13","volume":"63","author":"G Creech","year":"2014","unstructured":"Creech, G., Hu, J.: A semantic approach to host-based intrusion detection systems using contiguous and discontiguous system call patterns. IEEE Trans. Comput. 63(4), 807\u2013819 (2014)","journal-title":"IEEE Trans. Comput."},{"issue":"1","key":"12_CR27","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1016\/S0167-4048(03)00112-3","volume":"22","author":"S-B Cho","year":"2003","unstructured":"Cho, S.-B., Park, H.-J.: Efficient anomaly detection by modeling privilege flows using hidden Markov model. Comput. Secur. 22(1), 45\u201355 (2003)","journal-title":"Comput. Secur."},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Murtaza, S.S., Khreich, W., Hamou-Lhadj, A., Gagnon, S.: A trace abstraction approach for host-based anomaly detection. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), pp. 1\u20138. IEEE (2015)","DOI":"10.1109\/CISDA.2015.7208644"},{"key":"12_CR29","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: A sense of self for unix processes. In: Proceedings of 1996 IEEE Symposium on Security and Privacy, pp. 120\u2013128. IEEE (1996)","DOI":"10.1109\/SECPRI.1996.502675"},{"issue":"5","key":"12_CR30","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/52.605929","volume":"14","author":"AP Kosoresow","year":"1997","unstructured":"Kosoresow, A.P., Hofmeyer, S.: Intrusion detection via system call traces. IEEE Softw. 14(5), 35\u201342 (1997)","journal-title":"IEEE Softw."},{"key":"12_CR31","doi-asserted-by":"crossref","unstructured":"Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans. Big Data (2017)","DOI":"10.1109\/TBDATA.2017.2715166"},{"key":"12_CR32","unstructured":"Ghosh, A.K., Schwartzbard, A., Schatz, M.: Learning program behavior profiles for intrusion detection. In: Workshop on Intrusion Detection and Network Monitoring, vol. 51462, pp. 1\u201313 (1999)"},{"key":"12_CR33","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/978-1-4615-0953-0_4","volume-title":"Applications of Data Mining in Computer Security","author":"E Eskin","year":"2002","unstructured":"Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A geometric framework for unsupervised anomaly detection: detecting intrusions in unlabeled data. In: Barbar\u00e1, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security, vol. 6, pp. 77\u2013102. Springer, Boston (2002). https:\/\/doi.org\/10.1007\/978-1-4615-0953-0_4"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Hoang, X., Hu, J.: An efficient hidden Markov model training scheme for anomaly intrusion detection of server applications based on system calls. In: Proceedings of 12th IEEE International Conference on Networks, (ICon 2004), vol. 2, pp. 470\u2013474. IEEE (2004)","DOI":"10.1109\/ICON.2004.1409210"},{"issue":"1","key":"12_CR35","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MNET.2009.4804323","volume":"23","author":"J Hu","year":"2009","unstructured":"Hu, J., Yu, X., Qiu, D., Chen, H.-H.: A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection. IEEE Netw. 23(1), 42\u201347 (2009)","journal-title":"IEEE Netw."},{"issue":"4","key":"12_CR36","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1109\/TDSC.2008.69","volume":"7","author":"F Maggi","year":"2010","unstructured":"Maggi, F., Matteucci, M., Zanero, S.: Detecting intrusions through system call sequence and argument analysis. IEEE Trans. Dependable Secure Comput. 7(4), 381\u2013395 (2010)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"1","key":"12_CR37","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MITP.2017.7","volume":"19","author":"M Silic","year":"2017","unstructured":"Silic, M., Back, A.: Open source software adoption: lessons from linux in munich. IT Prof. 19(1), 42\u201347 (2017)","journal-title":"IT Prof."},{"key":"12_CR38","unstructured":"Creech, G.: Developing a high-accuracy cross platform host-based intrusion detection system capable of reliably detecting zero-day attacks. Ph.D. dissertation, University of New South Wales, Canberra, Australia (2014)"},{"key":"12_CR39","volume-title":"The Fourier Transform and Its Applications","author":"RN Bracewell","year":"1986","unstructured":"Bracewell, R.N., Bracewell, R.N.: The Fourier Transform and Its Applications, vol. 31999. McGraw-Hill, New York (1986)"},{"key":"12_CR40","series-title":"Data Analytics","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-319-59439-2_5","volume-title":"Data Analytics and Decision Support for Cybersecurity","author":"N Moustafa","year":"2017","unstructured":"Moustafa, N., Creech, G., Slay, J.: Big data analytics for intrusion detection system: statistical decision-making using finite dirichlet mixture models. In: Palomares Carrascosa, I., Kalutarage, H.K., Huang, Y. (eds.) Data Analytics and Decision Support for Cybersecurity. DA, pp. 127\u2013156. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59439-2_5"},{"issue":"1","key":"12_CR41","doi-asserted-by":"publisher","first-page":"489","DOI":"10.1016\/j.neucom.2005.12.126","volume":"70","author":"G-B Huang","year":"2006","unstructured":"Huang, G.-B., Zhu, Q.-Y., Siew, C.-K.: Extreme learning machine: theory and applications. Neurocomputing 70(1), 489\u2013501 (2006)","journal-title":"Neurocomputing"},{"key":"12_CR42","doi-asserted-by":"crossref","unstructured":"Creech, G., Hu, J.: Generation of a new IDS test dataset: time to retire the KDD collection. In: 2013 IEEE Wireless Communications and Networking Conference (WCNC), pp. 4487\u20134492. IEEE (2013)","DOI":"10.1109\/WCNC.2013.6555301"},{"key":"12_CR43","unstructured":"KDD98 (1988). http:\/\/www.ll.mit.edu\/mission\/communications\/"},{"key":"12_CR44","unstructured":"Davis, J., Magrath, S.: A survey of cyber ranges and testbeds. Defence Science and Technology Organisation Edinburgh (Australia) Cyber and Electronic Warfare Division, Technical report (2013)"},{"issue":"1","key":"12_CR45","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/1882471.1882478","volume":"12","author":"Z Xing","year":"2010","unstructured":"Xing, Z., Pei, J., Keogh, E.: A brief survey on sequence classification. ACM SIGKDD Explor. Newsl. 12(1), 40\u201348 (2010)","journal-title":"ACM SIGKDD Explor. Newsl."},{"issue":"9","key":"12_CR46","doi-asserted-by":"publisher","first-page":"1377","DOI":"10.1016\/j.patrec.2004.11.015","volume":"26","author":"EJ Justino","year":"2005","unstructured":"Justino, E.J., Bortolozzi, F., Sabourin, R.: A comparison of SVM and HMM classifiers in the off-line signature verification. Pattern Recogn. Lett. 26(9), 1377\u20131385 (2005)","journal-title":"Pattern Recogn. Lett."},{"key":"12_CR47","doi-asserted-by":"publisher","first-page":"136","DOI":"10.1016\/j.neucom.2012.11.056","volume":"128","author":"C-M Vong","year":"2014","unstructured":"Vong, C.-M., Ip, W.-F., Wong, P.-K., Chiu, C.-C.: Predicting minority class for suspended particulate matters level by extreme learning machine. Neurocomputing 128, 136\u2013144 (2014)","journal-title":"Neurocomputing"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Mobile Networks and Management"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-90775-8_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,17]],"date-time":"2019-10-17T14:09:48Z","timestamp":1571321388000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-90775-8_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319907741","9783319907758"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-90775-8_12","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018]]}}}