{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T18:53:37Z","timestamp":1725562417121},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540221258"},{"type":"electronic","value":"9783540259527"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/978-3-540-25952-7_36","type":"book-chapter","created":{"date-parts":[[2010,8,9]],"date-time":"2010-08-09T00:17:37Z","timestamp":1281313057000},"page":"457-466","source":"Crossref","is-referenced-by-count":3,"title":["Experimental Studies Using Median Polish Procedure to Reduce Alarm Rates in Data Cubes of Intrusion Data"],"prefix":"10.1007","author":[{"given":"Jorge","family":"Levera","sequence":"first","affiliation":[]},{"given":"Benjamin","family":"Bar\u00e1n","sequence":"additional","affiliation":[]},{"given":"Robert","family":"Grossman","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"36_CR1","unstructured":"Advanced Network Management Lab, The Abilene Project, University of Indiana, Bloomington, Indiana, USA"},{"key":"36_CR2","doi-asserted-by":"crossref","unstructured":"Barbara, D., Wu, X.: Using approximations to scale exploratory data analysis in datacubes. In: Proceedings of the ACM SIGKDD International Conference (August 1999)","DOI":"10.1145\/312129.312288"},{"key":"36_CR3","doi-asserted-by":"crossref","unstructured":"Cuppens, F., Miege, A.: Alert correlation in a cooperative intrusion detection framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (May 2002)","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"36_CR4","unstructured":"Erbacher, R.F., Sobylak, K.: Improving Intrusion Analysis Effectiveness. In: Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, September 24-26, George Mason University (2003)"},{"key":"36_CR5","doi-asserted-by":"crossref","unstructured":"Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. Data Mining for Security Applications. Kluwer (2002)","DOI":"10.1007\/978-1-4615-0953-0_4"},{"key":"36_CR6","doi-asserted-by":"crossref","unstructured":"Gray, J., Bosworth, A., Layman, A., Pirahesh, H.: Data Cube: A Relational Aggregation Operator Generalizing Group-by, Cross-tabs and Sub-totals. In: Proceedings of the 12th Int. Conf. on Data Engineering, pp. 152\u2013159 (1996)","DOI":"10.1109\/ICDE.1996.492099"},{"key":"36_CR7","doi-asserted-by":"crossref","unstructured":"Harinarayan, V., Rajaraman, A., Ullman, J.D.: Implementing data cubes efficiently. In: Proceedings of the ACM SIGMOD 1996, Montreal, June 1996, pp. 205\u2013216 (1996)","DOI":"10.1145\/233269.233333"},{"key":"36_CR8","doi-asserted-by":"crossref","unstructured":"Hussain, A., Heidemann, J., Papadopoulos, C.: A framework for classifying denial of service attacks. In: Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, Karlsruhe, Germany, August 25-29, pp. 99\u2013110 (2003)","DOI":"10.1145\/863955.863968"},{"key":"36_CR9","doi-asserted-by":"crossref","unstructured":"Julisch, K.: Mining alarm clusters to improve alarm handling efficiency. In: 17th Annual Computer Security Applications Conference (ACSAC), December 2001, pp. 12\u201321 (2001)","DOI":"10.1109\/ACSAC.2001.991517"},{"key":"36_CR10","doi-asserted-by":"crossref","unstructured":"Julisch, K., Dacier, M.: Mining Intrusion Alarms for Actionable Knowledge. In: SIGKDD 2002, Edmonton, Alberta, Canada (2002)","DOI":"10.1145\/775047.775101"},{"key":"36_CR11","doi-asserted-by":"crossref","unstructured":"Julisch, K.: Clustering Intrusion Detection Alarms to Support Root Cause Analysis. ACM Transactions on Information and System Security\u00a06(4) (November 2003)","DOI":"10.1145\/950191.950192"},{"key":"36_CR12","unstructured":"Lee, W., Stolfo, S.: Data Mining Approaches for Intrusion Detection. In: Proceedings of the Seventh USENIX Security Symposium (SECURITY 1998), San Antonio, TX (January 1998)"},{"key":"36_CR13","unstructured":"Lincoln Laboratory, Massachussets Institute of Technology, DARPA 99 Intrusion Detection Data Set Attack Documentation. [Online] Available: \n                      \n                        http:\/\/www.ll.mit.edu\/IST\/ideval\/docs\/1999\/attackDB.html"},{"key":"36_CR14","doi-asserted-by":"crossref","unstructured":"Manganaris, S., Christensen, M., Zerkle, D., Hermiz, K.: A Data Mining Analysis of RTID Alarms. Computer Networks\u00a034(4) (October 2000)","DOI":"10.1016\/S1389-1286(00)00138-9"},{"key":"36_CR15","doi-asserted-by":"crossref","unstructured":"Ning, P., Cui, Y., Reeves, D.S.: Constructing attack scenarios through correlation of intrusion alerts. In: Proceedings of the 9th ACM conference on Computer and communications security, Washington, DC, USA (2002)","DOI":"10.1145\/586110.586144"},{"key":"36_CR16","unstructured":"Portnoy, L., Eskin, E., Stolfo, S.J.: Intrusion detection with unlabeled data using clustering. In: Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA 2001), Philadelphia, PA, November 5-8 (2001)"},{"key":"36_CR17","first-page":"229","volume-title":"Proceedings of Thirteenth Systems Administration Conference (LISA 1999)","author":"M. Roesch","year":"1999","unstructured":"Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of Thirteenth Systems Administration Conference (LISA 1999), pp. 229\u2013238. The USENIX Association, Berkeley (1999)"},{"key":"36_CR18","volume-title":"Exploratory Data Analysis","author":"J.W. Tukey","year":"1977","unstructured":"Tukey, J.W.: Exploratory Data Analysis. Addison-Wesley, Reading (1977)"},{"key":"36_CR19","unstructured":"Vert, G., Frincke, D.A., McConnell, J.C.: A visual mathematical model for intrusion detection. In: Proceedings of the 21st National Information Systems Security Conference, Crystal City, Arlington, VA, USA, October 5-8 (1998)"},{"key":"36_CR20","unstructured":"Ye, N., Li, X.: A Scalable Clustering Technique for Intrusion Signature Recognition. In: Proceedings of the 2001 IEEE, Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, June 5-6 (2001)"}],"container-title":["Lecture Notes in Computer Science","Intelligence and Security Informatics"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-25952-7_36.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T03:18:37Z","timestamp":1620011917000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-25952-7_36"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9783540221258","9783540259527"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-25952-7_36","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2004]]}}}