{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T17:51:12Z","timestamp":1725558672804},"publisher-location":"Berlin, Heidelberg","reference-count":17,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540255840"},{"type":"electronic","value":"9783540319795"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/978-3-540-31979-5_16","type":"book-chapter","created":{"date-parts":[[2010,6,30]],"date-time":"2010-06-30T16:42:55Z","timestamp":1277916175000},"page":"178-191","source":"Crossref","is-referenced-by-count":1,"title":["A Brief Observation-Centric Analysis on Anomaly-Based Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Zonghua","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Hong","family":"Shen","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"2","key":"16_CR1","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1145\/507052.507054","volume":"20","author":"M. Burgess","year":"2002","unstructured":"Burgess, M., Haugerud, H., Straumsnes, S.: Measuring System Normality. ACM Transactions on Computer Systems\u00a020(2), 125\u2013160 (2002)","journal-title":"ACM Transactions on Computer Systems"},{"issue":"3","key":"16_CR2","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1109\/TKDE.2003.1198388","volume":"15","author":"G. Cormode","year":"2003","unstructured":"Cormode, G., Datar, M., Lndyk, P., Muthukrishnan, S.: Comparing Data Streams Using Hamming Norms(How to Zero). IEEE Transaction on Knowledge and Data Engineering\u00a015(3), 529\u2013540 (2003)","journal-title":"IEEE Transaction on Knowledge and Data Engineering"},{"key":"16_CR3","volume-title":"proceedings of 1996 IEEE Symposium on Security and Privacy","author":"S. Forrest","year":"1996","unstructured":"Forrest, S., Hofmeyr, S.A., Longstaff, T.A.: A sense of self for UNIX processes. In: proceedings of 1996 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (1996)"},{"issue":"3","key":"16_CR4","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1109\/TKDE.2003.1198387","volume":"15","author":"S. Guha","year":"2003","unstructured":"Guha, S., Meyerson, A., Mishra, N., Motwani, R., O\u2019Callaghan, L.: Clustering Data Streams: Theory and Practice. IEEE Transaction on Knowledge and Data Engineering\u00a015(3), 515\u2013528 (2003)","journal-title":"IEEE Transaction on Knowledge and Data Engineering"},{"key":"16_CR5","doi-asserted-by":"crossref","unstructured":"Helman, P., Liepins, G.: Statistical Foundataions of Audit Trail Analysis for the Detection of Computer Misuse. IEEE Transaction on Software Engineering\u00a019(9) (September 1993)","DOI":"10.1109\/32.241771"},{"key":"16_CR6","doi-asserted-by":"crossref","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion Detection using Sequences of System Calls. Journal of Computer Security, 151\u2013180 (1998)","DOI":"10.3233\/JCS-980109"},{"key":"16_CR7","doi-asserted-by":"crossref","unstructured":"Steiner, S.H.: Grouped Data Exponentially Weighted Moving Average Control Charts, Technical Report, Universtiy of Waterloo (1997)","DOI":"10.1111\/1467-9876.00107"},{"key":"16_CR8","doi-asserted-by":"publisher","first-page":"971","DOI":"10.1162\/jmlr.2003.4.6.971","volume":"4","author":"M. Hutter","year":"2003","unstructured":"Hutter, M.: Optimality of universal Bayesian sequence prediction for general loss and alphabet. Journal of Machine Learning Research\u00a04, 971\u20131000 (2003)","journal-title":"Journal of Machine Learning Research"},{"key":"16_CR9","first-page":"130","volume-title":"IEEE Symposium on Security and Privacy","author":"W. Lee","year":"2001","unstructured":"Lee, W., Xiang, D.: Information-theoretic meaasures for anomaly detection. In: IEEE Symposium on Security and Privacy, Oakland, California, May 14-16, pp. 130\u2013143. IEEE Computer Society Press, Los Alamitos (2001)"},{"issue":"5","key":"16_CR10","doi-asserted-by":"publisher","first-page":"634","DOI":"10.1109\/90.958331","volume":"9","author":"S. Ma","year":"2001","unstructured":"Ma, S., Ji, C.: Modeling Heterogeneous Network Traffic in Wavelet Domain. IEEE\/ACM Transactions On Networking\u00a09(5), 634\u2013649 (2001)","journal-title":"IEEE\/ACM Transactions On Networking"},{"key":"16_CR11","doi-asserted-by":"crossref","unstructured":"Maxion, R.A., Tan, K.M.C.: Anomaly Detection in Embedded Systems. IEEE Transaction on Computers\u00a051(2) (February 2002)","DOI":"10.1109\/12.980003"},{"issue":"4","key":"16_CR12","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J. Mchugh","year":"2000","unstructured":"Mchugh, J.: Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory. ACM Transactions on Information and System Security\u00a03(4), 262\u2013294 (2000)","journal-title":"ACM Transactions on Information and System Security"},{"key":"16_CR13","unstructured":"Solomonoff, R.J.: Three Kinds of Probabilistic Induction: Universal Distributions and Convergence Theorems. Machine Learning"},{"key":"16_CR14","unstructured":"Tan, K.M.C., Maxion, R.A.: \u201cWhy 6\u201d Defining the Operational Limites of stide, an Anomaly-Based Intrusion Detector. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, S&P 2002 (2002)"},{"key":"16_CR15","doi-asserted-by":"crossref","unstructured":"Warrender, C., Forrest, S., Pearlumtter, B.: Detecting Intrusions Using System Calls: Alternative Data Models. In: 1999 IEEE Symposium on Security and Privacy (May 1999)","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"16_CR16","doi-asserted-by":"crossref","unstructured":"Ye, N., Li, X., Chen, Q., Emran, S.M., Xu, M.: Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data. IEEE Transaction on Systems, Man, and Cybernetics-Part A:Systems and Humans\u00a031(4) (July 2001)","DOI":"10.1109\/3468.935043"},{"key":"16_CR17","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1016\/S0031-3203(02)00026-2","volume":"36","author":"D.-Y. Yeung","year":"2003","unstructured":"Yeung, D.-Y., Ding, Y.: Host-based intrusion detection using dynamic and static behavioral models. Pattern Recognition\u00a036, 229\u2013243 (2003)","journal-title":"Pattern Recognition"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-31979-5_16.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,1]],"date-time":"2023-06-01T20:24:50Z","timestamp":1685651090000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-31979-5_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540255840","9783540319795"],"references-count":17,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-31979-5_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2005]]}}}