{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T00:27:09Z","timestamp":1761611229631},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540874805"},{"type":"electronic","value":"9783540874812"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-87481-2_40","type":"book-chapter","created":{"date-parts":[[2008,8,13]],"date-time":"2008-08-13T23:30:46Z","timestamp":1218670246000},"page":"613-627","source":"Crossref","is-referenced-by-count":13,"title":["Continuous Time Bayesian Networks for Host Level Network Intrusion Detection"],"prefix":"10.1007","author":[{"given":"Jing","family":"Xu","sequence":"first","affiliation":[]},{"given":"Christian R.","family":"Shelton","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"40_CR1","unstructured":"Nodelman, U., Shelton, C.R., Koller, D.: Continuous time Bayesian networks. In: UAI, pp. 378\u2013387 (2002)"},{"key":"40_CR2","unstructured":"Ng, B., Pfeffer, A., Dearden, R.: Continuous time particle filtering. In: AAAI, pp. 1360\u20131365 (2005)"},{"key":"40_CR3","unstructured":"Gopalratnam, K., Kautz, H., Weld, D.S.: Extending continuous time Bayesian networks. In: AAAI, pp. 981\u2013986 (2005)"},{"key":"40_CR4","doi-asserted-by":"crossref","unstructured":"Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: Multilevel traffic classification in the dark. In: ACM SIGCOMM (2005)","DOI":"10.1145\/1080091.1080119"},{"key":"40_CR5","doi-asserted-by":"crossref","unstructured":"Malan, D.J., Smith, M.D.: Host-based detection of worms through peer to peer cooperation. In: WORM (2005)","DOI":"10.1145\/1103626.1103641"},{"key":"40_CR6","unstructured":"Cha, B.: Host anomaly detection performance analysis based on system call of neuro-fuzzy using soundex algorithm and n-gram technique. In: Systems Communications (ICW) (2005)"},{"key":"40_CR7","unstructured":"Qin, X., Lee, W.: Attack plan recognition and prediction using causal networks. In: Annual Computer Security Application Conference, pp. 370\u2013379 (2004)"},{"key":"40_CR8","volume-title":"Applications of Data Mining in Computer Security","author":"E. Eskin","year":"2002","unstructured":"Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data. In: Barbara, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security. Kluwer Academic Publishers, Dordrecht (2002)"},{"key":"40_CR9","doi-asserted-by":"crossref","unstructured":"Zuev, D., Moore, A.: Internet traffic classification using Bayesian analysis techniques. In: ACM SIGMETRICS (2005)","DOI":"10.1145\/1064212.1064220"},{"key":"40_CR10","doi-asserted-by":"crossref","unstructured":"Soule, A., Salamatian, L., Taft, N., Emilion, R., Papagiannali, K.: Flow classification by histogram. In: ACM SIGMETRICS (2004)","DOI":"10.1145\/1005686.1005696"},{"key":"40_CR11","doi-asserted-by":"crossref","unstructured":"Dewaele, G., Fukuda, K., Borgnat, P.: Extracting hidden anomalies using sketch and non Gaussian multiresulotion statistical detection procedures. In: ACM SIGCOMM (2007)","DOI":"10.1145\/1352664.1352675"},{"key":"40_CR12","doi-asserted-by":"crossref","unstructured":"Lakhina, A., Crovella, M., Diot, C.: Mining anomalies using traffic feature distributions. In: ACM SIGCOMM, pp. 21\u201326 (2005)","DOI":"10.1145\/1080091.1080118"},{"issue":"7","key":"40_CR13","doi-asserted-by":"publisher","first-page":"810","DOI":"10.1109\/TC.2002.1017701","volume":"51","author":"N. Ye","year":"2002","unstructured":"Ye, N., Emran, S.M., Chen, Q., Vilbert, S.: Multivariate statistical analysis of audit trails for host-based intrusion detection. IEEE Transactions of Computers\u00a051(7), 810\u2013820 (2002)","journal-title":"IEEE Transactions of Computers"},{"key":"40_CR14","doi-asserted-by":"crossref","unstructured":"Rieck, K., Laskov, P.: Language models for detection of unknown attacks in network traffic. Journal in Computer Virology (2007)","DOI":"10.1007\/s11416-006-0030-0"},{"key":"40_CR15","doi-asserted-by":"crossref","unstructured":"Xu, K., Zhang, Z.L., Bhattacharyya, S.: Profiling internet backbone traffic: Behavior models and applications. ACM SIGCOMM (2005)","DOI":"10.1145\/1080091.1080112"},{"key":"40_CR16","doi-asserted-by":"crossref","unstructured":"Soule, A., Salamatian, K., Taft, N.: Combining filtering and statistical methods for anomaly detection. In: Internet Measurement Conference, pp. 331\u2013344 (2005)","DOI":"10.1145\/1330107.1330147"},{"key":"40_CR17","doi-asserted-by":"crossref","unstructured":"Moore, A.W., Zuev, D.: Internet traffic classification using bayesian analysis techniques. In: ACM SIGMETRICS (2005)","DOI":"10.1145\/1064212.1064220"},{"key":"40_CR18","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. In: Annual Computer Security Applications Conference (2003)","DOI":"10.1109\/CSAC.2003.1254306"},{"key":"40_CR19","doi-asserted-by":"crossref","unstructured":"Lazarevic, A., Ertoz, L., Kumar, V., Ozgur, A., Srivastava, J.: A compare study of anomaly detection schemes in network intrusion detection. In: SDM (2003)","DOI":"10.1137\/1.9781611972733.3"},{"key":"40_CR20","unstructured":"Agosta, J.M., Duik-Wasser, C., Chandrashekar, J., Livadas, C.: An adaptive anomaly detector for worm detection. In: Proceedings of the Second Workshop on Tackling Computer Systems Problems with Machine Learning Techniques (2007)"},{"key":"40_CR21","unstructured":"Nodelman, U., Shelton, C.R., Koller, D.: Expectation maximization and complex duration distributions for continuous time Bayesian networks. In: UAI, pp. 421\u2013430 (2005)"},{"issue":"3","key":"40_CR22","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1111\/j.1467-8640.1989.tb00324.x","volume":"5","author":"T. Dean","year":"1989","unstructured":"Dean, T., Kanazawa, K.: A model for reasoning about persistence and causation. Computational Intelligence\u00a05(3), 142\u2013150 (1989)","journal-title":"Computational Intelligence"},{"key":"40_CR23","unstructured":"MAWI: MAWI working group traffic archive, http:\/\/mawi.nezu.wide.ad.jp\/mawi\/"},{"key":"40_CR24","unstructured":"LBNL: LBNL\/ICSI enterprise tracing project, http:\/\/www.icir.org\/enterprise-tracing\/Overview.html"},{"key":"40_CR25","unstructured":"NLANR: National laboratory for applied network research (2006), http:\/\/www.nlanr.net"}],"container-title":["Lecture Notes in Computer Science","Machine Learning and Knowledge Discovery in Databases"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-87481-2_40.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:38:15Z","timestamp":1606185495000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-87481-2_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540874805","9783540874812"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-87481-2_40","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}