{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T07:17:52Z","timestamp":1725520672538},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540881803"},{"type":"electronic","value":"9783540881810"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-88181-0_22","type":"book-chapter","created":{"date-parts":[[2008,10,20]],"date-time":"2008-10-20T11:31:09Z","timestamp":1224502269000},"page":"170-177","source":"Crossref","is-referenced-by-count":0,"title":["Statistical Anomaly Detection on Real e-Mail Traffic"],"prefix":"10.1007","author":[{"given":"Maurizio","family":"Aiello","sequence":"first","affiliation":[]},{"given":"Davide","family":"Chiarella","sequence":"additional","affiliation":[]},{"given":"Gianluca","family":"Papaleo","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"22_CR1","unstructured":"Axelsson, S.: Intrusion detection systems: A survey and taxonomy,Tech. Rep. 99-15, Chalmers Univ (March 2000)"},{"issue":"15","key":"22_CR2","doi-asserted-by":"publisher","first-page":"1356","DOI":"10.1016\/S0140-3664(02)00037-3","volume":"25","author":"T. Verwoerd","year":"2002","unstructured":"Verwoerd, T., Hunt, R.: Intrusion detection techniques and approaches. Comput. Commun.\u00a025(15), 1356\u20131365 (2002)","journal-title":"Comput. Commun."},{"issue":"3","key":"22_CR3","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1109\/32.372146","volume":"21","author":"K. Ilgun","year":"1995","unstructured":"Ilgun, K., Kemmerer, R.A., Porras, P.A.: State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering\u00a021(3), 181\u2013199 (1995)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"22_CR4","unstructured":"Kumar, S., Spafford, E.H.: A software architecture to support misuse intrusion detection. In: Proceedings of the 18th National Information Security Conference, pp. 194\u2013204 (1995)"},{"key":"22_CR5","doi-asserted-by":"crossref","unstructured":"Denning, D.E.: An intrusion detection model. IEEE Transactions on Software Engineering (1987)","DOI":"10.1109\/TSE.1987.232894"},{"issue":"16","key":"22_CR6","doi-asserted-by":"publisher","first-page":"1569","DOI":"10.1016\/S0140-3664(04)00238-5","volume":"27","author":"J.M. Estvez-Tapiador","year":"2004","unstructured":"Estvez-Tapiador, J.M., Garcia-Teodoro, P., Diaz-Verdejo, J.E.: Anomaly detection methods in wired networks: A survey and taxonomy. Comput. Commun.\u00a027(16), 1569\u20131584 (2004)","journal-title":"Comput. Commun."},{"key":"22_CR7","unstructured":"Du, Y., Wang, W.-q., Pang, Y.-G.: An intrusion detection method using average hamming distance. In: Proceedings of the Third International Conference on Machine Learning and Cybernetics, Shanghai, 26-29 August (2004)"},{"key":"22_CR8","unstructured":"Anderson, D., Frivold, T., Valdes, A.: Next-generation intrusion detection expert system (NIDES). Computer Science Laboratory (SRI Intemational, Menlo Park, CA): Technical reportSRI-CSL-95-07 (1995)"},{"key":"22_CR9","doi-asserted-by":"crossref","unstructured":"Wang, Y., Abdel-Wahab, H.: A Multilayer Approach of Anomaly Detection for Email Systems. In: Proceedings of the 11th IEEE Symposium on Computers and Communications (ISCC 2006) (2006)","DOI":"10.1109\/ISCC.2006.10"},{"key":"22_CR10","unstructured":"http:\/\/www.internetworldstats.com\/stats.htm"},{"key":"22_CR11","unstructured":"http:\/\/en.wikipedia.org\/wiki\/Notable_computer_viruses_and_worms"},{"key":"22_CR12","doi-asserted-by":"crossref","unstructured":"Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the slammer worm. IEEE Magazine of Security and Privacy, 33\u201339 (July\/August 2003)","DOI":"10.1109\/MSECP.2003.1219056"},{"key":"22_CR13","unstructured":"Leyden, J.: Zombie PCs spew out 80% of spam. The Register (June 2004)"},{"key":"22_CR14","doi-asserted-by":"crossref","unstructured":"Yasami, Y., Farahmand, M., Zargari, V.: An ARP-based Anomaly Detection Algorithm Using Hidden Markov Model in Enterprise Networks. In: Second International Conference on Systems and Networks Communications (ICSNC 2007) (2007)","DOI":"10.1109\/ICSNC.2007.15"},{"key":"22_CR15","doi-asserted-by":"crossref","unstructured":"Berk, V., Bakos, G., Morris, R.: Designing a Framework for Active Worm Detection on Global Networks. In: Proceedings of the first IEEE International Workshop on Information Assurance (IWIA 2003), Darmstadt, Germany (March 2003)","DOI":"10.1109\/IWIAS.2003.1192455"},{"key":"22_CR16","doi-asserted-by":"crossref","unstructured":"Bakos, G., Berk, V.: Early detection of internet worm activity by metering icmp destination unreachable messages. In: Proceedings of the SPIE Aerosense 2002 (2002)","DOI":"10.1117\/12.479290"},{"key":"22_CR17","unstructured":"Whyte, D., Kranakis, E., van Oorschot, P.C.: DNS-based Detection of Scanning Worms in an Enterprise Network. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium, San Diego, USA, February 3-4 (2005)"},{"key":"22_CR18","unstructured":"Whyte, D., van Oorschot, P.C., Kranakis, E.: Addressing Malicious SMTP-based Mass-Mailing Activity Within an Enterprise Network"},{"issue":"3","key":"22_CR19","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"S.A. Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion Detection using Sequences of System Calls. Journal of Computer Security\u00a06(3), 151\u2013180 (1998)","journal-title":"Journal of Computer Security"},{"key":"22_CR20","unstructured":"Cha, B.: Host anomaly detection performance analysis based on system call of Neuro-Fuzzy using Soundex algorithm and N-gram technique. In: Proceedings of the 2005 Systems Communications (ICW 2005) (2005)"},{"key":"22_CR21","unstructured":"http:\/\/www.ietf.org\/rfc\/rfc0821.txt"},{"key":"22_CR22","unstructured":"http:\/\/kdd.ics.uci.edu\/databases\/kddcup99\/kddcup99.html"},{"key":"22_CR23","unstructured":"http:\/\/www.ll.mit.edu\/IST\/ideval\/data\/data_index.html"},{"key":"22_CR24","unstructured":"http:\/\/en.wikipedia.org\/wiki\/Network_address_translation"},{"key":"22_CR25","unstructured":"http:\/\/spamassassin.apache.org\/"},{"key":"22_CR26","unstructured":"Harris, E.: The Next Step in the Spam Control War: Greylisting"},{"key":"22_CR27","unstructured":"http:\/\/en.wikipedia.org\/wiki\/DNSBL"},{"key":"22_CR28","doi-asserted-by":"crossref","unstructured":"Crandall, J.R., Su, Z., Wu, S.F., Chong, F.T.: On Deriving Unknown Vulnerabilities from Zero-Day Polymorphic and Metamorphic Worm Exploits. In: CCS 2005, Alexandria, Virginia, USA, November 7\u201311 (2005)","DOI":"10.1145\/1102120.1102152"},{"key":"22_CR29","unstructured":"Portokalidis, G., Bos, H.: SweetBait: Zero-Hour Worm Detection and Containment Using Honeypots"},{"key":"22_CR30","unstructured":"Akritidis, P., Anagnostakis, K., Markatos, E.P.: Efficient Content-Based Detection of Zero-DayWorms"},{"key":"22_CR31","unstructured":"http:\/\/www.cnr.it\/sitocnr\/home.html"},{"key":"22_CR32","unstructured":"http:\/\/lma.sourceforge.net\/"},{"key":"22_CR33","unstructured":"Behaviour-Based Network Security Goes Mainstream, David Geer, Computer (March 2006)"}],"container-title":["Advances in Soft Computing","Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS\u201908"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-88181-0_22.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T11:57:00Z","timestamp":1619524620000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-88181-0_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540881803","9783540881810"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-88181-0_22","relation":{},"ISSN":["1867-5662","1860-0794"],"issn-type":[{"type":"print","value":"1867-5662"},{"type":"electronic","value":"1860-0794"}],"subject":[]}}