{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T06:30:09Z","timestamp":1760596209474},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642043413"},{"type":"electronic","value":"9783642043420"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-04342-0_3","type":"book-chapter","created":{"date-parts":[[2009,9,28]],"date-time":"2009-09-28T19:00:22Z","timestamp":1254164422000},"page":"41-60","source":"Crossref","is-referenced-by-count":20,"title":["Adaptive Anomaly Detection via Self-calibration and Dynamic Updating"],"prefix":"10.1007","author":[{"given":"Gabriela F.","family":"Cretu-Ciocarlie","sequence":"first","affiliation":[]},{"given":"Angelos","family":"Stavrou","sequence":"additional","affiliation":[]},{"given":"Michael E.","family":"Locasto","sequence":"additional","affiliation":[]},{"given":"Salvatore J.","family":"Stolfo","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"3_CR1","unstructured":"Anagnostakis, K.G., Sidiroglou, S., Akritidis, P., Xinidis, K., Markatos, E., Keromytis, A.D.: Detecting Targeted Attacks Using Shadow Honeypots. In: Proceedings of the 14th USENIX Security Symposium (2005)"},{"issue":"2","key":"3_CR2","first-page":"123","volume":"24","author":"L. Breiman","year":"1996","unstructured":"Breiman, L.: Bagging Predictors. Machine Learning\u00a024(2), 123\u2013140 (1996)","journal-title":"Machine Learning"},{"key":"3_CR3","doi-asserted-by":"crossref","unstructured":"Chan, P.K., Stolfo, S.J.: Experiments in Multistrategy Learning by Meta-Learning. In: Proceedings of the second international conference on information and knowledge management, Washington, DC, pp. 314\u2013323 (1993)","DOI":"10.1145\/170088.170160"},{"key":"3_CR4","doi-asserted-by":"crossref","unstructured":"Cretu, G.F., Stavrou, A., Locasto, M.E., Stolfo, S.J., Keromytis, A.D.: Casting out Demons: Sanitizing Training Data for Anomaly Sensors. In: The Proceedings of the IEEE Symposium on Security and Privacy (2008)","DOI":"10.1109\/SP.2008.11"},{"key":"3_CR5","unstructured":"Cretu, G.F., Stavrou, A., Stolfo, S.J., Keromytis, A.D.: Data Sanitization: Improving the Forensic Utility of Anomaly Detection Systems. In: Workshop on Hot Topics in System Dependability, HotDep (2007)"},{"key":"3_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45014-9_1","volume-title":"Multiple Classifier Systems","author":"T.G. Dietterich","year":"2000","unstructured":"Dietterich, T.G.: Ensemble Methods in Machine Learning. In: Kittler, J., Roli, F. (eds.) MCS 2000. LNCS, vol.\u00a01857, pp. 1\u201315. Springer, Heidelberg (2000)"},{"key":"3_CR7","doi-asserted-by":"crossref","unstructured":"Domingos, P.: Metacost: A general method for making classifiers cost-sensitive. In: Knowledge Discovery and Data Mining, pp. 155\u2013164 (1999)","DOI":"10.1145\/312129.312220"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Fogla, P., Lee, W.: Evading Network Anomaly Detection Systems: Formal Reasoning and Practical Techniques. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pp. 59\u201368 (2006)","DOI":"10.1145\/1180405.1180414"},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: A Sense of Self for Unix Processes. In: IEEE Symposium on Security and Privacy (1996)","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"3_CR10","doi-asserted-by":"crossref","unstructured":"Forrest, S., Somayaji, A., Ackley, D.: Building Diverse Computer Systems. In: Proceedings of the 6th Workshop on Hot Topics in Operating Systems, pp. 67\u201372 (1997)","DOI":"10.1109\/HOTOS.1997.595185"},{"key":"3_CR11","doi-asserted-by":"crossref","unstructured":"Freund, Y., Schapire, R.E.: A decision-theoretic generalization of on-line learning and an application to boosting. In: European Conference on Computational Learning Theory, pp. 23\u201337 (1995)","DOI":"10.1007\/3-540-59119-2_166"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Gama, J., Medas, P., Castillo, G., Rodrigues, P.P.: Learning with drift detection. In: XVII Brazilian Symposium on Artificial Intelligence (2004)","DOI":"10.1007\/978-3-540-28645-5_29"},{"key":"3_CR13","unstructured":"Klinkenberg, R.: Meta-learning, model selection, and example selection in machine learning domains with concept drift. In: Learning \u2013 Knowledge Discovery \u2013 Adaptivity (2005)"},{"key":"3_CR14","unstructured":"Klinkenberg, R., Joachims, T.: Detecting concept drift with support vector machines. In: The Proceedings of the 17th Int. Conf. on Machine Learning (2000)"},{"key":"3_CR15","unstructured":"Klinkenberg, R., Ruping, S.: Concept drift and the importance of examples. In: Franke, J., Nakhaeizadeh, G., Renz, I. (eds.) Text Mining Theoretical Aspects and Applications (2003)"},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Toth, T., Kirda, E.: Service Specific Anomaly Detection for Network Intrusion Detection. In: Symposium on Applied Computing (SAC), Madrid, Spain (2002)","DOI":"10.1145\/508791.508835"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Vigna, G.: Anomaly Detection of Web-based Attacks. In: ACM Conference on Computer and Communication Security, Washington, DC (2003)","DOI":"10.1145\/948109.948144"},{"key":"3_CR18","unstructured":"Lane, T., Broadley, C.E.: Approaches to online learning and concept drift for user identification in computer security. In: 4th International Conference on Knowledge Discovery and Data Mining (1998)"},{"key":"3_CR19","unstructured":"Newsome, J., Karp, B., Song, D.: Polygraph: Automatically Generating Signatures for Polymorphic Worms. In: IEEE Security and Privacy, Oakland, CA (2005)"},{"key":"3_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/978-3-540-30143-1_6","volume-title":"Recent Advances in Intrusion Detection","author":"T. Pietraszek","year":"2004","unstructured":"Pietraszek, T.: Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 102\u2013124. Springer, Heidelberg (2004)"},{"key":"3_CR21","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1145\/1254882.1254895","volume-title":"Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems","author":"H. Ringberg","year":"2007","unstructured":"Ringberg, H., Soule, A., Rexford, J., Diot, C.: Sensitivity of pca for traffic anomaly detection. In: Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, pp. 109\u2013120. ACM, New York (2007), http:\/\/doi.acm.org\/10.1145\/1254882.1254895"},{"key":"3_CR22","unstructured":"Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a Reactive Immune System for Software Services. In: Proceedings of the USENIX Technical Conference (2005)"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"Smith-Miles, K.: Cross-disciplinary perspectives on meta-learning for algorithm selection. ACM Comput. Surv.\u00a041(1) (2008), http:\/\/dblp.uni-trier.de\/db\/journals\/csur\/csur41.html#Smith-Miles08","DOI":"10.1145\/1456650.1456656"},{"key":"3_CR24","unstructured":"Somayaji, A., Forrest, S.: Automated Response Using System-Call Delays. In: Proceedings of the 9th USENIX Security Symposium (2000)"},{"key":"3_CR25","unstructured":"Song, Y., Keromytis, A.D., Stolfo, S.J.: Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic. In: Proceedings of the 16th Annual Network and Distributed System Security Symposium, NDSS (2009)"},{"key":"3_CR26","doi-asserted-by":"crossref","unstructured":"Song, Y., Locasto, M.E., Stavrou, A., Keromytis, A.D., Stolfo, S.J.: On the Infeasibility of Modeling Polymorphic Shellcode. In: ACM Computer and Communications Security Conference, CCS (2007)","DOI":"10.1145\/1315245.1315312"},{"key":"3_CR27","unstructured":"Stolfo, S., Fan, W., Lee, W., Prodromidis, A., Chan, P.: Cost-based Modeling for Fraud and Intrusion Detection: Results from the JAM Project. In: Proceedings of the DARPA Information Survivability Conference and Exposition, DISCEX (2000)"},{"key":"3_CR28","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry Attacks on Host-Based Intrusion Detection Systems. In: ACM CCS (2002)","DOI":"10.1145\/586110.586145"},{"key":"3_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/11663812_12","volume-title":"Recent Advances in Intrusion Detection","author":"K. Wang","year":"2006","unstructured":"Wang, K., Cretu, G., Stolfo, S.J.: Anomalous Payload-based Worm Detection and Signature Generation. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol.\u00a03858, pp. 227\u2013246. Springer, Heidelberg (2006)"},{"key":"3_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1007\/11856214_12","volume-title":"Recent Advances in Intrusion Detection","author":"K. Wang","year":"2006","unstructured":"Wang, K., Parekh, J.J., Stolfo, S.J.: Anagram: A Content Anomaly Detector Resistant to Mimicry Attack. In: Zamboni, D., Kr\u00fcgel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 226\u2013248. Springer, Heidelberg (2006)"},{"key":"3_CR31","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1016\/S0893-6080(05)80023-1","volume":"5","author":"D. Wolpert","year":"1992","unstructured":"Wolpert, D.: Stacked Generalization. Neural Networks\u00a05, 241\u2013259 (1992)","journal-title":"Neural Networks"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04342-0_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,22]],"date-time":"2019-05-22T18:11:52Z","timestamp":1558548712000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04342-0_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642043413","9783642043420"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04342-0_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}