{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,23]],"date-time":"2026-04-23T06:29:53Z","timestamp":1776925793716,"version":"3.51.2"},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642161605","type":"print"},{"value":"9783642161612","type":"electronic"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16161-2_24","type":"book-chapter","created":{"date-parts":[[2010,11,27]],"date-time":"2010-11-27T03:17:14Z","timestamp":1290827834000},"page":"415-428","source":"Crossref","is-referenced-by-count":12,"title":["Hidden Markov Models for Automated Protocol Learning"],"prefix":"10.1007","author":[{"given":"Sean","family":"Whalen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matt","family":"Bishop","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"James P.","family":"Crutchfield","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"24_CR1","doi-asserted-by":"crossref","unstructured":"Erman, J., Mahanti, A., Arlitt, M.: Internet traffic identification using machine learning. In: Proceedings of the 49th IEEE Global Telecommunications Conference, pp. 1\u20136 (2006)","DOI":"10.1109\/GLOCOM.2006.443"},{"key":"24_CR2","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1109\/5.18626","volume":"77","author":"L. Rabiner","year":"1989","unstructured":"Rabiner, L.: A tutorial on Hidden Markov Models and selected applications in speech recognition. Proceedings of the IEEE\u00a077, 257\u2013286 (1989)","journal-title":"Proceedings of the IEEE"},{"key":"#cr-split#-24_CR3.1","doi-asserted-by":"crossref","unstructured":"Crutchfield, J.P., Young, K.: Inferring statistical complexity. Phys. Rev. Let.??63 (1989);","DOI":"10.1103\/PhysRevLett.63.105"},{"key":"#cr-split#-24_CR3.2","doi-asserted-by":"crossref","unstructured":"Crutchfield, J.P.: Physica D 75 11???54 (1994);","DOI":"10.1016\/0167-2789(94)90273-9"},{"key":"#cr-split#-24_CR3.3","doi-asserted-by":"crossref","unstructured":"Crutchfield, J. P., Shalizi, C. R.: Phys. Rev. E 59(1), 275???283, 105???108 (1999)","DOI":"10.1103\/PhysRevE.59.275"},{"key":"24_CR4","volume-title":"Elements of Information Theory","author":"T.M. Cover","year":"2006","unstructured":"Cover, T.M., Thomas, J.A.: Elements of Information Theory, 2nd edn. Wiley Interscience, New York (2006)","edition":"2"},{"key":"24_CR5","unstructured":"Beddoe, M.: Network protocol analysis using bioinformatics algorithms. Technical report, McAfee Inc. (2005)"},{"key":"24_CR6","unstructured":"Cui, W., Paxson, V., Weaver, N., Katz, R.: Protocol-independent adaptive replay of application dialog. In: Proceedings of the 13th Annual Symposium on Network and Distributed System Security (2006)"},{"key":"24_CR7","unstructured":"Cui, W., Kannan, J., Wang, H.: Discoverer: Automatic protocol reverse engineering from network traces. In: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp. 1\u201314 (2007)"},{"key":"24_CR8","unstructured":"Lin, Z., Jiang, X., Xu, D., Zhang, X.: Automatic protocol format reverse engineering through context-aware monitored execution. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (2008)"},{"key":"24_CR9","unstructured":"Wondracek, G., Milani Comparetti, P., Kruegel, C., Kirda, E.: Automatic network protocol analysis. In: Proceedings of the 15th Symposium on Network and Distributed System Security (2008)"},{"key":"24_CR10","doi-asserted-by":"crossref","unstructured":"Caballero, J., Poosankam, P., Kreibich, C., Song, D.: Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering. In: Proceedings of the 16th ACM conference on Computer and Communications Security, pp. 621\u2013634 (2009)","DOI":"10.1145\/1653662.1653737"},{"key":"24_CR11","doi-asserted-by":"crossref","unstructured":"Leita, C., Mermoud, K., Dacier, M.: Scriptgen: An automated script generation tool for honeyd. In: Proceedings of the 21st Annual Computer Security Applications Conference, pp. 203\u2013214 (2005)","DOI":"10.1109\/CSAC.2005.49"},{"key":"24_CR12","doi-asserted-by":"crossref","unstructured":"Milani Comparetti, P., Wondracek, G., Kruegel, C., Kirda, E.: Prospex: Protocol specification extraction. In: IEEE Symposium on Security and Privacy (2009)","DOI":"10.1109\/SP.2009.14"},{"key":"24_CR13","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511810633","volume-title":"Markov Chains","author":"J.R. Norris","year":"1997","unstructured":"Norris, J.R.: Markov Chains. Cambridge University Press, Cambridge (1997)"},{"key":"24_CR14","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1063\/1.1530990","volume":"15","author":"J. Crutchfield","year":"2003","unstructured":"Crutchfield, J., Feldman, D.: Regularities unseen, randomness observed: Levels of entropy convergence. Chaos\u00a015, 25\u201354 (2003)","journal-title":"Chaos"},{"key":"24_CR15","unstructured":"Shalizi, C.R., Shalizi, K.L.: Blind construction of optimal nonlinear recursive predictors for discrete sequences. In: Proceedings of the 20th conference on Uncertainty in Artificial Intelligence, pp. 504\u2013511 (2004)"},{"key":"24_CR16","unstructured":"Shalizi, C., Shalizi, K., Crutchfield, J.: Pattern discovery in time series, Part I: Theory, algorithm, analysis, and convergence, 2002 Santa Fe Institute Working Paper 02-10-060; arXiv.org\/abs\/cs.LG\/0210025"},{"key":"24_CR17","unstructured":"Li, H., Zhang, K., Jiang, T.: Minimum entropy clustering and applications to gene expression analysis. In: Computational Systems Bioinformatics Conference, International IEEE Computer Society, pp. 142\u2013151 (2004)"},{"key":"24_CR18","doi-asserted-by":"crossref","unstructured":"Postel, J.: Internet Control Message Protocol (1981), Updated by RFCs 950, 4884","DOI":"10.17487\/rfc0792"},{"key":"24_CR19","unstructured":"Modbus Organization: Modbus Messaging Implementation Guide 1.0b (2006)"},{"key":"24_CR20","doi-asserted-by":"crossref","unstructured":"Bugalho, M., Oliveira, A.L.: Inference of regular languages using state merging algorithms with search. Pattern Recognition 38 (2005)","DOI":"10.1016\/j.patcog.2004.03.027"},{"key":"24_CR21","doi-asserted-by":"crossref","unstructured":"Godefroid, P.: Random testing for security: blackbox vs. whitebox fuzzing. In: Proceedings of the 2nd international workshop on Random testing, p. 1 (2007)","DOI":"10.1145\/1292414.1292416"},{"key":"24_CR22","unstructured":"Infigo Information Security: Multiple FTP Servers vulnerabilities (2006) (accessed October 29, 2006)"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16161-2_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,6]],"date-time":"2019-06-06T15:46:00Z","timestamp":1559835960000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16161-2_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642161605","9783642161612"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16161-2_24","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010]]}}}