{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,21]],"date-time":"2025-12-21T10:03:20Z","timestamp":1766311400652},"publisher-location":"Berlin, Heidelberg","reference-count":15,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642306327"},{"type":"electronic","value":"9783642306334"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-30633-4_11","type":"book-chapter","created":{"date-parts":[[2012,5,30]],"date-time":"2012-05-30T03:25:28Z","timestamp":1338348328000},"page":"86-97","source":"Crossref","is-referenced-by-count":43,"title":["SSHCure: A Flow-Based SSH Intrusion Detection System"],"prefix":"10.1007","author":[{"given":"Laurens","family":"Hellemons","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Luuk","family":"Hendriks","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rick","family":"Hofstede","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anna","family":"Sperotto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ramin","family":"Sadre","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aiko","family":"Pras","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"11_CR1","unstructured":"International Telecommunication Union (ITU): ICT Facts and Statistics (2011), http:\/\/www.itu.int\/ITU-D\/ict\/facts\/2011\/material\/ICTFactsFigures2011.pdf (accessed on March 29, 2012)"},{"key":"11_CR2","unstructured":"Snort (2010), http:\/\/www.snort.org\/ (accessed on March 29, 2012)"},{"key":"11_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"505","DOI":"10.1007\/978-3-642-15512-3_35","volume-title":"Recent Advances in Intrusion Detection","author":"R. Koch","year":"2010","unstructured":"Koch, R., Rodosek, G.D.: Security System for Encrypted Environments (S2E2). In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol.\u00a06307, pp. 505\u2013507. Springer, Heidelberg (2010)"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Claise, B.: Cisco Systems NetFlow Services Export Version 9. RFC 3954 (Informational) (October 2004)","DOI":"10.17487\/rfc3954"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Sadasivan, G., Brownlee, N., Claise, B., Quittek, J.: Architecture for IP Flow Information Export. RFC 5470 (Informational) (March 2009)","DOI":"10.17487\/rfc5470"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Quittek, J., Zseby, T., Claise, B., Zander, S.: Requirements for IP Flow Information Export (IPFIX). RFC 3917 (Informational) (October 2004)","DOI":"10.17487\/rfc3917"},{"issue":"3","key":"11_CR7","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1109\/SURV.2010.032210.00054","volume":"12","author":"A. Sperotto","year":"2010","unstructured":"Sperotto, A., Schaffrath, G., Sadre, R., Morariu, C., Pras, A., Stiller, B.: An Overview of IP Flow-Based Intrusion Detection. IEEE Communications Surveys Tutorials\u00a012(3), 343\u2013356 (2010)","journal-title":"IEEE Communications Surveys Tutorials"},{"key":"11_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1007\/978-3-642-04989-7_13","volume-title":"Integrated Management of Systems, Services, Processes and People in IT","author":"A. Sperotto","year":"2009","unstructured":"Sperotto, A., Sadre, R., de Boer, P.-T., Pras, A.: Hidden Markov Model Modeling of SSH Brute-Force Attacks. In: Bartolini, C., Gaspary, L.P. (eds.) DSOM 2009. LNCS, vol.\u00a05841, pp. 164\u2013176. Springer, Heidelberg (2009)"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Sperotto, A.: Flow-Based Intrusion Detection. PhD thesis, University of Twente (October 2010)","DOI":"10.1109\/INM.2011.5990529"},{"key":"11_CR10","unstructured":"Kim, M.S., Kong, H.J., Hong, S.C., Chung, S.H., Hong, J.: A Flow-based Method for Abnormal Network Traffic Detection. In: Proceedings of IEEE\/IFIP Network Operations and Management Symposium (NOMS 2004), pp. 599\u2013612 (April 2004)"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Vykopal, J., Plesnik, T., Minarik, P.: Network-Based Dictionary Attack Detection. In: Proceedings of the 2009 International Conference on Future Networks, pp. 23\u201327 (2009)","DOI":"10.1109\/ICFN.2009.36"},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"M\u00fcnz, G., Carle, G.: Real-time Analysis of Flow Data for Network Attack Detection. In: Proceedings of the 10th IFIP\/IEEE International Symposium on Integrated Network Management (IM 2007), pp. 100\u2013108 (2007)","DOI":"10.1109\/INM.2007.374774"},{"key":"11_CR13","unstructured":"NfSen (2011), http:\/\/nfsen.sourceforge.net\/ (accessed on March 29, 2012)"},{"key":"11_CR14","unstructured":"SURFmap (2012), http:\/\/surfmap.sourceforge.net\/ (accessed on March 29, 2012)"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Hofstede, R., Fioreze, T.: SURFmap: A Network Monitoring Tool Based on the Google Maps API. In: Application Session Proceedings of the 11th IFIP\/IEEE International Symposium on Integrated Network Management (IM 2009), pp. 676\u2013690 (2009)","DOI":"10.1109\/INM.2009.5188876"}],"container-title":["Lecture Notes in Computer Science","Dependable Networks and Services"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-30633-4_11.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,16]],"date-time":"2022-01-16T12:42:41Z","timestamp":1642336961000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-30633-4_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642306327","9783642306334"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-30633-4_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}