{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T06:07:40Z","timestamp":1757311660320,"version":"3.40.4"},"publisher-location":"Berlin, Heidelberg","reference-count":41,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642353611"},{"type":"electronic","value":"9783642353628"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-35362-8_36","type":"book-chapter","created":{"date-parts":[[2012,11,30]],"date-time":"2012-11-30T03:55:47Z","timestamp":1354247747000},"page":"483-497","source":"Crossref","is-referenced-by-count":12,"title":["Intrusion Detection Using Disagreement-Based Semi-supervised Learning: Detection Enhancement and False Alarm Reduction"],"prefix":"10.1007","author":[{"given":"Yuxin","family":"Meng","sequence":"first","affiliation":[]},{"given":"Lam-for","family":"Kwok","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"3","key":"36_CR1","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1145\/357830.357849","volume":"3","author":"S. Axelsson","year":"2000","unstructured":"Axelsson, S.: The Base-Rate Fallacy and The Difficulty of Intrusion Detection. ACM Transactions on Information and System Security\u00a03(3), 186\u2013205 (2000)","journal-title":"ACM Transactions on Information and System Security"},{"key":"36_CR2","doi-asserted-by":"crossref","unstructured":"Scarfone, K., Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS), pp. 800\u2013894. NIST Special Publication (2007)","DOI":"10.6028\/NIST.SP.800-94"},{"key":"36_CR3","first-page":"25","volume-title":"Proceedings of the Annual Computer Security Applications Conference (ACSAC)","author":"G. Vigna","year":"1998","unstructured":"Vigna, G., Kemmerer, R.A.: NetSTAT: A Network-based Intrusion Detection Approach. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 25\u201334. IEEE Press, New York (1998)"},{"key":"36_CR4","unstructured":"Roesch, M.: Snort: Lightweight Intrusion Detection for Networks. In: Proceedings of the 13th Large Installation System Administration Conference (LISA), pp. 229\u2013238 (1999)"},{"key":"36_CR5","unstructured":"Valdes, A., Anderson, D.: Statistical Methods for Computer Usage Anomaly Detection Using NIDES. Technical Report, SRI International (January 1995)"},{"key":"36_CR6","doi-asserted-by":"crossref","unstructured":"Ghosh, A.K., Wanken, J., Charron, F.: Detecting Anomalous and Unknown Intrusions Against Programs. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 259\u2013267 (1998)","DOI":"10.21236\/ADA329518"},{"key":"36_CR7","doi-asserted-by":"crossref","unstructured":"Tombini, E., Debar, H., Me, L., Ducasse, M.: A Serial Combination of Anomaly and Misuse IDSes Applied to HTTP Traffic. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 428\u2013437 (December 2004)","DOI":"10.1109\/CSAC.2004.4"},{"key":"36_CR8","doi-asserted-by":"crossref","unstructured":"Zhang, J., Zulkernine, M.: A Hybrid Network Intrusion Detection Technique Using Random Forests. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES), pp. 20\u201322 (April 2006)","DOI":"10.1109\/ARES.2006.7"},{"issue":"11","key":"36_CR9","doi-asserted-by":"publisher","first-page":"1529","DOI":"10.1109\/TKDE.2005.186","volume":"17","author":"Z.-H. Zhou","year":"2005","unstructured":"Zhou, Z.-H., Li, M.: Tri-training: Exploiting Unlabeled Data Using Three Classifiers. IEEE Transactions on Knowledge and Data Engineering\u00a017(11), 1529\u20131541 (2005)","journal-title":"IEEE Transactions on Knowledge and Data Engineering"},{"issue":"3","key":"36_CR10","doi-asserted-by":"publisher","first-page":"415","DOI":"10.1007\/s10115-009-0209-z","volume":"24","author":"Z.-H. Zhou","year":"2010","unstructured":"Zhou, Z.-H., Li, M.: Semi-Supervised Learning by Disagreement. Knowledge and Information Systems\u00a024(3), 415\u2013439 (2010)","journal-title":"Knowledge and Information Systems"},{"key":"36_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-28258-4_1","volume-title":"Partially Supervised Learning","author":"Z.-H. Zhou","year":"2012","unstructured":"Zhou, Z.-H.: Unlabeled Data and Multiple Views. In: Schwenker, F., Trentin, E. (eds.) PSL 2011. LNCS, vol.\u00a07081, pp. 1\u20137. Springer, Heidelberg (2012)"},{"issue":"4","key":"36_CR12","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J. McHugh","year":"2000","unstructured":"McHugh, J.: Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations As Performed by Lincoln Laboratory. ACM Transactions on Information System Security\u00a03(4), 262\u2013294 (2000)","journal-title":"ACM Transactions on Information System Security"},{"key":"36_CR13","unstructured":"Snort. Homepage, http:\/\/www.snort.org\/ (accessed on May 25, 2012)"},{"key":"36_CR14","doi-asserted-by":"crossref","unstructured":"Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClung, D., Weber, D., Webster, S.E., Wyschogrod, D., Cunningham, R.K., Zissman, M.A.: Evaluating Intrusion Detection Systems: the 1998 DARPA Off-Line Intrusion Detection Evaluation. In: Proceedings of DARPA Information Survivability Conference and Exposition, pp. 12\u201326 (2000)","DOI":"10.1109\/DISCEX.2000.821506"},{"key":"36_CR15","first-page":"571","volume-title":"Advances in Neural Information Processing Systems 9","author":"D.J. Miller","year":"1997","unstructured":"Miller, D.J., Uyar, H.S.: A Mixture of Experts Classifier with Learning based on both Labelled and Unlabelled Data. In: Advances in Neural Information Processing Systems 9, pp. 571\u2013577. MIT Press, Cambridge (1997)"},{"key":"36_CR16","doi-asserted-by":"crossref","unstructured":"Chapelle, O., Zien, A.: Semi-Supervised Learning by Low Density Separation. In: Proceedings of the International Workshop on Artificial Intelligence and Statistics, pp. 57\u201364 (2005)","DOI":"10.7551\/mitpress\/9780262033589.001.0001"},{"issue":"1-3","key":"36_CR17","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1023\/B:MACH.0000033120.25363.1e","volume":"56","author":"M. Belkin","year":"2004","unstructured":"Belkin, M., Niyogi, P.: Semi-Supervised Learning on Riemannian Manifolds. Machine Learning\u00a056(1-3), 209\u2013239 (2004)","journal-title":"Machine Learning"},{"key":"36_CR18","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. In: IEEE Symposium on Security and Privacy, pp. 305\u2013316 (2010)","DOI":"10.1109\/SP.2010.25"},{"issue":"5","key":"36_CR19","doi-asserted-by":"publisher","first-page":"1087","DOI":"10.1109\/36.312897","volume":"32","author":"B. Shahshahani","year":"1994","unstructured":"Shahshahani, B., Landgrebe, D.: The Effect of Unlabeled Samples in Reducing the Small Sample Size Problem and Mitigating the Hughes Phenomenon. IEEE Transactions on Geoscience and Remote Sensing\u00a032(5), 1087\u20131095 (1994)","journal-title":"IEEE Transactions on Geoscience and Remote Sensing"},{"key":"36_CR20","doi-asserted-by":"crossref","unstructured":"Meng, Y., Kwok, L.F.: Adaptive False Alarm Filter Using Machine Learning in Intrusion Detection. In: Proceedings of the International Conference on Intelligent Systems and Knowledge Engineering (ISKE), pp. 573\u2013584. Springer (December 2011)","DOI":"10.1007\/978-3-642-25658-5_68"},{"key":"36_CR21","unstructured":"Zhu, X.: Semi-Supervised Learning Literature Survey. Technical Report 1530, Computer Science Department, University of Wisconsin, Madison (2006)"},{"key":"36_CR22","volume-title":"Statistical Learning Theory","author":"V.N. Vapnik","year":"1998","unstructured":"Vapnik, V.N.: Statistical Learning Theory. Wiley, New York (1998)"},{"key":"36_CR23","unstructured":"Blum, A., Chawla, S.: Learning from Labeled and Unlabeled Data Using Graph Mincuts. In: Proceedings of the 18th International Conference on Machine Learning, pp. 19\u201326 (2001)"},{"key":"36_CR24","unstructured":"Lee, W., Stolfo, S.J., Mok, K.W.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy, pp. 120\u2013132 (1999)"},{"key":"36_CR25","doi-asserted-by":"crossref","unstructured":"Blum, A., Mitchell, T.: Combining Labeled and Unlabeled Data with Co-Training. In: Proceedings of the Annual Conference on Computational Learning Theory, pp. 92\u2013100 (1998)","DOI":"10.1145\/279943.279962"},{"key":"36_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/978-3-540-30143-1_6","volume-title":"Recent Advances in Intrusion Detection","author":"T. Pietraszek","year":"2004","unstructured":"Pietraszek, T.: Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol.\u00a03224, pp. 102\u2013124. Springer, Heidelberg (2004)"},{"key":"36_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/978-3-540-31815-6_10","volume-title":"Information Security Applications","author":"K.H. Law","year":"2005","unstructured":"Law, K.H., Kwok, L.-F.: IDS False Alarm Filtering Using KNN Classifier. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol.\u00a03325, pp. 114\u2013121. Springer, Heidelberg (2005)"},{"issue":"2-3","key":"36_CR28","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1023\/A:1007692713085","volume":"39","author":"K. Nigam","year":"2000","unstructured":"Nigam, K., McCallum, A.K., Thrun, S., Mitchell, T.: Text Classification from Labeled and Unlabeled Documents Using EM. Machine Learning\u00a039(2-3), 103\u2013134 (2000)","journal-title":"Machine Learning"},{"key":"36_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/11496137_14","volume-title":"Applied Cryptography and Network Security","author":"A. Alharby","year":"2005","unstructured":"Alharby, A., Imai, H.: IDS False Alarm Reduction Using Continuous and Discontinuous Patterns. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol.\u00a03531, pp. 192\u2013205. Springer, Heidelberg (2005)"},{"key":"36_CR30","unstructured":"Lane, T.: A Decision-Theoretic, Semi-Supervised Model for Intrusion Detection. In: Machine Learning and Data Mining for Computer Security: Methods and Applications, pp. 1\u201319 (2006)"},{"key":"36_CR31","doi-asserted-by":"crossref","unstructured":"Chen, C., Gong, Y., Tian, Y.: Semi-Supervised Learning Methods for Network Intrusion Detection. In: Proceedings of the IEEE International Conference on Systems, Man and Cybernetics (SMC), pp. 2603\u20132608 (2008)","DOI":"10.1109\/ICSMC.2008.4811688"},{"key":"36_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"614","DOI":"10.1007\/978-3-642-10677-4_70","volume-title":"Neural Information Processing","author":"M. Panda","year":"2009","unstructured":"Panda, M., Patra, M.R.: Semi-Na\u00efve Bayesian Method for Network Intrusion Detection System. In: Leung, C.S., Lee, M., Chan, J.H. (eds.) ICONIP 2009, Part I. LNCS, vol.\u00a05863, pp. 614\u2013621. Springer, Heidelberg (2009)"},{"key":"36_CR33","doi-asserted-by":"crossref","unstructured":"Mao, C.H., Lee, H.M., Parikh, D., Chen, T., Huang, S.Y.: Semi-Supervised Co-Training and Active Learning based Approach for Multi-View Intrusion Detection. In: Proceedings of the 2009 ACM Symposium on Applied Computing (SAC), pp. 2042\u20132048 (2009)","DOI":"10.1145\/1529282.1529735"},{"key":"36_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1007\/978-3-642-31588-6_66","volume-title":"Intelligent Computing Technology","author":"M. Zhang","year":"2012","unstructured":"Zhang, M., Mei, H.: A New Method for Filtering IDS False Positives with Semi-supervised Classification. In: Huang, D.-S., Jiang, C., Bevilacqua, V., Figueroa, J.C. (eds.) ICIC 2012. LNCS, vol.\u00a07389, pp. 513\u2013519. Springer, Heidelberg (2012)"},{"key":"36_CR35","doi-asserted-by":"crossref","unstructured":"Chiu, C.-Y., Lee, Y.-J., Chang, C.-C., Luo, W.-Y., Huang, H.-C.: Semi-Supervised Learning for False Alarm Reduction. In: Proceedings of the 10th IEEE International Conference on Data Mining (ICDM), pp. 595\u2013605 (2010)","DOI":"10.1007\/978-3-642-14400-4_46"},{"key":"36_CR36","doi-asserted-by":"crossref","unstructured":"Caruana, R., Niculescu-Mizil, A., Crew, G., Ksikes, A.: Ensemble Selection from Libraries of Models. In: Proceedings of the International Conference on Machine Learning (ICML), pp. 137\u2013144 (2004)","DOI":"10.1145\/1015330.1015432"},{"key":"36_CR37","doi-asserted-by":"crossref","unstructured":"Nigam, K., Ghani, R.: Analyzing the Effectiveness and Applicability of Co-Training. In: Proceedings of the 9th ACM International Conference on Information and Knowledge Management, pp. 86\u201393 (2000)","DOI":"10.1145\/354756.354805"},{"key":"36_CR38","doi-asserted-by":"crossref","unstructured":"Almgren, M., Jonsson, E.: Using Active Learning in Intrusion Detection. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW), pp. 88\u201398 (2004)","DOI":"10.1109\/CSFW.2004.1310734"},{"key":"36_CR39","doi-asserted-by":"crossref","unstructured":"G\u00f6rnitz, N., Kloft, M., Rieck, K., Brefeld, U.: Active Learning for Network Intrusion Detection. In: Proceedings of the ACM Workshop on Security and Artificial Intelligence (AISec), pp. 47\u201354 (2009)","DOI":"10.1145\/1654988.1655002"},{"key":"36_CR40","unstructured":"WEKA - Waikato Environment for Knowledge Analysis, http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/ (accessed on May 20, 2012)"},{"key":"36_CR41","unstructured":"Wireshark, Homepage, http:\/\/www.wireshark.org (accessed on April 10, 2012)"}],"container-title":["Lecture Notes in Computer Science","Cyberspace Safety and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-35362-8_36","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,23]],"date-time":"2025-04-23T00:18:10Z","timestamp":1745367490000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-35362-8_36"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642353611","9783642353628"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-35362-8_36","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}