{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,29]],"date-time":"2025-10-29T03:34:18Z","timestamp":1761708858451,"version":"3.40.5"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642371189"},{"type":"electronic","value":"9783642371196"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-37119-6_4","type":"book-chapter","created":{"date-parts":[[2013,3,26]],"date-time":"2013-03-26T20:34:59Z","timestamp":1364330099000},"page":"45-61","source":"Crossref","is-referenced-by-count":4,"title":["Detection of HTTP-GET Attack with Clustering and Information Theoretic Measurements"],"prefix":"10.1007","author":[{"given":"Pawel","family":"Chwalinski","sequence":"first","affiliation":[]},{"given":"Roman","family":"Belavkin","sequence":"additional","affiliation":[]},{"given":"Xiaochun","family":"Cheng","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"4_CR1","first-page":"879","volume-title":"Proceedings of the 17th International Joint Conference on Artificial Intelligence","author":"C.R. Anderson","year":"2001","unstructured":"Anderson, C.R., Domingos, P., Weld, D.S.: Adaptive web navigation for wireless devices. In: Proceedings of the 17th International Joint Conference on Artificial Intelligence, vol.\u00a02, pp. 879\u2013884. Morgan Kaufmann Publishers Inc., San Francisco (2001)"},{"issue":"4","key":"4_CR2","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1016\/j.cose.2010.12.004","volume":"30","author":"D. Ariu","year":"2011","unstructured":"Ariu, D., Tronci, R., Giacinto, G.: Hmmpayl: An intrusion detection system based on hidden markov models. Computers and Security\u00a030(4), 221\u2013241 (2011)","journal-title":"Computers and Security"},{"key":"4_CR3","doi-asserted-by":"publisher","first-page":"582","DOI":"10.1145\/584792.584888","volume-title":"Proceedings of the Eleventh International Conference on Information and knowledge Management, CIKM 2002","author":"D. Barbar\u00e1","year":"2002","unstructured":"Barbar\u00e1, D., Li, Y., Couto, J.: Coolcat: an entropy-based algorithm for categorical clustering. In: Proceedings of the Eleventh International Conference on Information and knowledge Management, CIKM 2002, pp. 582\u2013589. ACM, New York (2002)"},{"key":"4_CR4","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/s10479-005-5724-z","volume":"134","author":"P.-T. Boer de","year":"2005","unstructured":"de Boer, P.-T., Kroese, D., Mannor, S., Rubinstein, R.: A tutorial on the cross-entropy method. Annals of Operations Research\u00a0134, 19\u201367 (2005), doi:10.1007\/s10479-005-5724-z","journal-title":"Annals of Operations Research"},{"issue":"2","key":"4_CR5","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"D.E. Denning","year":"1987","unstructured":"Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng.\u00a013(2), 222\u2013232 (1987)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"5","key":"4_CR6","doi-asserted-by":"publisher","first-page":"1239","DOI":"10.1016\/j.comnet.2006.09.016","volume":"51","author":"K.L. Ingham","year":"2007","unstructured":"Ingham, K.L., Somayaji, A., Burge, J., Forrest, S.: Learning dfa representations of http for protecting web applications. Computer Networks\u00a051(5), 1239\u20131255 (2007); From Intrusion Detection to Self-Protection","journal-title":"Computer Networks"},{"issue":"9","key":"4_CR7","doi-asserted-by":"publisher","first-page":"6201","DOI":"10.1016\/j.eswa.2010.02.105","volume":"37","author":"M. Jalali","year":"2010","unstructured":"Jalali, M., Mustapha, N., Nasir Sulaiman, M., Mamat, A.: Webpum: A web-based recommendation system to predict user future movements. Expert Systems with Applications\u00a037(9), 6201\u20136212 (2010)","journal-title":"Expert Systems with Applications"},{"key":"4_CR8","first-page":"293","volume-title":"Proceedings of the 11th International Conference on World Wide Web, WWW 2002","author":"J. Jung","year":"2002","unstructured":"Jung, J., Krishnamurthy, B., Rabinovich, M.: Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites. In: Proceedings of the 11th International Conference on World Wide Web, WWW 2002, pp. 293\u2013304. ACM, New York (2002)"},{"issue":"5","key":"4_CR9","doi-asserted-by":"publisher","first-page":"717","DOI":"10.1016\/j.comnet.2005.01.009","volume":"48","author":"C. Kruegel","year":"2005","unstructured":"Kruegel, C., Vigna, G., Robertson, W.: A multi-model approach to the detection of web-based attacks. Comput. Netw.\u00a048(5), 717\u2013738 (2005)","journal-title":"Comput. Netw."},{"issue":"1","key":"4_CR10","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1214\/aoms\/1177729694","volume":"22","author":"S. Kullback","year":"1951","unstructured":"Kullback, S., Leibler, R.A.: On Information and Sufficiency. The Annals of Mathematical Statistics\u00a022(1), 79\u201386 (1951)","journal-title":"The Annals of Mathematical Statistics"},{"issue":"2","key":"4_CR11","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1016\/j.datak.2007.01.003","volume":"63","author":"P. Kumar","year":"2007","unstructured":"Kumar, P., Radha Krishna, P., Bapi, R.S., Kumar De, S.: Rough clustering of sequential data. Data and Knowledge Engineering\u00a063(2), 183\u2013199 (2007)","journal-title":"Data and Knowledge Engineering"},{"issue":"4","key":"4_CR12","doi-asserted-by":"publisher","first-page":"3422","DOI":"10.1016\/j.eswa.2010.08.128","volume":"38","author":"C.-H. Lee","year":"2011","unstructured":"Lee, C.-H., Lo, Y.L., Fu, Y.-H.: A novel prediction model based on hierarchical characteristic of web site. Expert Systems with Applications\u00a038(4), 3422\u20133430 (2011)","journal-title":"Expert Systems with Applications"},{"issue":"1","key":"4_CR13","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1186\/1687-1499-2011-50","volume":"2011","author":"S. Lee","year":"2011","unstructured":"Lee, S., Kim, G., Kim, S.: Sequence-order-independent network profiling for detecting application layer ddos attacks. EURASIP Journal on Wireless Communications and Networking\u00a02011(1), 50 (2011)","journal-title":"EURASIP Journal on Wireless Communications and Networking"},{"key":"4_CR14","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1145\/382912.382914","volume":"3","author":"W. Lee","year":"2000","unstructured":"Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. ACM Trans. Inf. Syst. Secur.\u00a03, 227\u2013261 (2000)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"4_CR15","unstructured":"Lee, W., Xiang, D.: Information-theoretic measures for anomaly detection. In: IEEE Symposium on Security and Privacy, pp. 130\u2013143 (2001)"},{"key":"4_CR16","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1145\/1015330.1015404","volume-title":"Proceedings of the Twenty-First International Conference on Machine Learning, ICML 2004","author":"T. Li","year":"2004","unstructured":"Li, T., Ma, S., Ogihara, M.: Entropy-based criterion in categorical clustering. In: Proceedings of the Twenty-First International Conference on Machine Learning, ICML 2004, pp. 68\u201375. ACM, New York (2004)"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Mao, C.-H., Pao, H.-K., Faloutsos, C., Lee, H.-M.: Sbad: Sequence based attack detection via sequence comparison. In: PSDML, pp. 78\u201391 (2010)","DOI":"10.1007\/978-3-642-19896-0_7"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Shannon, C.E.: A mathematical theory of communication. Bell System Technical Journal\u00a027 (1948)","DOI":"10.1002\/j.1538-7305.1948.tb01338.x"},{"key":"4_CR19","doi-asserted-by":"publisher","first-page":"1460","DOI":"10.1145\/2339530.2339758","volume-title":"Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2012","author":"M. Speiser","year":"2012","unstructured":"Speiser, M., Antonini, G., Labbi, A., Sutanto, J.: On nested palindromes in clickstream data. In: Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2012, pp. 1460\u20131468. ACM, New York (2012)"},{"key":"4_CR20","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1377488.1377489","volume":"2","author":"M. Srivatsa","year":"2008","unstructured":"Srivatsa, M., Iyengar, A., Yin, J., Liu, L.: Mitigating application-level denial of service attacks on Web servers: A client-transparent approach. ACM Trans. Web\u00a02, 15:1\u201315:49 (2008)","journal-title":"ACM Trans. Web"},{"key":"4_CR21","first-page":"123","volume":"5","author":"D. Stevanovic","year":"2011","unstructured":"Stevanovic, D., Vlajic, N., An, A.: Unsupervised Clustering of Web Sessions to Detect Malicious and Non-malicious Website Users. Procedia CS\u00a05, 123\u2013131 (2011)","journal-title":"Procedia CS"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Stevanovic, D., Vlajic, N., An, A.: Detection of malicious and non-malicious website visitors using unsupervised neural network learning. Applied Soft Computing (2012)","DOI":"10.1016\/j.asoc.2012.08.028"},{"key":"4_CR23","unstructured":"Strehl, A., Ghosh, J., Mooney, R.: Impact of Similarity Measures on Web-page Clustering. In: Proceedings of the 17th National Conference on Artificial Intelligence: Workshop of Artificial Intelligence for Web Search (AAAI 2000), Austin, Texas, USA, July 30-31, pp. 58\u201364. AAAI (July 2000)"},{"key":"4_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"459","DOI":"10.1007\/978-3-642-17650-0_32","volume-title":"Information and Communications Security","author":"Z. Tan","year":"2010","unstructured":"Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R.P., Jia, W., Yeh, W.-C.: A Two-Tier System for Web Attack Detection Using Linear Discriminant Method. In: Soriano, M., Qing, S., L\u00f3pez, J. (eds.) ICICS 2010. LNCS, vol.\u00a06476, pp. 459\u2013471. Springer, Heidelberg (2010)"},{"issue":"2","key":"4_CR25","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1016\/j.jpdc.2010.07.005","volume":"71","author":"C. Ulmer","year":"2011","unstructured":"Ulmer, C., Gokhale, M., Gallagher, B., Top, P., Eliassi-Rad, T.: Massively parallel acceleration of a document-similarity classifier to detect web attacks. Journal of Parallel and Distributed Computing\u00a071(2), 225\u2013235 (2011); Data Intensive Computing","journal-title":"Journal of Parallel and Distributed Computing"},{"key":"4_CR26","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1109\/IMSCCS.2006.159","volume-title":"Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences (IMSCCS 2006)","author":"Y. Xie","year":"2006","unstructured":"Xie, Y., Yu, S.-Z.: A Novel Model for Detecting Application Layer DDoS Attacks. In: Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences (IMSCCS 2006), vol.\u00a02, pp. 56\u201363. IEEE Computer Society, Washington, DC (2006)"},{"key":"4_CR27","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1109\/TNET.2008.925628","volume":"17","author":"Y. Xie","year":"2009","unstructured":"Xie, Y., Yu, S.-Z.: Monitoring the application-layer DDoS attacks for popular websites. IEEE\/ACM Trans. Netw.\u00a017, 15\u201325 (2009)","journal-title":"IEEE\/ACM Trans. Netw."}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-37119-6_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,11]],"date-time":"2019-05-11T20:52:02Z","timestamp":1557607922000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-37119-6_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642371189","9783642371196"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-37119-6_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}