{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T03:24:37Z","timestamp":1743045877299,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662661109"},{"type":"electronic","value":"9783662661116"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-662-66111-6_1","type":"book-chapter","created":{"date-parts":[[2022,10,7]],"date-time":"2022-10-07T07:05:19Z","timestamp":1665126319000},"page":"1-27","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Threats Modeling and\u00a0Anomaly Detection in\u00a0the\u00a0Behaviour of\u00a0a\u00a0System - A Review of\u00a0Some Approaches"],"prefix":"10.1007","author":[{"given":"M\u00e9riem","family":"Ghali","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Crystalor","family":"Sah","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marie Le","family":"Guilly","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohand-Sa\u00efd","family":"Hacid","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,10,8]]},"reference":[{"key":"1_CR1","doi-asserted-by":"publisher","first-page":"708","DOI":"10.1016\/j.procs.2015.08.220","volume":"60","author":"S Agrawal","year":"2015","unstructured":"Agrawal, S., Agrawal, J.: Survey on anomaly detection using data mining techniques. Procedia Comput. Sci. 60, 708\u2013713 (2015)","journal-title":"Procedia Comput. Sci."},{"key":"1_CR2","unstructured":"Malatras, A., Ioannis Agrafiotis, M.A.: Securing machine learning algorithms. European Union Agency for Cybersecurity - ENISA, December 2021"},{"key":"1_CR3","unstructured":"Bayuk, J., et al.: Malware risks and mitigation report, vol. 21, p. 139. BITS Financial Services Roundtable, Washington, DC (2011)"},{"issue":"3","key":"1_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1541880.1541882","volume":"41","author":"V Chandola","year":"2009","unstructured":"Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 1\u201358 (2009)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"1_CR5","unstructured":"Cuxac, P., Lamirel, J.C.: Clustering incr\u00e9mental et m\u00e9thodes de d\u00e9tection de nouveaut\u00e9: application \u00e0 l\u2019analyse intelligente d\u2019informations \u00e9voluant au cours du temps (2011)"},{"issue":"3","key":"1_CR6","doi-asserted-by":"publisher","first-page":"354","DOI":"10.3390\/sym12030354","volume":"12","author":"TM Georgescu","year":"2020","unstructured":"Georgescu, T.M.: Natural language processing model for automatic analysis of cybersecurity-related documents. Symmetry 12(3), 354 (2020)","journal-title":"Symmetry"},{"issue":"4","key":"1_CR7","doi-asserted-by":"publisher","first-page":"e0152173","DOI":"10.1371\/journal.pone.0152173","volume":"11","author":"M Goldstein","year":"2016","unstructured":"Goldstein, M., Uchida, S.: A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data. PLoS ONE 11(4), e0152173 (2016)","journal-title":"PLoS ONE"},{"key":"1_CR8","unstructured":"Ingram, J.B., Chiang, K., Mustafa, A., Solaimani, M., Sahs, J., Khan, L.: Host-based anomalous behavior detection using cluster-level Markov networks. Technical report, Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Sandia (2013)"},{"issue":"4","key":"1_CR9","doi-asserted-by":"publisher","first-page":"1690","DOI":"10.1016\/j.eswa.2013.08.066","volume":"41","author":"G Kim","year":"2014","unstructured":"Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41(4), 1690\u20131700 (2014)","journal-title":"Expert Syst. Appl."},{"issue":"1","key":"1_CR10","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.jnca.2012.09.004","volume":"36","author":"HJ Liao","year":"2013","unstructured":"Liao, H.J., Lin, C.H.R., Lin, Y.C., Tung, K.Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16\u201324 (2013)","journal-title":"J. Netw. Comput. Appl."},{"key":"1_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1007\/978-3-642-04843-2_32","volume-title":"Advances in Computation and Intelligence","author":"W Lu","year":"2009","unstructured":"Lu, W., Tong, H.: Detecting network anomalies using CUSUM and EM clustering. In: Cai, Z., Li, Z., Kang, Z., Liu, Y. (eds.) ISICA 2009. LNCS, vol. 5821, pp. 297\u2013308. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04843-2_32"},{"issue":"1","key":"1_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2808691","volume":"48","author":"A Milenkoski","year":"2015","unstructured":"Milenkoski, A., Vieira, M., Kounev, S., Avritzer, A., Payne, B.D.: Evaluating computer intrusion detection systems: a survey of common practices. ACM Comput. Surv. (CSUR) 48(1), 1\u201341 (2015)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"1_CR13","unstructured":"Mohamadally Hasan, F.B.: SVM: Machines \u00e0 vecteurs de support s\u00e9parateurs \u00e0 vastes marges. BD Web ISTY3 21, 14\u201315 (2006)"},{"key":"1_CR14","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1016\/j.protcy.2012.05.017","volume":"4","author":"S Mukherjee","year":"2012","unstructured":"Mukherjee, S., Sharma, N.: Intrusion detection using Naive Bayes classifier with feature reduction. Procedia Technol. 4, 119\u2013128 (2012)","journal-title":"Procedia Technol."},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Omar, S., Ngadi, A., Jebur, H.H.: Machine learning techniques for anomaly detection: an overview. Int. J. Comput. Appl. 79(2) (2013)","DOI":"10.5120\/13715-1478"},{"issue":"4","key":"1_CR16","first-page":"32","volume":"7","author":"JD Parmar","year":"2017","unstructured":"Parmar, J.D., Patel, J.T.: Anomaly detection in data mining: a review. Int. J. 7(4), 32\u201340 (2017)","journal-title":"Int. J."},{"key":"1_CR17","first-page":"2825","volume":"12","author":"F Pedregosa","year":"2011","unstructured":"Pedregosa, F., et al.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12, 2825\u20132830 (2011)","journal-title":"J. Mach. Learn. Res."},{"key":"1_CR18","unstructured":"Ranjan, R., Sahoo, G.: A new clustering approach for anomaly intrusion detection. arXiv preprint arXiv:1404.2772 (2014)"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"Reif, M., Goldstein, M., Stahl, A., Breuel, T.M.: Anomaly detection by combining decision trees and parametric densities. In: 2008 19th International Conference on Pattern Recognition, pp. 1\u20134. IEEE (2008)","DOI":"10.1109\/ICPR.2008.4761796"},{"issue":"1","key":"1_CR20","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-020-00318-5","volume":"7","author":"IH Sarker","year":"2020","unstructured":"Sarker, I.H., Kayes, A.S.M., Badsha, S., Alqahtani, H., Watters, P., Ng, A.: Cybersecurity data science: an overview from machine learning perspective. J. Big Data 7(1), 1\u201329 (2020). https:\/\/doi.org\/10.1186\/s40537-020-00318-5","journal-title":"J. Big Data"},{"issue":"1","key":"1_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-019-0219-y","volume":"6","author":"IH Sarker","year":"2019","unstructured":"Sarker, I.H., Kayes, A.S.M., Watters, P.: Effectiveness analysis of machine learning classification models for predicting personalized context-aware smartphone usage. J. Big Data 6(1), 1\u201328 (2019). https:\/\/doi.org\/10.1186\/s40537-019-0219-y","journal-title":"J. Big Data"},{"key":"1_CR22","unstructured":"Sauvanaud, C.: Monitoring et d\u00e9tection d\u2019anomalie par apprentissage dans les infrastructures virtualis\u00e9es. Ph.D. thesis, Toulouse, INSA (2016)"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSp, pp. 108\u2013116 (2018)","DOI":"10.5220\/0006639801080116"},{"key":"1_CR24","volume-title":"Threat Modeling: Designing for Security","author":"A Shostack","year":"2014","unstructured":"Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy, pp. 305\u2013316. IEEE (2010)","DOI":"10.1109\/SP.2010.25"},{"issue":"2","key":"1_CR26","doi-asserted-by":"publisher","first-page":"1744","DOI":"10.1109\/COMST.2018.2885561","volume":"21","author":"N Sun","year":"2018","unstructured":"Sun, N., Zhang, J., Rimba, P., Gao, S., Zhang, L.Y., Xiang, Y.: Data-driven cybersecurity incident prediction: a survey. IEEE Commun. Surv. Tutor. 21(2), 1744\u20131772 (2018)","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"6","key":"1_CR27","first-page":"1825","volume":"5","author":"H Tang","year":"2009","unstructured":"Tang, H., Cao, Z.: Machine learning-based intrusion detection algorithms. J. Comput. Inf. Syst. 5(6), 1825\u20131831 (2009)","journal-title":"J. Comput. Inf. Syst."},{"key":"1_CR28","unstructured":"Teng, M.: Anomaly detection on time series. In: 2010 IEEE International Conference on Progress in Informatics and Computing, vol. 1, pp. 603\u2013608. IEEE (2010)"},{"issue":"10","key":"1_CR29","doi-asserted-by":"publisher","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"CF Tsai","year":"2009","unstructured":"Tsai, C.F., Hsu, Y.F., Lin, C.Y., Lin, W.Y.: Intrusion detection by machine learning: a review. Expert Syst. Appl. 36(10), 11994\u201312000 (2009)","journal-title":"Expert Syst. Appl."},{"issue":"1","key":"1_CR30","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1109\/TC.2016.2560839","volume":"66","author":"E Viegas","year":"2016","unstructured":"Viegas, E., Santin, A.O., Franca, A., Jasinski, R., Pedroni, V.A., Oliveira, L.S.: Towards an energy-efficient anomaly-based intrusion detection engine for embedded systems. IEEE Trans. Comput. 66(1), 163\u2013177 (2016)","journal-title":"IEEE Trans. Comput."},{"key":"1_CR31","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"438","DOI":"10.1007\/978-3-319-22915-7_40","volume-title":"Security in Computing and Communications","author":"T Yadav","year":"2015","unstructured":"Yadav, T., Rao, A.M.: Technical aspects of cyber kill chain. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M., Ruiz-Mart\u00ednez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 438\u2013452. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22915-7_40"}],"container-title":["Lecture Notes in Computer Science","Transactions on Large-Scale Data- and Knowledge-Centered Systems LI"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-66111-6_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,7]],"date-time":"2022-10-07T07:05:47Z","timestamp":1665126347000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-662-66111-6_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783662661109","9783662661116"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-66111-6_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"8 October 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}