{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T15:26:54Z","timestamp":1743002814401,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":34,"publisher":"Springer Singapore","isbn-type":[{"type":"print","value":"9789811507571"},{"type":"electronic","value":"9789811507588"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-981-15-0758-8_5","type":"book-chapter","created":{"date-parts":[[2019,10,23]],"date-time":"2019-10-23T17:47:53Z","timestamp":1571852873000},"page":"57-73","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Development of an Early Warning System for Network Intrusion Detection Using Benford\u2019s Law Features"],"prefix":"10.1007","author":[{"given":"Liuying","family":"Sun","sequence":"first","affiliation":[]},{"given":"Anthony","family":"Ho","sequence":"additional","affiliation":[]},{"given":"Zhe","family":"Xia","sequence":"additional","affiliation":[]},{"given":"Jiageng","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Mingwu","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,10,24]]},"reference":[{"issue":"4","key":"5_CR1","doi-asserted-by":"publisher","first-page":"507","DOI":"10.1007\/s00778-006-0002-5","volume":"16","author":"L Khan","year":"2007","unstructured":"Khan, L., Awad, M., Thuraisingham, B.: A new intrusion detection system using support vector machines and hierarchical clustering. VLDB J. 16(4), 507\u2013521 (2007)","journal-title":"VLDB J."},{"doi-asserted-by":"crossref","unstructured":"Amor, N.B., Benferhat, S., Elouedi, Z.: Naive Bayes vs decision trees in intrusion detection systems. In: Proceedings of the 2004 ACM Symposium on Applied Computing, pp. 420\u2013424. ACM (2004)","key":"5_CR2","DOI":"10.1145\/967900.967989"},{"issue":"10","key":"5_CR3","doi-asserted-by":"publisher","first-page":"12036","DOI":"10.1016\/j.eswa.2009.03.036","volume":"36","author":"K Shafi","year":"2009","unstructured":"Shafi, K., Abbass, H.A.: An adaptive genetic-based signature learning system for intrusion detection. Expert Syst. Appl. 36(10), 12036\u201312043 (2009)","journal-title":"Expert Syst. Appl."},{"doi-asserted-by":"crossref","unstructured":"Wang, W., Battiti, R.: Identifying intrusions in computer networks with principal component analysis. In: International Conference on Availability, Reliability and Security, pp. 270\u2013279. IEEE (2006)","key":"5_CR4","DOI":"10.1109\/ARES.2006.73"},{"doi-asserted-by":"crossref","unstructured":"Kennedy, J.: Particle swarm optimization. In: Encyclopedia of Machine Learning, pp. 760\u2013766. Springer, Heidelberg (2011)","key":"5_CR5","DOI":"10.1007\/978-0-387-30164-8_630"},{"issue":"7\u20138","key":"5_CR6","doi-asserted-by":"publisher","first-page":"459","DOI":"10.1016\/j.cose.2007.10.002","volume":"26","author":"Y Li","year":"2007","unstructured":"Li, Y., Guo, L.: An active learning based TCM-KNN algorithm for supervised network intrusion detection. Comput. Secur. 26(7\u20138), 459\u2013467 (2007)","journal-title":"Comput. Secur."},{"unstructured":"Moradi, M., Zulkernine, M.: A neural network based system for intrusion detection and classification of attacks. In: Proceedings of the IEEE International Conference on Advances in Intelligent Systems-Theory and Applications, pp. 15\u201318 (2004)","key":"5_CR7"},{"unstructured":"Labib, K., Vemuri, R.: NSOM: a real-time network-based intrusion detection system using self-organizing maps. Netw. Secur., 1\u20136 (2002)","key":"5_CR8"},{"issue":"6","key":"5_CR9","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s00521-015-1964-2","volume":"27","author":"BM Aslahi-Shahri","year":"2016","unstructured":"Aslahi-Shahri, B.M., Rahmani, R., Chizari, M., et al.: A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput. Appl. 27(6), 1\u20138 (2016)","journal-title":"Neural Comput. Appl."},{"doi-asserted-by":"crossref","unstructured":"Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.I.: Selecting features for intrusion detection: a feature relevance analysis on KDD 99 intrusion detection datasets. In: Proceedings of the Third Annual Conference on Privacy, Security and Trust (2005)","key":"5_CR10","DOI":"10.4018\/978-1-59140-561-0.ch071"},{"unstructured":"Parsazad, S., Saboori, E., Allahyar, A.: Fast feature reduction in intrusion detection datasets. In: 2012 Proceedings of the 35th International Convention MIPRO, pp. 1023\u20131029. IEEE (2012)","key":"5_CR11"},{"issue":"1","key":"5_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.knosys.2012.09.004","volume":"40","author":"XS Gan","year":"2013","unstructured":"Gan, X.S., Duanmu, J.S., Wang, J.F., et al.: Anomaly intrusion detection based on PLS feature extraction and core vector machine. Knowl.-Based Syst. 40(1), 1\u20136 (2013)","journal-title":"Knowl.-Based Syst."},{"issue":"5","key":"5_CR13","doi-asserted-by":"publisher","first-page":"1187","DOI":"10.1007\/s00500-014-1332-7","volume":"19","author":"F Kuang","year":"2015","unstructured":"Kuang, F., Zhang, S., Jin, Z., et al.: A novel SVM by combining kernel principal component analysis and improved chaotic particle swarm optimization for intrusion detection. Soft. Comput. 19(5), 1187\u20131199 (2015)","journal-title":"Soft. Comput."},{"doi-asserted-by":"crossref","unstructured":"Sun, L., Anthony, T.S.H., Xia, Z., et al.: Detection and classification of malicious patterns in network traffic using Benford\u2019s law. In: 2017 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), pp. 864\u2013872. IEEE (2017)","key":"5_CR14","DOI":"10.1109\/APSIPA.2017.8282154"},{"issue":"1","key":"5_CR15","doi-asserted-by":"publisher","first-page":"424","DOI":"10.1016\/j.eswa.2011.07.032","volume":"39","author":"Y Li","year":"2012","unstructured":"Li, Y., Xia, J., Zhang, S., et al.: An efficient intrusion detection system based on support vector machines and gradually features removal method. Expert Syst. Appl. 39(1), 424\u2013430 (2012)","journal-title":"Expert Syst. Appl."},{"issue":"2","key":"5_CR16","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1145\/846183.846199","volume":"1","author":"C Elkan","year":"2000","unstructured":"Elkan, C.: Results of the KDD\u201999 classifier learning. ACM SIGKDD Explor. Newslett. 1(2), 63\u201364 (2000)","journal-title":"ACM SIGKDD Explor. Newslett."},{"issue":"1","key":"5_CR17","doi-asserted-by":"publisher","first-page":"39","DOI":"10.2307\/2369148","volume":"4","author":"S Newcomb","year":"1881","unstructured":"Newcomb, S.: Note on the frequency of use of the different digits in natural numbers. Am. J. Math. 4(1), 39\u201340 (1881)","journal-title":"Am. J. Math."},{"unstructured":"Benford, F.: The law of anomalous numbers. Proc. Am. Philos. Soc., 551\u2013572 (1938)","key":"5_CR18"},{"key":"5_CR19","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1214\/ss\/1177009869","volume":"10","author":"TP Hill","year":"1995","unstructured":"Hill, T.P.: A statistical derivation of the significant-digit law. Stat. Sci. 10, 354\u2013363 (1995)","journal-title":"Stat. Sci."},{"key":"5_CR20","doi-asserted-by":"publisher","DOI":"10.1002\/9781119203094","volume-title":"Benford\u2019s Law: Applications for Forensic Accounting, Auditing, and Fraud Detection","author":"M Nigrini","year":"2012","unstructured":"Nigrini, M.: Benford\u2019s Law: Applications for Forensic Accounting, Auditing, and Fraud Detection. Wiley, Hoboken (2012)"},{"issue":"1","key":"5_CR21","first-page":"17","volume":"5","author":"C Durtschi","year":"2004","unstructured":"Durtschi, C., Hillison, W., Pacini, C.: The effective use of Benford\u2019s law to assist in detecting fraud in accounting data. J. Forensic Account. 5(1), 17\u201334 (2004)","journal-title":"J. Forensic Account."},{"doi-asserted-by":"crossref","unstructured":"Fu, D., Shi, Y.Q., Su, W.: A generalized Benford\u2019s law for JPEG coefficients and its applications in image forensics. In: Security, Steganography, and Watermarking of Multimedia Contents IX. International Society for Optics and Photonics, vol. 6505, p. 65051L (2007)","key":"5_CR22","DOI":"10.1117\/12.704723"},{"doi-asserted-by":"crossref","unstructured":"Sambridge, M., Tkal\u010di\u0107, H., Jackson, A.: Benford\u2019s law in the natural sciences. Geophys. Res. Lett. 37(22) (2010)","key":"5_CR23","DOI":"10.1029\/2010GL044830"},{"issue":"1","key":"5_CR24","doi-asserted-by":"publisher","first-page":"e2881","DOI":"10.1002\/dac.2881","volume":"30","author":"L Arshadi","year":"2017","unstructured":"Arshadi, L., Jahangir, A.H.: An empirical study on TCP flow interarrival time distribution for normal and anomalous traffic. Int. J. Commun. Syst. 30(1), e2881 (2017)","journal-title":"Int. J. Commun. Syst."},{"doi-asserted-by":"crossref","unstructured":"Asadi, A.N.: An approach for detecting anomalies by assessing the inter-arrival time of UDP packets and flows using Benford\u2019s law. In: 2015 2nd International Conference on Knowledge-Based Engineering and Innovation (KBEI), pp. 257\u2013262. IEEE (2015)","key":"5_CR25","DOI":"10.1109\/KBEI.2015.7436057"},{"unstructured":"Iorliam, A., Tirunagari, S., Ho, A.T.S., et al.: \u201cFlow size difference\u201d can make a difference: detecting malicious TCP network flows based on Benford\u2019s law. arXiv preprint arXiv:1609.04214 (2016)","key":"5_CR26"},{"key":"5_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/BFb0026666","volume-title":"Machine Learning: ECML-98","author":"DD Lewis","year":"1998","unstructured":"Lewis, D.D.: Naive (Bayes) at forty: the independence assumption in information retrieval. In: N\u00e9dellec, C., Rouveirol, C. (eds.) ECML 1998. LNCS, vol. 1398, pp. 4\u201315. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0026666"},{"doi-asserted-by":"crossref","unstructured":"Sperotto, A., Pras, A.: Flow-based intrusion detection. In: 2011 IFIP\/IEEE International Symposium on Integrated Network Management (IM), pp. 958\u2013963. IEEE (2011)","key":"5_CR28","DOI":"10.1109\/INM.2011.5990529"},{"doi-asserted-by":"crossref","unstructured":"Plackett, R.L.: Karl Pearson and the chi-squared test. Int. Stat. Rev., 59\u201372 (1983)","key":"5_CR29","DOI":"10.2307\/1402731"},{"key":"5_CR30","volume-title":"Neural Networks: A Comprehensive Foundation","author":"S Haykin","year":"1994","unstructured":"Haykin, S.: Neural Networks: A Comprehensive Foundation. Prentice Hall PTR, Upper Saddle River (1994)"},{"key":"5_CR31","volume-title":"The Nature of Statistical Learning Theory","author":"V Vapnik","year":"2013","unstructured":"Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (2013)"},{"issue":"2","key":"5_CR32","doi-asserted-by":"publisher","first-page":"332","DOI":"10.7763\/IJCTE.2011.V3.328","volume":"3","author":"G Panchal","year":"2011","unstructured":"Panchal, G., Ganatra, A., Kosta, Y.P., et al.: Behaviour analysis of multilayer perceptrons with multiple hidden neurons and hidden layers. Int. J. Comput. Theory Eng. 3(2), 332\u2013337 (2011)","journal-title":"Int. J. Comput. Theory Eng."},{"key":"5_CR33","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-88771-5","volume-title":"Network Intrusion Detection and Prevention: Concepts and Techniques","author":"AA Ghorbani","year":"2009","unstructured":"Ghorbani, A.A., Lu, W., Tavallaee, M.: Network Intrusion Detection and Prevention: Concepts and Techniques. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-0-387-88771-5"},{"unstructured":"Ibrahim, H.E., Badr, S.M., Shaheen, M.A.: Adaptive layered approach using machine learning techniques with gain ratio for intrusion detection systems. arXiv preprint arXiv:1210.7650 (2012)","key":"5_CR34"}],"container-title":["Communications in Computer and Information Science","Security and Privacy in Social Networks and Big Data"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-15-0758-8_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T14:52:56Z","timestamp":1721919176000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-15-0758-8_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9789811507571","9789811507588"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-981-15-0758-8_5","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"24 October 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SocialSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Security and Privacy in Social Networks and Big Data","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 July 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"socialsec0","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/socialsec2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"76","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"24% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"http:\/\/nsclab.org\/socialsec2019\/","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}