{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,14]],"date-time":"2025-06-14T04:08:10Z","timestamp":1749874090732,"version":"3.41.0"},"publisher-location":"Singapore","reference-count":26,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819655656","type":"print"},{"value":"9789819655663","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-5566-3_20","type":"book-chapter","created":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T20:22:58Z","timestamp":1749846178000},"page":"401-422","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Malicious Node Identification Based on Behavioral Statistical Features and Social Relationships"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-9631-5363","authenticated-orcid":false,"given":"Guangcan","family":"Cui","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3652-3279","authenticated-orcid":false,"given":"Lisheng","family":"Huang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0519-4583","authenticated-orcid":false,"given":"Fengjun","family":"Zhang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0004-7847-1651","authenticated-orcid":false,"given":"Zuoyuan","family":"Niu","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4059-9663","authenticated-orcid":false,"given":"Kai","family":"Shi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0003-3127-2922","authenticated-orcid":false,"given":"Yunhai","family":"Lan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,6,14]]},"reference":[{"key":"20_CR1","unstructured":"Anderson, J.P.: Computer security threat monitoring and surveillance (1980)"},{"key":"20_CR2","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.jnca.2012.09.004","volume":"36","author":"H-J Liao","year":"2013","unstructured":"Liao, H.-J., Lin, C.-H.R., Lin, Y.-C., et al.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36, 16\u201324 (2013). https:\/\/doi.org\/10.1016\/j.jnca.2012.09.004","journal-title":"J. Netw. Comput. Appl."},{"key":"20_CR3","doi-asserted-by":"publisher","first-page":"1153","DOI":"10.1109\/COMST.2015.2494502","volume":"18","author":"A-L Buczak","year":"2016","unstructured":"Buczak, A.-L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18, 1153\u20131176 (2016). https:\/\/doi.org\/10.1109\/COMST.2015.2494502","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"19","key":"20_CR4","doi-asserted-by":"publisher","first-page":"29643","DOI":"10.1007\/s11042-021-11100-x","volume":"80","author":"C-Y Hsu","year":"2021","unstructured":"Hsu, C.-Y., Wang, S., et al.: Intrusion detection by machine learning for multimedia platform. Multimed. Tools Appl. 80(19), 29643\u201329656 (2021). https:\/\/doi.org\/10.1007\/s11042-021-11100-x","journal-title":"Multimed. Tools Appl."},{"key":"20_CR5","doi-asserted-by":"publisher","unstructured":"Molcer, P.S., Peji\u0107, A., et al: Machine learning based network intrusion detection system for internet of things cybersecurity. In: Kovacs, T.A., Nyikes, Z., Furstner, I. (eds.) Security-Related Advanced Technologies in Critical Infrastructure Protection. NATO Science for Peace and Security Series C: Environmental Security, pp. 95\u2013110. Springer, Dordrecht (2022). https:\/\/doi.org\/10.1007\/978-94-024-2174-3_8","DOI":"10.1007\/978-94-024-2174-3_8"},{"issue":"4","key":"20_CR6","doi-asserted-by":"publisher","first-page":"4821","DOI":"10.1109\/TNSM.2021.3138457","volume":"19","author":"S Das","year":"2022","unstructured":"Das, S., Saha, S., et al.: Network intrusion detection and comparative analysis using ensemble machine learning and feature selection. IEEE Trans. Netw. Serv. Manage. 19(4), 4821\u20134833 (2022). https:\/\/doi.org\/10.1109\/TNSM.2021.3138457","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"issue":"11","key":"20_CR7","doi-asserted-by":"publisher","first-page":"13122","DOI":"10.1007\/s11227-022-04390-x","volume":"78","author":"J Li","year":"2022","unstructured":"Li, J., Zhang, H., et al.: Semi-supervised machine learning framework for network intrusion detection. J. Supercomput. 78(11), 13122\u201313144 (2022). https:\/\/doi.org\/10.1007\/s11227-022-04390-x","journal-title":"J. Supercomput."},{"key":"20_CR8","doi-asserted-by":"publisher","first-page":"69822","DOI":"10.1109\/ACCESS.2022.3187116","volume":"10","author":"I Mbona","year":"2022","unstructured":"Mbona, I., Eloff, J.H.P., et al.: Detecting zero-day intrusion attacks using semi-supervised machine learning approaches. IEEE Access 10, 69822\u201369838 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3187116","journal-title":"IEEE Access"},{"key":"20_CR9","doi-asserted-by":"publisher","first-page":"122198","DOI":"10.1016\/j.eswa.2023.122198","volume":"238","author":"S Li","year":"2024","unstructured":"Li, S., Cao, Y., Liu, S., et al.: HDA-IDS: a hybrid DoS attacks intrusion detection system for IoT by using semi-supervised CL-GAN. Expert Syst. Appl. 238, 122198 (2024). https:\/\/doi.org\/10.1016\/j.eswa.2023.122198","journal-title":"Expert Syst. Appl."},{"key":"20_CR10","doi-asserted-by":"publisher","unstructured":"Alkhatib, N., Mushtaq, M., et al: Unsupervised network intrusion detection system for AVTP in automotive ethernet networks. In: 2022 IEEE Intelligent Vehicles Symposium (IV), Aachen, Germany, pp. 1731\u20131738. IEEE (2022). https:\/\/doi.org\/10.1109\/IV51971.2022.9827285","DOI":"10.1109\/IV51971.2022.9827285"},{"key":"20_CR11","doi-asserted-by":"publisher","first-page":"103106","DOI":"10.1016\/j.cose.2023.103106","volume":"127","author":"L Gustavo","year":"2023","unstructured":"Gustavo, L., Saotome, O., et al.: Generalizing intrusion detection for heterogeneous networks: a stacked-unsupervised federated learning approach. Comput. Secur. 127, 103106 (2023). https:\/\/doi.org\/10.1016\/j.cose.2023.103106","journal-title":"Comput. Secur."},{"issue":"3","key":"20_CR12","doi-asserted-by":"publisher","first-page":"1619","DOI":"10.1007\/s10207-023-00807-7","volume":"23","author":"YN Kunang","year":"2024","unstructured":"Kunang, Y.N., Nurmaini, S., et al.: An end-to-end intrusion detection system with IoT dataset using deep learning with unsupervised feature extraction. Int. J. Inf. Secur. 23(3), 1619\u20131648 (2024). https:\/\/doi.org\/10.1007\/s10207-023-00807-7","journal-title":"Int. J. Inf. Secur."},{"key":"20_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.3390\/app9204396","volume":"9","author":"H Liu","year":"2019","unstructured":"Liu, H., Lang, B.: Machine learning and deep learning methods for intrusion detection systems: a survey. Appl. Sci. 9, 1\u201328 (2019). https:\/\/doi.org\/10.3390\/app9204396","journal-title":"Appl. Sci."},{"issue":"1","key":"20_CR14","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1007\/s10207-023-00742-7","volume":"23","author":"S Lagraa","year":"2023","unstructured":"Lagraa, S., Hus\u00e1k, M., Seba, H., et al.: A review on graph-based approaches for network security monitoring and botnet detection. Int. J. Inf. Secur. 23(1), 119\u2013140 (2023). https:\/\/doi.org\/10.1007\/s10207-023-00742-7","journal-title":"Int. J. Inf. Secur."},{"key":"20_CR15","doi-asserted-by":"publisher","first-page":"119229","DOI":"10.1016\/j.ins.2023.119229","volume":"644","author":"Y Hong","year":"2023","unstructured":"Hong, Y., Li, Q., Yang, Y., et al.: Graph based encrypted malicious traffic detection with hybrid analysis of multi-view features. Inf. Sci. 644, 119229 (2023). https:\/\/doi.org\/10.1016\/j.ins.2023.119229","journal-title":"Inf. Sci."},{"key":"20_CR16","doi-asserted-by":"publisher","first-page":"2703","DOI":"10.1109\/TIFS.2022.3191493","volume":"17","author":"C Wang","year":"2022","unstructured":"Wang, C., Zhu, H., et al.: Wrongdoing monitor: a graph-based behavioral anomaly detection in cyber security. IEEE Trans. Inf. Forensics Secur. 17, 2703\u20132718 (2022). https:\/\/doi.org\/10.1109\/TIFS.2022.3191493","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"20_CR17","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1016\/j.ins.2019.09.024","volume":"511","author":"W Wang","year":"2020","unstructured":"Wang, W., Shang, Y., He, Y., et al.: BotMark: automated botnet detection with hybrid analysis of flow-based and graph-based traffic behaviors. Inf. Sci. 511, 284\u2013296 (2020). https:\/\/doi.org\/10.1016\/j.ins.2019.09.024","journal-title":"Inf. Sci."},{"issue":"1","key":"20_CR18","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1007\/s10922-021-09615-7","volume":"30","author":"M Verkerken","year":"2021","unstructured":"Verkerken, M., D\u2019hooge, L., et al.: Towards model generalization for intrusion detection: unsupervised machine learning techniques. J. Netw. Syst. Manage. 30(1), 12 (2021). https:\/\/doi.org\/10.1007\/s10922-021-09615-7","journal-title":"J. Netw. Syst. Manage."},{"key":"20_CR19","doi-asserted-by":"publisher","unstructured":"Wang, Z., Fok, K.W., Vrizlynn, L.L.: Thing. Machine learning for encrypted malicious traffic detection: approaches, datasets and comparative study. Comput. Secur. 113, 102542 (2022). https:\/\/doi.org\/10.1016\/j.cose.2021.102542","DOI":"10.1016\/j.cose.2021.102542"},{"issue":"1\u20133","key":"20_CR20","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1080\/19393555.2015.1125974","volume":"25","author":"N Moustafa","year":"2016","unstructured":"Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. 25(1\u20133), 18\u201331 (2016). https:\/\/doi.org\/10.1080\/19393555.2015.1125974","journal-title":"Inf. Secur. J."},{"key":"20_CR21","unstructured":"Nour, M., Jill, S.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 Network Data Set). In: 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, Australia. IEEE (2015)"},{"issue":"3","key":"20_CR22","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1016\/j.cose.2011.12.012","volume":"31","author":"A Shiravi","year":"2012","unstructured":"Shiravi, A., Shiravi, H., Tavallaee, M., et al.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357\u2013374 (2012). https:\/\/doi.org\/10.1016\/j.cose.2011.12.012","journal-title":"Comput. Secur."},{"key":"20_CR23","doi-asserted-by":"publisher","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization.In: Mori, P., Furnell, S., Camp, O. (eds.) International Conference on Information Systems Security and Privacy, Funchal, Portugal, pp. 108\u2013116 (2018). https:\/\/doi.org\/10.5220\/0006639801080116","DOI":"10.5220\/0006639801080116"},{"issue":"4","key":"20_CR24","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1109\/TBDATA.2017.2715166","volume":"5","author":"N Moustafa","year":"2019","unstructured":"Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans. Big Data 5(4), 481\u2013494 (2019). https:\/\/doi.org\/10.1109\/TBDATA.2017.2715166","journal-title":"IEEE Trans. Big Data"},{"key":"20_CR25","doi-asserted-by":"publisher","first-page":"113","DOI":"10.1016\/j.knosys.2017.03.012","volume":"126","author":"SMH Bamakan","year":"2017","unstructured":"Bamakan, S.M.H., Wang, H., Shi, Y.: Ramp loss K-support vector classification-regression; a robust and sparse multi-class approach to the intrusion detection problem. Knowl.-Based Syst. 126, 113\u2013126 (2017). https:\/\/doi.org\/10.1016\/j.knosys.2017.03.012","journal-title":"Knowl.-Based Syst."},{"key":"20_CR26","doi-asserted-by":"publisher","first-page":"102177","DOI":"10.1016\/j.cose.2021.102177","volume":"103","author":"Z Wang","year":"2021","unstructured":"Wang, Z., Liu, Y., He, D., et al.: Intrusion detection methods based on integrated deep learning model. Comput. Secur. 103, 102177 (2021). https:\/\/doi.org\/10.1016\/j.cose.2021.102177","journal-title":"Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology \u2013 ICISC 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-5566-3_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T20:23:01Z","timestamp":1749846181000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-5566-3_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819655656","9789819655663"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-5566-3_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"14 June 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ICISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Seoul","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Korea (Republic of)","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 November 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 November 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icisc2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.icisc.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}