{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T11:34:05Z","timestamp":1743075245962,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":30,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819708260"},{"type":"electronic","value":"9789819708277"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-981-97-0827-7_21","type":"book-chapter","created":{"date-parts":[[2024,2,29]],"date-time":"2024-02-29T11:02:50Z","timestamp":1709204570000},"page":"236-246","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Effective Rules for a Rule-Based SIEM System in Detecting DoS Attacks: An Association Rule Mining Approach"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9243-7047","authenticated-orcid":false,"given":"Federica","family":"Uccello","sequence":"first","affiliation":[]},{"given":"Marek","family":"Pawlicki","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9327-0138","authenticated-orcid":false,"given":"Salvatore","family":"D\u2019Antonio","sequence":"additional","affiliation":[]},{"given":"Rafa\u0142","family":"Kozik","sequence":"additional","affiliation":[]},{"given":"Micha\u0142","family":"Chora\u015b","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,3,1]]},"reference":[{"issue":"1","key":"21_CR1","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1108\/ICS-09-2021-0146","volume":"31","author":"A Tariq","year":"2022","unstructured":"Tariq, A., Manzoor, J., Aziz, M.A., Tariq, Z.U.A., Masood, A.: Open source siem solutions for an enterprise. Inform. Comput. Secur. 31(1), 88\u2013107 (2022)","journal-title":"Inform. Comput. Secur."},{"key":"21_CR2","doi-asserted-by":"crossref","unstructured":"Fakiha, B.S.: Effectiveness of security incident event management (siem) system for cyber security situation awareness. Indian J. Forensic Med. Toxicol. 14(4) (2020)","DOI":"10.37506\/ijfmt.v14i4.11587"},{"key":"21_CR3","unstructured":"Sheeraz, M., et al.: Effective security monitoring using efficient siem architecture. Hum.-Centric Comput. Inf. Sci. 13, 1\u201318 (2023)"},{"issue":"1","key":"21_CR4","doi-asserted-by":"publisher","first-page":"23","DOI":"10.37868\/sei.v3i1.124","volume":"3","author":"R Khader","year":"2021","unstructured":"Khader, R., Eleyan, D.: Survey of dos\/ddos attacks in iot. Sustainable Eng. Innov. 3(1), 23\u201328 (2021)","journal-title":"Sustainable Eng. Innov."},{"key":"21_CR5","doi-asserted-by":"crossref","unstructured":"Priyanka, S., Vijay Bhanu, S.: A survey on variants of dos attacks: Issues and defense mechanisms. J. Appl. Res. Technol. 21(1), 12\u201316 (2023)","DOI":"10.22201\/icat.24486736e.2023.21.1.2166"},{"key":"21_CR6","doi-asserted-by":"crossref","unstructured":"Pawlicka, A., Chora\u00b4s, M., Pawlicki, M.: The stray sheep of cyberspace aka the actors who claim they break the law for the greater good. Personal Ubiquitous Comput. 25(5), 843\u2013852 (2021)","DOI":"10.1007\/s00779-021-01568-7"},{"key":"21_CR7","doi-asserted-by":"crossref","unstructured":"Cucu, C., Cazacu, M.: Current technologies and trends in cybersecurity and the impact of artificial intelligence. In: The International Scientific Conference eLearning and Software for Education, vol. 2, pp. 208\u2013214, Carol I\u201d National Defence University (2019)","DOI":"10.12753\/2066-026X-19-099"},{"issue":"9","key":"21_CR8","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1016\/S1353-4858(20)30104-5","volume":"2020","author":"M Campfield","year":"2020","unstructured":"Campfield, M.: The problem with (most) network detection and response. Netw. Secur.. Secur. 2020(9), 6\u20139 (2020)","journal-title":"Netw. Secur.. Secur."},{"key":"21_CR9","unstructured":"Ardagna, C., Corbiaux, S., Impe, K.V., Sfakianaki, A.: Enisa threat landscape (2022)"},{"key":"21_CR10","doi-asserted-by":"crossref","unstructured":"Pawlicki, M., Pawlicka, A., Kozik, R., Chora\u00b4s, M.: The survey and meta-analysis of the attacks, transgressions, countermeasures and security aspects common to the cloud, edge and iot. Neurocomputing, p. 126533 (2023)","DOI":"10.1016\/j.neucom.2023.126533"},{"issue":"19","key":"21_CR11","doi-asserted-by":"publisher","first-page":"10743","DOI":"10.3390\/su131910743","volume":"13","author":"MJ Awan","year":"2021","unstructured":"Awan, M.J., et al.: Real-time ddos attack detection system using big data approach. Sustainability 13(19), 10743 (2021)","journal-title":"Sustainability"},{"issue":"4","key":"21_CR12","doi-asserted-by":"publisher","first-page":"51","DOI":"10.3390\/jsan12040051","volume":"12","author":"KB Adedeji","year":"2023","unstructured":"Adedeji, K.B., Abu-Mahfouz, A.M., Kurien, A.M.: Ddos attack and detection methods in internet-enabled networks: Concept, research perspectives, and challenges. J. Sens. Actuator Netw.Netw. 12(4), 51 (2023)","journal-title":"J. Sens. Actuator Netw.Netw."},{"key":"21_CR13","doi-asserted-by":"crossref","unstructured":"Podzins, O., Romanovs, A.: Why siem is irreplaceable in a secure it environment? In: 2019 Open Conference of Electrical, Electronic and Information Sciences (eStream), pp. 1\u20135 (2019)","DOI":"10.1109\/eStream.2019.8732173"},{"key":"21_CR14","doi-asserted-by":"crossref","unstructured":"Gonz\u00b4alez-Granadillo, G., Gonza\u00b4lez-Zarzosa, S., Diaz, R.: Security information and event management (siem): analysis, trends, and usage in critical infrastructures. Sensors 21(14), 4759 (2021)","DOI":"10.3390\/s21144759"},{"key":"21_CR15","unstructured":"Rosenberg, M., Schneider, B., Scherb, C., Asprion, P.M.: An adaptable approach for successful siem adoption in companies, arXiv preprint arXiv:2308.01065 (2023)"},{"key":"21_CR16","doi-asserted-by":"crossref","unstructured":"d. Lima Filho, F.S., Silveira, F.A., de Medeiros Brito Junior, A., Vargas-Solar, G., Silveira, L.F.: Smart detection: an online approach for dos\/ddos attack detection using machine learning. Secur. Commun. Networks 2019, 1\u201315 (2019)","DOI":"10.1155\/2019\/1574749"},{"key":"21_CR17","doi-asserted-by":"crossref","unstructured":"Alsulaiman, L., Al-Ahmadi, S.: Performance evaluation of machine learning techniques for dos detection in wireless sensor network, arXiv preprint arXiv:2104.01963 (2021)","DOI":"10.5121\/ijnsa.2021.13202"},{"issue":"2","key":"21_CR18","doi-asserted-by":"publisher","first-page":"930","DOI":"10.11591\/eei.v12i2.4466","volume":"12","author":"MA Al-Shareeda","year":"2023","unstructured":"Al-Shareeda, M.A., Manickam, S., Ali, M.: Ddos attacks detection using machine learning and deep learning techniques: analysis and comparison. Bull. Electr. Eng. Inform. 12(2), 930\u2013939 (2023)","journal-title":"Bull. Electr. Eng. Inform."},{"key":"21_CR19","doi-asserted-by":"crossref","unstructured":"Holkovi\u02c7c, M., Ry\u02c7savy`, O., Dudek, J.: Automating network security analysis at packet-level by using rule-based engine. In: Proceedings of the 6th Conference on the Engineering of Computer Based Systems, pp. 1\u20138 (2019)","DOI":"10.1145\/3352700.3352714"},{"key":"21_CR20","doi-asserted-by":"crossref","unstructured":"Nespoli, P., D\u00b4\u0131az-Lo\u00b4pez, D., Ma\u00b4rmol, F.G.: Cyberprotection in iot environments: a dynamic rule-based solution to defend smart devices. J. Inf. Secur. Appl. 60, 102878 (2021)","DOI":"10.1016\/j.jisa.2021.102878"},{"key":"21_CR21","doi-asserted-by":"crossref","unstructured":"Siddabathula, K.S., Panneerselvam, R.K., Vasana, V., Vejendla, J., Rafi, M., Gummadi, S.B.: Yaracapper\u2013yara rule-based automated system to detect and alert network attacks. In: Research Advances in Network Technologies, pp. 25\u201347. CRC Press (2023)","DOI":"10.1201\/9781003320333-3"},{"key":"21_CR22","doi-asserted-by":"crossref","unstructured":"Subach, I., Mykytiuk, A.: Methodology of formation of fuzzy associative rules with weighted attributes from siem database for detection of cyber incidents in special information and communication systems. Inf. Technol. Secur. 11(1) (20) (2023)","DOI":"10.20535\/2411-1031.2023.11.1.283575"},{"key":"21_CR23","doi-asserted-by":"crossref","unstructured":"Husa\u00b4k, M., Bajto\u02c7s, T., Ka\u02c7spar, J., Bou-Harb, E., Celeda, P.: Predictive cyber\u02c7 situational awareness and personalized blacklisting: a sequential rule mining approach. ACM Trans. Manage. Inf. Syst. (TMIS) 11(4), 1\u201316 (2020)","DOI":"10.1145\/3386250"},{"key":"21_CR24","doi-asserted-by":"crossref","unstructured":"Sivanantham, S., Mohanraj, V., Suresh, Y., Senthilkumar, J.: Association rule mining frequent-pattern-based intrusion detection in network. Comput. Syst. Sci. Eng. 44(2) (2023)","DOI":"10.32604\/csse.2023.025893"},{"key":"21_CR25","doi-asserted-by":"crossref","unstructured":"Chora\u00b4s, M., Kozik, R., Puchalski, D., Ho lubowicz, W.: Correlation approach for sql injection attacks detection. In: International Joint Conference CISIS\u201912ICEUTE\u00b4 12-SOCO\u00b4 12 Special Sessions, pp. 177\u2013185. Springer (2013)","DOI":"10.1007\/978-3-642-33018-6_18"},{"key":"21_CR26","doi-asserted-by":"publisher","first-page":"4043","DOI":"10.1007\/s10489-020-02007-5","volume":"51","author":"P Lou","year":"2021","unstructured":"Lou, P., Lu, G., Jiang, X., Xiao, Z., Hu, J., Yan, J.: Cyber intrusion detection through association rule mining on multi-source logs. Appl. Intell.Intell. 51, 4043\u20134057 (2021)","journal-title":"Appl. Intell.Intell."},{"key":"21_CR27","first-page":"108","volume":"1","author":"I Sharafaldin","year":"2018","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108\u2013116 (2018)","journal-title":"ICISSp"},{"key":"21_CR28","doi-asserted-by":"publisher","DOI":"10.1016\/j.bdr.2022.100359","volume":"30","author":"M Sarhan","year":"2022","unstructured":"Sarhan, M., Layeghy, S., Portmann, M.: Evaluating standard feature sets towards increased generalisability and explainability of ml-based network intrusion detection. Big Data Res. 30, 100359 (2022)","journal-title":"Big Data Res."},{"key":"21_CR29","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1613\/jair.953","volume":"16","author":"NV Chawla","year":"2002","unstructured":"Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: Smote: synthetic minority over-sampling technique. J. Artif. Intell. Res.Artif. Intell. Res. 16, 321\u2013357 (2002)","journal-title":"J. Artif. Intell. Res.Artif. Intell. Res."},{"key":"21_CR30","doi-asserted-by":"crossref","unstructured":"Coppolino, L., D\u2019Antonio, S., Uccello, F., Lyratzis, A., Bakalis, C., Touloumtzi, S., Papoutsis, I.: Detection of radio frequency interference in satellite ground segments. In: 2023 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 648\u2013653 (2023)","DOI":"10.1109\/CSR57506.2023.10225005"}],"container-title":["Communications in Computer and Information Science","Applied Intelligence"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-97-0827-7_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,29]],"date-time":"2024-02-29T11:09:13Z","timestamp":1709204953000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-97-0827-7_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9789819708260","9789819708277"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-981-97-0827-7_21","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"1 March 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICAI","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Intelligence","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nanning","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icai12023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.icai.org.cn\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}