{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,27]],"date-time":"2025-09-27T13:46:54Z","timestamp":1758980814993,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":20,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819913534"},{"type":"electronic","value":"9789819913541"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-1354-1_17","type":"book-chapter","created":{"date-parts":[[2023,3,29]],"date-time":"2023-03-29T14:03:27Z","timestamp":1680098607000},"page":"188-201","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Slow Port Scanning Attack Detection Algorithm Based on\u00a0Dynamic Time Window Mechanism"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2653-4273","authenticated-orcid":false,"given":"Ming","family":"Ying","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,3,30]]},"reference":[{"key":"17_CR1","doi-asserted-by":"publisher","unstructured":"Caroscio, E., Paul, J., Murray, J., Bhunia, S.: Analyzing the ransomware attack on D.C. metropolitan police department by babuk. In: 2022 IEEE International Systems Conference (SysCon), pp. 1\u20138. IEEE, Canada (2022) https:\/\/doi.org\/10.1109\/SysCon53536.2022.9773935","DOI":"10.1109\/SysCon53536.2022.9773935"},{"key":"17_CR2","doi-asserted-by":"publisher","unstructured":"Hussain, F., Abbas S.G., Pires, I.M., Tanveer, S., Fayyaz, U.U., Garcia, N.M., et al.: A two-fold machine learning approach to prevent and detect IoT botnet attacks. IEEE Access 9, 163412\u2013163430 (2021) https:\/\/doi.org\/10.1109\/ACCESS.2021.3131014","DOI":"10.1109\/ACCESS.2021.3131014"},{"issue":"3","key":"17_CR3","doi-asserted-by":"publisher","first-page":"1496","DOI":"10.1109\/SURV.2013.102913.00020","volume":"16","author":"E Bou-Harb","year":"2013","unstructured":"Bou-Harb, E., Debbabi, M., Assi, C.: Cyber scanning: a comprehensive survey. IEEE Commun. Surv. Tutor. 16(3), 1496\u20131519 (2013)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"17_CR4","unstructured":"Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of the 13th Conference on Systems Administration (LISA-1999), pp. 229\u2013238. (1999)"},{"key":"17_CR5","doi-asserted-by":"publisher","unstructured":"Zhang, Z., Towey, D., Ying, Z., Zhang, Y., Zhou, Z.: MT4NS: metamorphic testing for network scanning. In: 2021 IEEE\/ACM 6th International Workshop on Metamorphic Testing (MET), pp. 17\u201323. IEEE, Spain (2021) https:\/\/doi.org\/10.1109\/MET52542.2021.00010","DOI":"10.1109\/MET52542.2021.00010"},{"key":"17_CR6","unstructured":"Singh, R.R., Tomar, D.S.: Network forensics: detection and analysis of stealth port scanning attack. Int. J. Comput. Netw. Commun. Secur. 3(2), 33\u201342 (2015)"},{"key":"17_CR7","doi-asserted-by":"publisher","unstructured":"Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J..K.: Surveying port scans and their detection methodologies. Comput. J. 54(10), 1565\u20131581 (2011) https:\/\/doi.org\/10.1093\/comjnl\/bxr035","DOI":"10.1093\/comjnl\/bxr035"},{"key":"17_CR8","doi-asserted-by":"publisher","unstructured":"Jung, J., Paxson, V., Berger, A.W., Balakrishnan, H.: Fast portscan detection using sequential hypothesis testing. In: IEEE Symposium on Security and Privacy, pp. 211\u2013225 (2004) https:\/\/doi.org\/10.1109\/SECPRI.2004.1301325","DOI":"10.1109\/SECPRI.2004.1301325"},{"key":"17_CR9","volume-title":"Sequential Analysis","author":"A Wald","year":"1947","unstructured":"Wald, A.: Sequential Analysis. John Wiley & Sons, New York (1947)"},{"key":"17_CR10","doi-asserted-by":"publisher","unstructured":"Ring, M., Landes, D., Hotho, A.: Detection of slow port scans in flow-based network traffic. PLoS ONE 13(9) (2018) https:\/\/doi.org\/10.1371\/journal.pone.0204507","DOI":"10.1371\/journal.pone.0204507"},{"key":"17_CR11","doi-asserted-by":"publisher","unstructured":"Nisa, M.U., Kifayat, K.: Detection of slow port scanning attacks. In: 2020 International Conference on Cyber Warfare and Security (ICCWS), pp. 1\u20137. IEEE, Pakistan (2020) https:\/\/doi.org\/10.1109\/ICCWS48432.2020.9292389","DOI":"10.1109\/ICCWS48432.2020.9292389"},{"key":"17_CR12","doi-asserted-by":"publisher","unstructured":"Griffioen, H., Doerr, C.: Discovering collaboration: unveiling slow, distributed scanners based on common header field patterns. In: NOMS 2020\u20132020 IEEE\/IFIP Network Operations and Management Symposium, pp. 1\u20139. IEEE, Hungary (2020) https:\/\/doi.org\/10.1109\/NOMS47738.2020.9110444","DOI":"10.1109\/NOMS47738.2020.9110444"},{"key":"17_CR13","doi-asserted-by":"publisher","unstructured":"Dabbagh, M., Ghandour, A.J., Fawaz, K., Hajj, W.E., Hajj, H.: Slow port scanning detection. In: 2011 7th International Conference on Information Assurance and Security (IAS), pp. 228\u2013233. IEEE, Malaysia (2011). https:\/\/doi.org\/10.1109\/ISIAS.2011.6122824","DOI":"10.1109\/ISIAS.2011.6122824"},{"key":"17_CR14","doi-asserted-by":"crossref","unstructured":"Mell, P., Harang, R.: Limitations to threshold random walk scan detection and mitigating enhancements. In: 2013 IEEE Conference on Communications and Network Security (CNS), pp. 332\u2013340. IEEE, USA (2013)","DOI":"10.1109\/CNS.2013.6682723"},{"key":"17_CR15","doi-asserted-by":"publisher","unstructured":"Sekar, V., Xie, Y., Reiter, M.K., Zhang, H.: A multi-resolution approach for worm detection and containment. In: International Conference on Dependable Systems and Networks (DSN\u201906), pp. 189\u2013198. IEEE, USA (2006). https:\/\/doi.org\/10.1109\/DSN.2006.6","DOI":"10.1109\/DSN.2006.6"},{"key":"17_CR16","doi-asserted-by":"crossref","unstructured":"Fukuda, K., Fontugne, R.: Estimating speed of scanning activities with a hough transform. In: 2010 IEEE International Conference on Communications, pp. 1\u20135. IEEE, South Africa (2010)","DOI":"10.1109\/ICC.2010.5502264"},{"key":"17_CR17","unstructured":"Ring, M., Wunderlich, S., Gr\u00fcdl, D., Landes, D., Hotho A.: Flow-based benchmark data sets for intrusion detection. In: European Conference on Cyber Warfare and Security (ECCWS), pp. 361\u2013369 (2017)"},{"key":"17_CR18","doi-asserted-by":"crossref","unstructured":"Roberts, S.W.: Control chart tests based on geometric moving averages. Am. Soc. Qual. Control Am. Stat. Assoc. 42(1), 97\u2013101 (2000)","DOI":"10.1080\/00401706.2000.10485986"},{"key":"17_CR19","unstructured":"Cisco systems netflow services export version 9. https:\/\/icm.krasn.ru\/ftp\/rfc\/rfc3954.pdf. Accessed 6 June 2022"},{"key":"17_CR20","unstructured":"Lyon, G.F.: Nmap network scanning: the official NMAP project guide to network discovery and security scanning. Nmap Project, US (2009)"}],"container-title":["Communications in Computer and Information Science","Web and Big Data. APWeb-WAIM 2022 International Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-1354-1_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,3,29]],"date-time":"2023-03-29T14:07:01Z","timestamp":1680098821000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-1354-1_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819913534","9789819913541"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-1354-1_17","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"30 March 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"APWeb-WAIM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Asia-Pacific Web (APWeb) and Web-Age Information Management (WAIM) Joint International Conference on Web and Big Data","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nanjing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 August 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 August 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"apwebwaim2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/apweb-waim2022.com\/proceedings","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"CMT","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"297","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"75","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5 Demo papers + 23 workshop papers","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}