{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T06:36:52Z","timestamp":1774507012722,"version":"3.50.1"},"reference-count":26,"publisher":"Springer Science and Business Media LLC","issue":"20","license":[{"start":{"date-parts":[[2017,6,15]],"date-time":"2017-06-15T00:00:00Z","timestamp":1497484800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100010418","name":"IITP","doi-asserted-by":"crossref","award":["IITP-2016-H8601-16-1009"],"award-info":[{"award-number":["IITP-2016-H8601-16-1009"]}],"id":[{"id":"10.13039\/501100010418","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2018,10]]},"DOI":"10.1007\/s00500-017-2679-3","type":"journal-article","created":{"date-parts":[[2017,6,15]],"date-time":"2017-06-15T05:09:19Z","timestamp":1497503359000},"page":"6621-6627","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Network anomaly detection based on probabilistic analysis"],"prefix":"10.1007","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8467-5600","authenticated-orcid":false,"given":"JinSoo","family":"Park","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dong Hag","family":"Choi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"You-Boo","family":"Jeon","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yunyoung","family":"Nam","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Min","family":"Hong","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Doo-Soon","family":"Park","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,6,15]]},"reference":[{"key":"2679_CR1","first-page":"87","volume":"8","author":"D Bayarjargal","year":"2014","unstructured":"Bayarjargal D, Cho G (2014) Detecting an anomalous traffic attack area based on entropy distribution and mahalanobis distance. Int J Secur Appl 8:87\u201394","journal-title":"Int J Secur Appl"},{"key":"2679_CR2","first-page":"56","volume":"2","author":"A Bhat","year":"2013","unstructured":"Bhat A, Patra S, Jena D (2013) Machine learning approach for intrusion detection on cloud virtual machines. Int J Appl Innov Eng Manag 2:56\u201366","journal-title":"Int J Appl Innov Eng Manag"},{"key":"2679_CR3","doi-asserted-by":"crossref","first-page":"5972","DOI":"10.1016\/j.eswa.2014.04.009","volume":"41","author":"T Chen","year":"2014","unstructured":"Chen T, Zhang X, Jin S, Kim O (2014) Efficient classification using parallel and scalable compressed model and its application on intrusion detection. Expert Syst Appl 41:5972\u20135983","journal-title":"Expert Syst Appl"},{"key":"2679_CR4","first-page":"1","volume":"8","author":"IDJ Jingle","year":"2014","unstructured":"Jingle IDJ, Rajsingh EB (2014) ColShield: an effective and collaborative protection shield for the detection and prevention of collaborative flooding of DDoS attacks in wireless mesh networks. Hum Centric Comput Inf Sci 8:1\u201319","journal-title":"Hum Centric Comput Inf Sci"},{"key":"2679_CR5","volume-title":"Applied multivariate statistical analysis","year":"2007","unstructured":"Johnson RA, Wichern DW (eds) (2007) Applied multivariate statistical analysis, 2nd edn. Pearson Prentice Hall, Upper Saddle River","edition":"2"},{"key":"2679_CR6","first-page":"1","volume":"6","author":"J Joo","year":"2015","unstructured":"Joo J, Lee J, Park J (2015) Security considerations for a connected car. J Converg 6:1\u20139","journal-title":"J Converg"},{"key":"2679_CR7","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s13673-016-0076-z","volume":"6","author":"N Keegan","year":"2016","unstructured":"Keegan N, Ji S, Chaudhary A, Concolato C, Yu B, Jeong DH (2016) A survey of cloud-based network intrusion detection analysis. Hum Centric Comput Inf Sci 6:1\u201316","journal-title":"Hum Centric Comput Inf Sci"},{"key":"2679_CR8","doi-asserted-by":"crossref","unstructured":"Kolahi SS, Treseangrat K, Sassafpour B (2015) Analysis of UDP DDoS flood cyber attack and defense mechanisms on web server with Linux Ubuntu 13. In: 2015 international conference on communications, signal processing, and their applications (ICCSPA), vol 17\u201319","DOI":"10.1109\/ICCSPA.2015.7081286"},{"key":"2679_CR9","unstructured":"Lecture notes. http:\/\/www.ece.vt.edu\/people\/profile\/mili"},{"key":"2679_CR10","unstructured":"Lecture notes. https:\/\/www.coursera.org\/learn\/machine-learning"},{"key":"2679_CR11","doi-asserted-by":"crossref","first-page":"5036","DOI":"10.1016\/j.comnet.2007.08.008","volume":"51","author":"K Lu","year":"2007","unstructured":"Lu K, Wu D, Fan J, Todorovic S, Nucci A (2007) Robust and efficient detection of DDoS attacks for large-scale internet. Comput Netw 51:5036\u20135056","journal-title":"Comput Netw"},{"key":"2679_CR12","doi-asserted-by":"crossref","unstructured":"Scarfone K, Mell P (2007) Guide to intrusion detection and prevention systems (IDPS). NIST special publication 800\u201394, Gaithersburg, MD, USA","DOI":"10.6028\/NIST.SP.800-94"},{"key":"2679_CR13","unstructured":"Shyu M-L, Chen S-C, Sarinnapakorn K, Chang L (2003) A novel anomaly detection scheme based on principal component classifier. In: Proceedings of the IEEE foundations and new directions of data mining workshop, Melbourne, FL, USA, pp 172\u2013179"},{"key":"2679_CR14","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s13673-014-0007-9","volume":"4","author":"R Singh","year":"2014","unstructured":"Singh R, Singh P, Duhan M (2014) An effective implementation of security based algorithmic approach in mobile adhoc networks. Hum Centric Comput Inf Sci 4:1\u201314","journal-title":"Hum Centric Comput Inf Sci"},{"key":"2679_CR15","doi-asserted-by":"crossref","first-page":"488","DOI":"10.1016\/j.ins.2014.03.066","volume":"278","author":"K Singh","year":"2014","unstructured":"Singh K, Guntuku SC, Thakur A, Hota C (2014) Big data analytics framework for peer-to-peer botnet detection using random forests. Inf Sci 278:488\u2013497","journal-title":"Inf Sci"},{"key":"2679_CR16","doi-asserted-by":"crossref","first-page":"105","DOI":"10.3233\/JCS-2002-101-205","volume":"10","author":"S Staniford","year":"2002","unstructured":"Staniford S, Hoagland JA, McAlerney JM (2002) Practical automated detection of stealthy portscans. J Comput Secur 10:105\u2013136","journal-title":"J Comput Secur"},{"key":"2679_CR17","doi-asserted-by":"crossref","unstructured":"Stein G, Chen B, Wu A, Hua KA (2005) Decision tree classifier for network intrusion detection with GA-based feature selection. In: Proceedings of the 43rd annual Southeast regional conference, vol 2, pp 136\u2013141","DOI":"10.1145\/1167253.1167288"},{"key":"2679_CR18","doi-asserted-by":"crossref","unstructured":"Tan L, Sherwood T (2005) A high throughput string matching architecture for intrusion detection and prevention. In: 32nd international symposium on computer architecture, pp 112\u2013122","DOI":"10.1145\/1080695.1069981"},{"key":"2679_CR19","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/2192-1962-1-1","volume":"1","author":"F-H Tseng","year":"2011","unstructured":"Tseng F-H, Chou L-D, Chao H-C (2011) A survey of black hole attacks in wireless mobile ad hoc networks. Hum Centric Comput Inf Sci 1:1\u201316","journal-title":"Hum Centric Comput Inf Sci"},{"key":"2679_CR20","doi-asserted-by":"crossref","unstructured":"Tuck N, Sherwood T, Calder B, Varghese G (2004) Deterministic memory-efficient string matching algorithms for intrusion detection. In: IEEE Infocom, pp 333\u2013340","DOI":"10.1109\/INFCOM.2004.1354682"},{"key":"2679_CR21","doi-asserted-by":"crossref","unstructured":"Valdes A, Skinner K (2000) Adaptive model-based monitoring for cyber attack detection. In: Recent advances in intrusion detection, Toulouse, France, pp 80\u201392","DOI":"10.1007\/3-540-39945-3_6"},{"key":"2679_CR22","unstructured":"Warren R, Smith R, Cybenko A (2011) Use of Mahalanobis distance for detecting outliers and outlier clusters in markedly non-normal data: a vehicular traffic example. Interim Report (United States Air Force), pp. 9\u201311"},{"key":"2679_CR23","doi-asserted-by":"crossref","first-page":"14","DOI":"10.3745\/JIPS.2005.1.1.014","volume":"1","author":"I Weon","year":"2005","unstructured":"Weon I, Song D, Ko S, Lee C (2005) A multiple instance learning problem approach model to anomaly network intrusion detection. Int J Inf Process Syst 1:14\u201321","journal-title":"Int J Inf Process Syst"},{"key":"2679_CR24","doi-asserted-by":"crossref","first-page":"810","DOI":"10.1109\/TC.2002.1017701","volume":"51","author":"N Ye","year":"2002","unstructured":"Ye N, Emran SM, Chen Q, Vilbert S (2002) Multivariate statistical analysis of audit trails for host-based intrusion detection. IEEE Trans Comput 51:810\u2013820","journal-title":"IEEE Trans Comput"},{"key":"2679_CR25","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1016\/S0031-3203(02)00026-2","volume":"36","author":"D-Y Yeung","year":"2003","unstructured":"Yeung D-Y, Ding Y (2003) Host-based intrusion detection using dynamic and static behavioral models. Pattern Recognit 36:229\u2013243","journal-title":"Pattern Recognit"},{"key":"2679_CR26","doi-asserted-by":"crossref","first-page":"674","DOI":"10.1007\/978-3-642-10665-1_71","volume":"5931","author":"W Zhao","year":"2009","unstructured":"Zhao W, Ma H, He Q (2009) Parallel k-means clustering based on mapreduce, (Cloud Computing 2009). Lect Notes Comput Sci 5931:674\u2013679","journal-title":"Lect Notes Comput Sci"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00500-017-2679-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-017-2679-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-017-2679-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,25]],"date-time":"2019-09-25T23:30:06Z","timestamp":1569454206000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00500-017-2679-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,6,15]]},"references-count":26,"journal-issue":{"issue":"20","published-print":{"date-parts":[[2018,10]]}},"alternative-id":["2679"],"URL":"https:\/\/doi.org\/10.1007\/s00500-017-2679-3","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"value":"1432-7643","type":"print"},{"value":"1433-7479","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,6,15]]}}}