{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,2]],"date-time":"2025-05-02T11:53:26Z","timestamp":1746186806173},"reference-count":41,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2011,11,24]],"date-time":"2011-11-24T00:00:00Z","timestamp":1322092800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Pattern Anal Applic"],"published-print":{"date-parts":[[2013,11]]},"DOI":"10.1007\/s10044-011-0255-5","type":"journal-article","created":{"date-parts":[[2011,11,22]],"date-time":"2011-11-22T22:48:11Z","timestamp":1322002091000},"page":"549-566","source":"Crossref","is-referenced-by-count":27,"title":["Evaluation of an adaptive genetic-based signature extraction system for network intrusion detection"],"prefix":"10.1007","volume":"16","author":[{"given":"Kamran","family":"Shafi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hussein A.","family":"Abbass","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2011,11,24]]},"reference":[{"key":"255_CR1","doi-asserted-by":"crossref","unstructured":"Almgren M, Jonsson E (2004) Using active learning in intrusion detection. In: Proceedings of the 17th IEEE computer security foundations workshop (CSFW\u201904). IEEE Computer Society, New Jersey, pp 88\u201398","DOI":"10.1109\/CSFW.2004.1310734"},{"issue":"1","key":"255_CR2","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1145\/974043.974078","volume":"29","author":"S Antonatos","year":"2004","unstructured":"Antonatos S, Anagnostakis KG, Markatos EP (2004) Generating realistic workloads for network intrusion detection systems. ACM SIGSOFT Softw Eng Notes 29(1):207\u2013215","journal-title":"ACM SIGSOFT Softw Eng Notes"},{"issue":"6","key":"255_CR3","first-page":"2","volume":"5","author":"A Barisani","year":"2003","unstructured":"Barisani A (2003) Testing firewalls and IDS with FTester. TISC Insight Newslett 5(6):2\u20134","journal-title":"TISC Insight Newslett"},{"issue":"3","key":"255_CR4","doi-asserted-by":"crossref","first-page":"209","DOI":"10.1162\/106365603322365289","volume":"11","author":"Bernad\u00f3-Mansilla Ester","year":"2003","unstructured":"Bernad\u00f3-Mansilla E, Garrell JM (2003) Accuracy-based learning classifier systems: models, analysis and applications to classification tasks. Evol Comput 11(3):209\u2013238","journal-title":"Evol Comput"},{"key":"255_CR5","doi-asserted-by":"crossref","unstructured":"Dixon PW, Corne DW, Oates MJ (2003) A ruleset reduction algorithm for the XCS learning classifier system. In: Proceedings of the 5th international workshop on learning classifier systems, Revised Papers. Springer, Berlin, pp 20\u201329","DOI":"10.1007\/978-3-540-40029-5_2"},{"issue":"1","key":"255_CR6","doi-asserted-by":"crossref","first-page":"176","DOI":"10.1016\/j.patcog.2007.05.018","volume":"41","author":"M Filippone","year":"2008","unstructured":"Filippone M, Camastra F, Masulli F, Rovetta S (2008) A survey of kernel and spectral methods for clustering. Pattern Recogn 41(1):176\u2013190","journal-title":"Pattern Recogn"},{"key":"255_CR7","unstructured":"Geschke D (2004) FLoP\u2014Fast logging project for Snort. http:\/\/www.geschke-online.de\/FLoP\/"},{"key":"255_CR8","unstructured":"Goldberg DE (1989) Genetic algorithms in search, optimization, and machine Learning. Addision-Wesley Publishing Company, Inc., Boston"},{"key":"255_CR9","unstructured":"Gregory J (2005) Mucus\u2014traffic generator for IDS simulation. http:\/\/www.bleedingthreats.net\/ ."},{"key":"255_CR10","unstructured":"Hettich S, Bay SD (1999) The UCI KDD archive. http:\/\/kdd.ics.uci.edu\/databases\/kddcup99\/kddcup99.html ."},{"key":"255_CR11","doi-asserted-by":"crossref","unstructured":"Holland JH, Booker LB, Colombetti M, Dorigo M, Goldberg DE, Forrest S, Riolo RL, Smith RE, Lanzi PL, Stolzmann W et\u00a0al (2000) What is a learning classifier system. Learn Classif Syst Found Appl 1813:3\u201332","DOI":"10.1007\/3-540-45027-0_1"},{"issue":"1","key":"255_CR12","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1109\/TDSC.2007.9","volume":"4","author":"K Hwang","year":"2007","unstructured":"Hwang K, Cai M, Chen Y, Qin M (2007) Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans Dependable Secure Comput 4(1):41\u201355","journal-title":"IEEE Trans Dependable Secure Comput"},{"issue":"8","key":"255_CR13","doi-asserted-by":"crossref","first-page":"2185","DOI":"10.1016\/j.patcog.2006.12.010","volume":"40","author":"S Jin","year":"2007","unstructured":"Jin S, Yeung DS, Wang X (2007) Network intrusion detection in covariance feature space. Pattern Recogn 40(8):2185\u20132197","journal-title":"Pattern Recogn"},{"key":"255_CR14","doi-asserted-by":"crossref","unstructured":"Jung J, Paxson V, Berger AW, Balakrishnan H (2004) Fast portscan detection using sequential hypothesis testing. In: Proceedings of the 2004 IEEE symposium on security and privacy, pp 211\u2013225","DOI":"10.1109\/SECPRI.2004.1301325"},{"key":"255_CR15","first-page":"120","volume":"7","author":"W Lee","year":"1999","unstructured":"Lee W, Stolfo SJ, Mok KW (1999) A data mining framework for building intrusion detection models. IEEE Symp Secur Priv 7:120\u2013132","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"255_CR16","unstructured":"Lippmann RP, Zissman MA (1998) 1998 DARPA\/AFRL off-line intrusion detection evaluation. http:\/\/www.ll.mit.edu\/IST\/ideval\/data\/data_index.html"},{"issue":"5","key":"255_CR17","doi-asserted-by":"crossref","first-page":"927","DOI":"10.1016\/j.patcog.2003.09.011","volume":"37","author":"Y Liu","year":"2004","unstructured":"Liu Y, Chen K, Liao X, Zhang W (2004) A genetic clustering method for intrusion detection. Pattern Recogn 37(5):927\u2013942","journal-title":"Pattern Recogn"},{"key":"255_CR18","unstructured":"Luo S, Marin GA (2004) Generating realistic network traffic for security experiments. In: Proceedings of the IEEE SoutheastCon, pp 200\u2013207"},{"key":"255_CR19","unstructured":"Mahoney MV, Chan PK (2003) Learning rules for anomaly detection of hostile network traffic. In: Proceedings of the third IEEE international conference on data mining (ICDM 2003), pp 601\u2013604"},{"key":"255_CR20","unstructured":"Mahoney MV (2003) A machine learning approach to detecting attacks by identifying anomalies in network traffic. PhD thesis, Florida Institute of Technology"},{"key":"255_CR21","doi-asserted-by":"crossref","unstructured":"Mahoney MV, Chan PK (2003) An analysis of the 1999 DARPA\/Lincoln laboratory evaluation data for network anomaly detection. In: Proceedings of recent advances in intrusion detection (RAID) 2003. Springer, Berlin, pp 220\u2013237","DOI":"10.1007\/978-3-540-45248-5_13"},{"key":"255_CR22","doi-asserted-by":"crossref","unstructured":"Massicotte F, Gagnon F, Labiche Y, Briand L, Couture M (2006) Automatic evaluation of intrusion detection systems. In: 22nd annual computer security applications conference, 2006, pp 361\u2013370","DOI":"10.1109\/ACSAC.2006.15"},{"issue":"4","key":"255_CR23","doi-asserted-by":"crossref","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J McHugh","year":"2000","unstructured":"McHugh J (2000) Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans Inf Syst Secur 3(4):262\u2013294","journal-title":"ACM Trans Inf Syst Secur"},{"key":"255_CR24","doi-asserted-by":"crossref","unstructured":"Mutz D, Vigna G, Kemmerer R (2003) An experience developing an IDS stimulator for the black-box testing of network intrusion detection systems. In: Proceedings of the 19th annual computer security applications conference, pp 374\u2013383","DOI":"10.1109\/CSAC.2003.1254342"},{"key":"255_CR25","unstructured":"Ramesh A, Mahesh JV (2001) PNrule: a new framework for learning classifier models in data mining (a case-study in network intrusion detection). In: Proceedings of the first SIAM international conference on data mining, Chicago, IL, USA, 5\u20137 April, 2001"},{"key":"255_CR26","unstructured":"Roesch M (1999) Snort-lightweight intrusion detection for networks. In: Proceedings of USENIX LISA, pp 229\u2013238. http:\/\/www.snort.org\/"},{"key":"255_CR27","unstructured":"Sabhnani M, Serpen G (2003) Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. In: Proceedings of international conference on machine learning: models, technologies, and applications, pp 23\u201326"},{"issue":"4","key":"255_CR28","doi-asserted-by":"crossref","first-page":"403","DOI":"10.3233\/IDA-2004-8406","volume":"8","author":"Maheshkumar Sabhnani","year":"2004","unstructured":"Sabhnani M, Serpen G (2004) Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. Intell Data Anal 8(4):403\u2013415","journal-title":"Intell Data Anal"},{"key":"255_CR29","unstructured":"Shafi K (2008) An online and adaptive signature-based approach for intrusion detection using learning classifier systems. PhD thesis, University of New South Wales, Australian Defence Force Academy, School of Information Technology and Electrical Engineering"},{"issue":"10","key":"255_CR30","doi-asserted-by":"crossref","first-page":"12036","DOI":"10.1016\/j.eswa.2009.03.036","volume":"36","author":"K Shafi","year":"2009","unstructured":"Shafi K, Abbass HA (2009) An adaptive genetic-based signature learning system for intrusion detection. Expert Syst Appl 36(10):12036\u201312043","journal-title":"Expert Syst Appl"},{"key":"255_CR31","unstructured":"Shafi K, Abbass HA, Zhu W (2007) Real time signature extraction from a supervised classifier system. In: Proceeding of the IEEE congress on evolutionary computation, CEC 2007, 25\u201328 September, 2007, pp 2509\u20132516"},{"key":"255_CR32","unstructured":"Snort. The open source network intrusion detection system. http:\/\/www.snort.org\/"},{"key":"255_CR33","unstructured":"Sommers J, Yegneswaran V, Barford P (2005) Toward comprehensive traffic generation for online IDS evaluation. Technical report, Department of Computer Science, University of Wisconsin"},{"key":"255_CR34","unstructured":"Stolfo SJ, Fan W, Lee W, Prodromidis A, Chan PK (2000) Cost-based modeling and evaluation for data mining with application to fraud and intrusion detection: results from the JAM Project. In: Proceedings of DARPA information survivability conference, pp 130\u2013144"},{"key":"255_CR35","unstructured":"Team MD (2006) The Metasploit Project. http:\/\/www.metasploit.com\/"},{"key":"255_CR36","unstructured":"TeleGeography (2008) TeleGeography\u2019s global internet geography. http:\/\/www.telegeography.com\/products\/gig\/index.php"},{"key":"255_CR37","unstructured":"Turner A, Bing M (2005) TCPReplay: PCAP editing and replay tools for *nix. http:\/\/tcpreplay.sourceforge.net"},{"key":"255_CR38","doi-asserted-by":"crossref","unstructured":"Wang K, Stolfo SJ (2004) Anomalous payload-based network intrusion detection. Proc Recent Adv Intrusion Detect 7:201\u2013222","DOI":"10.1007\/978-3-540-30143-1_11"},{"key":"255_CR39","doi-asserted-by":"crossref","unstructured":"Wilson SW (1995) Classifier fitness based on accuracy. Evol Comput 3(2):149\u2013175","DOI":"10.1162\/evco.1995.3.2.149"},{"key":"255_CR40","unstructured":"Wilson SW (2001) Compact rulesets from XCSI. In: Proceedings of the 4th international workshop on advances in learning classifier systems: Revised Papers. Springer, Berlin, pp 197\u2013210"},{"key":"255_CR41","unstructured":"Witten IH, Frank E (2000) Data mining: practical machine learning tools and techniques with Java implementations. Morgan Kaufmann, San Fransisco"}],"container-title":["Pattern Analysis and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10044-011-0255-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10044-011-0255-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10044-011-0255-5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,19]],"date-time":"2019-06-19T19:39:34Z","timestamp":1560973174000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10044-011-0255-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,11,24]]},"references-count":41,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2013,11]]}},"alternative-id":["255"],"URL":"https:\/\/doi.org\/10.1007\/s10044-011-0255-5","relation":{},"ISSN":["1433-7541","1433-755X"],"issn-type":[{"value":"1433-7541","type":"print"},{"value":"1433-755X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011,11,24]]}}}