{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T10:42:39Z","timestamp":1777372959899,"version":"3.51.4"},"reference-count":18,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2019,6,4]],"date-time":"2019-06-04T00:00:00Z","timestamp":1559606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2019,6,4]],"date-time":"2019-06-04T00:00:00Z","timestamp":1559606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100001700","name":"Ministry of Education, Culture, Sports, Science and Technology","doi-asserted-by":"crossref","award":["16H02874"],"award-info":[{"award-number":["16H02874"]}],"id":[{"id":"10.13039\/501100001700","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2020,2]]},"DOI":"10.1007\/s10207-019-00439-w","type":"journal-article","created":{"date-parts":[[2019,6,4]],"date-time":"2019-06-04T13:02:42Z","timestamp":1559653362000},"page":"83-92","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":30,"title":["A study of IoT malware activities using association rule learning for darknet sensor data"],"prefix":"10.1007","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0965-0064","authenticated-orcid":false,"given":"Seiichi","family":"Ozawa","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tao","family":"Ban","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Naoki","family":"Hashimoto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Junji","family":"Nakazato","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jumpei","family":"Shimamura","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,6,4]]},"reference":[{"key":"439_CR1","doi-asserted-by":"crossref","unstructured":"Ban, T., Eto, M., Guo, S., Inoue, D., Nakao, K., Huang, R.: A study on association rule mining of darknet big data. In: Proceedings of International Joint Conference on Neural Networks, pp. 1\u20137 (2015)","DOI":"10.1109\/IJCNN.2015.7280818"},{"key":"439_CR2","doi-asserted-by":"crossref","unstructured":"Ban, T., Pang, S., Eto, M., Inoue, D., Nakao, K., Huang, R.: Towards early detection of novel attack patterns through the lens of a large-scale darknet. In: Proceedings of 2016 International IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress, pp. 341\u2013349 (2016)","DOI":"10.1109\/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.0068"},{"key":"439_CR3","volume-title":"Mapping the Internet: A Hacker\u2019s Secret Internet Census","author":"C Stocker","year":"2013","unstructured":"Stocker, C., Horchert, J.: Mapping the Internet: A Hacker\u2019s Secret Internet Census. Spiegel Online GmbH, Hamburg (2013)"},{"key":"439_CR4","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/978-3-319-05302-8_26","volume-title":"Foundations and Practice of Security, LNCS","author":"EL Malecot","year":"2014","unstructured":"Malecot, E.L., Inoue, D.: The Carna botnet through the lens of a network telescope. In: Danger, J., et al. (eds.) Foundations and Practice of Security, LNCS, vol. 8352, pp. 426\u2013441. Springer, Berlin (2014)"},{"issue":"2","key":"439_CR5","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1145\/170036.170072","volume":"22","author":"R Agrawal","year":"1993","unstructured":"Agrawal, R., Imielinski, T., Swami, A.: Mining association rules between sets of items in large databases. ACM SIGMOD Rec. 22(2), 207\u2013216 (1993)","journal-title":"ACM SIGMOD Rec."},{"issue":"2","key":"439_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/335191.335372","volume":"29","author":"J Han","year":"2000","unstructured":"Han, J., Pei, J., Yin, Y.: Mining frequent patterns without candidate generation. ACM SIGMOD Rec. 29(2), 1\u201312 (2000)","journal-title":"ACM SIGMOD Rec."},{"issue":"1","key":"439_CR7","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1023\/B:DAMI.0000005258.31418.83","volume":"8","author":"J Han","year":"2004","unstructured":"Han, J., Mao, P.Y.: Mining frequent patterns without candidate generation: a frequent-pattern tree approach. Data Min. Knowl. Discov. 8(1), 53\u201387 (2004)","journal-title":"Data Min. Knowl. Discov."},{"issue":"6","key":"439_CR8","doi-asserted-by":"publisher","first-page":"437","DOI":"10.1002\/widm.1074","volume":"2","author":"C Borgelt","year":"2012","unstructured":"Borgelt, C.: Frequent item set mining. Data Min. Knowl. Discov. 2(6), 437\u2013456 (2012)","journal-title":"Data Min. Knowl. Discov."},{"key":"439_CR9","unstructured":"https:\/\/nvd.nist.gov\/"},{"key":"439_CR10","doi-asserted-by":"crossref","unstructured":"Nichols, K., Blake, S., Baker, F., Black, D.: Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers. IETF RFC 2119 (1998)","DOI":"10.17487\/rfc2474"},{"key":"439_CR11","doi-asserted-by":"crossref","unstructured":"Grossman, D.: New terminology and clarifications for diffserv. IETF RFC 3260 (2002)","DOI":"10.17487\/rfc3260"},{"key":"439_CR12","doi-asserted-by":"crossref","unstructured":"Babiarz, J., Chan, K., Baker, F.: Configuration guidelines for diffserv service classes. IETF RFC 4594 (2006)","DOI":"10.17487\/rfc4594"},{"key":"439_CR13","unstructured":"Introduction to Cisco IOS NetFlow\u2014a technical overview, White Papers, Cisco, updated May (2012)"},{"key":"439_CR14","first-page":"229","volume-title":"A Survey of Bots Used for Distributed Denial of Service Attacks. New Approaches for Security, Privacy and Trust in Complex Environments","author":"VL Thing","year":"2007","unstructured":"Thing, V.L., Sloman, M., Dulay, N.: A Survey of Bots Used for Distributed Denial of Service Attacks. New Approaches for Security, Privacy and Trust in Complex Environments, pp. 229\u2013240. Springer, Boston (2007)"},{"key":"439_CR15","doi-asserted-by":"crossref","unstructured":"Jacobson, V., Braden, R., Borman, D.: TCP extensions for high performance. IETF RFC 1323 (1992)","DOI":"10.17487\/rfc1323"},{"key":"439_CR16","unstructured":"Microsoft Windows TCP\/IP Connection Exhaustion Denial of Service Vulnerability, Cisco Mulitivendor Vulnerability Alerts, Alert ID: 18959, CVE-2009-1926 (2009)"},{"key":"439_CR17","unstructured":"Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., Durumeric, Z., Halderman, J.A., Invernizzi, L., Kallitsis, M., Kumar, D., Lever, C., Ma, Z., Mason, J., Menscher, D., Seaman, C., Sullivan, N., Thomas, K., Zhou, Y.: Understanding the mirai botnet. In: Proceedings of 26th USENIX Security Symposium, pp. 1093\u20131110 (2017)"},{"key":"439_CR18","unstructured":"http:\/\/data.netlab.360.com\/mirai-scanner\/"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-019-00439-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10207-019-00439-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-019-00439-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,6,2]],"date-time":"2020-06-02T23:05:33Z","timestamp":1591139133000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10207-019-00439-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,6,4]]},"references-count":18,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,2]]}},"alternative-id":["439"],"URL":"https:\/\/doi.org\/10.1007\/s10207-019-00439-w","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,6,4]]},"assertion":[{"value":"4 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}