{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T16:34:22Z","timestamp":1774456462270,"version":"3.50.1"},"reference-count":96,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2010,9,4]],"date-time":"2010-09-04T00:00:00Z","timestamp":1283558400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Artif Intell Rev"],"published-print":{"date-parts":[[2010,12]]},"DOI":"10.1007\/s10462-010-9179-5","type":"journal-article","created":{"date-parts":[[2010,9,3]],"date-time":"2010-09-03T15:33:09Z","timestamp":1283527989000},"page":"369-387","source":"Crossref","is-referenced-by-count":109,"title":["The use of artificial intelligence based techniques for intrusion detection: a review"],"prefix":"10.1007","volume":"34","author":[{"given":"Gulshan","family":"Kumar","sequence":"first","affiliation":[]},{"given":"Krishan","family":"Kumar","sequence":"additional","affiliation":[]},{"given":"Monika","family":"Sachdeva","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,9,4]]},"reference":[{"key":"9179_CR1","unstructured":"Agarwal R, Joshi M (2000) PNrule: a new framework for learning classifier models in data mining. Technical Report TR 00-015"},{"key":"9179_CR2","unstructured":"Anderson D, Lunt T, Javitz H, Ann T, Valdes A (1995) Next generation intrusion detection expert system (NIDES). Technical report, SRI International USA"},{"key":"9179_CR3","unstructured":"Axelsson S (1999) Research in intrusion detection system\u2014a survey. CMU\/SEI Technical Report"},{"issue":"12","key":"9179_CR4","doi-asserted-by":"crossref","first-page":"1202","DOI":"10.1016\/S0140-3664(00)00364-9","volume":"24","author":"B Balajinath","year":"2001","unstructured":"Balajinath B, Raghavan SV (2001) Intrusion detection through learning behavior model. Comput Commun 24(12): 1202\u20131212","journal-title":"Comput Commun"},{"key":"9179_CR5","unstructured":"Beale J, Caswell B, Poor M (2004) Snort 2.1 intrusion detection, 2nd edn. Syngress Publishing, ISBN: 1931836043"},{"key":"9179_CR6","unstructured":"Bivens A, Chandrika P, Smith R, Szymanski B (2002) Network-based intrusion detection using neural networks. In: Proceeding of ANNIE 2002 conference, ASME Press, pp 10\u201313"},{"key":"9179_CR7","doi-asserted-by":"crossref","first-page":"698","DOI":"10.1109\/72.159059","volume":"3","author":"GA Carpenter","year":"1992","unstructured":"Carpenter GA, Grossberg S, Markuzon N, Reynolds JH, Rosen DB (1992) Fuzzy ARTMAP: a neural network architecture for incremental supervised learning of analog multidimensional maps. IEEE Trans Neural Netw 3: 698\u2013713","journal-title":"IEEE Trans Neural Netw"},{"issue":"4","key":"9179_CR8","doi-asserted-by":"crossref","first-page":"295","DOI":"10.1016\/j.cose.2004.09.008","volume":"24","author":"S Chebrolu","year":"2005","unstructured":"Chebrolu S, Abraham A, Thomas JP (2005) Feature deduction and ensemble design of intrusion detection systems. Int J Comput Secur 24(4): 295\u2013307","journal-title":"Int J Comput Secur"},{"key":"9179_CR9","unstructured":"Chen S Staniford, Cheung S, Crawford R, Dilger M, Frank J, Hoagland J, Levitt K, Wee C, Yip R, Zerkle D (1996) GrIDS\u2014a graph-based intrusion detection system for large networks. In: Proceedings of 19th national information systems security conference"},{"key":"9179_CR10","doi-asserted-by":"crossref","first-page":"2617","DOI":"10.1016\/j.cor.2004.03.019","volume":"32","author":"W-H Chen","year":"2005","unstructured":"Chen W-H, Hsu S-H, Shen H-P (2005) Application of SVM and ANN for intrusion detection. Comput Oper Res 32: 2617\u20132634","journal-title":"Comput Oper Res"},{"key":"9179_CR11","unstructured":"Chittur A (2001) Model generation for an intrusion detection system using genetic algorithms. High School Honors Thesis, Ossining High School. In cooperation with Columbia University"},{"key":"9179_CR12","unstructured":"CiscoSecure (2010) Cisco Secure IDS http:\/\/www.cisco.com\/warp\/public\/cc\/pd\/sqsw\/sqidsz\/index.shtml . Accessed 4 August 2010"},{"key":"9179_CR13","doi-asserted-by":"crossref","unstructured":"Cohen WW (1995) Fast effective rule induction. In: Proceedings of the 12th international conference on machine learning. Tahoe City, Morgan Kaufmann, CA, pp 115\u2013123","DOI":"10.1016\/B978-1-55860-377-6.50023-2"},{"key":"9179_CR14","unstructured":"Crosbie M, Dole B, Ellis T, Krsul I, Spafford E (1996) IDIOT\u2014users guide. Technical report TR-96-050. Purdue University, COAST Laboratory"},{"key":"9179_CR15","volume-title":"Active defense of a computer system using autonomous agents. Technical report CSD-TR- 95-008","author":"M Crosbie","year":"1995","unstructured":"Crosbie M, Spafford EH (1995) Active defense of a computer system using autonomous agents. Technical report CSD-TR- 95-008. Purdue University, West Lafayette"},{"key":"9179_CR16","unstructured":"Cunningham R, Lippmann R (2000a) Detecting computer attackers: recognizing patterns of malicious stealthy behavior. MIT Lincoln Laboratory\u2014presentation to CERIAS"},{"issue":"4","key":"9179_CR17","doi-asserted-by":"crossref","first-page":"597","DOI":"10.1016\/S1389-1286(00)00140-7","volume":"34","author":"R Cunningham","year":"2000","unstructured":"Cunningham R, Lippmann R (2000b) Improving intrusion detection performance using keyword selection and neural networks. Comput Netw 34(4): 597\u2013603","journal-title":"Comput Netw"},{"key":"9179_CR18","unstructured":"Dasgupta D, Gonzalez FA (2001) An intelligent decision support system for intrusion detection and response. In: Proceedings of international workshop on mathematical methods, models and architectures for computer networks security (MMM-ACNS), St. Petersburg. Springer"},{"key":"9179_CR19","unstructured":"Dickerson JE, Dickerson JA (2000) Fuzzy network profiling for intrusion detection. In: Proceedings of NAFIPS 19th international conference of the North American fuzzy information processing society, Atlanta"},{"key":"9179_CR20","unstructured":"Dowell C, Ramstedt P (1990) The computerwatch data reduction tool. In: Proceedings of the 13th national computer security conference, Washington, DC"},{"key":"9179_CR21","volume-title":"Pattern classification and scene analysis","author":"RO Duda","year":"1973","unstructured":"Duda RO, Hart PE (1973) Pattern classification and scene analysis. Wiley, New York"},{"key":"9179_CR22","volume-title":"The MINDS\u2014Minnesota intrusion detection system. Next generation data mining","author":"L Ertoz","year":"2004","unstructured":"Ertoz L, Eilertson E, Lazarevic A, Tan P, Srivastava J, Kumar V, Dokas P (2004) The MINDS\u2014Minnesota intrusion detection system. Next generation data mining. MIT Press, Cambridge"},{"key":"9179_CR23","unstructured":"Fortuna C, Fortuna B, Mohorcic M (2007) Anomaly detection in computer networks using linear SVMs. SiKDD 2007, Ljubljana, Slovenia"},{"key":"9179_CR24","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","volume":"28","author":"P Garcia-Teodoro","year":"2009","unstructured":"Garcia-Teodoro P, Diaz-Verdejo J, Macia-Fernandez G, Vazquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput Secur 28: 18\u201328","journal-title":"Comput Secur"},{"key":"9179_CR25","doi-asserted-by":"crossref","unstructured":"Gharibian F, Ghorbani AA (2007) Comparative study of supervised machine learning techniques for intrusion detection. In: Proceedings of fifth annual conference on communication networks and services research (CNSR\u201907), pp 350\u2013358","DOI":"10.1109\/CNSR.2007.22"},{"key":"9179_CR26","doi-asserted-by":"crossref","unstructured":"Ghosh AK, Wanken J, Charron F (1998) Detecting anomalous and unknown intrusions against programs. In: Proceedings of the 14th annual computer security applications conference, IEEE, pp 259\u2013267","DOI":"10.1109\/CSAC.1998.738646"},{"key":"9179_CR27","unstructured":"Goldberg L, Wagner D, Thomans R (1996) A secure environment for untrusted helper applications: confining the Wily Hacker. In: Sixth USENIX security symposium"},{"key":"9179_CR28","unstructured":"Gomez J, Dasgupta D (2001) Evolving fuzzy classifiers for intrusion detection. IEEE workshop on information assurance, United States Military Academy, NY"},{"key":"9179_CR29","unstructured":"Guvenir GD (1997) Classification by voting feature intervals. In: Proceedings of the European conference on machine learning, pp 85\u201392"},{"key":"9179_CR30","doi-asserted-by":"crossref","unstructured":"Habra J, Charlier le B, Mounji A, Mathieu I (1992) ASAX: software architecture and rule based language for universal audit trail analysis. In: Computer security, proceedings of ESORICS 92, 648 of LNCS, pp 435\u2013440","DOI":"10.1007\/BFb0013912"},{"key":"9179_CR31","unstructured":"Halme LR, Bauer RK (1995) AINT misbehaving: a taxonomy of anti-intrusion techniques. In: Proceedings of the 18th national information systems security conference. Baltimore, MD"},{"key":"9179_CR32","unstructured":"Han S-J, Cho S-B (2006) Evolutionary neural networks for anomaly detection based on the behaviour of a program. IEEE Trans Syst Man Cybern"},{"key":"9179_CR33","volume-title":"Clustering algorithms","author":"JA Hartigan","year":"1975","unstructured":"Hartigan JA (1975) Clustering algorithms. Wiley, New York"},{"key":"9179_CR34","unstructured":"Hay A, Cid D, Bray R (2008) OSSEC host-based intrusion detection guide. Syngress Publishing, ISBN:159749240X"},{"key":"9179_CR35","doi-asserted-by":"crossref","unstructured":"Heberlein LT, Dias GV, Levitt KN, Mukherjee B, Wood J, Wolber D (1990) A network security monitor. In: Symposium on research in security and privacy. Oakland, CA, pp 296\u2013304","DOI":"10.1109\/RISP.1990.63859"},{"key":"9179_CR36","unstructured":"Heckerman D (1995) A tutorial on learning with Bayesian networks. Microsoft research, technical report MSRTR-95-06"},{"issue":"3","key":"9179_CR37","doi-asserted-by":"crossref","first-page":"248","DOI":"10.1016\/0167-4048(93)90110-Q","volume":"12","author":"J Hochberg","year":"1993","unstructured":"Hochberg J, Jackson K, Stallings C, McClary J, DuBois D, Ford J (1993) NADIR: an automated system for detecting network intrusions and misuse. Comput Secur 12(3): 248\u2013253","journal-title":"Comput Secur"},{"key":"9179_CR38","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1023\/A:1022631118932","volume":"11","author":"R Holte","year":"1993","unstructured":"Holte R (1993) Very simple classification rules perform well on most commonly used datasets. Mach Learn 11: 63\u201391","journal-title":"Mach Learn"},{"key":"9179_CR39","doi-asserted-by":"crossref","unstructured":"Hwang TS, Lee T-J, Lee Y-J (2007) A three-tier IDS via data mining approach. Workshop on mining network data (MineNet)","DOI":"10.1145\/1269880.1269882"},{"key":"9179_CR40","unstructured":"Idris NB, Shanmugam B (2005) Artificial intelligence techniques applied to intrusion detection. In: IEEE Indicon 2005 conference, Chennai, India, pp 52\u201355"},{"issue":"3","key":"9179_CR41","doi-asserted-by":"crossref","first-page":"181","DOI":"10.1109\/32.372146","volume":"21","author":"K Ilgun","year":"1995","unstructured":"Ilgun K, Richard AK, Phillip AP (1995) State transition analysis: a rule-based intrusion detection. IEEE Trans Softw Eng 21(3): 181\u2013199","journal-title":"IEEE Trans Softw Eng"},{"key":"9179_CR42","unstructured":"Internet Security Systems (ISS) (2010) Real Secure http:\/\/www.iss.net . Accessed 4 August 2010"},{"key":"9179_CR43","unstructured":"Johansen K, Lee S (2003) CS424 network security: Bayesian Network Intrusion Detection (BINDS). http:\/\/citeseerx.ist.psu.edu\/viewdoc\/summary?doi=10.1.1.83.8479"},{"key":"9179_CR44","unstructured":"John GH, Langley P (1995) Estimating continuous distributions in Bayesian classifiers. In: Proceedings of the conference on uncertainty in artificial intelligence, pp 338\u2013345"},{"key":"9179_CR45","unstructured":"Kayacik G, Zincir-Heywood N, Heywood M (2003) On the capability of an SOM based intrusion detection system. In: Proceedings of the 2003 IEEE IJCNN, Portland, USA"},{"key":"9179_CR46","doi-asserted-by":"crossref","unstructured":"Khan L, Awad M, Thuraisingham B (2007) A new intrusion detection system using support vector machines and hierarchical clustering. VLDB J 16","DOI":"10.1007\/s00778-006-0002-5"},{"key":"9179_CR47","unstructured":"Kibler DA (1991) Instance-based learning algorithms. Mach Learn 37\u201366"},{"key":"9179_CR48","unstructured":"Kim GH, Spafford EH (1997) Tripwire: a case study in integrity monitoring in internet beseiged: countering cyberspace scofflaws. Addison-Wesley, pp 175\u2013210. ISBN 0-201-30820-7"},{"key":"9179_CR49","doi-asserted-by":"crossref","unstructured":"Kruegel C, Mutz D, Robertson W, Valeur F (2003) Bayesian event classification for intrusion detection. In: Proceedings of 19th annual computer security applications conference, IEEE, pp 14\u201323","DOI":"10.1109\/CSAC.2003.1254306"},{"issue":"1","key":"9179_CR50","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1145\/273244.273257","volume":"27","author":"CM Kuok","year":"1998","unstructured":"Kuok CM, Fu AW-C, Wong MH (1998) Mining fuzzy association rules in databases. SIGMOD Rec 27(1): 41\u201346","journal-title":"SIGMOD Rec"},{"key":"9179_CR51","volume-title":"Classifiers: adaptive modules in pattern recognition systems","author":"Y Lee","year":"1989","unstructured":"Lee Y (1989) Classifiers: adaptive modules in pattern recognition systems. MIT, Department of Electrical Engineering and Computer Science, Cambridge"},{"key":"9179_CR52","unstructured":"Leung K, Leckie C (2005) Unsupervised anomaly detection in network intrusion detection using clusters. In: Proceedings of twenty-eighth Australasian computer science conference (ACSC2005). Newcastle, Australia, pp 333\u2013342"},{"issue":"2","key":"9179_CR53","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1145\/846183.846201","volume":"1","author":"I Levin","year":"2000","unstructured":"Levin I (2000) KDD-99 classifier learning contest LLSoft\u2019s results overview. SIGKDD Explor 1(2): 67\u201375","journal-title":"SIGKDD Explor"},{"key":"9179_CR54","unstructured":"Li W (2004) Using genetic algorithm for network intrusion detection. C. S. G. Department of Energy, Ed, pp 1\u20138"},{"key":"9179_CR55","doi-asserted-by":"crossref","first-page":"439","DOI":"10.1016\/S0167-4048(02)00514-X","volume":"21","author":"Y Liao","year":"2002","unstructured":"Liao Y, Vemuri VR (2002) Use of K-nearest neighbor classifier for intrusion detection. Comput Secur 21: 439\u2013448","journal-title":"Comput Secur"},{"key":"9179_CR56","unstructured":"Lunt T, Tamaru A, Gilham F, Jagannathan R, Jalali C, Neumann PG, Javitz HS, Valdes A, Garvey TD (1992) A real time intrusion detection expert system (IDES)\u2014final report, SRI International, Menlo Park, CA"},{"key":"9179_CR57","unstructured":"Luo J (1999) Integrating fuzzy logic with data mining methods for intrusion detection. Masters thesis, Mississippi State University"},{"key":"9179_CR58","unstructured":"Mahoney MV, Chan PK (2001) PHAD: packet header anomaly detection for identifying hostile network traffic. Department of Computer Sciences, Florida Institute of Technology, Melbourne, FL, USA, Technical Report CS-2001-4"},{"key":"9179_CR59","doi-asserted-by":"crossref","unstructured":"Mahoney MV, Chan PK (2002a) Learning models of network traffic for detecting novel attacks. Computer Science Department, Florida Institute of Technology CS-2002-8","DOI":"10.1145\/775047.775102"},{"key":"9179_CR60","doi-asserted-by":"crossref","unstructured":"Mahoney MV, Chan PK (2002b) Learning non stationary models of normal network traffic for detecting novel attacks. In: Proceedings of eighth ACM SIGKDD international conference on knowledge discovery and data mining. Edmonton, Canada, pp 376\u2013385","DOI":"10.1145\/775047.775102"},{"key":"9179_CR61","unstructured":"Mannila H, Toivone H (1996) Discovering generalized episodes using minimal occurrences. In: Proceedings of the second international conference on knowledge discovery and data mining"},{"issue":"4","key":"9179_CR62","doi-asserted-by":"crossref","first-page":"1483","DOI":"10.1016\/j.csda.2008.10.015","volume":"53","author":"E Menahem","year":"2009","unstructured":"Menahem E, Shabtai A, Rokach L, Elovici Y (2009) Improving malware detection by applying multi-inducer ensemble. Comput Stat Data Anal 53(4): 1483\u20131494","journal-title":"Comput Stat Data Anal"},{"key":"9179_CR63","unstructured":"MIT Lincoln Laboratory (2001) 1999 DARPA intrusion detection evaluation design and procedure. DARPA technical report"},{"key":"9179_CR64","unstructured":"Mukkamala S, Sung AH (2003a) Artificial intelligent techniques for intrusion detection. IEEE Int Conf Syst Man Cybern"},{"key":"9179_CR65","unstructured":"Mukkamala S, Sung AH (2003b) A comparative study of techniques for intrusion detection. In: Proceedings of the 15th IEEE international conference on tools with artificial intelligence (ICTAI\u201903)"},{"key":"9179_CR66","doi-asserted-by":"crossref","first-page":"167","DOI":"10.1016\/j.jnca.2004.01.003","volume":"28","author":"S Mukkamala","year":"2005","unstructured":"Mukkamala S, Sung AH, Abraham A (2005) Intrusion detection using an ensemble of intelligent paradigms. J Netw Comput Appl 28: 167\u2013182","journal-title":"J Netw Comput Appl"},{"issue":"5","key":"9179_CR67","first-page":"1","volume":"5","author":"D Novikov","year":"2006","unstructured":"Novikov D, Yampolskiy RV, Reznik L (2006) Artificial intelligence approaches for intrusion detection. Systems, applications and technology conference, LISAT 2006. IEEE Long Island 5(5): 1\u20138","journal-title":"IEEE Long Island"},{"key":"9179_CR68","doi-asserted-by":"crossref","unstructured":"Panda M, Patra MR (2008) A comparative study of data mining algorithms for network intrusion detection. In: Proceedings of first international conference on emerging trends in engineering and technology, IEEE computer society","DOI":"10.1109\/ICETET.2008.80"},{"key":"9179_CR69","doi-asserted-by":"crossref","unstructured":"Patcha A, Park JM (2007) An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput Netw. doi: 10.1016\/j.comnet.2007.02.001","DOI":"10.1016\/j.comnet.2007.02.001"},{"key":"9179_CR70","doi-asserted-by":"crossref","first-page":"341","DOI":"10.1007\/BF01001956","volume":"11","author":"Z Pawlak","year":"1982","unstructured":"Pawlak Z (1982) Rough sets. Int J Comput Inf Sci 11: 341\u2013356","journal-title":"Int J Comput Inf Sci"},{"key":"9179_CR71","unstructured":"Paxson V (1998) Bro: a system for detecting network intruders in real-time. In: Proceedings of the 7th USENIX security symposium. San Antonio, TX"},{"key":"9179_CR72","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1016\/j.jnca.2005.06.003","volume":"30","author":"S Peddabachigari","year":"2007","unstructured":"Peddabachigari S, Abraham A, Grosan C, Thomas J (2007) Modeling intrusion detection system using hybrid intelligent systems. J Netw Comput Appl 30: 114\u2013132","journal-title":"J Netw Comput Appl"},{"key":"9179_CR73","unstructured":"Ponce (2004) Intrusion detection system with artificial intelligence. In: FIST conference\u2014edition-1\/28 Universidad Pontificia Comillas de Madrid"},{"key":"9179_CR74","unstructured":"Porras PA, Neumann PG (1997) EMERLAD. In: Proceedings of 20th national information systems security conference, USA, pp 353\u2013365"},{"key":"9179_CR75","unstructured":"Portnoy L, Eskin E, Stolfo SJ (2001) Intrusion detection with unlabeled data using clustering. In: Proceedings of the ACM workshop on data mining applied to security"},{"key":"9179_CR76","unstructured":"Quinlan JR (1993) C4.5 Programs for machine learning. Morgan Kaufmann San Mateo Ca"},{"key":"9179_CR77","unstructured":"Rawat Sanjay (2005) Efficient data mining algorithms for intrusion detection. Ph.D. thesis, University of Hyderabad, Hyderabad"},{"issue":"1\u20132","key":"9179_CR78","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10462-009-9124-7","volume":"33","author":"Lior Rokach","year":"2010","unstructured":"Rokach Lior (2010) Ensemble-based classifiers. Artif Intell Rev 33(1\u20132): 1\u201339","journal-title":"Artif Intell Rev"},{"key":"9179_CR79","unstructured":"Ryan J, Lin M-J, Risto M (1997) Intrusion detection with neural networks. Adv Neural Inf Process Syst MIT 943\u2013949"},{"key":"9179_CR80","unstructured":"Sabhnani M, Serpen G (2003) Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. EECS, University of Toledo"},{"key":"9179_CR81","unstructured":"Samhain labs (2010) The SAMHAIN file integrity\/intrusion detection system. http:\/\/la-samhna.de\/samhain\/ . Accessed 27 Aug 2010"},{"key":"9179_CR82","unstructured":"Sebring MM, Sellhouse E, Hanna ME, Whitehurst RA (1988) Expert system in intrusion detection: a case study. In: Proceedings of the 11th national computer security conference, Baltimore, MD, pp 74\u201381"},{"key":"9179_CR83","unstructured":"Smaha SE (1988) Haystack: an intrusion detection system. In: The fourth aerospace computer security applications conference, Orlando, FL"},{"issue":"4","key":"9179_CR84","doi-asserted-by":"crossref","first-page":"547","DOI":"10.1016\/S1389-1286(00)00136-5","volume":"34","author":"EH Spafford","year":"2000","unstructured":"Spafford EH, Zamboni D (2000) Intrusion detection using autonomous agents. Comput Netw 34(4): 547\u2013570","journal-title":"Comput Netw"},{"key":"9179_CR85","volume-title":"The common intrusion detection framework (CIDF)","author":"S Staniford-Chen","year":"1998","unstructured":"Staniford-Chen S, Tung B, Schnackenberg D (1998) The common intrusion detection framework (CIDF). Information survivability workshop, Orlando, FL"},{"key":"9179_CR86","doi-asserted-by":"crossref","unstructured":"Stein G, Chen B, Wu AS, Hua KA (2005) Decision tree classifier for network intrusion detection with GA-based feature selection. In: Proceedings of the 43rd annual southeast regional conference ACM vol 2, pp 136\u2013141","DOI":"10.1145\/1167253.1167288"},{"key":"9179_CR87","unstructured":"Stolfo S, Prodromidis AL, Chan PK (1997) JAM: Java agents for meta-learning over distributed databases. In: Proceedings of the third international conference on knowledge discovery and data mining"},{"key":"9179_CR88","unstructured":"Stoneburner G (2001) Underlying models for information technology security. NIST Special Publication 800-33"},{"key":"9179_CR89","doi-asserted-by":"crossref","unstructured":"Sung H, Mukkamala S (2003) Feature selection for intrusion detection using neural networks and support vector machines. In: 82nd annual meeting of the transportation research board of the national academies, Washington DC, USA","DOI":"10.3141\/1822-05"},{"issue":"10","key":"9179_CR90","doi-asserted-by":"crossref","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"C-F Tsai","year":"2009","unstructured":"Tsai C-F, Hsu Y-F, Lin C-Y, Lin W-Y (2009) Intrusion detection by machine learning: a review. Expert Syst Appl 36(10): 11994\u201312000","journal-title":"Expert Syst Appl"},{"key":"9179_CR91","unstructured":"Vaccaro HS, Liepins GE (1989) Detection of anomalous computer session activity. In: Proceedings of IEEE symposium on security and privacy, pp 280\u2013289"},{"key":"9179_CR92","volume-title":"Statistical learning theory","author":"V Vapnik","year":"1998","unstructured":"Vapnik V (1998) Statistical learning theory. Wiley, New York"},{"key":"9179_CR93","doi-asserted-by":"crossref","unstructured":"Wang F, Qian Y, Dai Y, Wang Z (2010) A model based on hybrid support vector machine and self-organizing map for anomaly detection. In: International conference on communications and mobile computing, cmc 2010, vol 1. Shenzhen, China, pp 97\u2013101","DOI":"10.1109\/CMC.2010.9"},{"key":"9179_CR94","unstructured":"Witten IH, Frank E (2005) Data mining-practical machine learning tools and techniques, 2nd ed. Morgan Kaufmann ISBN 0-12-088407-0"},{"key":"9179_CR95","unstructured":"Ypma A, Duin R (1998) Novelty detection using self-organizing maps. Progress in connectionist-based information systems, 2"},{"key":"9179_CR96","first-page":"217","volume":"4","author":"A Zainal","year":"2009","unstructured":"Zainal A, Maarof MA, Shamsuddin SM (2009) Ensemble classifiers for network intrusion detection system. J Inf Assur Secur 4: 217\u2013225","journal-title":"J Inf Assur Secur"}],"container-title":["Artificial Intelligence Review"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10462-010-9179-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10462-010-9179-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10462-010-9179-5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,3]],"date-time":"2019-06-03T12:03:00Z","timestamp":1559563380000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10462-010-9179-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,9,4]]},"references-count":96,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2010,12]]}},"alternative-id":["9179"],"URL":"https:\/\/doi.org\/10.1007\/s10462-010-9179-5","relation":{},"ISSN":["0269-2821","1573-7462"],"issn-type":[{"value":"0269-2821","type":"print"},{"value":"1573-7462","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,9,4]]}}}