{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T22:50:34Z","timestamp":1773269434468,"version":"3.50.1"},"reference-count":52,"publisher":"Springer Science and Business Media LLC","issue":"S5","license":[{"start":{"date-parts":[[2017,9,5]],"date-time":"2017-09-05T00:00:00Z","timestamp":1504569600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2019,9]]},"DOI":"10.1007\/s10586-017-1109-8","type":"journal-article","created":{"date-parts":[[2017,9,5]],"date-time":"2017-09-05T02:32:46Z","timestamp":1504578766000},"page":"10549-10565","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":69,"title":["An enhanced J48 classification algorithm for the anomaly intrusion detection systems"],"prefix":"10.1007","volume":"22","author":[{"given":"Shadi","family":"Aljawarneh","sequence":"first","affiliation":[]},{"given":"Muneer Bani","family":"Yassein","sequence":"additional","affiliation":[]},{"given":"Mohammed","family":"Aljundi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,9,5]]},"reference":[{"key":"1109_CR1","doi-asserted-by":"publisher","first-page":"708","DOI":"10.1016\/j.procs.2015.08.220","volume":"60","author":"S Agrawal","year":"2015","unstructured":"Agrawal, S., Agrawal, J.: Survey on anomaly detection using data mining techniques. Procedia Comput. Sci. 60, 708\u2013713 (2015)","journal-title":"Procedia Comput. Sci."},{"key":"1109_CR2","unstructured":"Sheta, A.F., Alamleh, A.: A Professional Comparison of C4.5, MLP, SVM for Network Intrusion Detection Based Feature Selection Analysis (2015)"},{"key":"1109_CR3","doi-asserted-by":"crossref","unstructured":"Onik, A.R., Haq, N.F., Alam, L., Mamun, T.I.: An analytical comparison on filter feature extraction method in data mining using J48 classifier. Int. J. Comput. Appl. 124(13) (2015)","DOI":"10.5120\/ijca2015905706"},{"issue":"4","key":"1109_CR4","first-page":"589","volume":"22","author":"GR Kumar","year":"2016","unstructured":"Kumar, G.R., Nimmala, M., Narasimha, G.: An approach for intrusion detection using novel Gaussian based kernel function. J. Univers. Comput. Sci. 22(4), 589\u2013604 (2016)","journal-title":"J. Univers. Comput. Sci."},{"key":"1109_CR5","doi-asserted-by":"crossref","unstructured":"Witten, I.H., Frank, E., Hall, M.A., Pal, C.J.: Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann (2016)","DOI":"10.1016\/B978-0-12-804291-5.00010-6"},{"issue":"12","key":"1109_CR6","first-page":"258","volume":"7","author":"M Panda","year":"2007","unstructured":"Panda, M., Patra, M.R.: Network intrusion detection using Na\u00efve bayes. Int. J. Comput. Sci. Netw. Secur. 7(12), 258\u2013263 (2007)","journal-title":"Int. J. Comput. Sci. Netw. Secur."},{"key":"1109_CR7","doi-asserted-by":"publisher","first-page":"577","DOI":"10.1109\/TSMCB.2007.914695","volume":"38","author":"H Weiming","year":"2008","unstructured":"Weiming, H., Wei, H., Maybank, S.: AdaBoost-based algorithm for network intrusion detection. IEEE Trans. Syst. Man Cybern. B Cybern. 38, 577\u2013583 (2008)","journal-title":"IEEE Trans. Syst. Man Cybern. B Cybern."},{"key":"1109_CR8","unstructured":"Kosamkar, V.: Improved Intrusion detection system using C4.5 decision tree and support vector machine. Doctoral dissertation, Mumbai University (2013)"},{"key":"1109_CR9","doi-asserted-by":"publisher","unstructured":"Li, W., Yi, P., Wu, Y., Pan, L., Li, J.: A new intrusion detection system based on KNN classification algorithm in wireless sensor network. J. Electr. Comput. Eng. 1\u20137 (2014). doi: 10.1155\/2014\/240217","DOI":"10.1155\/2014\/240217"},{"key":"1109_CR10","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1016\/j.jnca.2015.11.016","volume":"60","author":"M Ahmed","year":"2016","unstructured":"Ahmed, M., Mahmood, A.N., Hu, J.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 60, 19\u201331 (2016)","journal-title":"J. Netw. Comput. Appl."},{"key":"1109_CR11","doi-asserted-by":"crossref","unstructured":"Pathan, A.S.K. (ed.).: The State of the Art in Intrusion Prevention and Detection. CRC Press (2014)","DOI":"10.1201\/b16390"},{"key":"1109_CR12","doi-asserted-by":"publisher","first-page":"484","DOI":"10.1016\/j.ins.2016.04.019","volume":"378","author":"RAR Ashfaq","year":"2017","unstructured":"Ashfaq, R.A.R., Wang, X.Z., Huang, J.Z., Abbas, H., He, Y.L.: Fuzziness based semi-supervised learning approach for intrusion detection system. Inf. Sci. 378, 484\u2013497 (2017)","journal-title":"Inf. Sci."},{"key":"1109_CR13","unstructured":"Breiman, L., Friedman, J., Stone C., Olshen, R.: Classification and Regression Trees. The Wadsworth and Brooks-Cole Statistics-Probability Series. Taylor and Francis (1984)"},{"key":"1109_CR14","unstructured":"Quinlan, J.R.: C4. 5: Programs for Machine Learning. Elsevier (2014)"},{"key":"1109_CR15","volume-title":"Data Mining: Concepts and Techniques","author":"J Han","year":"2012","unstructured":"Han, J., Kamber, M., Pei, J.: Data Mining: Concepts and Techniques, 3rd edn. Morgan Kaufmann Publishers Inc., San Francisco (2012)","edition":"3"},{"key":"1109_CR16","unstructured":"Ooi, S.Y., Leong, Y.M., Lim, M.F., Tiew, H.K., Pang, Y.H.: Network intrusion data analysis via consistency subset evaluator with ID3, C4.5 and bestfirst trees. IJCSNS 13(2), 7 (2013)"},{"key":"1109_CR17","doi-asserted-by":"crossref","unstructured":"Medhat, K., Ramadan, R.A., Talkhan, I.: Security in mission critical communication systems: approach for intrusion detection. In: Multimedia Services and Applications in Mission Critical Communication Systems, pp. 270\u2013291. IGI Global (2017)","DOI":"10.4018\/978-1-5225-2113-6.ch012"},{"key":"1109_CR18","doi-asserted-by":"crossref","unstructured":"Sahu, S., Mehtre, B.M.: Network intrusion detection system using J48 decision tree. In: 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2023\u20132026. IEEE (2015, August)","DOI":"10.1109\/ICACCI.2015.7275914"},{"key":"1109_CR19","doi-asserted-by":"crossref","unstructured":"Panda, M., Abraham, A., Patra, M.R.: A hybrid intelligent approach for network intrusion detection. Procedia Eng. 30, 1\u20139 (2012)","DOI":"10.1016\/j.proeng.2012.01.827"},{"key":"1109_CR20","doi-asserted-by":"publisher","first-page":"360","DOI":"10.1016\/j.asoc.2015.10.011","volume":"38","author":"A Aburomman","year":"2016","unstructured":"Aburomman, A., Reaz, M.: A novel SVM-kNNPSO ensemble method for intrusion detection system. Appl. Soft Comput. J. 38, 360\u2013372 (2016)","journal-title":"Appl. Soft Comput. J."},{"key":"1109_CR21","doi-asserted-by":"crossref","unstructured":"Goeschel, K.: Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis. SoutheastCon 2016, Norfolk, pp. 1\u20136 (2016)","DOI":"10.1109\/SECON.2016.7506774"},{"key":"1109_CR22","first-page":"1","volume":"19","author":"S Sharma","year":"2015","unstructured":"Sharma, S., Gupta, A., Agrawel, S.: A survey of intrusion detection system for denial of service attack in cloud. Int. J. Comput. Appl. 19, 1\u20134 (2015)","journal-title":"Int. J. Comput. Appl."},{"key":"1109_CR23","doi-asserted-by":"crossref","unstructured":"Al Kaabi, S., Al Kindi, N., Al Fazari, S., Trabelsi, Z.: Virtualization based ethical educational platform for hands-on lab activities on DoS attacks. 2016 IEEE Global Engineering Education Conference (EDUCON), pp. 273\u2013280 (2016)","DOI":"10.1109\/EDUCON.2016.7474565"},{"issue":"4","key":"1109_CR24","first-page":"89","volume":"6","author":"N Noureldien","year":"2016","unstructured":"Noureldien, N., Yousif, I.: Accuracy of machine learning algorithms in detecting DoS attacks types. Sci. Technol. 6(4), 89\u201392 (2016)","journal-title":"Sci. Technol."},{"key":"1109_CR25","doi-asserted-by":"crossref","unstructured":"AbdJalil, K., Mara, S.: Comparison of machine learning algorithms performance in detecting network intrusion. In: Proceedings of Networking and Information Technology (ICNIT), pp. 221\u2013226. Manila (2010)","DOI":"10.1109\/ICNIT.2010.5508526"},{"key":"1109_CR26","unstructured":"Jain, Y.K., Upendra: An efficient intrusion detection based on decision tree classifier using feature reduction. Int. J. Sci. Res. Publ. 2(1), January (2012)"},{"issue":"8","key":"1109_CR27","first-page":"122","volume":"16","author":"S Mazraeh","year":"2016","unstructured":"Mazraeh, S., Modhej, A., Neysi, S.H.N.: Intrusion detection in computer networks using combination of machine learning techniques. Int. J. Comput. Sci. Netw. Secur. (IJCSNS) 16(8), 122 (2016)","journal-title":"Int. J. Comput. Sci. Netw. Secur. (IJCSNS)"},{"key":"1109_CR28","doi-asserted-by":"crossref","unstructured":"Gaikwad, D.P., Thool, R.C.: Intrusion detection system using bagging ensemble method of machine learning. In: 2015 International Conference on Computing Communication Control and Automation (ICCUBEA), pp. 291\u2013295. IEEE (2015, February)","DOI":"10.1109\/ICCUBEA.2015.61"},{"key":"1109_CR29","doi-asserted-by":"crossref","unstructured":"Nema, A., Tiwari, B., Tiwari, V.: Improving accuracy for intrusion detection through layered approach using support vector machine with feature reduction. In: Proceedings of the ACM Symposium on Women in Research 2016, pp. 26\u201331. ACM (2016, March)","DOI":"10.1145\/2909067.2909100"},{"key":"1109_CR30","doi-asserted-by":"crossref","unstructured":"Modi, U., Jain, A.: An improved method to detect intrusion using machine learning algorithms. Inf. Eng. Int. J. 4.2, 17\u201329 (2016)","DOI":"10.5121\/ieij.2016.4203"},{"key":"1109_CR31","unstructured":"[Online]. Available: https:\/\/www.unb.ca\/research\/iscx\/dataset\/iscx-NSL-KDD-dataset.html [Accessed 26 April 2017]"},{"key":"1109_CR32","unstructured":"Chaudhari, R.R., Patil, S.P.: Intrusion Detection System: Classification, Techniques and Datasets to Implement (2017)"},{"key":"1109_CR33","doi-asserted-by":"crossref","unstructured":"Aljawarneh, S., Aldwairi, M., Yasin, M.B.: Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. J. Comput. Sci. (2017)","DOI":"10.1016\/j.jocs.2017.03.006"},{"key":"1109_CR34","doi-asserted-by":"crossref","unstructured":"Smith, T.C., Frank, E.: Introducing machine learning concepts with WEKA. Stat. Genom. Methods Protoc. 353\u2013378 (2016)","DOI":"10.1007\/978-1-4939-3578-9_17"},{"key":"1109_CR35","unstructured":"[Online]. Available Weka: http:\/\/www.cs.waikato.ac.nz\/ml\/index.html . [Accessed 26 April 2017]"},{"key":"1109_CR36","unstructured":"Alcala-Fdez, J., Garcia, S., Fernandez, A., Luengo, J., Gonzalez, S., Saez, J. A., Triguero, I., Moyano, J.M., Jesus, M.J., Sanchez, L., Herrera, F.: Comparison of KEEL versus open source Data Mining tools: Knime and Weka software (2016)"},{"key":"1109_CR37","unstructured":"Bouckaert, R.R., Frank, E., Hall, M.A., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: WEKA $$\\hat{{\\rm a}}\\hat{}$$ a ^ ^ \u2019 experiences with a java open-source project. J. Mach. Learn. Res. 11(Sep), 2533\u20132541 (2010)"},{"key":"1109_CR38","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1016\/j.procs.2015.03.174","volume":"45","author":"U Ravage","year":"2015","unstructured":"Ravage, U., Marathe, N., Padiya, P.: Feature selection based hybrid anomaly intrusion detection system using K means and RBF kernel function. Procedia Comput. Sci. 45, 428\u2013435 (2015)","journal-title":"Procedia Comput. Sci."},{"key":"1109_CR39","doi-asserted-by":"crossref","unstructured":"De la Hoz, E., De La Hoz, E., Ortiz, A., Ortega, J., Prieto, B.: PCA filtering and probabilistic SOM for network intrusion detection. Neurocomputing 164, 71\u201381 (2015)","DOI":"10.1016\/j.neucom.2014.09.083"},{"key":"1109_CR40","doi-asserted-by":"crossref","unstructured":"Najafabadi, M.M., Khoshgoftaar, T.M., Seliya, N.: Evaluating feature selection methods for network intrusion detection with kyoto data. Int. J. Reliab. Qual. Saf. Eng. 23(01), 1650001 (2016)","DOI":"10.1142\/S0218539316500017"},{"key":"1109_CR41","unstructured":"Xue, B., Zhang, M., Browne, W.N., Yao, X.: A survey on evolutionary computation approaches to feature selection. IEEE Trans. Evol. Comput. 20(4), 606\u2013626 (2016)"},{"key":"1109_CR42","doi-asserted-by":"crossref","unstructured":"Eid, H.F., Hassanien, A.E., Kim, T.H., Banerjee, S.: Linear correlation-based feature selection for network intrusion detection model. In: Advances in Security of Information and Communication Networks, pp. 240\u2013248. Springer, Berlin (2013)","DOI":"10.1007\/978-3-642-40597-6_21"},{"issue":"11","key":"1109_CR43","doi-asserted-by":"publisher","first-page":"e0166017","DOI":"10.1371\/journal.pone.0166017","volume":"11","author":"TA Alhaj","year":"2016","unstructured":"Alhaj, T.A., Siraj, M.M., Zainal, A., Elshoush, H.T., Elhaj, F.: Feature selection using information gain for improved structural-based alert correlation. PLoS ONE 11(11), e0166017 (2016)","journal-title":"PLoS ONE"},{"key":"1109_CR44","doi-asserted-by":"crossref","unstructured":"Bajaj, K., Arora, A.: Improving the intrusion detection using discriminative machine learning approach and improve the time complexity by data mining feature selection methods. Int. J. Comput. Appl. 76(1) (2013)","DOI":"10.5120\/13209-0587"},{"key":"1109_CR45","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1016\/j.asoc.2016.12.023","volume":"52","author":"D Oreski","year":"2017","unstructured":"Oreski, D., Oreski, S., Klicek, B.: Effects of dataset characteristics on the performance of feature selection techniques. Appl. Soft Comput. 52, 109\u2013119 (2017)","journal-title":"Appl. Soft Comput."},{"issue":"10","key":"1109_CR46","doi-asserted-by":"publisher","first-page":"937","DOI":"10.1001\/archpedi.1982.03970460067015","volume":"136","author":"GW Brown","year":"1982","unstructured":"Brown, G.W.: Standard deviation, standard error: which\u2019standard\u2019should we use? Am. J. Dis. Child. 136(10), 937\u2013941 (1982)","journal-title":"Am. J. Dis. Child."},{"key":"1109_CR47","unstructured":"[Online]. Available https:\/\/math.stackexchange.com\/questions\/651077\/is-standard-deviation-the-same-as-entropy . [Accessed 26 April 2017]"},{"key":"1109_CR48","unstructured":"[Online]. Available: https:\/\/netbeans.org\/ [Accessed 26 April 2016]"},{"key":"1109_CR49","unstructured":"[Online]. Available: https:\/\/www.tutorialspoint.com\/ant\/ant_creating_jar_files.htm [Accessed 26 April 2016]"},{"issue":"209","key":"1109_CR50","first-page":"U2R","volume":"2","author":"AK Shrivas","year":"2016","unstructured":"Shrivas, A.K., Mishra, P.K.: Intrusion detection system for classification of attacks with cross validation. Probe 2(209), U2R (2016)","journal-title":"Probe"},{"key":"1109_CR51","doi-asserted-by":"crossref","unstructured":"Elekar, K.S., Waghmare, M.M.: Comparison of tree base data mining algorithms for network intrusion detection. Int. J. Eng. Educ. Technol. 3(2) (2015)","DOI":"10.1109\/PERVASIVE.2015.7087051"},{"key":"1109_CR52","unstructured":"Chae, H.S., Jo, B.O., Choi, S.H., Park, T.K.: Feature selection for intrusion detection using NSL-KDD. Recent Adv. Comput. Sci. 184\u2013187 (2013)"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-017-1109-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10586-017-1109-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-017-1109-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,25]],"date-time":"2025-06-25T15:24:09Z","timestamp":1750865049000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10586-017-1109-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,9,5]]},"references-count":52,"journal-issue":{"issue":"S5","published-print":{"date-parts":[[2019,9]]}},"alternative-id":["1109"],"URL":"https:\/\/doi.org\/10.1007\/s10586-017-1109-8","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,9,5]]},"assertion":[{"value":"13 April 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 June 2017","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 August 2017","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 September 2017","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}