{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T13:37:16Z","timestamp":1762004236344},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2010,8,11]],"date-time":"2010-08-11T00:00:00Z","timestamp":1281484800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Inf Syst Front"],"published-print":{"date-parts":[[2013,3]]},"DOI":"10.1007\/s10796-010-9252-2","type":"journal-article","created":{"date-parts":[[2010,8,10]],"date-time":"2010-08-10T10:59:02Z","timestamp":1281437942000},"page":"35-53","source":"Crossref","is-referenced-by-count":25,"title":["Two-stage database intrusion detection by combining multiple evidence and belief update"],"prefix":"10.1007","volume":"15","author":[{"given":"Suvasini","family":"Panigrahi","sequence":"first","affiliation":[]},{"given":"Shamik","family":"Sural","sequence":"additional","affiliation":[]},{"given":"Arun K.","family":"Majumdar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,8,11]]},"reference":[{"key":"9252_CR1","doi-asserted-by":"crossref","first-page":"403","DOI":"10.1016\/S0022-2836(05)80360-2","volume":"215","author":"SF Altschul","year":"1990","unstructured":"Altschul, S. F., Gish, W., Miller, W., Myers, W., & Lipman, J. (1990). Basic local alignment search tool. Journal of Molecular Biology, 215, 403\u2013410.","journal-title":"Journal of Molecular Biology"},{"key":"9252_CR2","doi-asserted-by":"crossref","first-page":"186","DOI":"10.1145\/357830.357849","volume":"3","author":"S Axelsson","year":"2000","unstructured":"Axelsson, S. (2000). The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security (TISSEC), 3, 186\u2013205.","journal-title":"ACM Transactions on Information and System Security (TISSEC)"},{"key":"9252_CR3","unstructured":"Barbara, D., Goel, R., & Jajodia, S. (2002). Mining malicious data corruption with hidden markov models. In Proc. 16th annual IFIP WG 11.3 working conf. on data and application security (pp. 175\u2013189)."},{"key":"9252_CR4","doi-asserted-by":"crossref","unstructured":"Campos, F., & Cavalcante, S. (2003). An extended approach for Dempster\u2013Shafer theory. In Proc. IEEE int. conf. on information reuse and integration (pp. 338\u2013344).","DOI":"10.1109\/IRI.2003.1251435"},{"key":"9252_CR5","doi-asserted-by":"crossref","unstructured":"Chen, T. M., & Venkataramanan, V. (2005). Dempster\u2013Shafer theory for intrusion detection in ad hoc networks. In Proc. IEEE internet computing (pp. 35\u201341).","DOI":"10.1109\/MIC.2005.123"},{"key":"9252_CR6","unstructured":"Chung, C. Y., Gertz, M., & Levitt, K. (1999). DEMIDS: A misuse detection system for database systems. In Proc. integrity and internal control in information system (pp. 159\u2013178)."},{"key":"9252_CR7","doi-asserted-by":"crossref","unstructured":"Damiani, E., Vimercati, S. D. C., Jajodia, S., Paraboschi, S., & Samarati, P. (2003). Balancing confidentiality and efficiency in untrusted relational DBMSs. In Proc. 10th ACM conf. on computer and communications security (pp. 93\u2013102).","DOI":"10.1145\/948109.948124"},{"key":"9252_CR8","doi-asserted-by":"crossref","first-page":"861","DOI":"10.1016\/j.patrec.2005.10.010","volume":"27","author":"T Fawcett","year":"2006","unstructured":"Fawcett, T. (2006). An introduction to ROC analysis. Pattern Recognition Letters, 27, 861\u2013874.","journal-title":"Pattern Recognition Letters"},{"key":"9252_CR9","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1145\/240455.240464","volume":"39","author":"U Fayyad","year":"1996","unstructured":"Fayyad, U., Shapiro, G. P., & Smyth, P. (1996). The KDD process for extracting useful knowledge from volumes of data. Communications of the ACM, 39, 27\u201334.","journal-title":"Communications of the ACM"},{"issue":"7","key":"9252_CR10","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1016\/S1361-3723(04)00087-9","volume":"2004","author":"S Furnell","year":"2004","unstructured":"Furnell, S. (2004). Enemies within: The problem of insider attacks. Journal of Computer Fraud & Security, 2004(7), 6\u201311.","journal-title":"Journal of Computer Fraud & Security"},{"key":"9252_CR11","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1016\/j.inffus.2006.10.002","volume":"9","author":"G Giacinto","year":"2008","unstructured":"Giacinto, G., Perdisci, R., Rio, M. D., & Roli, F. (2008). Intrusion detection in computer networks by a modular ensemble of one-class classifiers. Information Fusion, 9, 69\u201382.","journal-title":"Information Fusion"},{"key":"9252_CR12","doi-asserted-by":"crossref","first-page":"46","DOI":"10.1145\/306549.306569","volume":"42","author":"T Goan","year":"1999","unstructured":"Goan, T. (1999). A cop on the beat: Collecting and appraising intrusion evidence. Communications of the ACM, 42, 46\u201352.","journal-title":"Communications of the ACM"},{"key":"9252_CR13","unstructured":"Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Richardson, R. (2009). 2005 CSI\/FBI computer crime and security survey. http:\/\/www.cpppe.umd.edu\/Bookstore\/Documents\/2005CSISurvey.pdf ."},{"key":"9252_CR14","doi-asserted-by":"crossref","unstructured":"Hoglund, A. J., Hatonen, K., & Sorvari, A. S. (2000). A computer host-based user anomaly detection system using the self-organizing map. In Proc. IEEE-INNS-ENNS int. joint conf. on neural networks (IJCNN) (Vol. 5, pp. 411\u2013416).","DOI":"10.1109\/IJCNN.2000.861504"},{"key":"9252_CR15","doi-asserted-by":"crossref","first-page":"577","DOI":"10.1109\/TSMCB.2007.914695","volume":"38","author":"W Hu","year":"2008","unstructured":"Hu, W., Hu, W., & Maybank, S. (2008). AdaBoost-based algorithm for network intrusion detection. IEEE Transactions on Systems, Man, and Cybernetics, Part B, 38, 577\u2013583.","journal-title":"IEEE Transactions on Systems, Man, and Cybernetics, Part B"},{"key":"9252_CR16","doi-asserted-by":"crossref","first-page":"269","DOI":"10.1007\/s10922-005-6264-1","volume":"13","author":"Y Hu","year":"2005","unstructured":"Hu, Y., & Panda, B. (2005). Design and analysis of techniques for detection of malicious activities in database systems. Journal of Network and Systems Management, 13, 269\u2013291.","journal-title":"Journal of Network and Systems Management"},{"key":"9252_CR17","doi-asserted-by":"crossref","unstructured":"Julisch, K., & Dacier, M. (2002). Mining intrusion detection alarms for actionable knowledge. In Proc. ACM SIGKDD conf. on knowledge discovery and data mining (pp. 366\u2013375).","DOI":"10.1145\/775047.775101"},{"key":"9252_CR18","doi-asserted-by":"crossref","first-page":"1063","DOI":"10.1007\/s00778-007-0051-4","volume":"17","author":"A Kamra","year":"2007","unstructured":"Kamra, A., Terzi, E., & Bertino, E. (2007). Detecting anomalous access patterns in relational databases. The VLDB Journal, 17, 1063\u20131077.","journal-title":"The VLDB Journal"},{"key":"9252_CR19","doi-asserted-by":"crossref","first-page":"237","DOI":"10.1007\/s007780050006","volume":"8","author":"EM Knorr","year":"2000","unstructured":"Knorr, E. M., Ng, R. T., & Tucakov, V. (2000). Distance-based outliers: Algorithms and applications. The VLDB Journal, 8, 237\u2013253.","journal-title":"The VLDB Journal"},{"key":"9252_CR20","doi-asserted-by":"crossref","unstructured":"Lee, S. Y., Low, W. L., & Wong, P. Y. (2002). Learning fingerprints for a database intrusion detection system. In Proc. 7th European symposium on research in computer security, 2502\/2002 (pp. 264\u2013280).","DOI":"10.1007\/3-540-45853-0_16"},{"key":"9252_CR21","unstructured":"Lee, V., Stankovic, J., & Son, S. (2000). Intrusion detection in realtime databases via time signatures. In Proc. 6th IEEE real-time technology and applications symposium (RTAS) (pp. 124\u2013133)."},{"key":"9252_CR22","doi-asserted-by":"crossref","first-page":"130","DOI":"10.1145\/228503.247241","volume":"39","author":"T Lunt","year":"1996","unstructured":"Lunt, T. (1996). Inside risks: Securing the information infrastructure. Communications of the ACM, 39, 130.","journal-title":"Communications of the ACM"},{"key":"9252_CR23","unstructured":"Murray, A. C. (2005). The threat from within, network computing. http:\/\/www.networkcomputing.com\/showArticle.jhtml?articleID=166400792 ."},{"key":"9252_CR24","doi-asserted-by":"crossref","unstructured":"Panigrahi, S., Kundu, A., Sural, S., & Majumdar, A. K. (2007). Use of Dempster\u2013Shafer theory and Bayesian inferencing for fraud detection in mobile communication networks. In Proc. Australasian conf. on information security and privacy (ACISP). Lecture notes in computer science (Vol. 4586\/2007, pp. 446\u2013460).","DOI":"10.1007\/978-3-540-73458-1_32"},{"key":"9252_CR25","doi-asserted-by":"crossref","unstructured":"Panigrahi, S., Sural, S., & Majumdar, A. K. (2009). Detection of intrusive activity in databases by combining multiple evidences and belief update. In IEEE symposium on computational intelligence in cyber security (CICS 2009) (pp. 83\u201390). Nashville, Tennessee, USA.","DOI":"10.1109\/CICYBS.2009.4925094"},{"key":"9252_CR26","unstructured":"Richardson, R. (2009). 2007 CSI computer crime and security survey. http:\/\/i.cmpnet.com\/v2.gocsi.com\/pdf\/CSISurvey2007.pdf ."},{"key":"9252_CR27","doi-asserted-by":"crossref","unstructured":"Sentz, K. (2002). Combination of evidence in Dempster\u2013Shafer theory. Sandia National Laboratories, US Department of Energy. http:\/\/www.sandia.gov\/epistemic\/Reports\/SAND2002-0835.pdf .","DOI":"10.2172\/800792"},{"key":"9252_CR28","doi-asserted-by":"crossref","DOI":"10.1515\/9780691214696","volume-title":"A mathematical theory of evidence","author":"G Shafer","year":"1976","unstructured":"Shafer, G. (1976). A mathematical theory of evidence. Princeton: Princeton University Press."},{"key":"9252_CR29","unstructured":"Srivastava, A., Sural, S., & Majumdar, A. K. (2006). Weighted intratransactional rule mining for database intrusion detection. In Proc. Pacific-Asia knowledge discovery and data mining (PAKDD). Lecture notes in artificial intelligence, 3918\/2006 (pp. 611\u2013620). Springer."},{"key":"9252_CR30","unstructured":"Transaction Processing Performance Council (2002). TPC Benchmark\u2122 W (web commerce), specification, version 1.8. http:\/\/www.tpc.org\/tpcw\/default.asp ."},{"key":"9252_CR31","doi-asserted-by":"crossref","first-page":"579","DOI":"10.1002\/for.844","volume":"21","author":"K Triantafyllopoulos","year":"2002","unstructured":"Triantafyllopoulos, K., & Pikoulas, J. (2002). Multivariate bayesian regression applied to the problem of network security. Journal of Forecasting, 21, 579\u2013594.","journal-title":"Journal of Forecasting"},{"key":"9252_CR32","doi-asserted-by":"crossref","unstructured":"Wang, Y., Yang, H., Wang, X., & Zhang, R. (2004). Distributed intrusion detection system based on data fusion method. In Proc. 5th world congress on intelligent control and automation (pp. 4331\u20134334).","DOI":"10.1109\/WCICA.2004.1342330"},{"key":"9252_CR33","doi-asserted-by":"crossref","unstructured":"Wenhui, S., & Tan, T. (2001). A novel intrusion detection system model for securing web-based database systems. In Proc. 25th annual int. computer software and applications conf. (COMPSAC) (pp. 249\u2013254).","DOI":"10.1109\/CMPSAC.2001.960624"},{"key":"9252_CR34","unstructured":"Yi, Z., Khing, H. Y., Seng, C. C., & Wei, Z. X. (2000). Multi-ultrasonic sensor fusion for mobile robots. In Proc. IEEE intelligent vehicles symposium (pp. 387\u2013391)."},{"key":"9252_CR35","doi-asserted-by":"crossref","unstructured":"Zhong, Y., & Qin, X. (2004). Database intrusion detection based on user query frequent itemsets mining with item constraints. In Proc. 3rd int. conf. on information security (pp. 224\u2013225).","DOI":"10.1145\/1046290.1046340"}],"container-title":["Information Systems Frontiers"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-010-9252-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10796-010-9252-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-010-9252-2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,4]],"date-time":"2021-11-04T09:39:26Z","timestamp":1636018766000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10796-010-9252-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,8,11]]},"references-count":35,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2013,3]]}},"alternative-id":["9252"],"URL":"https:\/\/doi.org\/10.1007\/s10796-010-9252-2","relation":{},"ISSN":["1387-3326","1572-9419"],"issn-type":[{"value":"1387-3326","type":"print"},{"value":"1572-9419","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,8,11]]}}}