{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,1,24]],"date-time":"2024-01-24T01:08:02Z","timestamp":1706058482842},"reference-count":25,"publisher":"Springer Science and Business Media LLC","issue":"2-3","license":[{"start":{"date-parts":[[2005,2,1]],"date-time":"2005-02-01T00:00:00Z","timestamp":1107216000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Mach Learn"],"published-print":{"date-parts":[[2005,2]]},"DOI":"10.1007\/s10994-005-5827-4","type":"journal-article","created":{"date-parts":[[2005,3,8]],"date-time":"2005-03-08T13:58:44Z","timestamp":1110290324000},"page":"217-230","source":"Crossref","is-referenced-by-count":13,"title":["Principle Components and Importance Ranking of Distributed Anomalies"],"prefix":"10.1007","volume":"58","author":[{"given":"Kyrre","family":"Begnum","sequence":"first","affiliation":[]},{"given":"Mark","family":"Burgess","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"CR1","volume-title":"Graph theory","author":"V. Balakrishnan","year":"1997","unstructured":"Balakrishnan, V. (1997). Graph theory. New York: Schaum?s Outline Series, McGraw-Hill."},{"key":"CR2","volume-title":"Proceedings of the 2003 ACM Symposium on Applied Computing","author":"D. Barbar\u00e1","year":"2003","unstructured":"Barbar\u00e1, D., Li, Y., Couto, J., Lin, J.-L., & Jajodia, S. (2003). Bootstrapping a data mining intrusion detection system. In Proceedings of the 2003 ACM Symposium on Applied Computing. New York, NY: ACM Press."},{"key":"CR3","doi-asserted-by":"crossref","first-page":"1170","DOI":"10.1086\/228631","volume":"92","author":"P. Bonacich","year":"1987","unstructured":"Bonacich, P. (1987). Power and centrality: A family of measures. American Journal of Sociology, 92, 1170?1182.","journal-title":"American Journal of Sociology"},{"key":"CR4","unstructured":"Burgess, M. (1993). Cfengine WWW site. http:\/\/www.iu.hio.no\/cfengine"},{"key":"CR5","first-page":"309","volume-title":"A site configuration engine. Computing Systems, Vol. 8","author":"M. Burgess","year":"1995","unstructured":"Burgess, M. (1995). A site configuration engine. Cambridge MA: Computing Systems, MIT Press, Vol. 8, p. 309."},{"key":"CR6","first-page":"283","volume-title":"Proceedings of the Twelth Systems Administration Conference (LISA XII)","author":"M. Burgess","year":"1998","unstructured":"Burgess, M. (1998). Computer immunology. In Proceedings of the Twelth Systems Administration Conference (LISA XII). USENIX Association: Berkeley, CA, p. 283."},{"key":"CR7","doi-asserted-by":"crossref","unstructured":"Burgess, M. (2002). Two dimensional time-series for anomaly detection and regulation in adaptive systems. IFIP\/IEEE 13th International Workshop on Distributed Systems: Operations and Management (DSOM 2002) (p. 169).","DOI":"10.1007\/3-540-36110-3_17"},{"key":"CR8","doi-asserted-by":"crossref","DOI":"10.1002\/047086107X","volume-title":"Analytical network and system administration?Managing human-computer systems","author":"M. Burgess","year":"2004","unstructured":"Burgess, M. (2004). Analytical network and system administration?Managing human-computer systems. Chichester: J. Wiley & Sons."},{"key":"CR9","unstructured":"Burgess, M. (resubmitted). Probabilistic anomaly detection in distributed computer networks. Science of Computer Programming."},{"key":"CR10","doi-asserted-by":"crossref","unstructured":"Burgess, M. & Canright, G. (2003). Scalability of peer configuration management in partially reliable and ad hoc networks. In Proceedings of the VIII IFIP\/IEEE IM Conference on Network Management (p. 293).","DOI":"10.1109\/INM.2003.1194187"},{"key":"CR11","doi-asserted-by":"crossref","first-page":"125","DOI":"10.1145\/507052.507054","volume":"20","author":"M. Burgess","year":"2001","unstructured":"Burgess, M., Haugerud, H., Reitan, T., & Straumsnes, S. (2001). Measuring host normality. ACM Transactions on Computing Systems. 20, 125?160.","journal-title":"ACM Transactions on Computing Systems"},{"key":"CR12","unstructured":"Canright, G., Eng?-Monsen, K., & Weltzien, \u00e5. (2003). Multiplex structure of the communications network in a small working group.Social Networks?An International Journal of Structural Analysis (submitted for publication)."},{"key":"CR13","volume-title":"Pattern Classification","author":"R. Duda","year":"2001","unstructured":"Duda, R., Hart, P., & Stork, D. (2001). Pattern Classification. New York: Wiley Interscience."},{"key":"CR14","doi-asserted-by":"crossref","DOI":"10.1093\/oso\/9780198572237.001.0001","volume-title":"Probability and random processes","author":"G. Grimmett","year":"2001","unstructured":"Grimmett, G. & Stirzaker, D. (2001). Probability and random processes, 3rd edition. Oxford: Oxford Scientific Publications.","edition":"3"},{"key":"CR15","doi-asserted-by":"crossref","unstructured":"Han, S.-H., Kim, M.-S., Ju, H.-T., & Hong, J.-K. (2002). The architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks. In IFIP\/IEEE 13th International Workshop on Distributed Systems: Operations and Management (DSOM 2002) (p. 16).","DOI":"10.1007\/3-540-36110-3_5"},{"key":"CR16","doi-asserted-by":"crossref","first-page":"604","DOI":"10.1145\/324133.324140","volume":"46","author":"J. Kleinberg","year":"1999","unstructured":"Kleinberg, J. (1999). Authoritative sources in a hyperlinked environment. Journal of the ACM, 46, 604.","journal-title":"Journal of the ACM"},{"key":"CR17","unstructured":"Page, L., Brin, S., Motwani, R., & Winograd, T. (1998). The PageRank citation Ranking: Bringing order to the Web. Technical report, Stanford Digital Library Technologies Project."},{"key":"CR18","unstructured":"Ranum, M. J., Landfield, K., Stolarchuk, M., Sienkiewicz, M., Lambeth, A., & Wall, E. (1997). Implementing a generalized tool for network monitoring. In Proceedings of the Eleventh Systems Administration Conference (LISA XI) (p. 1). Berkeley, CA: USENIX Association."},{"key":"CR19","unstructured":"Snort, Intrusion detection system. http:\/\/www.snort.org"},{"key":"CR20","unstructured":"Somayaji, A., & Forrest, S. (2000). Automated reponse using system-call delays. In Proceedings of the 9th USENIX Security Symposium (p. 185)."},{"key":"CR21","doi-asserted-by":"crossref","unstructured":"Somayaji, A., Hofmeyr, S., & Forrest, S. (1997). Principles of a computer immune system. New Security Paradigms Workshop, ACM (pp. 75?82).","DOI":"10.1145\/283699.283742"},{"key":"CR22","doi-asserted-by":"crossref","unstructured":"Steinder, M. & Sethi, A. (2002). Distributed fault localization in hierarchically routed networks. In IFIP\/IEEE 13th International Workshop on Distributed Systems: Operations and Management (DSOM 2002) (p. 195).","DOI":"10.1007\/3-540-36110-3_19"},{"key":"CR23","unstructured":"Steinder, M. & Sethi, A. (2003). A survey of fault localization techniques in computer networks. Science of Computer Programming (to appear)."},{"key":"CR24","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1145\/604264.604267","volume":"30","author":"S. J. Stolfo","year":"2001","unstructured":"Stolfo, S. J., Lee, W., Chan, P. K., Fan, W., & Eskin, E. (2001). Data mining-based intrusion detectors: An overview of the columbia IDS project. ACM SIGMOD, 30:4.","journal-title":"ACM SIGMOD"},{"key":"CR25","doi-asserted-by":"crossref","unstructured":"Zanero, S., & Savaresi, S. M. Unsupervised learning techniques for an intrusion detection system. In Proceedings of the 2004 ACM Symposium on Applied Computing.","DOI":"10.1145\/967900.967988"}],"container-title":["Machine Learning"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10994-005-5827-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10994-005-5827-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10994-005-5827-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,24]],"date-time":"2024-01-24T00:03:53Z","timestamp":1706054633000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10994-005-5827-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,2]]},"references-count":25,"journal-issue":{"issue":"2-3","published-print":{"date-parts":[[2005,2]]}},"alternative-id":["5827"],"URL":"https:\/\/doi.org\/10.1007\/s10994-005-5827-4","relation":{},"ISSN":["0885-6125","1573-0565"],"issn-type":[{"value":"0885-6125","type":"print"},{"value":"1573-0565","type":"electronic"}],"subject":[],"published":{"date-parts":[[2005,2]]}}}