{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,9,25]],"date-time":"2023-09-25T02:15:17Z","timestamp":1695608117901},"reference-count":65,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2010,8,4]],"date-time":"2010-08-04T00:00:00Z","timestamp":1280880000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Telecommun Syst"],"published-print":{"date-parts":[[2012,4]]},"DOI":"10.1007\/s11235-010-9384-1","type":"journal-article","created":{"date-parts":[[2010,8,3]],"date-time":"2010-08-03T18:14:52Z","timestamp":1280859292000},"page":"1-13","source":"Crossref","is-referenced-by-count":15,"title":["Large-scale IP network behavior anomaly detection and\u00a0identification using substructure-based approach and\u00a0multivariate time series mining"],"prefix":"10.1007","volume":"50","author":[{"given":"Weisong","family":"He","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guangmin","family":"Hu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yingjie","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2010,8,4]]},"reference":[{"key":"9384_CR1","volume-title":"Data mining: concepts and techniques","author":"J. Han","year":"2006","unstructured":"Han, J., & Kamber, M. (2006). Data mining: concepts and techniques. San Francisco: Morgan Kaufmann."},{"key":"9384_CR2","volume-title":"Elements of information theory","author":"T. M. Cover","year":"2006","unstructured":"Cover, T. M., & Thomas, J. A. (2006). Elements of information theory. New York: Wiley."},{"key":"9384_CR3","doi-asserted-by":"crossref","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"C. Shannon","year":"1948","unstructured":"Shannon, C. (1948). A mathematical theory of communication. Bell System Technical Journal, 27, 379\u2013423.","journal-title":"Bell System Technical Journal"},{"key":"9384_CR4","doi-asserted-by":"crossref","unstructured":"Kumar, V. (2005). Parallel and distributed computing for cybersecurity. IEEE Trans. Distrib. Syst. Online.","DOI":"10.1109\/MDSO.2005.53"},{"key":"9384_CR5","unstructured":"Anderson, D., Lunt, T., Javitz, H., Tamaru, A., & Valdes, A. (1995). Detecting unusual program behavior using the statistical components of NIDES (Tech. Rep. SRI-CSL-95-06). Computer Science Laboratory, SRI International."},{"key":"9384_CR6","unstructured":"Anderson, D., Frivold, T., Tamaru, A., & Valdes, A. (1994). Next-generation intrusion detection expert system, software users manual, beta-update release (Tech. Rep. SRI-CSL-95-07). Computer Science Laboratory, SRI International."},{"key":"9384_CR7","unstructured":"Anderson, D., Lunt, T., Javitz, H., Tamaru, A., & Valdes, A. (1995). Detecting unusual program behavior using the statistical components of NIDES (Tech. Rep. SRI-CSL-95-06). Computer Science Laboratory, SRI International."},{"issue":"3","key":"9384_CR8","doi-asserted-by":"crossref","first-page":"181","DOI":"10.1109\/32.372146","volume":"21","author":"K. Ilgun","year":"1995","unstructured":"Ilgun, K., Kemmerer, R. A., & Porras, P. A. (1995). State transition analysis: a rule-based intrusion detection approach. IEEE Transactions on Software Engineering, 21(3), 181\u2013199.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"9384_CR9","unstructured":"Porras, P. A., & Neumann, P. G. (1997). EMERALD: event monitoring enabling responses to anomalous live disturbances. In Proceedings of 20th NIST-NCSC national information systems security conference (pp. 353\u2013365)."},{"key":"9384_CR10","first-page":"389","volume-title":"Proceedings of the 7th ACM SIGKDD international conference on knowledge discovery and data mining","author":"K. Yamanishi","year":"2001","unstructured":"Yamanishi, K., & Takeuchi, J.-I. (2001). Discovering outlier filtering rules from unlabeled data: combining a supervised learner with an unsupervised learner. In Proceedings of the 7th ACM SIGKDD international conference on knowledge discovery and data mining (pp. 389\u2013394). New York: ACM."},{"key":"9384_CR11","doi-asserted-by":"crossref","first-page":"275","DOI":"10.1023\/B:DAMI.0000023676.72185.7c","volume":"8","author":"K. Yamanishi","year":"2004","unstructured":"Yamanishi, K., Takeuchi, J.-I., Williams, G., & Milne, P. (2004). On-line unsupervised outlier detection using finite mixtures with discounting learning algorithms. Data Mining and Knowledge Discovery, 8, 275\u2013300.","journal-title":"Data Mining and Knowledge Discovery"},{"key":"9384_CR12","first-page":"33","volume-title":"Proceedings of the 10th IFIP\/IEEE international workshop on distributed systems: operations and management","author":"L. L. Ho","year":"1999","unstructured":"Ho, L. L., Macey, C. J., & Hiller, R. (1999). A distributed and reliable platform for adaptive anomaly detection in ip networks. In Proceedings of the 10th IFIP\/IEEE international workshop on distributed systems: operations and management (pp. 33\u201346). London: Springer."},{"key":"9384_CR13","volume-title":"Proceedings of the 19th annual computer security applications conference","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Mutz, D., Robertson, W., & Valeur, F. (2003). Bayesian event classification for intrusion detection. In Proceedings of the 19th annual computer security applications conference (Vol. 14). Los Alamitios: IEEE Computer Society."},{"key":"9384_CR14","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1145\/508791.508835","volume-title":"Proceedings of the 2002 ACM symposium on applied computing","author":"C. Kruegel","year":"2002","unstructured":"Kruegel, C., Toth, T., & Kirda, E. (2002). Service specific anomaly detection for network intrusion detection. In Proceedings of the 2002 ACM symposium on applied computing (pp. 201\u2013208). New\u00a0York: ACM."},{"key":"9384_CR15","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1145\/948109.948144","volume-title":"Proceedings of the 10th ACM conference on computer\u00a0and\u00a0communications security","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., & Vigna, G. (2003). Anomaly detection of web-based attacks. In Proceedings of the 10th ACM conference on computer\u00a0and\u00a0communications security (pp. 251\u2013261). New York: ACM."},{"key":"9384_CR16","first-page":"376","volume-title":"Proceedings of the 8th ACM SIGKDD international conference on knowledge discovery and data mining","author":"M. V. Mahoney","year":"2002","unstructured":"Mahoney, M. V., & Chan, P. K. (2002). Learning nonstationary models of normal network traffic for detecting novel attacks. In Proceedings of the 8th ACM SIGKDD international conference on knowledge discovery and data mining (pp. 376\u2013385). New York: ACM."},{"key":"9384_CR17","doi-asserted-by":"crossref","first-page":"601","DOI":"10.1109\/ICDM.2003.1250987","volume-title":"Proceedings of the 3rd IEEE international conference on data mining","author":"M. V. Mahoney","year":"2003","unstructured":"Mahoney, M. V., & Chan, P. K. (2003). Learning rules for anomaly detection of hostile network traffic. In Proceedings of the 3rd IEEE international conference on data mining (p.\u00a0601). Los Alamitios: IEEE Computer Society."},{"key":"9384_CR18","unstructured":"Mahoney, M. V., Chan, P. K., & Arshad, M. H. (2003). A machine learning approach to anomaly detection (Tech. Rep. CS-2003-06). Department of Computer Science, Florida Institute of Technology Melbourne."},{"key":"9384_CR19","first-page":"62","volume-title":"Proceedings of the sixth international conference on network protocols","author":"C. Sargor","year":"1998","unstructured":"Sargor, C. (1998). Statistical anomaly detection for link-state routing protocols. In Proceedings of the sixth international conference on network protocols (p. 62). Washington: IEEE Computer Society."},{"key":"9384_CR20","first-page":"3","volume-title":"Proceedings of the fourth IEEE international conference on data mining","author":"R. Gwadera","year":"2004","unstructured":"Gwadera, R., Atallah, M. J., & Szpankowski, W. (2004). Detection of significant sets of episodes in event sequences. In Proceedings of the fourth IEEE international conference on data mining (pp.\u00a03\u201310). Washington: IEEE Computer Society."},{"key":"9384_CR21","doi-asserted-by":"crossref","unstructured":"Gwadera, R., Atallah, M. J., & Szpankowski, W. (2005). Markov models for identification of significant episodes. In Proceedings of 5th SIAM international conference on data mining.","DOI":"10.1137\/1.9781611972757.36"},{"issue":"4","key":"9384_CR22","doi-asserted-by":"crossref","first-page":"415","DOI":"10.1007\/s10115-004-0174-5","volume":"7","author":"R. Gwadera","year":"2005","unstructured":"Gwadera, R., Atallah, M. J., & Szpankowski, W. (2005). Reliable detection of episodes in event sequences. Knowledge and Information Systems, 7(4), 415\u2013437.","journal-title":"Knowledge and Information Systems"},{"key":"9384_CR23","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1002\/qre.392","volume":"17","author":"N. Ye","year":"2001","unstructured":"Ye, N., & Chen, Q. (2001). An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. Quality and Reliability Engineering International, 17, 105\u2013112.","journal-title":"Quality and Reliability Engineering International"},{"key":"9384_CR24","first-page":"40385","volume-title":"Proceedings of the 16th international conference on pattern recognition","author":"C. Chow","year":"2002","unstructured":"Chow, C., & Yeung, D.-Y. (2002). Parzen-window network intrusion detectors. In Proceedings of the 16th international conference on pattern recognition (p. 40385). Washington: IEEE Computer Society."},{"key":"9384_CR25","doi-asserted-by":"crossref","first-page":"439","DOI":"10.1145\/967900.967992","volume-title":"Proceedings of the 2004 ACM symposium on applied computing","author":"C. Siaterlis","year":"2004","unstructured":"Siaterlis, C., & Maglaris, B. (2004). Towards multisensor data fusion for dos detection. In Proceedings of the 2004 ACM symposium on applied computing (pp. 439\u2013446). New York: ACM."},{"key":"9384_CR26","unstructured":"Sebyala, A. A., Olukemi, T., & Sacks, L. (2002). Active platform security through intrusion detection using naive Bayesian network for anomaly detection. In Proceedings of the 2002 London communications symposium."},{"key":"9384_CR27","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1007\/3-540-39945-3_6","volume-title":"Proceedings of the 3rd international workshop on recent advances in intrusion detection","author":"A. Valdes","year":"2000","unstructured":"Valdes, A., & Skinner, K. (2000). Adaptive, model-based monitoring for cyber attack detection. In Proceedings of the 3rd international workshop on recent advances in intrusion detection (pp.\u00a080\u201392). Berlin: Springer."},{"key":"9384_CR28","unstructured":"Bronstein, A., Das, J., Duro, M., Friedrich, R., Kleyner, G., Mueller, M., Singhal, S., & Cohen, I. (2001). Bayesian networks for detecting anomalies in internet-based services. In International Symposium on Integrated Network Management."},{"key":"9384_CR29","unstructured":"Zhang, Z., Li, J., Manikopoulos, C., Jorgenson, J., & Ucles, J. (2001). Hide: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In Proceedings of IEEE workshop on information assurance and security (pp. 85\u201390) West Point."},{"key":"9384_CR30","unstructured":"Labib, K., & Vemuri, R. (2002). Nsom: a real-time network-based intrusion detection using self-organizing maps. Networks and Security."},{"key":"9384_CR31","first-page":"579","volume-title":"Proceedings of intelligent engineering systems through artificial neural networks","author":"R. Smith","year":"2002","unstructured":"Smith, R., Bivens, A., Embrechts, M., Palagiri, C., & Szymanski, B. (2002). Clustering approaches for anomaly based intrusion detection. In Proceedings of intelligent engineering systems through artificial neural networks (pp. 579\u2013584). New York: ASME."},{"key":"9384_CR32","doi-asserted-by":"crossref","first-page":"709","DOI":"10.1109\/ICDM.2002.1184035","volume-title":"Proceedings of the 2002 IEEE international conference on data mining","author":"G. Williams","year":"2002","unstructured":"Williams, G., Baxter, R., He, H., Hawkins, S., & Gu, L. (2002). A\u00a0comparative study of rnn for outlier detection in data mining. In\u00a0Proceedings of the 2002 IEEE international conference on data mining (p.\u00a0709). Washington: IEEE Computer Society."},{"key":"9384_CR33","doi-asserted-by":"crossref","unstructured":"Manikopoulos, C., & Papavassiliou, S. (2002). Network intrusion and fault detection: a statistical anomaly approach. IEEE Communication Magazine, 40.","DOI":"10.1109\/MCOM.2002.1039860"},{"key":"9384_CR34","doi-asserted-by":"crossref","unstructured":"Ramadas, M., Ostermann, S., & Tjaden, B. C. (2003). Detecting anomalous network tra\u00c0c with self-organizing maps. In Proceedings of recent advances in intrusion detection (pp. 36\u201354).","DOI":"10.1007\/978-3-540-45248-5_3"},{"key":"9384_CR35","first-page":"78","volume-title":"Proceedings of applications of data mining in computer security","author":"E. Eskin","year":"2002","unstructured":"Eskin, E., Arnold, A., Prerau, M., Portnoy, L., & Stolfo, S. (2002). A geometric framework for unsupervised anomaly detection. In Proceedings of applications of data mining in computer security (pp. 78\u2013100). Norwell: Kluwer Academics."},{"issue":"4","key":"9384_CR36","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1145\/604264.604268","volume":"30","author":"D. Barbara","year":"2001","unstructured":"Barbara, D., Couto, J., Jajodia, S., & Wu, N. (2001a). Adam: a\u00a0testbed for exploring the use of data mining in intrusion detection. SIGMOD Rec., 30(4), 15\u201324.","journal-title":"SIGMOD Rec."},{"key":"9384_CR37","doi-asserted-by":"crossref","unstructured":"Barbara, D., Couto, J., Jajodia, S., & Wu, N. (2001b). Detecting novel network intrusions using Bayes estimators. In Proceedings of the first SIAM international conference on data mining.","DOI":"10.1137\/1.9781611972719.28"},{"key":"9384_CR38","doi-asserted-by":"crossref","first-page":"421","DOI":"10.1145\/952532.952616","volume-title":"Proceedings of the 2003 ACM symposium on applied computing","author":"D. Barbara","year":"2003","unstructured":"Barbara, D., Li, Y., Couto, J., Lin, J.-L., & Jajodia, S. (2003). Bootstrapping a data mining intrusion detection system. In Proceedings of the 2003 ACM symposium on applied computing (pp.\u00a0421\u2013425). New York: ACM."},{"key":"9384_CR39","doi-asserted-by":"crossref","first-page":"123","DOI":"10.1109\/ICDM.2001.989509","volume-title":"Proceedings of the 2001 IEEE international conference on data mining","author":"W. Fan","year":"2001","unstructured":"Fan, W., Miller, M., Stolfo, S. J., Lee, W., & Chan, P. K. (2001). Using artificial anomalies to detect unknown and known network intrusions. In Proceedings of the 2001 IEEE international conference on data mining (pp. 123\u2013130). Los Alamitos: IEEE Computer Society."},{"key":"9384_CR40","doi-asserted-by":"crossref","unstructured":"Helmer, G., Wong, J., Honavar, V., & Miller, L. (1998). Intelligent agents for intrusion detection. In Proceedings of IEEE information technology conference (pp. 121\u2013124).","DOI":"10.1109\/IT.1998.713396"},{"key":"9384_CR41","volume-title":"Proceedings of the 3rd IEEE international symposium on network computing and applications","author":"M. Qin","year":"2004","unstructured":"Qin, M., & Hwang, K. (2004). Frequent episode rules for internet anomaly detection. In Proceedings of the 3rd IEEE international symposium on network computing and applications. Los Alamitos: IEEE Computer Society."},{"key":"9384_CR42","unstructured":"Salvador, S., & Chan, P. (2003). Learning states and rules for time-series anomaly detection (Tech. Rep. CS-2003-05). Department of Computer Science, Florida Institute of Technology Melbourne."},{"key":"9384_CR43","first-page":"723","volume-title":"Proceedings of the 9th ACM SIGKDD international conference on Knowledge discovery and data mining","author":"M. Otey","year":"2003","unstructured":"Otey, M., Parthasarathy, S., Ghoting, A., Li, G., Narravula, S., & Panda, D. (2003). Towards nic-based intrusion detection. In Proceedings of the 9th ACM SIGKDD international conference on Knowledge discovery and data mining (pp. 723\u2013728). New York: ACM."},{"key":"9384_CR44","volume-title":"Data mining\u2014next generation challenges and future directions","author":"L. Ertoz","year":"2004","unstructured":"Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P.-N., Kumar, V., Srivastava, J., & Dokas, P. (2004). MINDS\u2014Minnesota Intrusion Detection System. In Data mining\u2014next generation challenges and future directions. Cambridge: MIT Press."},{"key":"9384_CR45","first-page":"386","volume-title":"Proceedings of the 8th ACM SIGKDD international conference on knowledge discovery and data mining","author":"K. Sequeira","year":"2002","unstructured":"Sequeira, K., & Zaki, M. (2002). Admit: anomaly-based data mining for intrusions. In Proceedings of the 8th ACM SIGKDD international conference on knowledge discovery and data mining (pp.\u00a0386\u2013395). New York: ACM."},{"key":"9384_CR46","volume-title":"Proceedings of IEEE workshop on information assurance","author":"N. Wu","year":"2003","unstructured":"Wu, N., & Zhang, J. (2003). Factor analysis based anomaly detection. In Proceedings of IEEE workshop on information assurance. West Point: United States Military Academy."},{"key":"9384_CR47","volume-title":"Data warehousing and data mining techniques for computer security","author":"V. Chandola","year":"2006","unstructured":"Chandola, V., Eilertson, E., Ertoz, L., Simon, G., & Kumar, V. (2006). Data mining for cyber security. In A. Singhal (Ed.), Data warehousing and data mining techniques for computer security Berlin: Springer."},{"key":"9384_CR48","unstructured":"Shyu, M.-L., Chen, S.-C., Sarinnapakorn, K., & Chang, L. (2003). A novel anomaly detection scheme based on principal component classifier. In Proceedings of 3rd IEEE international conference on data mining (pp. 353\u2013365)."},{"key":"9384_CR49","doi-asserted-by":"crossref","unstructured":"Lakhina, A., Crovella, M., & Diot, C. (2005). Mining anomalies using traffic feature distributions. In Proceedings of the 2005 ACM SIGCOMM conference on applications, technologies, architectures, and protocols for computer communications, Aug. 2005.","DOI":"10.1145\/1080091.1080118"},{"key":"9384_CR50","doi-asserted-by":"crossref","unstructured":"Nychis, G., Sekar, V., Andersen, D. G., Kim, H., & Zhang, H. (2008). An empirical evaluation of entropy-based traffic anomaly detection. In Proceedings of the 8th ACM SIGCOMM conference on Internet measurement (pp. 151\u2013156).","DOI":"10.1145\/1452520.1452539"},{"issue":"8","key":"9384_CR51","doi-asserted-by":"crossref","first-page":"2191","DOI":"10.1109\/TSP.2003.814797","volume":"51","author":"M. Thottan","year":"2003","unstructured":"Thottan, M., & Ji, C. (2003). Anomaly detection in ip networks. IEEE Transactions on Signal Processing, 51(8), 2191\u20132204.","journal-title":"IEEE Transactions on Signal Processing"},{"issue":"2","key":"9384_CR52","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1145\/1117454.1117461","volume":"7","author":"J. Sun","year":"2005","unstructured":"Sun, J., Qu, H., Chakrabarti, D., & Faloutsos, C. (2005). Relevance search and anomaly detection in bipartite graphs. SIGKDD Explorations, 7(2), 48\u201355.","journal-title":"SIGKDD Explorations"},{"key":"9384_CR53","doi-asserted-by":"crossref","unstructured":"Noble, C. C., & Cook, D. J. (2003). Graph-based anomaly detection. In Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining, 2003 (pp.\u00a0631\u2013636).","DOI":"10.1145\/956750.956831"},{"key":"9384_CR54","first-page":"130","volume-title":"Proceedings of the IEEE symposium on\u00a0security and privacy","author":"W. Lee","year":"2001","unstructured":"Lee, W., & Xiang, D. (2001). Information-theoretic measures for\u00a0anomaly detection. In Proceedings of the IEEE symposium on\u00a0security and privacy (p.\u00a0130). Los Alamitos: IEEE Computer Society."},{"key":"9384_CR55","unstructured":"Lin, J., Keogh, E., Lonardi, S., & Chiu, B. (2003). Locally adaptive dimensionality reduction for indexing large time series databases. In Proceedings of the 8th ACM SIGMOD workshop on research issues in data mining and knowledge discovery."},{"key":"9384_CR56","doi-asserted-by":"crossref","unstructured":"Lin, J., Keogh, E., Lonardi, S., & Chiu, B. (2003). A symbolic representation of time series, with implications for streaming algorithms. In Proceedings of the 8th ACM SIGMOD workshop on research issues in data mining and knowledge discovery.","DOI":"10.1145\/882082.882086"},{"key":"9384_CR57","unstructured":"Lin, J., Keogh, E., Patel, P., & Lonardi, S. (2002). Finding motifs in time series. In Proceedings of the 2nd workshop on temporal data mining, at the 8th ACM SIGKDD international conference on knowledge discovery and data mining."},{"issue":"2","key":"9384_CR58","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1007\/s10618-007-0064-z","volume":"15","author":"J. Lin","year":"2007","unstructured":"Lin, J., Keogh, E., Wei, L., & Lonardi, S. (2007). Experiencing SAX: a novel symbolic representation of time series. Data Mining and Knowledge Discovery, 15(2), 107\u2013144.","journal-title":"Data Mining and Knowledge Discovery"},{"key":"9384_CR59","doi-asserted-by":"crossref","unstructured":"Keogh, E., Lin, J., & Fu, A. (2005). Hot sax: efficiently finding the most unusual time series subsequence. In Proc. of the 5th IEEE int\u2019l conf. on data mining (pp. 226\u2013233).","DOI":"10.1109\/ICDM.2005.79"},{"key":"9384_CR60","unstructured":"Staniford-Chen, S., Cheung, S., Crawford, R., Dilger, M., Frank, J., Hoagland, J., Levitt, K., Wee, C., Yip, R., & Zerkle, D. (1996). GrIDS\u2014A graph based intrusion detection system for large networks. In Proceedings of the 19th national information systems security conference."},{"key":"9384_CR61","doi-asserted-by":"crossref","unstructured":"Shetty, J., & Adibi, J. (2005). Discovering important nodes through graph entropy: the case of enron email database. In KDD, Proceedings of the 3rd international workshop on Link discovery (pp. 74\u201381).","DOI":"10.1145\/1134271.1134282"},{"issue":"2","key":"9384_CR62","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1145\/1117454.1117460","volume":"7","author":"M. Rattigan","year":"2005","unstructured":"Rattigan, M., & Jensen, D. (2005). The case for anomalous link discovery. ACM SIGKDD Exploration Newsletter, 7(2), 41\u201347.","journal-title":"ACM SIGKDD Exploration Newsletter"},{"key":"9384_CR63","unstructured":"Chakrabarti, D. (2004). AutoPart: parameter-free graph partitioning and outlier detection. In Knowledge Discovery in Databases: PKDD 2004 (pp. 112\u2013124). 8th European Conference on Principles and Practice of Knowledge Discovery in Databases."},{"key":"9384_CR64","unstructured":"Lin, S., & Chalupsky, H. (2003). Unsupervised Link Discovery in Multi-relational Data via Rarity Analysis. In Proceedings of the third IEEE ICDM international conference on data mining (pp. 171\u2013178)."},{"key":"9384_CR65","unstructured":"Netflow Data, Abilene http:\/\/abilene.internet2.edu ."}],"container-title":["Telecommunication Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11235-010-9384-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11235-010-9384-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11235-010-9384-1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T10:50:09Z","timestamp":1559386209000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11235-010-9384-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,8,4]]},"references-count":65,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2012,4]]}},"alternative-id":["9384"],"URL":"https:\/\/doi.org\/10.1007\/s11235-010-9384-1","relation":{},"ISSN":["1018-4864","1572-9451"],"issn-type":[{"value":"1018-4864","type":"print"},{"value":"1572-9451","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,8,4]]}}}