{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T05:34:03Z","timestamp":1740116043550,"version":"3.37.3"},"reference-count":21,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2010,5,13]],"date-time":"2010-05-13T00:00:00Z","timestamp":1273708800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Comput Virol"],"published-print":{"date-parts":[[2011,5]]},"DOI":"10.1007\/s11416-010-0143-3","type":"journal-article","created":{"date-parts":[[2010,5,11]],"date-time":"2010-05-11T23:33:37Z","timestamp":1273620817000},"page":"133-142","source":"Crossref","is-referenced-by-count":9,"title":["An N-Gram and STF-IDF model for masquerade detection in a UNIX environment"],"prefix":"10.1007","volume":"7","author":[{"given":"Dai","family":"Geng","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thmohiro","family":"Odaka","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jousuke","family":"Kuroiwa","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hisakazu","family":"Ogura","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2010,5,13]]},"reference":[{"key":"143_CR1","unstructured":"DTI. Information security breaches survey 2006. Technical report, DTI (Department of Trade and Industry, Britain) (2006)"},{"key":"143_CR2","unstructured":"Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: CSI\/FBI Computer crime and security survey 2006. Computer Security Institute publications (2006)"},{"key":"143_CR3","unstructured":"Yampolskiy, R.V.: Human computer interaction based intrusion detection. In: Fourth International Conference on Information Technology, 2007, ITNG\u201907, pp. 837\u2013842 (2007)"},{"key":"143_CR4","unstructured":"Axelsson, S.: Intrusion detection systems: a survey and taxonomy. Department of Computer Engineering, Chalmers University, Tech. Rep. 1:99\u201315 (2000)"},{"key":"143_CR5","doi-asserted-by":"crossref","unstructured":"Murali, A., Rao, M.: A survey on intrusion detection approaches. In: First International Conference on Information and Communication Technologies, ICICT 2005, pp. 233\u2013240 (2005)","DOI":"10.1109\/ICICT.2005.1598592"},{"key":"143_CR6","doi-asserted-by":"crossref","first-page":"58","DOI":"10.1214\/ss\/998929476","volume":"16","author":"M. Schonlau","year":"2001","unstructured":"Schonlau M., DuMouchel W., Ju W.H., Karr A.F., Theus M., Vardi Y.: Computer intrusion: detecting masquerades. Stat. Sci. 16, 58\u201374 (2001)","journal-title":"Stat. Sci."},{"key":"143_CR7","first-page":"265","volume":"4","author":"S.H.S. Huang","year":"2009","unstructured":"Huang S.H.S., Wu H.C.: Analysis of user command behavior and masquerade detection. J. Inf. Assur. Secur. 4, 265\u2013273 (2009)","journal-title":"J. Inf. Assur. Secur."},{"issue":"1","key":"143_CR8","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1016\/j.jnca.2005.08.005","volume":"30","author":"Y. Liao","year":"2007","unstructured":"Liao Y., Vemuri V.R., Pasos A.: Adaptive anomaly detection with evolving connectionist systems. J. Netw. Comput. Appl. 30(1), 60\u201380 (2007)","journal-title":"J. Netw. Comput. Appl."},{"issue":"1","key":"143_CR9","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1016\/j.jnca.2008.04.006","volume":"32","author":"X. Guan","year":"2009","unstructured":"Guan X., Wang W., Zhang X.: Fast intrusion detection based on a non-negative matrix factorization model. J. Netw. Comput. Appl. 32(1), 31\u201344 (2009)","journal-title":"J. Netw. Comput. Appl."},{"issue":"333","key":"143_CR10","first-page":"45","volume":"88","author":"S. Greenberg","year":"1988","unstructured":"Greenberg S.: Using unix: collected traces of 168 users. Department of Computer Science, University of Calgary. Technical Report 88(333), 45 (1988)","journal-title":"Technical Report"},{"issue":"1","key":"143_CR11","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/505282.505283","volume":"34","author":"F. Sebastiani","year":"2002","unstructured":"Sebastiani F.: Machine learning in automated text categorization. ACM Comput. Surv. (CSUR) 34(1), 1\u201347 (2002)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"1","key":"143_CR12","doi-asserted-by":"crossref","first-page":"124","DOI":"10.1109\/TR.2004.824828","volume":"53","author":"R.A. Maxion","year":"2004","unstructured":"Maxion R.A., Townsend T.N.: Masquerade detection augmented with error analysis. IEEE Trans. Reliab. 53(1), 124\u2013147 (2004)","journal-title":"IEEE Trans. Reliab."},{"issue":"2","key":"143_CR13","doi-asserted-by":"crossref","first-page":"160","DOI":"10.1016\/j.cose.2004.08.007","volume":"24","author":"H.S. Kim","year":"2005","unstructured":"Kim H.S., Cha S.D.: Empirical evaluation of SVM-based masquerade detection using UNIX commands. Comput. Secur. 24(2), 160\u2013168 (2005)","journal-title":"Comput. Secur."},{"key":"143_CR14","doi-asserted-by":"crossref","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.: Detecting intrusions using system calls: alternative data models. In: IEEE Symposium on Security and Privacy, pp. 133\u2013145. IEEE Computer Society, USA (1999)","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"143_CR15","doi-asserted-by":"crossref","unstructured":"Oka, M., Oyama, Y., Abe, H., Kato, K.: Anomaly detection using layered networks based on eigen co-occurrence matrix. Lecture Notes in Computer Science, pp. 223\u2013237 (2004)","DOI":"10.1007\/978-3-540-30143-1_12"},{"issue":"4","key":"143_CR16","doi-asserted-by":"crossref","first-page":"311","DOI":"10.1016\/j.cose.2006.11.008","volume":"26","author":"Z. Jian","year":"2007","unstructured":"Jian Z., Shirai H., Takahashi I., Kuroiwa J., Odaka T., Ogura H.: Masquerade detection by boosting decision stumps using UNIX commands. Comput. Secur. 26(4), 311\u2013318 (2007)","journal-title":"Comput. Secur."},{"key":"143_CR17","doi-asserted-by":"crossref","unstructured":"Latendresse, M., Navy, U.S.: Masquerade detection via customized grammars. In: Second International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. LNCS, vol. 3548, pp. 141\u2013159. Springer, Berlin (2005)","DOI":"10.1007\/11506881_9"},{"key":"143_CR18","unstructured":"Cavnar, W.B., Trenkle, J.M.: N-gram-based text categorization. In: Proceedings of SDAIR-94, 3rd annual symposium on document analysis and information retrieval, pp. 161\u2013175 (1994)"},{"key":"143_CR19","doi-asserted-by":"crossref","first-page":"493","DOI":"10.1108\/00220410410560573","volume":"60","author":"K.S. Jones","year":"2004","unstructured":"Jones K.S. et\u00a0al.: A statistical interpretation of term specificity and its application in retrieval. J. Documentation 60, 493\u2013502 (2004)","journal-title":"J. Documentation"},{"issue":"5","key":"143_CR20","doi-asserted-by":"crossref","first-page":"513","DOI":"10.1016\/0306-4573(88)90021-0","volume":"24","author":"G. Salton","year":"1988","unstructured":"Salton G., Buckley C.: Term-weighting approaches in automatic text retrieval* 1. Inf. Processing Manage. 24(5), 513\u2013523 (1988)","journal-title":"Inf. Processing Manage."},{"key":"143_CR21","doi-asserted-by":"crossref","unstructured":"Debole, F., Sebastiani, F.: Supervised term weighting for automated text categorization. In: Proceedings of the 2003 ACM symposium on Applied computing, pp. 784\u2013788. ACM, New York (2003)","DOI":"10.1145\/952532.952688"}],"container-title":["Journal in Computer Virology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-010-0143-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-010-0143-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-010-0143-3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,20]],"date-time":"2025-02-20T20:28:26Z","timestamp":1740083306000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-010-0143-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,5,13]]},"references-count":21,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2011,5]]}},"alternative-id":["143"],"URL":"https:\/\/doi.org\/10.1007\/s11416-010-0143-3","relation":{},"ISSN":["1772-9890","1772-9904"],"issn-type":[{"type":"print","value":"1772-9890"},{"type":"electronic","value":"1772-9904"}],"subject":[],"published":{"date-parts":[[2010,5,13]]}}}