{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T21:35:38Z","timestamp":1781213738278,"version":"3.54.1"},"reference-count":52,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,2,24]],"date-time":"2020-02-24T00:00:00Z","timestamp":1582502400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,2,24]],"date-time":"2020-02-24T00:00:00Z","timestamp":1582502400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2020,3]]},"DOI":"10.1007\/s11416-020-00349-9","type":"journal-article","created":{"date-parts":[[2020,2,24]],"date-time":"2020-02-24T17:08:26Z","timestamp":1582564106000},"page":"93-101","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Analytical modelling of cyber-physical systems: applying kinetic gas theory to anomaly detection in networks"],"prefix":"10.1007","volume":"16","author":[{"given":"Paul","family":"Tavolato","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0179-8785","authenticated-orcid":false,"given":"Hubert","family":"Sch\u00f6lnast","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Christina","family":"Tavolato-W\u00f6tzl","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2020,2,24]]},"reference":[{"key":"349_CR1","doi-asserted-by":"publisher","first-page":"785","DOI":"10.1007\/978-3-319-27137-8_57","volume-title":"Algorithms and Architectures for Parallel Processing","author":"Sridhar Adepu","year":"2015","unstructured":"Adepu, S., Mathur, A., Gunda, J., Djokic, S.: An agent-based framework for simulating and analysing attacks on cyber physical systems. In: International Conference on Algorithms and Architectures for Parallel Processing, Springer, Cham, pp. 785\u2013798 (2015)"},{"key":"349_CR2","doi-asserted-by":"crossref","unstructured":"Lee, E.A.: Cyber physical systems: design challenges. In: 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), IEEE, pp. 363\u2013369 (2008)","DOI":"10.1109\/ISORC.2008.25"},{"key":"349_CR3","doi-asserted-by":"crossref","unstructured":"Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., Hahn, A.: Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, Rev 2 (2015)","DOI":"10.6028\/NIST.SP.800-82r2"},{"issue":"1","key":"349_CR4","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1109\/JPROC.2011.2165269","volume":"100","author":"S Sridhar","year":"2011","unstructured":"Sridhar, S., Hahn, A., Govindarasu, M.: Cyberphysical system security for the electric power grid. Proc. IEEE 100(1), 210\u2013224 (2011)","journal-title":"Proc. IEEE"},{"issue":"1","key":"349_CR5","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1109\/JETCAS.2013.2243633","volume":"3","author":"M Zhao","year":"2013","unstructured":"Zhao, M., Walker, J., Wang, C.C.: Challenges and opportunities for securing intelligent transportation system. IEEE J. Emerg. Sel. Top. Circuits Syst. 3(1), 96\u2013105 (2013)","journal-title":"IEEE J. Emerg. Sel. Top. Circuits Syst."},{"issue":"4","key":"349_CR6","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1155\/2014\/217415","volume":"10","author":"SA Haque","year":"2014","unstructured":"Haque, S.A., Aziz, S.M., Rahman, M.: Review of cyber-physical system in healthcare. Int. J. Distrib. Sens. Netw 10(4), 217\u2013415 (2014)","journal-title":"Int. J. Distrib. Sens. Netw"},{"key":"349_CR7","unstructured":"Falliere, N., Murchu, L. O., Chien, E.: W32. stuxnet dossier. In: White Paper, Symantec Corporation, Security Response, vol. 5, no. 6, p. 29 (2011)"},{"key":"349_CR8","unstructured":"Symantec: Dragonfly: Cyberespionage Attacks against Energy Suppliers. https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/security-center\/white-papers\/dragonfly-cyberespionage-attacks-14-en.pdf Mountain View, California (2014) Accessed 29 July 2019"},{"key":"349_CR9","first-page":"212","volume":"223","author":"RM Lee","year":"2016","unstructured":"Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the Ukrainian power grid. SANS Ind. Control Syst. 223, 212\u2013223 (2016)","journal-title":"SANS Ind. Control Syst."},{"issue":"3","key":"349_CR10","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1145\/1541880.1541882","volume":"41","author":"V Chandola","year":"2009","unstructured":"Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"1","key":"349_CR11","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1109\/SURV.2013.052213.00046","volume":"16","author":"MH Bhuyan","year":"2013","unstructured":"Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16(1), 303\u2013336 (2013)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"349_CR12","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1016\/j.jnca.2015.11.016","volume":"60","author":"M Ahmed","year":"2016","unstructured":"Ahmed, M., Mahmood, A.N., Hu, J.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 60, 19\u201331 (2016)","journal-title":"J. Netw. Comput. Appl."},{"issue":"3","key":"349_CR13","doi-asserted-by":"publisher","first-page":"447","DOI":"10.1007\/s11235-018-0475-8","volume":"70","author":"G Fernandes","year":"2019","unstructured":"Fernandes, G., Rodrigues, J.J., Carvalho, L.F., Al-Muhtadi, J.F., Proena, M.L.: A comprehensive survey on network anomaly detection. Telecommun. Syst. 70(3), 447\u2013489 (2019)","journal-title":"Telecommun. Syst."},{"issue":"16","key":"349_CR14","doi-asserted-by":"publisher","first-page":"3203","DOI":"10.1016\/j.comcom.2007.05.061","volume":"30","author":"M Hamdi","year":"2007","unstructured":"Hamdi, M., Boudriga, N.: Detecting Denial-of-service attacks using the wavelet transform. Comput. Commun. 30(16), 3203\u20133213 (2007)","journal-title":"Comput. Commun."},{"key":"349_CR15","doi-asserted-by":"crossref","unstructured":"Lakhina, A., Crovella, M., Diot, C.: Diagnosing network-wide traffic anomalies. In: ACM SIGCOMM Computer Communication Review, vol. 34, no. 4, ACM, pp. 219\u2013230 (2004)","DOI":"10.1145\/1030194.1015492"},{"issue":"2","key":"349_CR16","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1109\/TSMCA.2006.889480","volume":"37","author":"DS Yeung","year":"2007","unstructured":"Yeung, D.S., Jin, S., Wang, X.: Covariance-matrix modeling and detecting various flooding attacks. IEEE Trans. Syst. Man Cybern. Part A Syst. Hum. 37(2), 157\u2013169 (2007)","journal-title":"IEEE Trans. Syst. Man Cybern. Part A Syst. Hum."},{"key":"349_CR17","unstructured":"Holt, C.C.: Forecasting seasonals and trends by exponentially weighted moving averages. In: ONR Memorandum, vol. 52 (1957)"},{"key":"349_CR18","doi-asserted-by":"crossref","unstructured":"Pena, E.H., Carvalho, L.F., Barbon, S., Rodrigues, J.J., Proena, M.L.: Correlational paraconsistent machine for anomaly detection. In: 2014 IEEE Global Communications Conference, IEEE, pp. 551\u2013556 (2014)","DOI":"10.1109\/GLOCOM.2014.7036865"},{"key":"349_CR19","unstructured":"MacQueen, J.: Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, vol. 1, no. 14, pp. 281\u2013297 (1967)"},{"issue":"1","key":"349_CR20","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1109\/TIT.1967.1053964","volume":"13","author":"TM Cover","year":"1967","unstructured":"Cover, T.M., Hart, P.: Nearest neighbor pattern classification. IEEE Trans. Inf. Theory 13(1), 21\u201327 (1967)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"349_CR21","first-page":"94","volume-title":"Automatic Subspace Clustering of High Dimensional Data for Data Mining Applications","author":"R Agrawal","year":"1998","unstructured":"Agrawal, R., Gehrke, J., Gunopulos, D., Raghavan, P.: Automatic Subspace Clustering of High Dimensional Data for Data Mining Applications, pp. 94\u2013105. ACM, New York (1998)"},{"key":"349_CR22","doi-asserted-by":"crossref","unstructured":"Estevez-Tapiador, J.M., Garcia-Teodoro, P., Diaz-Verdejo, J.E.: Stochastic protocol modeling for anomaly based network intrusion detection. In: Proceedings of First IEEE International Workshop on Information Assurance, IWIAS 2003, IEEE, pp. 3\u201312 (2003)","DOI":"10.1109\/IWIAS.2003.1192454"},{"key":"349_CR23","first-page":"1","volume-title":"An Introduction to Bayesian Networks","author":"FV Jensen","year":"1996","unstructured":"Jensen, F.V.: An Introduction to Bayesian Networks, vol. 210, pp. 1\u2013178. UCL press, London (1996)"},{"key":"349_CR24","volume-title":"Bayesian Networks and Decision Graphs","author":"TD Nielsen","year":"2009","unstructured":"Nielsen, T.D., Jensen, F.V.: Bayesian Networks and Decision Graphs. Springer, Berlin (2009)"},{"key":"349_CR25","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/4175.001.0001","volume-title":"Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond","author":"B Scholkopf","year":"2001","unstructured":"Scholkopf, B., Smola, A.J.: Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond. MIT press, Cambridge (2001)"},{"key":"349_CR26","volume-title":"Neural Networks","author":"S Haykin","year":"1994","unstructured":"Haykin, S.: Neural Networks, vol. 2. Prentice Hall, New York (1994)"},{"key":"349_CR27","volume-title":"An Introduction to Kolmogorov Complexity and Its Applications","author":"M Li","year":"2013","unstructured":"Li, M., Vitnyi, P.: An Introduction to Kolmogorov Complexity and Its Applications. Springer, Berlin (2013)"},{"issue":"3","key":"349_CR28","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"CE Shannon","year":"1948","unstructured":"Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379\u2013423 (1948)","journal-title":"Bell Syst. Tech. J."},{"key":"349_CR29","unstructured":"Lee, W., Xiang, D.: Information-theoretic measures for anomaly detection. In: Proceedings 2001 IEEE Symposium on Security and Privacy, IEEE, pp. 130\u2013143 (2001)"},{"key":"349_CR30","doi-asserted-by":"crossref","unstructured":"Berezi\u0144ski, P., Jasiul, B., Szpyrka, M.: An entropy-based network anomaly detection method. In: Entropy, vol. 17, no. 4, pp. 2367\u20132408. http:\/\/www.mdpi.com\/1099-4300\/17\/4\/2367. Accessed 25 Nov 2019","DOI":"10.3390\/e17042367"},{"key":"349_CR31","doi-asserted-by":"crossref","unstructured":"Martos, G., Hernndez, N., Muoz, A., Moguerza, J.: Entropy measures for stochastic processes with applications in functional anomaly detection. In: Entropy, vol. 20, no. 1, p. 33 (2018)","DOI":"10.3390\/e20010033"},{"issue":"1","key":"349_CR32","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1109\/TIFS.2016.2603961","volume":"12","author":"M Xie","year":"2017","unstructured":"Xie, M., Hu, J., Guo, S., Zomaya, A.Y.: Distributed segment-based anomaly detection with Kullback\u2013Leibler divergence in wireless sensor networks. IEEE Trans. Inf. Forensics Secur. 12(1), 101\u2013110 (2017)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"349_CR33","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1016\/j.conengprac.2019.01.007","volume":"85","author":"Y Xiong","year":"2019","unstructured":"Xiong, Y., Jing, Y., Chen, T.: Abnormality detection based on the Kullback\u2013Leibler divergence for generalized Gaussian data. Control Eng. Pract. 85, 257\u2013270 (2019)","journal-title":"Control Eng. Pract."},{"key":"349_CR34","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1016\/j.eswa.2016.04.018","volume":"59","author":"AK Kar","year":"2016","unstructured":"Kar, A.K.: Bio inspired computing: a review of algorithms and scope of applications. Expert Syst. Appl. 59, 20\u201332 (2016)","journal-title":"Expert Syst. Appl."},{"issue":"14","key":"349_CR35","doi-asserted-by":"publisher","first-page":"17519","DOI":"10.1007\/s11042-017-4586-0","volume":"77","author":"A Firdaus","year":"2018","unstructured":"Firdaus, A., Anuar, N.B., Ab Razak, M.F., Sangaiah, A.K.: Bio-inspired computational paradigm for feature investigation and malware detection: interactive analytics. Multimed Tools Appl 77(14), 17519\u201317555 (2018)","journal-title":"Multimed Tools Appl"},{"key":"349_CR36","volume-title":"Artificial Immune Systems: A New Computational Intelligence Approach","author":"LN De Castro","year":"2002","unstructured":"De Castro, L.N., Timmis, J.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, Berlin (2002)"},{"key":"349_CR37","doi-asserted-by":"crossref","unstructured":"Hooks, D., Yuan, X., Roy, K., Esterline, A., Hernandez, J.: Applying artificial immune system for intrusion detection. In: 2018 IEEE Fourth International Conference on Big Data Computing Service and Applications (BigDataService), IEEE, pp. 287\u2013292 (2018)","DOI":"10.1109\/BigDataService.2018.00051"},{"issue":"6","key":"349_CR38","doi-asserted-by":"publisher","first-page":"1669","DOI":"10.1007\/s00521-015-1964-2","volume":"27","author":"B Aslahi-Shahri","year":"2016","unstructured":"Aslahi-Shahri, B., Rahmani, R., Chizari, M., Maralani, A., Eslami, M., Golkar, M., Ebrahimi, A.: A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput. Appl. 27(6), 1669\u20131676 (2016)","journal-title":"Neural Comput. Appl."},{"issue":"6","key":"349_CR39","doi-asserted-by":"publisher","first-page":"4672","DOI":"10.1109\/TIE.2018.2860568","volume":"66","author":"X Deng","year":"2019","unstructured":"Deng, X., Jiang, P., Peng, X., Mi, C.: An intelligent outlier detection method with one class support tucker machine and genetic algorithm toward big sensor data in Internet of Things. IEEE Trans. Ind. Electron. 66(6), 4672\u20134683 (2019)","journal-title":"IEEE Trans. Ind. Electron."},{"key":"349_CR40","doi-asserted-by":"publisher","first-page":"390","DOI":"10.1016\/j.eswa.2017.09.013","volume":"92","author":"AH Hamamoto","year":"2018","unstructured":"Hamamoto, A.H., Carvalho, L.F., Sampaio, L.D.H., Abro, T., Proena Jr., M.L.: Network anomaly detection system using genetic algorithm and fuzzy logic. Expert Syst. Appl. 92, 390\u2013402 (2018)","journal-title":"Expert Syst. Appl."},{"key":"349_CR41","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.neucom.2016.03.031","volume":"199","author":"SMH Bamakan","year":"2016","unstructured":"Bamakan, S.M.H., Wang, H., Yingjie, T., Shi, Y.: An effective intrusion detection framework based on MCLP\/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199, 90\u2013102 (2016)","journal-title":"Neurocomputing"},{"key":"349_CR42","doi-asserted-by":"crossref","unstructured":"Wahid, A., Rao, A.C.S.: A distance-based outlier detection using particle swarm optimization technique. In: Information and Communication Technology for Competitive Strategies, Springer, pp. 633\u2013643 (2019)","DOI":"10.1007\/978-981-13-0586-3_62"},{"issue":"4","key":"349_CR43","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1023\/A:1008202821328","volume":"11","author":"R Storn","year":"1997","unstructured":"Storn, R., Price, K.: Differential evolutional simple and efficient heuristic for global optimization over continuous spaces. J. Glob Optim. 11(4), 341\u2013359 (1997)","journal-title":"J. Glob Optim."},{"key":"349_CR44","doi-asserted-by":"crossref","unstructured":"Elsayed, S., Sarker, R., Slay, J.: Evaluating the performance of a differential evolution algorithm in anomaly detection. In: 2015 IEEE Congress on Evolutionary Computation (CEC), IEEE, pp. 2490\u20132497 (2015)","DOI":"10.1109\/CEC.2015.7257194"},{"key":"349_CR45","unstructured":"Boltzmann, L.: Weitere Studien \u00fcber das W\u00e4rmegleichgewicht unter Gasmolek\u00fclen. In: Sitzungsberichte der Kaiserlichen Akademie der Wissenschaften zu Wien, pp. 275\u2013370 (1872)"},{"key":"349_CR46","doi-asserted-by":"crossref","unstructured":"Boltzmann, L.: Weitere Studien \u00fcber das W\u00e4rmegleichgewicht unter Gasmolek\u00fclen. In: Kinetische Theorie II, Springer, pp. 115\u2013225 (1970)","DOI":"10.1007\/978-3-322-84986-1_3"},{"key":"349_CR47","volume-title":"Interacting Multiagent Systems: Kinetic Equations and Monte Carlo Methods","author":"L Pareschi","year":"2013","unstructured":"Pareschi, L., Toscani, G.: Interacting Multiagent Systems: Kinetic Equations and Monte Carlo Methods. OUP, Oxford (2013)"},{"key":"349_CR48","volume-title":"Mathematical Modeling of Complex Biological Systems","author":"A Bellouquid","year":"2006","unstructured":"Bellouquid, A., Delitala, M.: Mathematical Modeling of Complex Biological Systems. Birkhser, Boston (2006)"},{"key":"349_CR49","doi-asserted-by":"crossref","unstructured":"Keung, Y., Li, B., Zhang, Q.: The intrusion detection in mobile sensor network. In: Proceedings of the Eleventh ACM International Symposium on Mobile Ad Hoc Networking and Computing, ACM, pp. 11\u201320 (2010)","DOI":"10.1145\/1860093.1860096"},{"key":"349_CR50","doi-asserted-by":"crossref","unstructured":"Monica, S., Bergenti, F.: Outline of a generalization of kinetic theory to study opinion dynamics In: International Symposium on Distributed Computing and Artificial Intelligence (2018)","DOI":"10.1007\/978-3-319-62410-5_37"},{"issue":"10","key":"349_CR51","doi-asserted-by":"publisher","first-page":"2272","DOI":"10.1016\/j.camwa.2017.03.008","volume":"73","author":"S Monica","year":"2017","unstructured":"Monica, S., Bergenti, F.: An analytic study of opinion dynamics in multi-agent systems. Comput. Math. Appl. 73(10), 2272\u20132284 (2017)","journal-title":"Comput. Math. Appl."},{"issue":"1","key":"349_CR52","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1214\/aoms\/1177729694","volume":"22","author":"S Kullback","year":"1951","unstructured":"Kullback, S., Leibler, R.A.: On information and sufficiency. Ann. Math. Stat. 22(1), 79\u201386 (1951)","journal-title":"Ann. Math. Stat."}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-020-00349-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-020-00349-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-020-00349-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,1]],"date-time":"2024-08-01T01:12:54Z","timestamp":1722474774000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-020-00349-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,2,24]]},"references-count":52,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,3]]}},"alternative-id":["349"],"URL":"https:\/\/doi.org\/10.1007\/s11416-020-00349-9","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,2,24]]},"assertion":[{"value":"2 August 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"6 February 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 February 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}