{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T06:33:00Z","timestamp":1774161180858,"version":"3.50.1"},"reference-count":32,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2017,9,8]],"date-time":"2017-09-08T00:00:00Z","timestamp":1504828800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"name":"National Key R & D Program of China","award":["2017YFC0803702"],"award-info":[{"award-number":["2017YFC0803702"]}]},{"name":"National Key R & D Program of China","award":["2017YFB0802302"],"award-info":[{"award-number":["2017YFB0802302"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Peer-to-Peer Netw. Appl."],"published-print":{"date-parts":[[2019,3]]},"DOI":"10.1007\/s12083-017-0604-2","type":"journal-article","created":{"date-parts":[[2017,9,11]],"date-time":"2017-09-11T15:16:20Z","timestamp":1505142980000},"page":"295-309","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":48,"title":["An improved network security situation assessment approach in software defined networks"],"prefix":"10.1007","volume":"12","author":[{"given":"Zhijie","family":"Fan","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0569-8933","authenticated-orcid":false,"given":"Ya","family":"Xiao","sequence":"additional","affiliation":[]},{"given":"Amiya","family":"Nayak","sequence":"additional","affiliation":[]},{"given":"Chengxiang","family":"Tan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,9,8]]},"reference":[{"key":"604_CR1","doi-asserted-by":"crossref","unstructured":"Antikainen M, Aura T, S\u00e4rel\u00e4 M (2014) Spook in your network: attacking an sdn with a compromised openflow switch. In: Nordic conference on secure IT systems. Springer, pp 229\u2013244","DOI":"10.1007\/978-3-319-11599-3_14"},{"issue":"22","key":"604_CR2","doi-asserted-by":"publisher","first-page":"5767","DOI":"10.1109\/TSP.2013.2280179","volume":"61","author":"N Asadi","year":"2013","unstructured":"Asadi N, Mirzaei A, Haghshenas E (2013) Multiple observations hmm learning by aggregating ensemble models. IEEE Trans Signal Process 61(22):5767\u20135776","journal-title":"IEEE Trans Signal Process"},{"key":"604_CR3","doi-asserted-by":"crossref","unstructured":"Ballmann B (2015) Understanding network hacks: attack and defense with python. Springer","DOI":"10.1007\/978-3-662-44437-5"},{"key":"604_CR4","doi-asserted-by":"crossref","unstructured":"Bates A, Butler K, Haeberlen A, Sherr M, Zhou W (2014) Let sdn be your eyes: secure forensics in data center networks. In: Proceedings of the NDSS workshop on security of emerging network technologies (SENT14)","DOI":"10.14722\/sent.2014.23002"},{"key":"604_CR5","doi-asserted-by":"crossref","unstructured":"Bode MA, Oluwadare SA, Alese BK, Thompson AFB (2015) Risk analysis in cyber situation awareness using bayesian approach. In: International conference on cyber situational awareness, data analytics and assessment (CyberSA), 2015. IEEE, pp 1\u201312","DOI":"10.1109\/CyberSA.2015.7166119"},{"key":"604_CR6","doi-asserted-by":"crossref","unstructured":"Braga R, Mota E, Passito A (2010) Lightweight ddos flooding attack detection using nox\/openflow. In: IEEE 35th conference on local computer networks (LCN), 2010. IEEE, pp 408\u2013415","DOI":"10.1109\/LCN.2010.5735752"},{"key":"604_CR7","unstructured":"Chi PW, Kuo CT, Guo JW, Lei CL (2015) How to detect a compromised sdn switch. In: 1st IEEE conference on network softwarization (netsoft), 2015. IEEE, pp 1\u20136"},{"key":"604_CR8","doi-asserted-by":"crossref","unstructured":"De Oliveira RLS, Shinoda AA, Schweitzer CM, Prete LR (2014) Using mininet for emulation and prototyping software-defined networks. In: IEEE Colombian conference on communications and computing (COLCOM), 2014. IEEE, pp 1\u20136","DOI":"10.1109\/ColComCon.2014.6860404"},{"issue":"2","key":"604_CR9","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/s00502-015-0287-4","volume":"132","author":"I Friedberg","year":"2015","unstructured":"Friedberg I, Skopik F, Fiedler R (2015) Cyber situational awareness through network anomaly detection: state of the art and new approaches. e & i Elektrotechnik und Informationstechnik 132(2):101\u2013105","journal-title":"e & i Elektrotechnik und Informationstechnik"},{"issue":"11","key":"604_CR10","first-page":"14","volume":"11","author":"W Fuertes","year":"2011","unstructured":"Fuertes W, Zambrano P, S\u00e1nchez M., Gamboa P (2011) Alternative engine to detect and block port scan attacks using virtual network environments. International Journal of Computer Science and Network Security 11(11):14\u201323","journal-title":"International Journal of Computer Science and Network Security"},{"key":"604_CR11","doi-asserted-by":"crossref","unstructured":"Giotis K, Androulidakis G, Maglaris V (2014) Leveraging sdn for efficient anomaly detection and mitigation on legacy networks. In: Third European workshop on software defined networks (EWSDN), 2014. IEEE, pp 85\u201390","DOI":"10.1109\/EWSDN.2014.24"},{"key":"604_CR12","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1016\/j.bjp.2013.10.014","volume":"62","author":"K Giotis","year":"2014","unstructured":"Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V (2014) Combining openflow and sflow for an effective and scalable anomaly detection and mitigation mechanism on sdn environments. Comput Netw 62:122\u2013136","journal-title":"Comput Netw"},{"issue":"8","key":"604_CR13","doi-asserted-by":"publisher","first-page":"721","DOI":"10.1093\/bioinformatics\/17.8.721","volume":"17","author":"SJ Hua","year":"2001","unstructured":"Hua SJ, Sun ZR (2001) Support vector machine approach for protein subcellular localization prediction. Bioinformatics 17(8):721\u2013728","journal-title":"Bioinformatics"},{"key":"604_CR14","doi-asserted-by":"crossref","unstructured":"Klaedtke F, Karame GO, Bifulco R, Cui H (2014) Access control for sdn controllers. In: Proceedings of the third workshop on hot topics in software defined networking. ACM, pp 219\u2013220","DOI":"10.1145\/2620728.2620773"},{"key":"604_CR15","doi-asserted-by":"crossref","unstructured":"Kloti R, Kotronis V, Smith P (2013) Openflow: a security analysis. In: 21st IEEE international conference on network protocols (ICNP), 2013. IEEE, pp 1\u20136","DOI":"10.1109\/ICNP.2013.6733671"},{"key":"604_CR16","doi-asserted-by":"crossref","unstructured":"Kobayashi TH, Batista AB, Brito AM, Pires PSM (2007) Using a packet manipulation tool for security analysis of industrial network protocols. In: IEEE conference on emerging technologies and factory automation, 2007. ETFA. IEEE, pp 744\u2013747","DOI":"10.1109\/EFTA.2007.4416847"},{"issue":"5","key":"604_CR17","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/79.410439","volume":"12","author":"HL Lou","year":"1995","unstructured":"Lou HL (1995) Implementing the viterbi algorithm. IEEE Signal Process Mag 12(5):42\u201352","journal-title":"IEEE Signal Process Mag"},{"issue":"1","key":"604_CR18","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1109\/TST.2016.7399280","volume":"21","author":"H Ma","year":"2016","unstructured":"Ma H, Ding H, Yang Y, Mi Z, Yang JYF, Xiong ZG (2016) Bayes-based arp attack detection algorithm for cloud centers. Tsinghua Sci Technol 21(1):17\u201328","journal-title":"Tsinghua Sci Technol"},{"key":"604_CR19","doi-asserted-by":"crossref","unstructured":"Masoud MZ, Jaradat Y, Jannoud I (2015) On preventing arp poisoning attack utilizing software defined network (sdn) paradigm. In: IEEE Jordan conference on applied electrical engineering and computing technologies (AEECT), 2015. IEEE, pp 1\u20135","DOI":"10.1109\/AEECT.2015.7360549"},{"key":"604_CR20","doi-asserted-by":"crossref","unstructured":"Matias J, Garay J, Mendiola A, Toledo N, Eduardo J (2014) Flownac: Flow-based network access control. In: Third European workshop on software defined networks (EWSDN), 2014. IEEE, pp 79\u201384","DOI":"10.1109\/EWSDN.2014.39"},{"key":"604_CR21","unstructured":"Niyaz Q, Sun W, Javaid AY (2016) A deep learning based ddos detection system in software-defined networking (sdn). arXiv:\n                    1611.07400"},{"key":"604_CR22","doi-asserted-by":"crossref","unstructured":"Pak C, Cannady J (2009) Asset priority risk assessment using hidden markov models. In: Proceedings of the 10th ACM conference on SIG-information technology education. ACM, pp 65\u201373","DOI":"10.1145\/1631728.1631750"},{"key":"604_CR23","doi-asserted-by":"crossref","unstructured":"P\u00e9rez \u00d3, Piccardi M, Garc\u00eda J, Patricio M, Molina J (2007) Comparison between genetic algorithms and the baum-welch algorithm in learning hmms for human activity classification. Applications of Evolutionary Computing 399\u2013406","DOI":"10.1007\/978-3-540-71805-5_44"},{"key":"604_CR24","doi-asserted-by":"crossref","unstructured":"Porras PA, Cheung S, Fong MW, Skinner K, Yegneswaran V (2015) Securing the software defined network control layer. In: NDSS","DOI":"10.14722\/ndss.2015.23222"},{"key":"604_CR25","doi-asserted-by":"crossref","unstructured":"Scott-Hayward S, O\u2019Callaghan G, Sezer S (2013) Sdn security: a survey. In: IEEE SDN For future networks and services (SDN4FNS), 2013. IEEE, pp 1\u20137","DOI":"10.1109\/SDN4FNS.2013.6702553"},{"key":"604_CR26","doi-asserted-by":"crossref","unstructured":"Shalimov A, Zuikov D, Zimarina D, Pashkov V, Smeliansky R (2013) Advanced study of sdn\/openflow controllers. In: Proceedings of the 9th central & eastern European software engineering conference in Russia. ACM, p 1","DOI":"10.1145\/2556610.2556621"},{"key":"604_CR27","unstructured":"Van Tilborg HC, Sushil J (2014) Encyclopedia of cryptography and security. Springer Science & Business Media"},{"issue":"12","key":"604_CR28","first-page":"3104","volume":"27","author":"XL Wang","year":"2016","unstructured":"Wang XL, Chen M, Xing CY, Sun Z, Wu QF (2016) Software defined security networking mechanism to defend against ddos attacks. Ruan Jian Xue Bao\/Journal of Software 27(12):3104\u20133119","journal-title":"Ruan Jian Xue Bao\/Journal of Software"},{"issue":"4","key":"604_CR29","first-page":"749","volume":"38","author":"RR Xi","year":"2015","unstructured":"Xi RR, Yun XC, Zhang YZ, Hao ZY (2015) An improved quantitative evaluation method for network security. Chinese Journal of Computers 38(4):749\u2013758","journal-title":"Chinese Journal of Computers"},{"issue":"1","key":"604_CR30","doi-asserted-by":"publisher","first-page":"602","DOI":"10.1109\/COMST.2015.2487361","volume":"18","author":"Q Yan","year":"2016","unstructured":"Yan Q, Yu FR, Gong QX, Li JQ (2016) Software-defined networking (sdn) and distributed denial of service (ddos) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun Surv Tutorials 18(1):602\u2013622","journal-title":"IEEE Commun Surv Tutorials"},{"key":"604_CR31","doi-asserted-by":"crossref","unstructured":"Zhang Y, Liao L, Xu C, Yang M (2016) Hierarchical clustering of group behaviors in cyber situation awareness. In: IEEE international conference on software quality, reliability and security companion (QRS-c), 2016. IEEE, pp 400\u2013401","DOI":"10.1109\/QRS-C.2016.61"},{"issue":"3","key":"604_CR32","doi-asserted-by":"publisher","first-page":"495","DOI":"10.3724\/SP.J.1001.2011.03751","volume":"22","author":"Y Zhang","year":"2011","unstructured":"Zhang Y, Tan XB, Cui XL, Xi HS (2011) Network security situation awareness approach based on Markov game model. Journal of Software 22(3):495\u2013508","journal-title":"Journal of Software"}],"container-title":["Peer-to-Peer Networking and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s12083-017-0604-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12083-017-0604-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12083-017-0604-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,3]],"date-time":"2020-03-03T07:31:09Z","timestamp":1583220669000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s12083-017-0604-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,9,8]]},"references-count":32,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2019,3]]}},"alternative-id":["604"],"URL":"https:\/\/doi.org\/10.1007\/s12083-017-0604-2","relation":{},"ISSN":["1936-6442","1936-6450"],"issn-type":[{"value":"1936-6442","type":"print"},{"value":"1936-6450","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,9,8]]},"assertion":[{"value":"8 July 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 August 2017","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 September 2017","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}