{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T06:22:16Z","timestamp":1769235736924,"version":"3.49.0"},"reference-count":19,"publisher":"Elsevier BV","issue":"4","license":[{"start":{"date-parts":[[2000,10,1]],"date-time":"2000-10-01T00:00:00Z","timestamp":970358400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computer Networks"],"published-print":{"date-parts":[[2000,10]]},"DOI":"10.1016\/s1389-1286(00)00134-1","type":"journal-article","created":{"date-parts":[[2003,4,7]],"date-time":"2003-04-07T13:19:33Z","timestamp":1049721573000},"page":"623-640","source":"Crossref","is-referenced-by-count":40,"title":["Anomaly-based intrusion detection: privacy concerns and other problems"],"prefix":"10.1016","volume":"34","author":[{"given":"Emilie","family":"Lundin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Erland","family":"Jonsson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/S1389-1286(00)00134-1_BIB1","doi-asserted-by":"crossref","unstructured":"S. Axelsson, The base-rate fallacy and its implications for intrusion detection, in: Proceeding of the Sixth ACM Conference on Computer and Communications Security, Kent Ridge Digital Labs, Singapore, 1\u20134 November 1999","DOI":"10.1145\/319709.319710"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB2","doi-asserted-by":"crossref","first-page":"805","DOI":"10.1016\/S1389-1286(98)00017-6","article-title":"Towards a taxonomy of intrusion\u2013detection systems","volume":"31","author":"Debar","year":"1999","journal-title":"Comput. Networks"},{"issue":"2","key":"10.1016\/S1389-1286(00)00134-1_BIB3","doi-asserted-by":"crossref","first-page":"222","DOI":"10.1109\/TSE.1987.232894","article-title":"An intrusion\u2013detection model","volume":"SE-13","author":"Denning","year":"1987","journal-title":"IEEE Trans. Software Eng."},{"key":"10.1016\/S1389-1286(00)00134-1_BIB4","unstructured":"L.R. Halme, R.K. Bauer, AINT misbehaving \u2013 a taxonomy of anti-intrusion techniques, in: Proceedings of the 18th National Information Systems Security Conference, National Institute of Standards and Technology\/National Computer Security Center, 1995, pp. 163\u2013172"},{"issue":"3","key":"10.1016\/S1389-1286(00)00134-1_BIB5","doi-asserted-by":"crossref","first-page":"235","DOI":"10.1016\/0167-4048(93)90110-Q","article-title":"NADIR: An automated system for detecting network intrusions and misuse","volume":"12","author":"Hochberg","year":"1993","journal-title":"Comput. & Security"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB6","doi-asserted-by":"crossref","unstructured":"P. Helman, G. Liepins, Statistical foundations of audit trail analysis for the detection of computer misuse, IEEE Trans. Software Eng. 19 (1993) 886\u2013901","DOI":"10.1109\/32.241771"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB7","unstructured":"H.S. Javitz, A. Valdes, The nides statistical component: Description and justification, Technical Report, SRI Computer Science Laboratory, March 1994. Available for download at: http:\/\/www.sdl.sri.com\/nides\/index5.html"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB8","doi-asserted-by":"crossref","unstructured":"T. Lane, C.E. Brodley, Temporal sequence learning and data reduction for anomaly detection, in: Proceedings of the Fifth Conference on Computer & Communications Security, San Francisco, CA, 2\u20135 November 1998, pp. 150\u2013158, ACM, ACM Special Interest Group","DOI":"10.1145\/288090.288122"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB9","unstructured":"T.F. Lunt, R. Jagannathan, A prototype real-time expert system, in: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 18\u201321 April 1988, pp. 59\u201366"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB10","unstructured":"E. Lundin, E. Jonsson, Privacy vs intrusion detection analysis, in: Proceedings of the Second International Workshop on the Recent Advances in Intrusion Detection \u2013 RAID'99, West Lafayette, IN, 7\u20139 September 1999"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB11","unstructured":"E. Lundin, E. Jonsson, Some practical and fundamental problems with anomaly detection, in: Proceedings of the Fourth Nordic Workshop on Secure IT Systems (NORDSEC'99), Kista, Sweden, 1\u20132 November 1999"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB12","unstructured":"T.F. Lunt, Detecting intruders in computer systems, in: Conference on Auditing and Computer Technology, 1993. Available for download at: http:\/\/www.sdl.sri.com\/nides\/index5.html"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB13","unstructured":"V. Paxon, Bro: A system for detecting network intruders in real-time, in: Proceedings of the Seventh USENIX Security Symposium, USENIX, San Antonio, TX, January 1998, pp. 31\u201351"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB14","unstructured":"P.A. Porras, P.G. Neumann, Emerald: Event monitoring enabling responses to anomalous live disturbances, in: Proceedings of the 20th National Information Systems Security Conference, National Institute of Standards and Technology\/National Computer Security Center, Baltimore, MD, October 1997, pp. 353\u2013365"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB15","doi-asserted-by":"crossref","unstructured":"M. Sobirey, S. Fischer-H\u00fcbner, K. Rannenberg, Pseudonymous audit for privacy enhanced intrusion detection, in: Proceedings of the IFIP TC11 13th International Conference on Information Security (SEC '97), Copenhagen, Denmark, May 1997, IFIP, Chapman & Hall, London, 1997, pp. 151\u2013163","DOI":"10.1007\/978-0-387-35259-6_13"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB16","doi-asserted-by":"crossref","unstructured":"S.E. Smaha, Haystack: An intrusion detection system, in: Fourth Aerospace Computer Security Applications Conference, Washington, DC, 1988, IEEE Comput. Soc. Press, Silverspring, MD, 1988, pp. 37\u201344","DOI":"10.1109\/ACSAC.1988.113412"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB17","unstructured":"M.M. Sebring, E. Shellhouse, M.E. Hanna, R.A.Whitehurst, Expert systems in intrusion detection: A case study, in: Proceedings of the 11th National Computer Security Conference, National Institute of Standards and Technology\/National Computer Security Center, Baltimore, MD, 17\u201320 October 1988, pp. 74\u201381"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB18","doi-asserted-by":"crossref","unstructured":"H.S. Vaccaro, G.E. Liepins, Detection of anomalous computer session activity, in: 1989 IEEE Symposium on Security and Privacy, Oakland, CA, May 1989, IEEE, Piscataway, NJ, 1989, pp. 280\u2013289","DOI":"10.1109\/SECPRI.1989.36302"},{"key":"10.1016\/S1389-1286(00)00134-1_BIB19","doi-asserted-by":"crossref","unstructured":"C. Warrender, S. Forrest, B. Pearlmutter, Detecting intrusions using system calls: Alternative data models, in: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 9\u201312 May 1999, pp. 133\u2013145","DOI":"10.1109\/SECPRI.1999.766910"}],"container-title":["Computer Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128600001341?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128600001341?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,4,28]],"date-time":"2019-04-28T11:54:45Z","timestamp":1556452485000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1389128600001341"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2000,10]]},"references-count":19,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2000,10]]}},"alternative-id":["S1389128600001341"],"URL":"https:\/\/doi.org\/10.1016\/s1389-1286(00)00134-1","relation":{},"ISSN":["1389-1286"],"issn-type":[{"value":"1389-1286","type":"print"}],"subject":[],"published":{"date-parts":[[2000,10]]}}}