{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:38:05Z","timestamp":1760161085654,"version":"3.28.0"},"reference-count":30,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,6]]},"DOI":"10.1109\/icc.2012.6364527","type":"proceedings-article","created":{"date-parts":[[2012,12,4]],"date-time":"2012-12-04T00:17:44Z","timestamp":1354580264000},"page":"1113-1117","source":"Crossref","is-referenced-by-count":17,"title":["An improved Hidden Markov Model for anomaly detection using frequent common patterns"],"prefix":"10.1109","author":[{"given":"Afroza","family":"Sultana","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abdelwahab","family":"Hamou-Lhadj","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mario","family":"Couture","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","first-page":"574","article-title":"An intrusion detection approach based on understandable neural network trees","author":"xu","year":"2007","journal-title":"Journal of Electronics"},{"key":"17","first-page":"282","article-title":"Robust anomaly detection using support vector machines","author":"hu","year":"2003","journal-title":"Proceedings of the International Conference on Machine Learning"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1145\/1167253.1167288"},{"key":"15","article-title":"A study in using neural networks for anomaly and misuse detection","author":"ghosh","year":"1999","journal-title":"Proceedings of the 8th USENIX Security Symposium"},{"key":"16","article-title":"Bayesian learning network approach to cybercrime detection","volume":"2003","author":"abouzakhar","year":"0","journal-title":"Proceedings of the 2003 Post Graduate Networking Conference"},{"key":"13","first-page":"255","article-title":"Anomaly detection over noisy data using learned probability distributions","author":"eskin","year":"2000","journal-title":"Proceedings of the 17th International Conference on Machine Learning"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2001.932213"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04117-4_13"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/MASSP.1986.1165342"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/ACIIDS.2009.59"},{"key":"22","first-page":"467","article-title":"Class-based n-gram models of natural language","volume":"18","author":"brown","year":"1992","journal-title":"Computational Linguistics"},{"journal-title":"Gzip Official Website","year":"0","key":"23"},{"key":"24","article-title":"The LTTng tracer: A low impact performance and behavior monitor for GNU\/Linux","author":"desnoyers","year":"2006","journal-title":"Proceedings of Ottawa Linux Symposium"},{"journal-title":"LTTng Official Website","year":"0","key":"25"},{"journal-title":"Weka Official Website","year":"0","key":"26"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1214\/aoms\/1177697196"},{"journal-title":"Data Mining Concepts and Techniques","year":"2006","author":"han","key":"28"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1145\/1541880.1541882"},{"journal-title":"Practical Intrusion Detection Handbook","year":"2001","author":"proctor","key":"2"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2009.4804323"},{"journal-title":"The Springer Internet Security Dictionary","year":"2002","author":"phohaha","key":"1"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1145\/545186.545187"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.1998.738647"},{"key":"6","article-title":"An immunological approach to change detection: Algorithms, analysis and implications","volume":"110","author":"forrest","year":"1996","journal-title":"Proceedings of the IEEE Symposium on Security and Privacy IEEE Computer Society"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"4","first-page":"11","article-title":"A pattern matching model for misuse intrusion detection","author":"kumar","year":"1994","journal-title":"Proceedings of the National Computer Security Conference"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"8","article-title":"Trace analysis for fault detection for application server","author":"jiang","year":"2007","journal-title":"Handbook of Automatic Computing Concepts Infrastructures and Applications"}],"event":{"name":"ICC 2012 - 2012 IEEE International Conference on Communications","start":{"date-parts":[[2012,6,10]]},"location":"Ottawa, ON, Canada","end":{"date-parts":[[2012,6,15]]}},"container-title":["2012 IEEE International Conference on Communications (ICC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/6350935\/6363631\/06364527.pdf?arnumber=6364527","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,21]],"date-time":"2017-03-21T17:34:17Z","timestamp":1490117657000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6364527\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,6]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/icc.2012.6364527","relation":{},"subject":[],"published":{"date-parts":[[2012,6]]}}}