{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,8,18]],"date-time":"2023-08-18T17:49:15Z","timestamp":1692380955917},"reference-count":21,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2015,5,9]],"date-time":"2015-05-09T00:00:00Z","timestamp":1431129600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Secur Inform"],"published-print":{"date-parts":[[2015,12]]},"DOI":"10.1186\/s13388-015-0019-7","type":"journal-article","created":{"date-parts":[[2015,5,8]],"date-time":"2015-05-08T08:12:18Z","timestamp":1431072738000},"update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Evasion-resistant network scan detection"],"prefix":"10.1186","volume":"4","author":[{"given":"Richard E","family":"Harang","sequence":"first","affiliation":[]},{"given":"Peter","family":"Mell","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,5,9]]},"reference":[{"key":"19_CR1","series-title":"IEEE Symposium on Security and Privacy","first-page":"211","volume-title":"\u201cFast portscan detection using sequential hypothesis testing,\u201d","author":"J Jung","year":"2004","unstructured":"J Jung, V Paxson, AW Berger, H Balakrishnan, \u201cFast portscan detection using sequential hypothesis testing,\u201d. IEEE Symposium on Security and Privacy, 2004, pp. 211\u2013225"},{"issue":"10","key":"19_CR2","doi-asserted-by":"publisher","first-page":"1565","DOI":"10.1093\/comjnl\/bxr035","volume":"54","author":"M Bhuyan","year":"2011","unstructured":"M Bhuyan, DK Bhattacharyya, JK Kalita, \u201cSurveying Port Scans and Their Detection Methodologies\u201d. Comput J 54(10), 1565\u20131581 (2011)","journal-title":"Comput J"},{"key":"19_CR3","volume-title":"First IEEE Conference on Communications and Network Security (submitted)","author":"P Mell","year":"2013","unstructured":"P Mell, R Harang, \u201cLimitations to Threshold Random Walk and Mitigating Enhancements,\u201d, in First IEEE Conference on Communications and Network Security (submitted), 2013"},{"issue":"2","key":"19_CR4","first-page":"143","volume":"9","author":"V Falletta","year":"2009","unstructured":"V Falletta, F Ricciato, \u201cDetecting scanners: empirical assessment on a 3G network\u201d. Int J Network Secur 9(2), 143\u2013155 (2009)","journal-title":"Int J Network Secur"},{"key":"19_CR5","doi-asserted-by":"crossref","unstructured":"L. Aniello, G. Lodi and R. Baldoni, \u201cInter-domain stealthy port scan detection through complex event processing.,\u201d Proceedings of the 13th European Workshop on Dependable Computing. (ACM, Pisa Italy, 2011)","DOI":"10.1145\/1978582.1978597"},{"key":"19_CR6","volume-title":"\u201cNew Sequential Methods for Detecting Portscanners,\u201d arXiv preprint, 1204(1935)","author":"X Chen","year":"2012","unstructured":"X Chen, \u201cNew Sequential Methods for Detecting Portscanners,\u201d arXiv preprint, 1204(1935), 2012"},{"key":"19_CR7","series-title":"Performance, Computing, and Communications Conference","doi-asserted-by":"publisher","DOI":"10.1109\/.2006.1629454","volume-title":"Connectionless port scan detection on the backbone","author":"A Sridharan","year":"2006","unstructured":"A Sridharan, T Ye, S Bhattacharyya, Connectionless port scan detection on the backbone. Performance, Computing, and Communications Conference, 2006"},{"key":"19_CR8","series-title":"Network Operations and Management Symposium","first-page":"359","volume-title":"A probabilistic approach to detecting network scans","author":"C Leckie","year":"2002","unstructured":"C Leckie, R Kotagiri, A probabilistic approach to detecting network scans. Network Operations and Management Symposium, 2002, pp. 359\u2013372"},{"issue":"1\/2","key":"19_CR9","doi-asserted-by":"crossref","first-page":"105","DOI":"10.3233\/JCS-2002-101-205","volume":"10","author":"S Staniford","year":"2002","unstructured":"S Staniford, JA Hoagland, JM McAlerney, Practical automated detection of stealthy portscans. J Comput Secur 10(1\/2), 105\u2013136 (2002)","journal-title":"J Comput Secur"},{"key":"19_CR10","series-title":"Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining","first-page":"886","volume-title":"Intrusion as (anti) social communication: characterization and detection","author":"Q Ding","year":"2012","unstructured":"Q Ding, N Katenka, P Barford, E Kolaczyk, M Crovella, Intrusion as (anti) social communication: characterization and detection. Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining, 2012, pp. 886\u2013894"},{"key":"19_CR11","series-title":"Proceedings of the Sixth SIAM International Conference on Data Mining","first-page":"118","volume-title":"Scan detection: A data mining approach","author":"GJ Simon","year":"2006","unstructured":"GJ Simon, H Xiong, E Eilertson, V Kumar, Scan detection: A data mining approach. Proceedings of the Sixth SIAM International Conference on Data Mining, 2006, pp. 118\u2013129"},{"key":"19_CR12","series-title":"IEEE Computer Society Symposium on Research in Security and Privacy","first-page":"296","volume-title":"A network security monitor","author":"LT Heberlein","year":"1990","unstructured":"LT Heberlein, GV Dias, KN Levitt, B Mukherjee, J Wood, D Wolber, A network security monitor. IEEE Computer Society Symposium on Research in Security and Privacy, 1990, pp. 296\u2013304"},{"key":"19_CR13","series-title":"Proceedings of the 13th USENIX conference on System administration","first-page":"229","volume-title":"Snort -- lightweight intrusion detection for networks","author":"M Roesch","year":"1999","unstructured":"M Roesch, Snort -- lightweight intrusion detection for networks. Proceedings of the 13th USENIX conference on System administration, 1999, pp. 229\u2013238"},{"issue":"23","key":"19_CR14","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V Paxson","year":"1999","unstructured":"V Paxson, Bro: a system for detecting network intruders in real-time. Comput Netw 31(23), 2435\u20132463 (1999)","journal-title":"Comput Netw"},{"key":"19_CR15","series-title":"7th International Conference on Information Assurance and Security","first-page":"228","volume-title":"Slow port scanning detection","author":"M Dabbagh","year":"2011","unstructured":"M Dabbagh, AJ Ghandour, K Fawaz, WE Hajj, H Hajj, Slow port scanning detection. 7th International Conference on Information Assurance and Security, 2011, pp. 228\u2013233"},{"key":"19_CR16","series-title":"Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966928","volume-title":"\u201cNetwork scan detection with LQS: a lightweight, quick and stateful algorithm\u201d","author":"M Alsaleh","year":"2011","unstructured":"M Alsaleh, PCV Oorschot, \u201cNetwork scan detection with LQS: a lightweight, quick and stateful algorithm\u201d. Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011"},{"key":"19_CR17","series-title":"Proceedings of the 16th Annual Network and Distributed System Security Symposium","volume-title":"\u201cCoordinated scan detection\u201d","author":"C Gates","year":"2009","unstructured":"C Gates, \u201cCoordinated scan detection\u201d. Proceedings of the 16th Annual Network and Distributed System Security Symposium, 2009"},{"key":"19_CR18","series-title":"Midlab Technical Report","volume-title":"\u201cCollaborative Detection of Coordinated Port Scans\u201d","author":"R Baldoni","year":"2012","unstructured":"R Baldoni, GAD Luna, L Querzoni, \u201cCollaborative Detection of Coordinated Port Scans\u201d. Midlab Technical Report, 2012"},{"key":"19_CR19","series-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","first-page":"157","volume-title":"\u201cDistributed evasive scan techniques and countermeasures,\u201d","author":"M Kang","year":"2007","unstructured":"M Kang, J Caballero, D Song, \u201cDistributed evasive scan techniques and countermeasures,\u201d. Detection of Intrusions and Malware, and Vulnerability Assessment, 2007, pp. 157\u2013174"},{"issue":"2","key":"19_CR20","first-page":"154","volume":"3","author":"Y Zhang","year":"2011","unstructured":"Y Zhang, B Bhargava, Allocation Schemes, Architectures, and Policies for Collaborative Port Scanning Attacks. J Emerg Technol Web Intell 3(2), 154\u2013167 (2011)","journal-title":"J Emerg Technol Web Intell"},{"issue":"2","key":"19_CR21","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1145\/376284.375670","volume":"30","author":"M Greenwald","year":"2001","unstructured":"M Greenwald, S Khanna, Space-efficient online computation of quantile summaries. ACM SIGMOD Record 30(2), 58\u201366 (2001)","journal-title":"ACM SIGMOD Record"}],"container-title":["Security Informatics"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13388-015-0019-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13388-015-0019-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13388-015-0019-7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13388-015-0019-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,26]],"date-time":"2019-03-26T22:41:58Z","timestamp":1553640118000},"score":1,"resource":{"primary":{"URL":"https:\/\/security-informatics.springeropen.com\/articles\/10.1186\/s13388-015-0019-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,5,9]]},"references-count":21,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2015,12]]}},"alternative-id":["19"],"URL":"https:\/\/doi.org\/10.1186\/s13388-015-0019-7","relation":{},"ISSN":["2190-8532"],"issn-type":[{"value":"2190-8532","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,5,9]]},"assertion":[{"value":"26 January 2015","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 April 2015","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 May 2015","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"4"}}