P. Mátray, I. Csabai, P. Hága, J. Stéger, L. Dobos, G. Vattay
Online sharing of scientific information has accelerated the research activity in various different domains of science. This fact inspires us to initiate this kind of approach in the field of network research and review some projects pointing towards this direction. Using the experiences of similar efforts in other domains of sciences we are building a prototype node for Network Measurement Virtual Observatory. The goal of the observatory is to stimulate network research through sharing available measurement data along with analysis results and providing easy-to-use "online" network data analysis tools for network research and management purposes. We would also like to initiate discussion about standardization of network measurement data and to motivate other researchers to publish their own data and tools. In this paper we sketch the basic concept of Virtual Observatories and present a prototype system developed to share measurement data and tools associated with the ETOMIC measurement infrastructure.
{"title":"Building a prototype for network measurement virtual observatory","authors":"P. Mátray, I. Csabai, P. Hága, J. Stéger, L. Dobos, G. Vattay","doi":"10.1145/1269880.1269887","DOIUrl":"https://doi.org/10.1145/1269880.1269887","url":null,"abstract":"Online sharing of scientific information has accelerated the research activity in various different domains of science. This fact inspires us to initiate this kind of approach in the field of network research and review some projects pointing towards this direction. Using the experiences of similar efforts in other domains of sciences we are building a prototype node for Network Measurement Virtual Observatory. The goal of the observatory is to stimulate network research through sharing available measurement data along with analysis results and providing easy-to-use \"online\" network data analysis tools for network research and management purposes. We would also like to initiate discussion about standardization of network measurement data and to motivate other researchers to publish their own data and tools. In this paper we sketch the basic concept of Virtual Observatories and present a prototype system developed to share measurement data and tools associated with the ETOMIC measurement infrastructure.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131332820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hun-Jeong Kang, Zhi-Li Zhang, Supranamaya Ranjan, A. Nucci
With the widespread adoption of SIP-based VoIP, understanding the characteristics of SIP traffic behavior is critical to problem diagnosis and security protection of IP Telephony. In this paper, we propose a general methodology for profiling SIP-based VoIP traffic behavior at multiple levels: SIP server host, server entity and individual user levels. Using SIP traffic traces captured in a production VoIP service, we illustrate the characteristics of SIP-based VoIP traffic behavior in an operational network and demonstrate the effectiveness of our general profiling methodology. In particular, we show how our profiling methodology can help identify performance anomalies through a case study.
{"title":"SIP-based VoIP traffic behavior profiling and its applications","authors":"Hun-Jeong Kang, Zhi-Li Zhang, Supranamaya Ranjan, A. Nucci","doi":"10.1145/1269880.1269891","DOIUrl":"https://doi.org/10.1145/1269880.1269891","url":null,"abstract":"With the widespread adoption of SIP-based VoIP, understanding the characteristics of SIP traffic behavior is critical to problem diagnosis and security protection of IP Telephony. In this paper, we propose a general methodology for profiling SIP-based VoIP traffic behavior at multiple levels: SIP server host, server entity and individual user levels. Using SIP traffic traces captured in a production VoIP service, we illustrate the characteristics of SIP-based VoIP traffic behavior in an operational network and demonstrate the effectiveness of our general profiling methodology. In particular, we show how our profiling methodology can help identify performance anomalies through a case study.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"283 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123679357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Problems involving classification and pattern recognition can often be profitably viewed from the perspective of signal detection theory. We present ANEX (ANomaly EXposure), a simple and intuitive measure for comparing anomaly detection metrics regarding their capability to expose certain types of anomalies. ANEX is based on signal detection theory and determines the anomaly signal quality with the help of the intersection area of the metric's probability density functions in the normal and anomalous case. We illustrate the applicability of our measure by comparing 15 frequently-used detection metrics for the Blaster worm and discuss some early results by comparing NetFlow data from four different border gateway routers of a medium-sized ISP network.
{"title":"Comparison of anomaly signal quality in common detection metrics","authors":"D. Brauckhoff, M. May, B. Plattner","doi":"10.1145/1269880.1269884","DOIUrl":"https://doi.org/10.1145/1269880.1269884","url":null,"abstract":"Problems involving classification and pattern recognition can often be profitably viewed from the perspective of signal detection theory. We present ANEX (ANomaly EXposure), a simple and intuitive measure for comparing anomaly detection metrics regarding their capability to expose certain types of anomalies. ANEX is based on signal detection theory and determines the anomaly signal quality with the help of the intersection area of the metric's probability density functions in the normal and anomalous case. We illustrate the applicability of our measure by comparing 15 frequently-used detection metrics for the Blaster worm and discuss some early results by comparing NetFlow data from four different border gateway routers of a medium-sized ISP network.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127477987","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Campus or enterprise networks often have many unassigned IP addresses that collectively form IP gray space within the address blocks of such networks. Using one-month traffic data collected in a large campus network, we have monitored a significant amount of unwanted traffic towards IP gray space in various forms, such as worms, port scanning, and denial of service attacks. In this paper, we apply a heuristic algorithm to extract the IP gray space in our campus network. Subsequently, we analyze the behavioral patterns such as dominant activities and target randomness, of the gray space traffic for individual outside hosts. By correlating and contrasting the traffic towards IP gray addresses and live end hosts, we find the gray space traffic provides unique insight for uncovering the behavior, and intention,of anomalous traffic towards live end hosts. Finally, we demonstrate the applications of gray space traffic for identifying SPAM behavior, detecting malicious scanning and worm activities that successfully compromise end hosts.
{"title":"Identifying and tracking suspicious activities through IP gray space analysis","authors":"Yu Jin, Zhi-Li Zhang, Kuai Xu, Feng Cao, S. Sahu","doi":"10.1145/1269880.1269883","DOIUrl":"https://doi.org/10.1145/1269880.1269883","url":null,"abstract":"Campus or enterprise networks often have many unassigned IP addresses that collectively form IP gray space within the address blocks of such networks. Using one-month traffic data collected in a large campus network, we have monitored a significant amount of unwanted traffic towards IP gray space in various forms, such as worms, port scanning, and denial of service attacks. In this paper, we apply a heuristic algorithm to extract the IP gray space in our campus network. Subsequently, we analyze the behavioral patterns such as dominant activities and target randomness, of the gray space traffic for individual outside hosts. By correlating and contrasting the traffic towards IP gray addresses and live end hosts, we find the gray space traffic provides unique insight for uncovering the behavior, and intention,of anomalous traffic towards live end hosts. Finally, we demonstrate the applications of gray space traffic for identifying SPAM behavior, detecting malicious scanning and worm activities that successfully compromise end hosts.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129851749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Acharya, Xiping Wang, Charles P. Wright, N. Banerjee, Bikram Sengupta
Session Initiation Protocol (SIP) is a control-plane protocol for multiple services such as VoIP, Instant Messaging and Presence, and in addition, is key to IP Multimedia Subsystem (IMS). A SIP message consists of plain-text headers and their corresponding values, which are used to route the message between one or more endpoints, resulting in a media session. These headers and values are often transformed/re-written at intermediate SIP servers ("proxies"). It is important to monitor the flow and transformation of such messages in real-time, for functional testing of a SIP overlay network containing malfunctioning or ill-configured SIP entities, or for efficient run-time SIP network operation, including problem determination and load balancing. Towards that end, we have designed and implemented a programmable in-kernel Linux SIP message classification engine. The classifier can be configured to intercept incoming and outgoing SIP messages from a server, extract appropriate message meta-data including distinguishing header-value pairs and their transformations, and forward the same to a monitoring engine. The engine collates this information from different classifiers across the network, to infer the state of a SIP call on individual servers on the call path as well as aggregated call-state.
{"title":"Real-time monitoring of SIP infrastructure using message classification","authors":"A. Acharya, Xiping Wang, Charles P. Wright, N. Banerjee, Bikram Sengupta","doi":"10.1145/1269880.1269892","DOIUrl":"https://doi.org/10.1145/1269880.1269892","url":null,"abstract":"Session Initiation Protocol (SIP) is a control-plane protocol for multiple services such as VoIP, Instant Messaging and Presence, and in addition, is key to IP Multimedia Subsystem (IMS). A SIP message consists of plain-text headers and their corresponding values, which are used to route the message between one or more endpoints, resulting in a media session. These headers and values are often transformed/re-written at intermediate SIP servers (\"proxies\"). It is important to monitor the flow and transformation of such messages in real-time, for functional testing of a SIP overlay network containing malfunctioning or ill-configured SIP entities, or for efficient run-time SIP network operation, including problem determination and load balancing. Towards that end, we have designed and implemented a programmable in-kernel Linux SIP message classification engine. The classifier can be configured to intercept incoming and outgoing SIP messages from a server, extract appropriate message meta-data including distinguishing header-value pairs and their transformations, and forward the same to a monitoring engine. The engine collates this information from different classifiers across the network, to infer the state of a SIP call on individual servers on the call path as well as aggregated call-state.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114661564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we present a real-time automatic process to traffic classification and to the detection of abnormal behaviors in IP traffic. The proposed method aims to detect anomalies in the traffic associated to a particular service, or to automatically recognize the service associated to a given sequence of packets at the transport layer. Service classification is becoming a central issue because of the emergence of new services (P2P, VoIP, Streaming video, etc...) which raises new challenges in resource reservation, pricing, network monitoring, etc... In order to identify a specific signature to an application, we first of all model the sequence of its packets at the transport layer by means of a first order Markov chain. Then, we decide which service should be associated to any new sequence by means of standard decision techniques (Maximum Likelihood criterion, Neyman-Pearson test). The evaluation of our automatic recognition procedure using live GPRS Orange France traffic traces demonstrates the feasibility and the excellent performance of this approach.
{"title":"A markovian signature-based approach to IP traffic classification","authors":"H. Dahmouni, Sandrine Vaton, D. Rossé","doi":"10.1145/1269880.1269889","DOIUrl":"https://doi.org/10.1145/1269880.1269889","url":null,"abstract":"In this paper we present a real-time automatic process to traffic classification and to the detection of abnormal behaviors in IP traffic. The proposed method aims to detect anomalies in the traffic associated to a particular service, or to automatically recognize the service associated to a given sequence of packets at the transport layer. Service classification is becoming a central issue because of the emergence of new services (P2P, VoIP, Streaming video, etc...) which raises new challenges in resource reservation, pricing, network monitoring, etc... In order to identify a specific signature to an application, we first of all model the sequence of its packets at the transport layer by means of a first order Markov chain. Then, we decide which service should be associated to any new sequence by means of standard decision techniques (Maximum Likelihood criterion, Neyman-Pearson test). The evaluation of our automatic recognition procedure using live GPRS Orange France traffic traces demonstrates the feasibility and the excellent performance of this approach.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130116876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The authentication logs on a network can provide a trove of information for discovering potential anomalies in login attempts. Using such logs collected by a production Virtual Private Network device over a period of 15 months, we generate a diurnal model of network accesses. These models are used to detect anomalous authentications, which merit further investigation by a security analyst. We intend that this work will dramatically reduce the amount time spent by analysts identifying anomalous events and allow them to focus on in-depth analysis of these anomalies. Our work makes two contributions: a novel approach of mining authentication data, and the use of geographic distance as a metric to evaluate Virtual Private Network connections. We demonstrate the success of our model using real-world case analysis.
{"title":"Authentication anomaly detection: a case study on a virtual private network","authors":"M. Chapple, N. Chawla, A. Striegel","doi":"10.1145/1269880.1269886","DOIUrl":"https://doi.org/10.1145/1269880.1269886","url":null,"abstract":"The authentication logs on a network can provide a trove of information for discovering potential anomalies in login attempts. Using such logs collected by a production Virtual Private Network device over a period of 15 months, we generate a diurnal model of network accesses. These models are used to detect anomalous authentications, which merit further investigation by a security analyst. We intend that this work will dramatically reduce the amount time spent by analysts identifying anomalous events and allow them to focus on in-depth analysis of these anomalies. Our work makes two contributions: a novel approach of mining authentication data, and the use of geographic distance as a metric to evaluate Virtual Private Network connections. We demonstrate the success of our model using real-world case analysis.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117137787","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Numerous network traffic classification approaches have recently been proposed. In general, these approaches have focused on correctly identifying a high percentage of total flows. However, on the Internet a small number of "elephant" flows contribute a significant amount of the traffic volume. In addition, some application types like Peer-to-Peer (P2P) and FTP contribute more elephant flows than other applications types like Chat. In this opinion piece, we discuss how evaluating a classifier on flow accuracy alone can bias the classification results. By not giving special attention to these traffic classes and their elephant flows in the evaluation of traffic classification approaches we might obtain significantly different performance when these approaches are deployed in operational networks for typical traffic classification tasks such as traffic shaping. We argue that byte accuracy must also be used when evaluating the accuracy of traffic classification algorithms.
{"title":"Byte me: a case for byte accuracy in traffic classification","authors":"Jeffrey Erman, A. Mahanti, M. Arlitt","doi":"10.1145/1269880.1269890","DOIUrl":"https://doi.org/10.1145/1269880.1269890","url":null,"abstract":"Numerous network traffic classification approaches have recently been proposed. In general, these approaches have focused on correctly identifying a high percentage of total flows. However, on the Internet a small number of \"elephant\" flows contribute a significant amount of the traffic volume. In addition, some application types like Peer-to-Peer (P2P) and FTP contribute more elephant flows than other applications types like Chat. In this opinion piece, we discuss how evaluating a classifier on flow accuracy alone can bias the classification results. By not giving special attention to these traffic classes and their elephant flows in the evaluation of traffic classification approaches we might obtain significantly different performance when these approaches are deployed in operational networks for typical traffic classification tasks such as traffic shaping. We argue that byte accuracy must also be used when evaluating the accuracy of traffic classification algorithms.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134131969","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We introduced a three-tier architecture of intrusion detection system which consists of a blacklist, a whitelist and a multi-class support vector machine classifier. The first tier is the blacklist that will filter out the known attacks from the traffic and the whitelist identifies the normal traffics. The rest traffics, the anomalies detected by the whitelist, were then be classified by a multi-class SVM classifier into four categories: PROBE, DoS, R2L and U2R. Many data mining and machine learning techniques were applied here. We design this three-tier IDS based on the KDD'99 benchmark dataset. Our system has 94.71% intrusion detection rate and 93.52% diagnosis rate. The averag cost for each connection is 0.1781. All of these results are better than those of KDD'99 winner's. Our three-tier architecture design also provides the flexibility for the practical usage. The network system administrator can add the new patterns into the blacklist and allows to do fine tuning of the whitelist according to the environment of their network system and security policy.
{"title":"A three-tier IDS via data mining approach","authors":"Tsong Song Hwang, Tsung-Ju Lee, Yuh-Jye Lee","doi":"10.1145/1269880.1269882","DOIUrl":"https://doi.org/10.1145/1269880.1269882","url":null,"abstract":"We introduced a three-tier architecture of intrusion detection system which consists of a blacklist, a whitelist and a multi-class support vector machine classifier. The first tier is the blacklist that will filter out the known attacks from the traffic and the whitelist identifies the normal traffics. The rest traffics, the anomalies detected by the whitelist, were then be classified by a multi-class SVM classifier into four categories: PROBE, DoS, R2L and U2R. Many data mining and machine learning techniques were applied here. We design this three-tier IDS based on the KDD'99 benchmark dataset. Our system has 94.71% intrusion detection rate and 93.52% diagnosis rate. The averag cost for each connection is 0.1781. All of these results are better than those of KDD'99 winner's. Our three-tier architecture design also provides the flexibility for the practical usage. The network system administrator can add the new patterns into the blacklist and allows to do fine tuning of the whitelist according to the environment of their network system and security policy.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134010034","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Franck Le, Sihyung Lee, Tina Wong, Hyong S. Kim, Darrell Newcomb
Recent studies have shown that router misconfigurations are common and have dramatic consequences for the operations of networks. Not only can misconfigurations compromise the security of a single network, they can even cause global disruptions in Internet connectivity. Several solutions have been proposed that can detect a number of problems in real configuration files. However, these solutions share a common limitation: they are rule-based. Rules are assumed to be known beforehand, and violations of these rules are deemed misconfigurations. As policies typically differ among networks, rule-based approaches are limited in the scope of mistakes they can detect. In this paper, we address the problem of router misconfigurations using data mining. We apply association rules mining to the configuration files of routers across an administrative domain to discover local, network-specific policies. Deviations from these local policies are potential misconfigurations. We have evaluated our scheme on configuration files from a large state-wide network provider, a large university campus and a high-performance research network, and found promising results. We discovered a number of errors that were confirmed and later corrected by the network engineers. These errors would have been difficult to detect with current rule-based approaches.
{"title":"Minerals: using data mining to detect router misconfigurations","authors":"Franck Le, Sihyung Lee, Tina Wong, Hyong S. Kim, Darrell Newcomb","doi":"10.1145/1162678.1162681","DOIUrl":"https://doi.org/10.1145/1162678.1162681","url":null,"abstract":"Recent studies have shown that router misconfigurations are common and have dramatic consequences for the operations of networks. Not only can misconfigurations compromise the security of a single network, they can even cause global disruptions in Internet connectivity. Several solutions have been proposed that can detect a number of problems in real configuration files. However, these solutions share a common limitation: they are rule-based. Rules are assumed to be known beforehand, and violations of these rules are deemed misconfigurations. As policies typically differ among networks, rule-based approaches are limited in the scope of mistakes they can detect. In this paper, we address the problem of router misconfigurations using data mining. We apply association rules mining to the configuration files of routers across an administrative domain to discover local, network-specific policies. Deviations from these local policies are potential misconfigurations. We have evaluated our scheme on configuration files from a large state-wide network provider, a large university campus and a high-performance research network, and found promising results. We discovered a number of errors that were confirmed and later corrected by the network engineers. These errors would have been difficult to detect with current rule-based approaches.","PeriodicalId":216113,"journal":{"name":"Annual ACM Workshop on Mining Network Data","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125633652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: