{"id":"https://openalex.org/W2099389120","doi":"https://doi.org/10.1002/nem.748","title":"A scalable, efficient and informative approach for anomaly\u2010based intrusion detection systems: theory and practice","display_name":"A scalable, efficient and informative approach for anomaly\u2010based intrusion detection systems: theory and practice","publication_year":2010,"publication_date":"2010-08-30","ids":{"openalex":"https://openalex.org/W2099389120","doi":"https://doi.org/10.1002/nem.748","mag":"2099389120"},"language":"en","primary_location":{"id":"doi:10.1002/nem.748","is_oa":false,"landing_page_url":"https://doi.org/10.1002/nem.748","pdf_url":null,"source":{"id":"https://openalex.org/S204585504","display_name":"International Journal of Network Management","issn_l":"1055-7148","issn":["1055-7148","1099-1190"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320595","host_organization_name":"Wiley","host_organization_lineage":["https://openalex.org/P4310320595"],"host_organization_lineage_names":["Wiley"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Network Management","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015086369","display_name":"Osman Salem","orcid":"https://orcid.org/0000-0003-2076-9733"},"institutions":[{"id":"https://openalex.org/I4210159731","display_name":"LIP6","ror":"https://ror.org/05krcen59","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I39804081","https://openalex.org/I4210159245","https://openalex.org/I4210159731"]},{"id":"https://openalex.org/I204730241","display_name":"Universit\u00e9 Paris Cit\u00e9","ror":"https://ror.org/05f82e368","country_code":"FR","type":"education","lineage":["https://openalex.org/I204730241"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Osman Salem","raw_affiliation_strings":["Laboratoire d'Informatique Paris Descartes (LIPADE), Universite\u0301 Paris Descartes, Paris, France","Laboratoire d'Informatique Paris Descartes (LIPADE), Universit\u00e9 Paris Descartes, Paris, France"],"affiliations":[{"raw_affiliation_string":"Laboratoire d'Informatique Paris Descartes (LIPADE), Universite\u0301 Paris Descartes, Paris, France","institution_ids":["https://openalex.org/I4210159731","https://openalex.org/I204730241"]},{"raw_affiliation_string":"Laboratoire d'Informatique Paris Descartes (LIPADE), Universit\u00e9 Paris Descartes, Paris, France","institution_ids":["https://openalex.org/I4210159731","https://openalex.org/I204730241"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043411973","display_name":"Sandrine Vaton","orcid":"https://orcid.org/0000-0001-8940-6004"},"institutions":[{"id":"https://openalex.org/I4210148559","display_name":"\u00c9cole nationale sup\u00e9rieure de techniques avanc\u00e9es Bretagne","ror":"https://ror.org/059n54003","country_code":"FR","type":"education","lineage":["https://openalex.org/I201181511","https://openalex.org/I4210145102","https://openalex.org/I4210148559"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Sandrine Vaton","raw_affiliation_strings":["De\u0301partement Informatique, TELECOM Bretagne, Brest, France","D\u00e9partement Informatique, TELECOM Bretagne, Brest, France"],"affiliations":[{"raw_affiliation_string":"De\u0301partement Informatique, TELECOM Bretagne, Brest, France","institution_ids":["https://openalex.org/I4210148559"]},{"raw_affiliation_string":"D\u00e9partement Informatique, TELECOM Bretagne, Brest, France","institution_ids":["https://openalex.org/I4210148559"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5007477528","display_name":"Annie Gravey","orcid":"https://orcid.org/0000-0001-9926-2657"},"institutions":[{"id":"https://openalex.org/I4210148559","display_name":"\u00c9cole nationale sup\u00e9rieure de techniques avanc\u00e9es Bretagne","ror":"https://ror.org/059n54003","country_code":"FR","type":"education","lineage":["https://openalex.org/I201181511","https://openalex.org/I4210145102","https://openalex.org/I4210148559"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Annie Gravey","raw_affiliation_strings":["De\u0301partement Informatique, TELECOM Bretagne, Brest, France","D\u00e9partement Informatique, TELECOM Bretagne, Brest, France"],"affiliations":[{"raw_affiliation_string":"De\u0301partement Informatique, TELECOM Bretagne, Brest, France","institution_ids":["https://openalex.org/I4210148559"]},{"raw_affiliation_string":"D\u00e9partement Informatique, TELECOM Bretagne, Brest, France","institution_ids":["https://openalex.org/I4210148559"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5015086369"],"corresponding_institution_ids":["https://openalex.org/I204730241","https://openalex.org/I4210159731"],"apc_list":{"value":3140,"currency":"USD","value_usd":3140},"apc_paid":null,"fwci":6.3225,"has_fulltext":false,"cited_by_count":49,"citation_normalized_percentile":{"value":0.96774569,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"20","issue":"5","first_page":"271","last_page":"293"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8671629428863525},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7682791948318481},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.6333305239677429},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5818442702293396},{"id":"https://openalex.org/keywords/header","display_name":"Header","score":0.5290799736976624},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5190844535827637},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5028228163719177},{"id":"https://openalex.org/keywords/sketch","display_name":"Sketch","score":0.4952773153781891},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.47627705335617065},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.4193033277988434},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3602975606918335},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.274588942527771},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.22001826763153076},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.12857726216316223},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.11231595277786255}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8671629428863525},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7682791948318481},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.6333305239677429},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5818442702293396},{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.5290799736976624},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5190844535827637},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5028228163719177},{"id":"https://openalex.org/C2779231336","wikidata":"https://www.wikidata.org/wiki/Q7534724","display_name":"Sketch","level":2,"score":0.4952773153781891},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.47627705335617065},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.4193033277988434},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3602975606918335},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.274588942527771},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.22001826763153076},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.12857726216316223},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.11231595277786255},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1002/nem.748","is_oa":false,"landing_page_url":"https://doi.org/10.1002/nem.748","pdf_url":null,"source":{"id":"https://openalex.org/S204585504","display_name":"International Journal of Network Management","issn_l":"1055-7148","issn":["1055-7148","1099-1190"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320595","host_organization_name":"Wiley","host_organization_lineage":["https://openalex.org/P4310320595"],"host_organization_lineage_names":["Wiley"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Network Management","raw_type":"journal-article"},{"id":"pmh:oai:HAL:hal-00565751v1","is_oa":false,"landing_page_url":"https://hal.science/hal-00565751","pdf_url":null,"source":{"id":"https://openalex.org/S4406922466","display_name":"SPIRE - Sciences Po Institutional REpository","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"International Journal of Network Management, 2010","raw_type":"Journal articles"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":63,"referenced_works":["https://openalex.org/W40890042","https://openalex.org/W1493892051","https://openalex.org/W1500414598","https://openalex.org/W1516035155","https://openalex.org/W1516506771","https://openalex.org/W1563061804","https://openalex.org/W1674877186","https://openalex.org/W1865797552","https://openalex.org/W1970602212","https://openalex.org/W1977951613","https://openalex.org/W1993929036","https://openalex.org/W1994373811","https://openalex.org/W2006349683","https://openalex.org/W2011787683","https://openalex.org/W2026784425","https://openalex.org/W2035653027","https://openalex.org/W2035959221","https://openalex.org/W2065202763","https://openalex.org/W2080234606","https://openalex.org/W2091083310","https://openalex.org/W2096997635","https://openalex.org/W2101721819","https://openalex.org/W2102481563","https://openalex.org/W2104359652","https://openalex.org/W2108673751","https://openalex.org/W2109121608","https://openalex.org/W2110238613","https://openalex.org/W2112967561","https://openalex.org/W2114615295","https://openalex.org/W2116433368","https://openalex.org/W2117747231","https://openalex.org/W2118931532","https://openalex.org/W2121904442","https://openalex.org/W2124806945","https://openalex.org/W2127273221","https://openalex.org/W2127849160","https://openalex.org/W2129976399","https://openalex.org/W2130297445","https://openalex.org/W2130507939","https://openalex.org/W2131612062","https://openalex.org/W2139237456","https://openalex.org/W2142099410","https://openalex.org/W2149770403","https://openalex.org/W2155915275","https://openalex.org/W2157578436","https://openalex.org/W2158282736","https://openalex.org/W2161317557","https://openalex.org/W2163775601","https://openalex.org/W2164210932","https://openalex.org/W2164256494","https://openalex.org/W2165032725","https://openalex.org/W2166431113","https://openalex.org/W2166858086","https://openalex.org/W2169927847","https://openalex.org/W2170812753","https://openalex.org/W2255206882","https://openalex.org/W2900852122","https://openalex.org/W3009746682","https://openalex.org/W3098205111","https://openalex.org/W3138598418","https://openalex.org/W4249843299","https://openalex.org/W4285719527","https://openalex.org/W6683939538"],"related_works":["https://openalex.org/W2171597999","https://openalex.org/W2378994405","https://openalex.org/W2385974820","https://openalex.org/W2373478030","https://openalex.org/W2189136227","https://openalex.org/W2378679551","https://openalex.org/W3149739944","https://openalex.org/W1866537546","https://openalex.org/W2392363776","https://openalex.org/W630850086"],"abstract_inverted_index":{"Abstract":[0],"In":[1],"this":[2],"paper,":[3],"we":[4,123],"present":[5],"the":[6,87,109,130,136,164,218],"design":[7],"and":[8,17,75,146,162,198,209,212],"implementation":[9,179],"of":[10,29,54,61,108,111,166,180,196,225],"a":[11,32,51,59,96,187,222],"new":[12],"approach":[13,25,168,203],"for":[14,153],"anomaly":[15,131,137,154],"detection":[16,83,155],"classification":[18],"over":[19,183],"high":[20,223],"speed":[21],"networks.":[22],"The":[23,46,201],"proposed":[24,202],"is":[26,49,93,99,204],"based":[27],"first":[28],"all":[30],"on":[31,42,156,169],"data":[33,69],"reduction":[34],"phase":[35],"through":[36],"flow":[37,65],"sampling":[38],"by":[39,186,216],"focusing":[40],"mainly":[41],"short":[43],"lived":[44],"flows.":[45],"second":[47],"step":[48],"then":[50],"random":[52],"aggregation":[53],"some":[55],"descriptors":[56],"such":[57],"as":[58,138],"number":[60],"SYN":[62],"packets":[63],"per":[64],"in":[66,101,194,207,213],"two":[67],"different":[68],"structures":[70],"called":[71],"Count":[72],"Min":[73],"Sketch":[74],"Multi\u2010Layer":[76],"Reversible":[77],"Sketch.":[78],"A":[79],"sequential":[80],"change":[81,98],"point":[82],"algorithm":[84,182],"continuously":[85],"monitors":[86],"sketch":[88],"cell":[89,102],"values.":[90,103],"An":[91],"alarm":[92],"raised":[94],"if":[95],"significant":[97],"identified":[100],"With":[104],"an":[105],"appropriate":[106],"definition":[107],"combination":[110],"IP":[112],"header":[113],"fields":[114],"that":[115],"should":[116],"be":[117],"used":[118],"to":[119,128,134],"identify":[120],"one":[121],"flow,":[122],"are":[124,191],"able":[125],"not":[126],"only":[127],"detect":[129],"but":[132],"also":[133],"classify":[135],"DoS,":[139],"DDoS":[140],"or":[141],"flash":[142],"crowd,":[143],"network":[144],"scanning":[145],"port":[147],"scanning.":[148],"We":[149],"validate":[150],"our":[151,167,181],"framework":[152],"various":[157],"real":[158],"world":[159],"traffic":[160],"traces":[161],"demonstrate":[163],"accuracy":[165,197],"these":[170],"real\u2010life":[171],"case":[172],"studies.":[173],"Our":[174],"analysis":[175],"results":[176],"from":[177],"online":[178],"measurements":[184],"gathered":[185],"DAG":[188],"sniffing":[189],"card":[190],"very":[192,205],"attractive":[193],"terms":[195],"response":[199],"time.":[200],"effective":[206],"detecting":[208],"classifying":[210],"anomalies,":[211],"providing":[214],"information":[215],"extracting":[217],"culprit":[219],"flows":[220],"with":[221],"level":[224],"accuracy.":[226],"Copyright":[227],"\u00a9":[228],"2010":[229],"John":[230],"Wiley":[231],"&amp;":[232],"Sons,":[233],"Ltd.":[234]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":6},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":7},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":7},{"year":2012,"cited_by_count":7}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}