{"id":"https://openalex.org/W1546042159","doi":"https://doi.org/10.1007/978-0-387-34747-9_15","title":"Anomaly Detection using prior knowledge: application to TCP/IP traffic","display_name":"Anomaly Detection using prior knowledge: application to TCP/IP traffic","publication_year":2006,"publication_date":"2006-10-08","ids":{"openalex":"https://openalex.org/W1546042159","doi":"https://doi.org/10.1007/978-0-387-34747-9_15","mag":"1546042159"},"language":"en","primary_location":{"id":"doi:10.1007/978-0-387-34747-9_15","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-34747-9_15","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-34747-9_15.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP International Federation for Information Processing","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-34747-9_15.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065323678","display_name":"Alberto Carrascal","orcid":null},"institutions":[{"id":"https://openalex.org/I4210129734","display_name":"NEIKER, the Basque Institute for Agricultural Research and Development","ror":"https://ror.org/03rf31e64","country_code":"ES","type":"facility","lineage":["https://openalex.org/I4210113430","https://openalex.org/I4210129734"]},{"id":"https://openalex.org/I4210135705","display_name":"Instituto Nacional de Investigaci\u00f3n Agropecuaria","ror":"https://ror.org/02sspdz82","country_code":"UY","type":"government","lineage":["https://openalex.org/I4210135705"]}],"countries":["ES","UY"],"is_corresponding":true,"raw_author_name":"Alberto Carrascal","raw_affiliation_strings":["NEIKER: Institute Vasco de Investigaci\u00f3n y Desarrollo, Uruguay","NEIKER: Institute Vasco de Investigaci\u00f3n y Desarrollo"],"affiliations":[{"raw_affiliation_string":"NEIKER: Institute Vasco de Investigaci\u00f3n y Desarrollo, Uruguay","institution_ids":["https://openalex.org/I4210135705"]},{"raw_affiliation_string":"NEIKER: Institute Vasco de Investigaci\u00f3n y Desarrollo","institution_ids":["https://openalex.org/I4210129734"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013903139","display_name":"Jorge Couchet","orcid":null},"institutions":[{"id":"https://openalex.org/I7923278","display_name":"Shell (Netherlands)","ror":"https://ror.org/00b5m4j81","country_code":"NL","type":"company","lineage":["https://openalex.org/I7923278"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Jorge Couchet","raw_affiliation_strings":["Shell Corporation, Uruguay","Shell Corporation"],"affiliations":[{"raw_affiliation_string":"Shell Corporation, Uruguay","institution_ids":[]},{"raw_affiliation_string":"Shell Corporation","institution_ids":["https://openalex.org/I7923278"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042645452","display_name":"Enrique Ferreira","orcid":"https://orcid.org/0000-0002-6506-9477"},"institutions":[{"id":"https://openalex.org/I875251973","display_name":"Universidad Cat\u00f3lica del Uruguay","ror":"https://ror.org/019xvpc30","country_code":"UY","type":"education","lineage":["https://openalex.org/I875251973"]}],"countries":["UY"],"is_corresponding":false,"raw_author_name":"Enrique Ferreira","raw_affiliation_strings":["Facultad de Ingenier\u00eda y Tecnolog\u00edas, Universidad Cat\u00f3lica del Uruguay, Uruguay","Universidad Cat\u00f3lica Del Uruguay"],"affiliations":[{"raw_affiliation_string":"Facultad de Ingenier\u00eda y Tecnolog\u00edas, Universidad Cat\u00f3lica del Uruguay, Uruguay","institution_ids":["https://openalex.org/I875251973"]},{"raw_affiliation_string":"Universidad Cat\u00f3lica Del Uruguay","institution_ids":["https://openalex.org/I875251973"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021195199","display_name":"Daniel Manrique","orcid":"https://orcid.org/0000-0002-0792-4156"},"institutions":[{"id":"https://openalex.org/I88060688","display_name":"Universidad Polit\u00e9cnica de Madrid","ror":"https://ror.org/03n6nwv02","country_code":"ES","type":"education","lineage":["https://openalex.org/I88060688"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Daniel Manrique","raw_affiliation_strings":["Dpto. Inteligencia Artificial. Facultad de Inform\u00e1tica, Univ. Polit\u00e9cnica de Madrid, Madrid","Univ. Polit\u00e9cnica de Madrid"],"affiliations":[{"raw_affiliation_string":"Dpto. Inteligencia Artificial. Facultad de Inform\u00e1tica, Univ. Polit\u00e9cnica de Madrid, Madrid","institution_ids":["https://openalex.org/I88060688"]},{"raw_affiliation_string":"Univ. Polit\u00e9cnica de Madrid","institution_ids":["https://openalex.org/I88060688"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5065323678"],"corresponding_institution_ids":["https://openalex.org/I4210129734","https://openalex.org/I4210135705"],"apc_list":null,"apc_paid":null,"fwci":1.176,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.77564999,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"139","last_page":"148"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7238248586654663},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6974213719367981},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6821346879005432},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.5768992900848389},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.5636237859725952},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5547842383384705},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.49287986755371094},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.48195669054985046},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4673614501953125},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.44557759165763855},{"id":"https://openalex.org/keywords/quantization","display_name":"Quantization (signal processing)","score":0.44548335671424866},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.18638065457344055},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.1233522891998291}],"concepts":[{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7238248586654663},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6974213719367981},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6821346879005432},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.5768992900848389},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.5636237859725952},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5547842383384705},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.49287986755371094},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.48195669054985046},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4673614501953125},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.44557759165763855},{"id":"https://openalex.org/C28855332","wikidata":"https://www.wikidata.org/wiki/Q198099","display_name":"Quantization (signal processing)","level":2,"score":0.44548335671424866},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.18638065457344055},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.1233522891998291}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-0-387-34747-9_15","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-34747-9_15","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-34747-9_15.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP International Federation for Information Processing","raw_type":"book-chapter"}],"best_oa_location":{"id":"doi:10.1007/978-0-387-34747-9_15","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-34747-9_15","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-34747-9_15.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP International Federation for Information Processing","raw_type":"book-chapter"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W1546042159.pdf","grobid_xml":"https://content.openalex.org/works/W1546042159.grobid-xml"},"referenced_works_count":12,"referenced_works":["https://openalex.org/W117596703","https://openalex.org/W165642900","https://openalex.org/W165694754","https://openalex.org/W1499399937","https://openalex.org/W1525451939","https://openalex.org/W1554085250","https://openalex.org/W1566480186","https://openalex.org/W1601789105","https://openalex.org/W1679913846","https://openalex.org/W2143989995","https://openalex.org/W2161085373","https://openalex.org/W4245176872"],"related_works":["https://openalex.org/W2337148208","https://openalex.org/W3004832009","https://openalex.org/W3036013726","https://openalex.org/W1971929717","https://openalex.org/W1724519426","https://openalex.org/W2351051591","https://openalex.org/W2369534771","https://openalex.org/W2357468538","https://openalex.org/W1548126107","https://openalex.org/W2209997499"],"abstract_inverted_index":{"This":[0],"article":[1],"introduces":[2],"an":[3,27,36,45],"approach":[4],"to":[5,73,89,95],"anomaly":[6],"intrusion":[7,86],"detection":[8,41,87,111],"based":[9],"on":[10],"a":[11,52,59],"combination":[12],"of":[13,23,30,35,42,48,61,107],"supervised":[14],"and":[15,112],"unsupervised":[16],"machine":[17],"learning":[18],"algorithms.":[19],"The":[20,55,78],"main":[21],"objective":[22],"this":[24,101],"work":[25,102],"is":[26,80],"effective":[28],"modeling":[29,66],"the":[31,40,83],"TCP/IP":[32],"network":[33,76,91],"traffic":[34,65],"organization":[37],"that":[38,104],"allows":[39],"anomalies":[43],"with":[44,68],"efficient":[46],"percentage":[47],"false":[49,113],"positives":[50],"for":[51,64],"production":[53],"environment.":[54],"architecture":[56,79],"proposed":[57],"uses":[58],"hierarchy":[60],"Self-Organizing":[62],"Maps":[63],"combined":[67],"Learning":[69],"Vector":[70],"Quantization":[71],"techniques":[72],"ultimately":[74],"classify":[75],"packets.":[77],"developed":[81],"using":[82],"known":[84],"SNORT":[85],"system":[88],"preprocess":[90],"traffic.":[92],"In":[93],"comparison":[94],"other":[96],"techniques,":[97],"results":[98],"obtained":[99],"in":[100],"show":[103],"acceptable":[105],"levels":[106],"compromise":[108],"between":[109],"attack":[110],"positive":[114],"rates":[115],"can":[116],"be":[117],"achieved.":[118]},"counts_by_year":[{"year":2019,"cited_by_count":1},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}