{"id":"https://openalex.org/W2406728883","doi":"https://doi.org/10.1093/jigpal/jzv047","title":"Different approaches for the detection of SSH anomalous connections","display_name":"Different approaches for the detection of SSH anomalous connections","publication_year":2015,"publication_date":"2015-10-20","ids":{"openalex":"https://openalex.org/W2406728883","doi":"https://doi.org/10.1093/jigpal/jzv047","mag":"2406728883"},"language":"en","primary_location":{"id":"doi:10.1093/jigpal/jzv047","is_oa":false,"landing_page_url":"https://doi.org/10.1093/jigpal/jzv047","pdf_url":null,"source":{"id":"https://openalex.org/S2734381524","display_name":"Logic Journal of IGPL","issn_l":"1367-0751","issn":["1367-0751","1368-9894"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Logic Journal of IGPL","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=116640","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082868159","display_name":"Silvia Gonz\u00e1lez","orcid":"https://orcid.org/0000-0003-2095-3338"},"institutions":[{"id":"https://openalex.org/I4210113112","display_name":"Technological Institute of Castilla y Le\u00f3n","ror":"https://ror.org/01f3b0g09","country_code":"ES","type":"nonprofit","lineage":["https://openalex.org/I4210113112"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"S. GONZ\u00c1LEZ","raw_affiliation_strings":["Instituto Tecnol\u00f3gico de Castilla y Le\u00f3n, C/ L\u00f3pez Bravo 70, Pol. Ind. Villalonquejar, 09001, Burgos, Spain"],"affiliations":[{"raw_affiliation_string":"Instituto Tecnol\u00f3gico de Castilla y Le\u00f3n, C/ L\u00f3pez Bravo 70, Pol. Ind. Villalonquejar, 09001, Burgos, Spain","institution_ids":["https://openalex.org/I4210113112"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075173310","display_name":"\u00c1lvaro Herrero","orcid":"https://orcid.org/0000-0002-2444-5384"},"institutions":[{"id":"https://openalex.org/I46176106","display_name":"Universidad de Burgos","ror":"https://ror.org/049da5t36","country_code":"ES","type":"education","lineage":["https://openalex.org/I46176106"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"\u00c1. HERRERO","raw_affiliation_strings":["Department of Civil Engineering, University of Burgos, Avenida de Cantabria s/n, 09006 Burgos, Spain"],"affiliations":[{"raw_affiliation_string":"Department of Civil Engineering, University of Burgos, Avenida de Cantabria s/n, 09006 Burgos, Spain","institution_ids":["https://openalex.org/I46176106"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020890536","display_name":"Javier Sedano","orcid":"https://orcid.org/0000-0002-4191-8438"},"institutions":[{"id":"https://openalex.org/I4210113112","display_name":"Technological Institute of Castilla y Le\u00f3n","ror":"https://ror.org/01f3b0g09","country_code":"ES","type":"nonprofit","lineage":["https://openalex.org/I4210113112"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"J. SEDANO","raw_affiliation_strings":["Instituto Tecnol\u00f3gico de Castilla y Le\u00f3n, C/ L\u00f3pez Bravo 70, Pol. Ind. Villalonquejar, 09001, Burgos, Spain"],"affiliations":[{"raw_affiliation_string":"Instituto Tecnol\u00f3gico de Castilla y Le\u00f3n, C/ L\u00f3pez Bravo 70, Pol. Ind. Villalonquejar, 09001, Burgos, Spain","institution_ids":["https://openalex.org/I4210113112"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011342556","display_name":"Urko Zurutuza","orcid":"https://orcid.org/0000-0003-3720-6048"},"institutions":[{"id":"https://openalex.org/I162361429","display_name":"Mondragon Unibertsitatea","ror":"https://ror.org/00wvqgd19","country_code":"ES","type":"education","lineage":["https://openalex.org/I162361429"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"URKO ZURUTUZA","raw_affiliation_strings":["Electronics and Computing Department, Mondragon University, Goiru Kalea, 2, 20500 Arrasate-Mondragon, Spain"],"affiliations":[{"raw_affiliation_string":"Electronics and Computing Department, Mondragon University, Goiru Kalea, 2, 20500 Arrasate-Mondragon, Spain","institution_ids":["https://openalex.org/I162361429"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037077763","display_name":"Emilio Corchado","orcid":"https://orcid.org/0000-0001-8560-3991"},"institutions":[{"id":"https://openalex.org/I184999862","display_name":"Universidad de Salamanca","ror":"https://ror.org/02f40zc51","country_code":"ES","type":"education","lineage":["https://openalex.org/I184999862"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"E. CORCHADO","raw_affiliation_strings":["Departamento de Inform\u00e1tica y Autom\u00e1tica, Universidad de Salamanca, Plaza de la Merced, s/n, 37008 Salamanca, Spain"],"affiliations":[{"raw_affiliation_string":"Departamento de Inform\u00e1tica y Autom\u00e1tica, Universidad de Salamanca, Plaza de la Merced, s/n, 37008 Salamanca, Spain","institution_ids":["https://openalex.org/I184999862"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5082868159"],"corresponding_institution_ids":["https://openalex.org/I4210113112"],"apc_list":{"value":4151,"currency":"USD","value_usd":4151},"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.24487581,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"jzv047","last_page":"jzv047"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7692774534225464},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6594272255897522},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5887988209724426},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.582302451133728},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5628528594970703},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5469855666160583},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5088115334510803},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.5078476071357727},{"id":"https://openalex.org/keywords/unix","display_name":"Unix","score":0.47490015625953674},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.4690682590007782},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.25057846307754517},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.18024277687072754},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.14354637265205383},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.07584786415100098}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7692774534225464},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6594272255897522},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5887988209724426},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.582302451133728},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5628528594970703},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5469855666160583},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5088115334510803},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.5078476071357727},{"id":"https://openalex.org/C112968700","wikidata":"https://www.wikidata.org/wiki/Q11368","display_name":"Unix","level":3,"score":0.47490015625953674},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.4690682590007782},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.25057846307754517},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.18024277687072754},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.14354637265205383},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.07584786415100098},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1093/jigpal/jzv047","is_oa":false,"landing_page_url":"https://doi.org/10.1093/jigpal/jzv047","pdf_url":null,"source":{"id":"https://openalex.org/S2734381524","display_name":"Logic Journal of IGPL","issn_l":"1367-0751","issn":["1367-0751","1368-9894"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Logic Journal of IGPL","raw_type":"journal-article"},{"id":"pmh:oai:ebiltegia.mondragon.edu:20.500.11984/5583","is_oa":true,"landing_page_url":"https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=116640","pdf_url":null,"source":{"id":"https://openalex.org/S4377196532","display_name":"eRepository Mondragon University (Mondragon University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I162361429","host_organization_name":"Mondragon Unibertsitatea","host_organization_lineage":["https://openalex.org/I162361429"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Logic Journal of the IGPL Vol. 24. N\u00ba 1. Pp. 104\u2013114. February, 2016","raw_type":"info:eu-repo/semantics/acceptedVersion"},{"id":"pmh:oai:open-archive.highwire.org:igpl:24/1/104","is_oa":false,"landing_page_url":"http://jigpal.oxfordjournals.org/cgi/content/short/24/1/104","pdf_url":null,"source":{"id":"https://openalex.org/S4406923041","display_name":"HighWire Press Open Archive","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"TEXT"}],"best_oa_location":{"id":"pmh:oai:ebiltegia.mondragon.edu:20.500.11984/5583","is_oa":true,"landing_page_url":"https://katalogoa.mondragon.edu/janium-bin/janium_login_opac.pl?find&ficha_no=116640","pdf_url":null,"source":{"id":"https://openalex.org/S4377196532","display_name":"eRepository Mondragon University (Mondragon University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I162361429","host_organization_name":"Mondragon Unibertsitatea","host_organization_lineage":["https://openalex.org/I162361429"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Logic Journal of the IGPL Vol. 24. N\u00ba 1. Pp. 104\u2013114. February, 2016","raw_type":"info:eu-repo/semantics/acceptedVersion"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W185273682","https://openalex.org/W314012652","https://openalex.org/W1491729609","https://openalex.org/W1514368868","https://openalex.org/W1525998463","https://openalex.org/W1663973292","https://openalex.org/W1674877186","https://openalex.org/W1873122431","https://openalex.org/W1955645522","https://openalex.org/W1974102697","https://openalex.org/W1988417047","https://openalex.org/W1997741525","https://openalex.org/W2052988166","https://openalex.org/W2070862696","https://openalex.org/W2081357650","https://openalex.org/W2082612735","https://openalex.org/W2101109743","https://openalex.org/W2103487196","https://openalex.org/W2105779206","https://openalex.org/W2107641306","https://openalex.org/W2123619513","https://openalex.org/W2124724513","https://openalex.org/W2127290177","https://openalex.org/W2133990480","https://openalex.org/W2139733965","https://openalex.org/W2142439336","https://openalex.org/W2150847526","https://openalex.org/W2169654335","https://openalex.org/W2490940596","https://openalex.org/W3214373139","https://openalex.org/W6640935840","https://openalex.org/W6684920382"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W2901835651","https://openalex.org/W2883616266","https://openalex.org/W186576250","https://openalex.org/W2002178493","https://openalex.org/W2372254325","https://openalex.org/W3005861778","https://openalex.org/W2185627654","https://openalex.org/W1979706594"],"abstract_inverted_index":{"The":[0,71,153],"Secure":[1],"Shell":[2],"Protocol":[3],"(SSH)":[4],"is":[5,74],"a":[6,26,82,104],"well-known":[7],"standard":[8],"protocol,":[9],"mainly":[10],"used":[11],"for":[12,36,81,146],"remotely":[13],"accessing":[14],"shell":[15],"accounts":[16],"on":[17],"Unix-like":[18],"operating":[19],"systems":[20],"to":[21,39,47,75,115,137,158],"perform":[22],"administrative":[23],"tasks.":[24],"As":[25],"result,":[27],"the":[28,50,60,90,150,162],"SSH":[29,63,100,166],"service":[30,51],"has":[31],"been":[32],"an":[33,67],"appealing":[34],"target":[35],"attackers,":[37],"aiming":[38],"guess":[40],"root":[41],"passwords":[42],"performing":[43],"dictionary":[44],"attacks":[45],"or":[46],"directly":[48],"exploit":[49],"itself.":[52],"To":[53,88],"identify":[54],"such":[55],"situations,":[56],"this":[57],"article":[58],"addresses":[59],"detection":[61,69,84],"of":[62,85,93,98,131,149,164],"anomalous":[64],"connections":[65],"from":[66,103],"intrusion":[68],"perspective.":[70],"main":[72],"idea":[73],"compare":[76],"several":[77],"strategies":[78],"and":[79,96,109,114,123,133],"approaches":[80],"better":[83,147],"SSH-based":[86],"attacks.":[87],"test":[89],"classification":[91,155],"performance":[92],"different":[94,143],"classifiers":[95,132],"combinations":[97],"them,":[99],"data":[101,119,125],"coming":[102],"real-world":[105],"honeynet":[106],"are":[107,126,135],"gathered":[108],"analysed.":[110,127],"For":[111],"comparison":[112],"purposes":[113],"draw":[116],"conclusions":[117,160],"about":[118,161],"collection,":[120],"both":[121],"packet-based":[122],"flow":[124],"A":[128],"wide":[129],"range":[130],"ensembles":[134],"applied":[136],"these":[138],"data,":[139],"as":[140,142],"well":[141],"validation":[144],"schemes":[145],"analysis":[148],"obtained":[151],"results.":[152],"high-rate":[154],"results":[156],"lead":[157],"positive":[159],"identification":[163],"malicious":[165],"connections.":[167]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2016-06-24T00:00:00"}