{"id":"https://openalex.org/W1975326709","doi":"https://doi.org/10.1108/09685221311314400","title":"Intrusion detection and the role of the system administrator","display_name":"Intrusion detection and the role of the system administrator","publication_year":2013,"publication_date":"2013-03-15","ids":{"openalex":"https://openalex.org/W1975326709","doi":"https://doi.org/10.1108/09685221311314400","mag":"1975326709"},"language":"en","primary_location":{"id":"doi:10.1108/09685221311314400","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685221311314400","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091355367","display_name":"Teodor Sommestad","orcid":"https://orcid.org/0000-0002-2606-4139"},"institutions":[{"id":"https://openalex.org/I1291458624","display_name":"Swedish Defence Research Agency","ror":"https://ror.org/0470cgs30","country_code":"SE","type":"funder","lineage":["https://openalex.org/I1291458624"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Teodor Sommestad","raw_affiliation_strings":["Swedish Defence Research Agency (FOI), Link\u00f6ping, Sweden","Swedish Defence Research Agency (FOI) Link\u00f6ping Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Swedish Defence Research Agency (FOI), Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I1291458624"]},{"raw_affiliation_string":"Swedish Defence Research Agency (FOI) Link\u00f6ping Sweden","institution_ids":["https://openalex.org/I1291458624"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5034106137","display_name":"Amund Hunstad","orcid":null},"institutions":[{"id":"https://openalex.org/I1291458624","display_name":"Swedish Defence Research Agency","ror":"https://ror.org/0470cgs30","country_code":"SE","type":"funder","lineage":["https://openalex.org/I1291458624"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Amund Hunstad","raw_affiliation_strings":["Swedish Defence Research Agency (FOI), Link\u00f6ping, Sweden","Swedish Defence Research Agency (FOI) Link\u00f6ping Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Swedish Defence Research Agency (FOI), Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I1291458624"]},{"raw_affiliation_string":"Swedish Defence Research Agency (FOI) Link\u00f6ping Sweden","institution_ids":["https://openalex.org/I1291458624"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5091355367"],"corresponding_institution_ids":["https://openalex.org/I1291458624"],"apc_list":null,"apc_paid":null,"fwci":2.6398,"has_fulltext":false,"cited_by_count":22,"citation_normalized_percentile":{"value":0.90266773,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"21","issue":"1","first_page":"30","last_page":"40"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/system-administrator","display_name":"System administrator","score":0.9549119472503662},{"id":"https://openalex.org/keywords/network-administrator","display_name":"Network administrator","score":0.9263098239898682},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7802294492721558},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7499182224273682},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6401146650314331},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.5630858540534973},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5346193909645081},{"id":"https://openalex.org/keywords/originality","display_name":"Originality","score":0.46990081667900085},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3813905715942383},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.16369441151618958},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.0634041428565979}],"concepts":[{"id":"https://openalex.org/C2780814629","wikidata":"https://www.wikidata.org/wiki/Q327353","display_name":"System administrator","level":2,"score":0.9549119472503662},{"id":"https://openalex.org/C2779173999","wikidata":"https://www.wikidata.org/wiki/Q680296","display_name":"Network administrator","level":2,"score":0.9263098239898682},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7802294492721558},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7499182224273682},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6401146650314331},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.5630858540534973},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5346193909645081},{"id":"https://openalex.org/C2776950860","wikidata":"https://www.wikidata.org/wiki/Q2914681","display_name":"Originality","level":3,"score":0.46990081667900085},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3813905715942383},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.16369441151618958},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0634041428565979},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C11012388","wikidata":"https://www.wikidata.org/wiki/Q170658","display_name":"Creativity","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/09685221311314400","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685221311314400","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.46000000834465027,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W125818563","https://openalex.org/W155312093","https://openalex.org/W173606538","https://openalex.org/W206559431","https://openalex.org/W1976815164","https://openalex.org/W1988453576","https://openalex.org/W1988918299","https://openalex.org/W2010326631","https://openalex.org/W2021992419","https://openalex.org/W2066410062","https://openalex.org/W2070813941","https://openalex.org/W2110531057","https://openalex.org/W2114776772","https://openalex.org/W2133800002","https://openalex.org/W2156204309","https://openalex.org/W2290195878","https://openalex.org/W2331743875"],"related_works":["https://openalex.org/W1975326709","https://openalex.org/W2398434059","https://openalex.org/W2186689279","https://openalex.org/W2468386885","https://openalex.org/W1668440855","https://openalex.org/W577721519","https://openalex.org/W2349655502","https://openalex.org/W2944890250","https://openalex.org/W3128428864","https://openalex.org/W2133389611"],"abstract_inverted_index":{"Purpose":[0],"The":[1,68,90,100],"expertise":[2,142],"of":[3,15,41,47,76,86,117,138,141,186],"a":[4,48,77,183],"system":[5,27,49,78,105,163,169,189],"administrator":[6,50,79,106],"is":[7,129,136,144,151],"believed":[8],"to":[9,30,44,120,175,192],"be":[10],"important":[11,172],"for":[12],"effective":[13,177],"use":[14],"intrusion":[16,194],"detection":[17,195],"systems":[18],"(IDS).":[19],"This":[20,180],"paper":[21,181],"examines":[22],"two":[23],"hypotheses":[24],"concerning":[25],"the":[26,39,45,52,74,84,87,104,108,111,115,124,139,149,154,187,193],"administrators'":[28],"ability":[29],"filter":[31],"alarms":[32,118],"produced":[33],"by":[34,37,153],"an":[35,42,81,127,134],"IDS":[36,43,82,88,112,150,178],"comparing":[38],"performance":[40,46],"using":[51,80],"IDS.":[53],"Design/methodology/approach":[54],"An":[55],"experiment":[56,69,101],"was":[57,94],"constructed":[58],"where":[59],"five":[60],"computer":[61],"networks":[62],"are":[63,171],"attacked":[64],"during":[65],"four":[66],"days.":[67],"assessed":[70],"difference":[71],"made":[72,137],"between":[73],"output":[75,85,109,147],"and":[83],"alone.":[89],"administrator's":[91],"analysis":[92,135],"process":[93],"also":[95],"investigated":[96],"through":[97],"interviews.":[98],"Findings":[99],"shows":[102],"that":[103,126,143,167],"analysing":[107],"from":[110,148],"significantly":[113],"improves":[114],"portion":[116],"corresponding":[119],"attacks,":[121],"without":[122],"decreasing":[123],"probability":[125],"attack":[128],"detected":[130],"significantly.":[131],"In":[132],"addition,":[133],"types":[140],"used":[145],"when":[146],"processed":[152],"administrator.":[155],"Originality/value":[156],"Previous":[157],"work,":[158],"based":[159],"on":[160],"interviews":[161],"with":[162],"administrators,":[164],"has":[165],"suggested":[166],"competent":[168],"administrators":[170,190],"in":[173],"order":[174],"achieve":[176],"solutions.":[179],"presents":[182],"quantitative":[184],"test":[185],"value":[188],"add":[191],"solution.":[196]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":2},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":2}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}