{"id":"https://openalex.org/W2893123663","doi":"https://doi.org/10.1109/access.2018.2872784","title":"Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review","display_name":"Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2893123663","doi":"https://doi.org/10.1109/access.2018.2872784","mag":"2893123663"},"language":"en","primary_location":{"id":"doi:10.1109/access.2018.2872784","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2872784","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2018.2872784","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068772158","display_name":"Fadi Salo","orcid":"https://orcid.org/0000-0001-6521-6978"},"institutions":[{"id":"https://openalex.org/I125749732","display_name":"Western University","ror":"https://ror.org/02grkyz14","country_code":"CA","type":"education","lineage":["https://openalex.org/I125749732"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Fadi Salo","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Western University, London, ON, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Western University, London, ON, Canada","institution_ids":["https://openalex.org/I125749732"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006496852","display_name":"MohammadNoor Injadat","orcid":"https://orcid.org/0000-0003-1959-0058"},"institutions":[{"id":"https://openalex.org/I125749732","display_name":"Western University","ror":"https://ror.org/02grkyz14","country_code":"CA","type":"education","lineage":["https://openalex.org/I125749732"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Mohammadnoor Injadat","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Western University, London, ON, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Western University, London, ON, Canada","institution_ids":["https://openalex.org/I125749732"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002628427","display_name":"Ali Bou Nassif","orcid":"https://orcid.org/0000-0003-1570-0897"},"institutions":[{"id":"https://openalex.org/I125749732","display_name":"Western University","ror":"https://ror.org/02grkyz14","country_code":"CA","type":"education","lineage":["https://openalex.org/I125749732"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ali Bou Nassif","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Western University, London, ON, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Western University, London, ON, Canada","institution_ids":["https://openalex.org/I125749732"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041270670","display_name":"Abdallah Shami","orcid":"https://orcid.org/0000-0003-2887-0350"},"institutions":[{"id":"https://openalex.org/I125749732","display_name":"Western University","ror":"https://ror.org/02grkyz14","country_code":"CA","type":"education","lineage":["https://openalex.org/I125749732"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Abdallah Shami","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Western University, London, ON, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Western University, London, ON, Canada","institution_ids":["https://openalex.org/I125749732"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5028781351","display_name":"Aleksander Essex","orcid":"https://orcid.org/0000-0002-0228-0371"},"institutions":[{"id":"https://openalex.org/I125749732","display_name":"Western University","ror":"https://ror.org/02grkyz14","country_code":"CA","type":"education","lineage":["https://openalex.org/I125749732"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Aleksander Essex","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Western University, London, ON, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Western University, London, ON, Canada","institution_ids":["https://openalex.org/I125749732"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5068772158"],"corresponding_institution_ids":["https://openalex.org/I125749732"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":9.7682,"has_fulltext":false,"cited_by_count":127,"citation_normalized_percentile":{"value":0.98285857,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"6","issue":null,"first_page":"56046","last_page":"56058"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8116070628166199},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7409329414367676},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.6254865527153015},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6223257184028625},{"id":"https://openalex.org/keywords/categorization","display_name":"Categorization","score":0.6155505776405334},{"id":"https://openalex.org/keywords/big-data","display_name":"Big data","score":0.5746350884437561},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.5332028269767761},{"id":"https://openalex.org/keywords/systematic-review","display_name":"Systematic review","score":0.4810962378978729},{"id":"https://openalex.org/keywords/strengths-and-weaknesses","display_name":"Strengths and weaknesses","score":0.4650818705558777},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.4123436510562897},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2711781859397888},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.07822880148887634}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8116070628166199},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7409329414367676},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.6254865527153015},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6223257184028625},{"id":"https://openalex.org/C94124525","wikidata":"https://www.wikidata.org/wiki/Q912550","display_name":"Categorization","level":2,"score":0.6155505776405334},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.5746350884437561},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.5332028269767761},{"id":"https://openalex.org/C189708586","wikidata":"https://www.wikidata.org/wiki/Q1504425","display_name":"Systematic review","level":3,"score":0.4810962378978729},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.4650818705558777},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.4123436510562897},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2711781859397888},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.07822880148887634},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C2779473830","wikidata":"https://www.wikidata.org/wiki/Q1540899","display_name":"MEDLINE","level":2,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2018.2872784","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2872784","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:9cfec37ef4494bb2a6f6b7cd1a64fa8b","is_oa":true,"landing_page_url":"https://doaj.org/article/9cfec37ef4494bb2a6f6b7cd1a64fa8b","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 6, Pp 56046-56058 (2018)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2018.2872784","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2872784","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":128,"referenced_works":["https://openalex.org/W162522237","https://openalex.org/W987648574","https://openalex.org/W1196375415","https://openalex.org/W1482863570","https://openalex.org/W1498554058","https://openalex.org/W1502511610","https://openalex.org/W1513075375","https://openalex.org/W1550585437","https://openalex.org/W1584965817","https://openalex.org/W1612446024","https://openalex.org/W1625605225","https://openalex.org/W1677464440","https://openalex.org/W1679074130","https://openalex.org/W1837250640","https://openalex.org/W1884606608","https://openalex.org/W1933481793","https://openalex.org/W1965729654","https://openalex.org/W1977366836","https://openalex.org/W1978779053","https://openalex.org/W1982778443","https://openalex.org/W1983983984","https://openalex.org/W1984438447","https://openalex.org/W1995850771","https://openalex.org/W2002900768","https://openalex.org/W2009906694","https://openalex.org/W2012533078","https://openalex.org/W2013003558","https://openalex.org/W2014247548","https://openalex.org/W2017380649","https://openalex.org/W2021308105","https://openalex.org/W2022127719","https://openalex.org/W2023185832","https://openalex.org/W2030553727","https://openalex.org/W2035175061","https://openalex.org/W2038626915","https://openalex.org/W2044861295","https://openalex.org/W2045605149","https://openalex.org/W2050260850","https://openalex.org/W2052387539","https://openalex.org/W2056243682","https://openalex.org/W2065523140","https://openalex.org/W2066575711","https://openalex.org/W2066832805","https://openalex.org/W2085618569","https://openalex.org/W2086570643","https://openalex.org/W2090813667","https://openalex.org/W2093859880","https://openalex.org/W2097034581","https://openalex.org/W2098362272","https://openalex.org/W2112442574","https://openalex.org/W2114834796","https://openalex.org/W2115820988","https://openalex.org/W2120261899","https://openalex.org/W2123619513","https://openalex.org/W2124543982","https://openalex.org/W2128785082","https://openalex.org/W2129468158","https://openalex.org/W2130802299","https://openalex.org/W2140102659","https://openalex.org/W2142720090","https://openalex.org/W2142827986","https://openalex.org/W2148143831","https://openalex.org/W2150755264","https://openalex.org/W2151764894","https://openalex.org/W2156204309","https://openalex.org/W2168573734","https://openalex.org/W2169768310","https://openalex.org/W2178263762","https://openalex.org/W2186625160","https://openalex.org/W2197418459","https://openalex.org/W2220974964","https://openalex.org/W2225099309","https://openalex.org/W2243180985","https://openalex.org/W2248859873","https://openalex.org/W2281607212","https://openalex.org/W2287394288","https://openalex.org/W2291063733","https://openalex.org/W2291532640","https://openalex.org/W2303752591","https://openalex.org/W2314002629","https://openalex.org/W2316682177","https://openalex.org/W2331979113","https://openalex.org/W2336386743","https://openalex.org/W2341730555","https://openalex.org/W2341871820","https://openalex.org/W2346481270","https://openalex.org/W2346714907","https://openalex.org/W2399691501","https://openalex.org/W2412267538","https://openalex.org/W2440247466","https://openalex.org/W2468706984","https://openalex.org/W2512496029","https://openalex.org/W2542855615","https://openalex.org/W2547511310","https://openalex.org/W2549585799","https://openalex.org/W2552937480","https://openalex.org/W2559447984","https://openalex.org/W2562189182","https://openalex.org/W2569775632","https://openalex.org/W2586525912","https://openalex.org/W2588217585","https://openalex.org/W2598013515","https://openalex.org/W2598193574","https://openalex.org/W2608629053","https://openalex.org/W2616970092","https://openalex.org/W2626250024","https://openalex.org/W2677312956","https://openalex.org/W2730281422","https://openalex.org/W2734682423","https://openalex.org/W2750004798","https://openalex.org/W2770942607","https://openalex.org/W2774125650","https://openalex.org/W2795064858","https://openalex.org/W3151831499","https://openalex.org/W4285719527","https://openalex.org/W6606645873","https://openalex.org/W6639223989","https://openalex.org/W6674908108","https://openalex.org/W6687011323","https://openalex.org/W6688972633","https://openalex.org/W6695151541","https://openalex.org/W6696936708","https://openalex.org/W6698186481","https://openalex.org/W6718221061","https://openalex.org/W6729670041","https://openalex.org/W6735295550","https://openalex.org/W6739638552","https://openalex.org/W6746379454"],"related_works":["https://openalex.org/W2165912799","https://openalex.org/W2735662278","https://openalex.org/W2382615723","https://openalex.org/W4311804456","https://openalex.org/W1987484445","https://openalex.org/W2623658258","https://openalex.org/W1969219540","https://openalex.org/W2143413548","https://openalex.org/W2370459448","https://openalex.org/W2133389611"],"abstract_inverted_index":{"The":[0],"continued":[1],"ability":[2],"to":[3,51,58,101,117],"detect":[4],"malicious":[5],"network":[6,106],"intrusions":[7,103],"has":[8],"become":[9],"an":[10,21],"exercise":[11],"in":[12,14,95,104],"scalability,":[13],"which":[15],"data":[16,32,64,112,129],"mining":[17,33,65],"techniques":[18,66],"are":[19],"playing":[20],"increasingly":[22],"important":[23],"role.":[24],"We":[25,46,60],"survey":[26],"and":[27,34,44,71,84],"categorize":[28],"the":[29,82,97,118],"fields":[30],"of":[31,42,86,99],"intrusion":[35,69],"detection":[36],"systems,":[37],"providing":[38],"a":[39,48,92],"systematic":[40],"treatment":[41],"methodologies":[43],"techniques.":[45,88],"apply":[47],"criterion-based":[49],"approach":[50],"select":[52],"95":[53],"relevant":[54],"articles":[55],"from":[56],"2007":[57],"2017.":[59],"identified":[61],"19":[62],"separate":[63],"used":[67],"for":[68,77,120,127],"detection,":[70],"our":[72],"analysis":[73],"encompasses":[74],"rich":[75],"information":[76],"future":[78],"research":[79,93],"based":[80],"on":[81],"strengths":[83],"weaknesses":[85],"these":[87],"Furthermore,":[89],"we":[90],"observed":[91],"gap":[94],"establishing":[96],"effectiveness":[98],"classifiers":[100],"identify":[102],"modern":[105],"traffic":[107],"when":[108],"trained":[109],"with":[110],"aging":[111],"sets.":[113],"Our":[114],"review":[115],"points":[116],"need":[119],"more":[121],"empirical":[122],"experiments":[123],"addressing":[124],"real-time":[125],"solutions":[126],"big":[128],"against":[130],"contemporary":[131],"attacks.":[132]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":19},{"year":2023,"cited_by_count":25},{"year":2022,"cited_by_count":28},{"year":2021,"cited_by_count":24},{"year":2020,"cited_by_count":21},{"year":2019,"cited_by_count":5}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}