{"id":"https://openalex.org/W3142044733","doi":"https://doi.org/10.1109/access.2021.3071263","title":"A Review of Rule Learning-Based Intrusion Detection Systems and Their Prospects in Smart Grids","display_name":"A Review of Rule Learning-Based Intrusion Detection Systems and Their Prospects in Smart Grids","publication_year":2021,"publication_date":"2021-01-01","ids":{"openalex":"https://openalex.org/W3142044733","doi":"https://doi.org/10.1109/access.2021.3071263","mag":"3142044733"},"language":"en","primary_location":{"id":"doi:10.1109/access.2021.3071263","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2021.3071263","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/9312710/09395457.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"review","indexed_in":["crossref","datacite","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/9312710/09395457.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100453232","display_name":"Qi Liu","orcid":"https://orcid.org/0000-0002-9334-953X"},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Qi Liu","raw_affiliation_strings":["Institute for Automation and Applied Informatics, Karlsruhe Institute of Technology, Eggenstein-Leopoldshafen, Germany"],"affiliations":[{"raw_affiliation_string":"Institute for Automation and Applied Informatics, Karlsruhe Institute of Technology, Eggenstein-Leopoldshafen, Germany","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014228448","display_name":"Veit Hagenmeyer","orcid":"https://orcid.org/0000-0002-3572-9083"},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Veit Hagenmeyer","raw_affiliation_strings":["Institute for Automation and Applied Informatics, Karlsruhe Institute of Technology, Eggenstein-Leopoldshafen, Germany"],"affiliations":[{"raw_affiliation_string":"Institute for Automation and Applied Informatics, Karlsruhe Institute of Technology, Eggenstein-Leopoldshafen, Germany","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5074412417","display_name":"Hubert B. Keller","orcid":"https://orcid.org/0000-0001-9916-5283"},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Hubert B. Keller","raw_affiliation_strings":["Institute for Automation and Applied Informatics, Karlsruhe Institute of Technology, Eggenstein-Leopoldshafen, Germany"],"affiliations":[{"raw_affiliation_string":"Institute for Automation and Applied Informatics, Karlsruhe Institute of Technology, Eggenstein-Leopoldshafen, Germany","institution_ids":["https://openalex.org/I102335020"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5100453232"],"corresponding_institution_ids":["https://openalex.org/I102335020"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1746,"currency":"EUR","value_usd":1883},"fwci":9.7616,"has_fulltext":true,"cited_by_count":115,"citation_normalized_percentile":{"value":0.98373713,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"9","issue":null,"first_page":"57542","last_page":"57564"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interpretability","display_name":"Interpretability","score":0.834228515625},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.8296297788619995},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8285529017448425},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6904531121253967},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.6123476624488831},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5286446213722229},{"id":"https://openalex.org/keywords/constant-false-alarm-rate","display_name":"Constant false alarm rate","score":0.5230315923690796},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5203989744186401},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3910500109195709},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.37037816643714905}],"concepts":[{"id":"https://openalex.org/C2781067378","wikidata":"https://www.wikidata.org/wiki/Q17027399","display_name":"Interpretability","level":2,"score":0.834228515625},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.8296297788619995},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8285529017448425},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6904531121253967},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.6123476624488831},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5286446213722229},{"id":"https://openalex.org/C77052588","wikidata":"https://www.wikidata.org/wiki/Q644307","display_name":"Constant false alarm rate","level":2,"score":0.5230315923690796},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5203989744186401},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3910500109195709},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.37037816643714905}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/access.2021.3071263","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2021.3071263","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/9312710/09395457.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:EVASTAR-Karlsruhe.de:1000131193","is_oa":true,"landing_page_url":"https://publikationen.bibliothek.kit.edu/1000131193","pdf_url":null,"source":{"id":"https://openalex.org/S4306401992","display_name":"Repository KITopen (Karlsruhe Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I102335020","host_organization_name":"Karlsruhe Institute of Technology","host_organization_lineage":["https://openalex.org/I102335020"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE access","raw_type":"doc-type:article"},{"id":"pmh:oai:doaj.org/article:cd6c5c012bb74987bc60c5c0c4138414","is_oa":true,"landing_page_url":"https://doaj.org/article/cd6c5c012bb74987bc60c5c0c4138414","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 9, Pp 57542-57564 (2021)","raw_type":"article"},{"id":"doi:10.5445/ir/1000131193","is_oa":true,"landing_page_url":"https://doi.org/10.5445/ir/1000131193","pdf_url":null,"source":{"id":"https://openalex.org/S7407052948","display_name":"KITopen","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.1109/access.2021.3071263","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2021.3071263","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/9312710/09395457.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.6399999856948853}],"awards":[{"id":"https://openalex.org/G6955755495","display_name":null,"funder_award_id":"Germany","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"},{"id":"https://openalex.org/G7225624288","display_name":null,"funder_award_id":"This work was","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320311048","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479"},{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320325698","display_name":"Helmholtz Association","ror":null},{"id":"https://openalex.org/F4320326666","display_name":"Beijing Information Science and Technology University","ror":"https://ror.org/04xnqep60"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3142044733.pdf","grobid_xml":"https://content.openalex.org/works/W3142044733.grobid-xml"},"referenced_works_count":137,"referenced_works":["https://openalex.org/W20722260","https://openalex.org/W38537450","https://openalex.org/W94523489","https://openalex.org/W174107706","https://openalex.org/W1074954902","https://openalex.org/W1484413656","https://openalex.org/W1493656176","https://openalex.org/W1494581921","https://openalex.org/W1497256448","https://openalex.org/W1504694836","https://openalex.org/W1525594942","https://openalex.org/W1557923305","https://openalex.org/W1576818901","https://openalex.org/W1579904204","https://openalex.org/W1583975142","https://openalex.org/W1659842140","https://openalex.org/W1670263352","https://openalex.org/W1689445748","https://openalex.org/W1817561967","https://openalex.org/W1820051232","https://openalex.org/W1831625788","https://openalex.org/W1931353891","https://openalex.org/W1965482737","https://openalex.org/W1965729654","https://openalex.org/W1983690667","https://openalex.org/W1985987493","https://openalex.org/W1988918299","https://openalex.org/W1989101984","https://openalex.org/W1989359075","https://openalex.org/W1991510770","https://openalex.org/W1992176519","https://openalex.org/W1993220166","https://openalex.org/W1994445384","https://openalex.org/W1999128321","https://openalex.org/W2002303652","https://openalex.org/W2002900768","https://openalex.org/W2009718765","https://openalex.org/W2013627100","https://openalex.org/W2015879579","https://openalex.org/W2024960538","https://openalex.org/W2031594824","https://openalex.org/W2031862666","https://openalex.org/W2037030751","https://openalex.org/W2042587746","https://openalex.org/W2047557500","https://openalex.org/W2066832805","https://openalex.org/W2067792375","https://openalex.org/W2077240170","https://openalex.org/W2078408680","https://openalex.org/W2081707439","https://openalex.org/W2086600750","https://openalex.org/W2094138658","https://openalex.org/W2098680893","https://openalex.org/W2100383182","https://openalex.org/W2105478421","https://openalex.org/W2110598277","https://openalex.org/W2111990972","https://openalex.org/W2115482638","https://openalex.org/W2116143800","https://openalex.org/W2119831128","https://openalex.org/W2122646361","https://openalex.org/W2125055259","https://openalex.org/W2125227861","https://openalex.org/W2125838338","https://openalex.org/W2128912745","https://openalex.org/W2130523241","https://openalex.org/W2140190241","https://openalex.org/W2144255176","https://openalex.org/W2147234763","https://openalex.org/W2150817409","https://openalex.org/W2150847526","https://openalex.org/W2152195021","https://openalex.org/W2156026066","https://openalex.org/W2156452623","https://openalex.org/W2158454296","https://openalex.org/W2159080219","https://openalex.org/W2161630727","https://openalex.org/W2166219119","https://openalex.org/W2168366203","https://openalex.org/W2194709217","https://openalex.org/W2221789277","https://openalex.org/W2295894764","https://openalex.org/W2296135712","https://openalex.org/W2336157635","https://openalex.org/W2340020088","https://openalex.org/W2342408547","https://openalex.org/W2360114527","https://openalex.org/W2378208052","https://openalex.org/W2385027037","https://openalex.org/W2406426950","https://openalex.org/W2477228960","https://openalex.org/W2496221789","https://openalex.org/W2515347953","https://openalex.org/W2520858206","https://openalex.org/W2543580944","https://openalex.org/W2552899443","https://openalex.org/W2560842227","https://openalex.org/W2584335703","https://openalex.org/W2613173327","https://openalex.org/W2734442794","https://openalex.org/W2760355118","https://openalex.org/W2763698365","https://openalex.org/W2780698577","https://openalex.org/W2798754798","https://openalex.org/W2901876786","https://openalex.org/W2923204647","https://openalex.org/W2924689635","https://openalex.org/W2929803724","https://openalex.org/W2941500089","https://openalex.org/W2963095307","https://openalex.org/W2963847595","https://openalex.org/W2981201741","https://openalex.org/W2988790801","https://openalex.org/W2999733746","https://openalex.org/W3015744214","https://openalex.org/W3023540311","https://openalex.org/W3040917481","https://openalex.org/W3042097880","https://openalex.org/W3049225115","https://openalex.org/W3140706010","https://openalex.org/W4207030835","https://openalex.org/W4210969899","https://openalex.org/W4214863042","https://openalex.org/W4235646468","https://openalex.org/W4244664589","https://openalex.org/W4285719527","https://openalex.org/W4300352965","https://openalex.org/W6628750762","https://openalex.org/W6631311747","https://openalex.org/W6634829514","https://openalex.org/W6682281670","https://openalex.org/W6714012766","https://openalex.org/W6760990770","https://openalex.org/W6774399504","https://openalex.org/W6780466368","https://openalex.org/W6792273215","https://openalex.org/W6808531524"],"related_works":["https://openalex.org/W2337148208","https://openalex.org/W3004832009","https://openalex.org/W3036013726","https://openalex.org/W1971929717","https://openalex.org/W1724519426","https://openalex.org/W2351051591","https://openalex.org/W2369534771","https://openalex.org/W2357468538","https://openalex.org/W1548126107","https://openalex.org/W2209997499"],"abstract_inverted_index":{"Intrusion":[0,159],"detection":[1,52,131,160,252],"systems":[2,135],"(IDS)":[3],"are":[4,24,71,162],"commonly":[5],"categorized":[6],"into":[7],"misuse":[8,17,49,92],"based,":[9],"anomaly":[10,21,63,111],"based":[11,14,18,22,50,64,93,112,122,143,182],"and":[12,20,29,84,100,106,109,168,213,228,235,254],"specification":[13,121,142],"IDS.":[15],"Both":[16],"IDS":[19,23,65,123,144,156,183,239],"extensively":[25],"researched":[26],"in":[27,45,75,177,217,240,283,290],"academia":[28],"industry.":[30],"However,":[31],"as":[32,127,263,276],"critical":[33],"infrastructures":[34],"including":[35,137],"smart":[36],"grids":[37],"(SG)":[38],"may":[39],"often":[40,73],"face":[41],"sophisticated":[42],"unknown":[43,98,189],"attacks":[44,99,190],"the":[46,60,128,153,218,245,277],"near":[47],"future,":[48],"attack":[51],"techniques":[53,167,234,273],"will":[54],"mostly":[55],"miss":[56],"their":[57,236,256,281,287],"targets.":[58],"Despite":[59],"fact":[61],"that":[62,141],"can":[66,124,184,204],"detect":[67,97,187],"novel":[68],"attacks,":[69],"they":[70],"not":[72,185,261],"deployed":[74],"industry,":[76],"mainly":[77],"owing":[78],"to":[79,96,151,172,197,266],"high":[80,117],"false":[81,118],"positive":[82],"rate":[83],"lack":[85],"of":[86,88,200,231,269],"interpretability":[87],"trained":[89],"models.":[90],"With":[91],"IDS'":[94,113],"inability":[95],"requirement":[101],"for":[102,116,133,157,238,249],"frequently":[103],"manually":[104],"crafting":[105],"updating":[107],"signatures":[108],"with":[110],"bad":[114],"reputation":[115],"alarm":[119],"rate,":[120],"be":[125,152,206],"regarded":[126],"most":[129,154,246],"suitable":[130],"engine":[132],"cyber-physical":[134],"(CPS)":[136],"SG.":[138,158,178,241],"We":[139],"argue":[140],"especially":[145],"using":[146],"rule":[147,165,180,232,271],"learning":[148,166,181,233,250,272],"could":[149],"prove":[150],"promising":[155],"rules":[161,253],"learned":[163,201],"through":[164],"periodically":[169],"automatically":[170],"updated":[171],"accommodate":[173],"dynamic":[174],"system":[175],"behaviors":[176],"Fortunately,":[179],"only":[186,262],"previously":[188],"but":[191,274],"also":[192,275],"achieve":[193],"higher":[194],"interpretability,":[195],"due":[196],"symbolic":[198],"representation":[199],"rules.":[202],"It":[203],"thus":[205],"considered":[207],"more":[208],"\u201ctrustworthy\u201d":[209],"from":[210],"human":[211,216],"perspective":[212],"further":[214],"assist":[215],"loop":[219],"security":[220],"operation.":[221],"The":[222],"present":[223],"work":[224,259],"provides":[225],"a":[226,264,267],"systematic":[227],"deep":[229],"analysis":[230],"suitability":[237],"Besides,":[242],"it":[243],"concludes":[244],"important":[247,270],"criteria":[248],"intrusion":[251],"assessing":[255],"quality.":[257],"This":[258],"serves":[260],"guide":[265],"number":[268],"first":[278],"survey":[279],"on":[280],"applications":[282],"IDS,":[284],"which":[285],"indicates":[286],"potential":[288],"opportunities":[289],"SG":[291],"security.":[292]},"counts_by_year":[{"year":2026,"cited_by_count":10},{"year":2025,"cited_by_count":44},{"year":2024,"cited_by_count":29},{"year":2023,"cited_by_count":17},{"year":2022,"cited_by_count":13},{"year":2021,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}