{"id":"https://openalex.org/W2108513376","doi":"https://doi.org/10.1109/cisda.2009.5356522","title":"Analysis of the 1999 DARPA/Lincoln Laboratory IDS evaluation data with NetADHICT","display_name":"Analysis of the 1999 DARPA/Lincoln Laboratory IDS evaluation data with NetADHICT","publication_year":2009,"publication_date":"2009-07-01","ids":{"openalex":"https://openalex.org/W2108513376","doi":"https://doi.org/10.1109/cisda.2009.5356522","mag":"2108513376"},"language":"en","primary_location":{"id":"doi:10.1109/cisda.2009.5356522","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cisda.2009.5356522","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5113975101","display_name":"Carson Brown","orcid":null},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Carson Brown","raw_affiliation_strings":["Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#"],"affiliations":[{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","institution_ids":["https://openalex.org/I67031392"]},{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022341441","display_name":"Alex Cowperthwaite","orcid":null},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Alex Cowperthwaite","raw_affiliation_strings":["Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#"],"affiliations":[{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","institution_ids":["https://openalex.org/I67031392"]},{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055651151","display_name":"Abdulrahman Hijazi","orcid":null},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Abdulrahman Hijazi","raw_affiliation_strings":["Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#"],"affiliations":[{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","institution_ids":["https://openalex.org/I67031392"]},{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#","institution_ids":["https://openalex.org/I67031392"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111980259","display_name":"Anil Somayaji","orcid":"https://orcid.org/0000-0003-4761-9743"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Anil Somayaji","raw_affiliation_strings":["Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#"],"affiliations":[{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, ONT, Canada","institution_ids":["https://openalex.org/I67031392"]},{"raw_affiliation_string":"Carleton Computer Security Lab, School of Computer Science, Carleton University, Ottawa, Ontario, Canada#TAB#","institution_ids":["https://openalex.org/I67031392"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5113975101"],"corresponding_institution_ids":["https://openalex.org/I67031392"],"apc_list":null,"apc_paid":null,"fwci":2.0571,"has_fulltext":false,"cited_by_count":72,"citation_normalized_percentile":{"value":0.87783122,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9904000163078308,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7761693000793457},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6227840185165405},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.5967680215835571},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5096445083618164},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.49837327003479004},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.4969628155231476},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.19870051741600037},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.06260320544242859}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7761693000793457},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6227840185165405},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.5967680215835571},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5096445083618164},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.49837327003479004},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.4969628155231476},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.19870051741600037},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.06260320544242859},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cisda.2009.5356522","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cisda.2009.5356522","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Partnerships for the goals","score":0.41999998688697815,"id":"https://metadata.un.org/sdg/17"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W1514233826","https://openalex.org/W1541785509","https://openalex.org/W1542522493","https://openalex.org/W1591480890","https://openalex.org/W1988038025","https://openalex.org/W1988918299","https://openalex.org/W1999427165","https://openalex.org/W2125269465","https://openalex.org/W2147191819","https://openalex.org/W2157665255","https://openalex.org/W4299317891","https://openalex.org/W6632480914","https://openalex.org/W6632551177","https://openalex.org/W6683235873"],"related_works":["https://openalex.org/W2357468538","https://openalex.org/W1577110157","https://openalex.org/W2355007334","https://openalex.org/W2906422846","https://openalex.org/W2390009783","https://openalex.org/W2364419519","https://openalex.org/W2133389611","https://openalex.org/W2360767377","https://openalex.org/W2017948608","https://openalex.org/W2360951146"],"abstract_inverted_index":{"The":[0],"1999":[1],"DARPA/Lincoln":[2],"Laboratory":[3],"IDS":[4],"evaluation":[5],"data":[6],"has":[7],"been":[8],"widely":[9],"used":[10],"in":[11,75,84,94],"the":[12,38,76,90],"intrusion":[13],"detection":[14],"and":[15,46],"networking":[16],"community,":[17],"even":[18],"though":[19],"it":[20],"is":[21],"known":[22],"to":[23,70],"have":[24],"a":[25,56,78],"number":[26],"of":[27,34,40,92],"artifacts.":[28],"Here":[29],"we":[30,58,67],"show":[31],"that":[32,80],"many":[33],"these":[35],"artifacts,":[36],"including":[37],"lack":[39],"damaged":[41],"or":[42],"unusual":[43],"background":[44],"packets":[45],"uniform":[47],"host":[48],"distribution,":[49],"can":[50],"be":[51],"easily":[52],"extracted":[53],"using":[54,65],"NetADHICT,":[55],"tool":[57],"developed":[59],"for":[60,98],"understanding":[61],"networks.":[62],"In":[63],"addition,":[64],"NetADHICT":[66,93],"were":[68],"able":[69],"identify":[71],"extreme":[72],"temporal":[73],"variation":[74],"data,":[77],"characteristic":[79],"was":[81],"not":[82],"identified":[83],"past":[85],"analyses.":[86],"These":[87],"results":[88],"illustrate":[89],"utility":[91],"characterizing":[95],"network":[96],"traces":[97],"experimental":[99],"purposes.":[100]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":14},{"year":2019,"cited_by_count":9},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":4},{"year":2012,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}