{"id":"https://openalex.org/W2342408547","doi":"https://doi.org/10.1109/comst.2015.2494502","title":"A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection","display_name":"A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection","publication_year":2015,"publication_date":"2015-10-26","ids":{"openalex":"https://openalex.org/W2342408547","doi":"https://doi.org/10.1109/comst.2015.2494502","mag":"2342408547"},"language":"en","primary_location":{"id":"doi:10.1109/comst.2015.2494502","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comst.2015.2494502","pdf_url":null,"source":{"id":"https://openalex.org/S23688054","display_name":"IEEE Communications Surveys & Tutorials","issn_l":"1553-877X","issn":["1553-877X","2373-745X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Communications Surveys &amp; Tutorials","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036462876","display_name":"Anna L. Buczak","orcid":"https://orcid.org/0000-0002-4468-7719"},"institutions":[{"id":"https://openalex.org/I2802946424","display_name":"Johns Hopkins University Applied Physics Laboratory","ror":"https://ror.org/029pp9z10","country_code":"US","type":"facility","lineage":["https://openalex.org/I145311948","https://openalex.org/I2802946424"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Anna L. Buczak","raw_affiliation_strings":["The Johns Hopkins University Applied Physics Laboratory, Laurel, MD, USA"],"affiliations":[{"raw_affiliation_string":"The Johns Hopkins University Applied Physics Laboratory, Laurel, MD, USA","institution_ids":["https://openalex.org/I2802946424"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103648432","display_name":"Erhan Guven","orcid":null},"institutions":[{"id":"https://openalex.org/I2802946424","display_name":"Johns Hopkins University Applied Physics Laboratory","ror":"https://ror.org/029pp9z10","country_code":"US","type":"facility","lineage":["https://openalex.org/I145311948","https://openalex.org/I2802946424"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Erhan Guven","raw_affiliation_strings":["The Johns Hopkins University Applied Physics Laboratory, Laurel, MD, USA"],"affiliations":[{"raw_affiliation_string":"The Johns Hopkins University Applied Physics Laboratory, Laurel, MD, USA","institution_ids":["https://openalex.org/I2802946424"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5036462876"],"corresponding_institution_ids":["https://openalex.org/I2802946424"],"apc_list":null,"apc_paid":null,"fwci":105.806,"has_fulltext":false,"cited_by_count":2948,"citation_normalized_percentile":{"value":0.9998649,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"18","issue":"2","first_page":"1153","last_page":"1176"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9926999807357788,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8274868726730347},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7535451054573059},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5479063391685486},{"id":"https://openalex.org/keywords/relevance","display_name":"Relevance (law)","score":0.5404182076454163},{"id":"https://openalex.org/keywords/analytics","display_name":"Analytics","score":0.47978121042251587},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.44902172684669495},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3901662826538086},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.34739550948143005}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8274868726730347},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7535451054573059},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5479063391685486},{"id":"https://openalex.org/C158154518","wikidata":"https://www.wikidata.org/wiki/Q7310970","display_name":"Relevance (law)","level":2,"score":0.5404182076454163},{"id":"https://openalex.org/C79158427","wikidata":"https://www.wikidata.org/wiki/Q485396","display_name":"Analytics","level":2,"score":0.47978121042251587},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.44902172684669495},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3901662826538086},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.34739550948143005},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/comst.2015.2494502","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comst.2015.2494502","pdf_url":null,"source":{"id":"https://openalex.org/S23688054","display_name":"IEEE Communications Surveys & Tutorials","issn_l":"1553-877X","issn":["1553-877X","2373-745X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Communications Surveys &amp; Tutorials","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":134,"referenced_works":["https://openalex.org/W4348436","https://openalex.org/W6091113","https://openalex.org/W49546894","https://openalex.org/W166342712","https://openalex.org/W1504694836","https://openalex.org/W1525180324","https://openalex.org/W1541288193","https://openalex.org/W1553696291","https://openalex.org/W1554891714","https://openalex.org/W1556024794","https://openalex.org/W1570448133","https://openalex.org/W1576185228","https://openalex.org/W1576660662","https://openalex.org/W1576818901","https://openalex.org/W1615454278","https://openalex.org/W1642161394","https://openalex.org/W1670263352","https://openalex.org/W1673310716","https://openalex.org/W1755360231","https://openalex.org/W1777713421","https://openalex.org/W1856750239","https://openalex.org/W1884606608","https://openalex.org/W1937068078","https://openalex.org/W1952056635","https://openalex.org/W1954903228","https://openalex.org/W1966809779","https://openalex.org/W1971751469","https://openalex.org/W1971784203","https://openalex.org/W1975791498","https://openalex.org/W1978779053","https://openalex.org/W1979877030","https://openalex.org/W1986334900","https://openalex.org/W1988741337","https://openalex.org/W1991237739","https://openalex.org/W1993717606","https://openalex.org/W1999427165","https://openalex.org/W2002016471","https://openalex.org/W2014712522","https://openalex.org/W2017528992","https://openalex.org/W2030553727","https://openalex.org/W2033626294","https://openalex.org/W2036959577","https://openalex.org/W2038819341","https://openalex.org/W2040870580","https://openalex.org/W2049633694","https://openalex.org/W2066664409","https://openalex.org/W2071221494","https://openalex.org/W2076384720","https://openalex.org/W2076526693","https://openalex.org/W2077574412","https://openalex.org/W2081707439","https://openalex.org/W2082550445","https://openalex.org/W2091576221","https://openalex.org/W2094138658","https://openalex.org/W2096118443","https://openalex.org/W2099940443","https://openalex.org/W2100024153","https://openalex.org/W2100537916","https://openalex.org/W2102201073","https://openalex.org/W2104593144","https://openalex.org/W2112076978","https://openalex.org/W2112090702","https://openalex.org/W2114996745","https://openalex.org/W2117707191","https://openalex.org/W2123619513","https://openalex.org/W2124261333","https://openalex.org/W2125055259","https://openalex.org/W2129018774","https://openalex.org/W2129879631","https://openalex.org/W2133941447","https://openalex.org/W2133990480","https://openalex.org/W2137983211","https://openalex.org/W2139212933","https://openalex.org/W2139669429","https://openalex.org/W2142384583","https://openalex.org/W2142889610","https://openalex.org/W2143893259","https://openalex.org/W2145052282","https://openalex.org/W2146082061","https://openalex.org/W2149706766","https://openalex.org/W2152195021","https://openalex.org/W2154929945","https://openalex.org/W2156909104","https://openalex.org/W2158454296","https://openalex.org/W2160598920","https://openalex.org/W2161302205","https://openalex.org/W2164576874","https://openalex.org/W2166275707","https://openalex.org/W2166559705","https://openalex.org/W2167917621","https://openalex.org/W2169654335","https://openalex.org/W2169768310","https://openalex.org/W2171331105","https://openalex.org/W2173213060","https://openalex.org/W2188268519","https://openalex.org/W2203709713","https://openalex.org/W2319660501","https://openalex.org/W2502697733","https://openalex.org/W2802348331","https://openalex.org/W2911964244","https://openalex.org/W2912565176","https://openalex.org/W3099514962","https://openalex.org/W3141738472","https://openalex.org/W3146803896","https://openalex.org/W3150719513","https://openalex.org/W3211952227","https://openalex.org/W4211007335","https://openalex.org/W4211064163","https://openalex.org/W4213332169","https://openalex.org/W4231918628","https://openalex.org/W4232872328","https://openalex.org/W4236137412","https://openalex.org/W4249991499","https://openalex.org/W4250857377","https://openalex.org/W4256360777","https://openalex.org/W4285719527","https://openalex.org/W4299670631","https://openalex.org/W6600247753","https://openalex.org/W6601962654","https://openalex.org/W6633310491","https://openalex.org/W6633402183","https://openalex.org/W6636895364","https://openalex.org/W6637131181","https://openalex.org/W6639223989","https://openalex.org/W6674887505","https://openalex.org/W6676769703","https://openalex.org/W6677572458","https://openalex.org/W6678524815","https://openalex.org/W6683882235","https://openalex.org/W6684325336","https://openalex.org/W6684920382","https://openalex.org/W6686806119","https://openalex.org/W6724329653","https://openalex.org/W7048738093"],"related_works":["https://openalex.org/W2357468538","https://openalex.org/W2085384747","https://openalex.org/W1577110157","https://openalex.org/W2106071040","https://openalex.org/W2088166309","https://openalex.org/W4312133475","https://openalex.org/W4238976562","https://openalex.org/W2276587472","https://openalex.org/W1835907303","https://openalex.org/W2133389611"],"abstract_inverted_index":{"This":[0],"survey":[1,7],"paper":[2],"describes":[3],"a":[4,99],"focused":[5],"literature":[6],"of":[8,22,28,38,43,76,82],"machine":[9],"learning":[10],"(ML)":[11],"and":[12,54,92],"data":[13,57,67],"mining":[14],"(DM)":[15],"methods":[16],"for":[17,84,87],"cyber":[18,66,88],"analytics":[19],"in":[20,61,70],"support":[21],"intrusion":[23],"detection.":[24],"Short":[25],"tutorial":[26],"descriptions":[27],"each":[29,49],"ML/DM":[30,62,71,77,86],"method":[31,50,101],"are":[32,58,72,102],"provided.":[33,103],"Based":[34],"on":[35,95],"the":[36,41],"number":[37],"citations":[39],"or":[40],"relevance":[42],"an":[44],"emerging":[45],"method,":[46],"papers":[47],"representing":[48],"were":[51],"identified,":[52],"read,":[53],"summarized.":[55],"Because":[56],"so":[59],"important":[60],"approaches,":[63],"some":[64,93],"well-known":[65],"sets":[68],"used":[69],"described.":[73],"The":[74],"complexity":[75],"algorithms":[78],"is":[79,90],"addressed,":[80],"discussion":[81],"challenges":[83],"using":[85],"security":[89],"presented,":[91],"recommendations":[94],"when":[96],"to":[97],"use":[98],"given":[100]},"counts_by_year":[{"year":2026,"cited_by_count":71},{"year":2025,"cited_by_count":364},{"year":2024,"cited_by_count":303},{"year":2023,"cited_by_count":326},{"year":2022,"cited_by_count":408},{"year":2021,"cited_by_count":454},{"year":2020,"cited_by_count":402},{"year":2019,"cited_by_count":317},{"year":2018,"cited_by_count":219},{"year":2017,"cited_by_count":72},{"year":2016,"cited_by_count":10},{"year":2015,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2026-04-06T07:47:59.780226","created_date":"2025-10-10T00:00:00"}