{"id":"https://openalex.org/W2125213422","doi":"https://doi.org/10.1109/discex.2003.1194978","title":"A summary of detection of denial-of-QoS attacks on DiffServ networks","display_name":"A summary of detection of denial-of-QoS attacks on DiffServ networks","publication_year":2004,"publication_date":"2004-03-22","ids":{"openalex":"https://openalex.org/W2125213422","doi":"https://doi.org/10.1109/discex.2003.1194978","mag":"2125213422"},"language":"en","primary_location":{"id":"doi:10.1109/discex.2003.1194978","is_oa":false,"landing_page_url":"https://doi.org/10.1109/discex.2003.1194978","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings DARPA Information Survivability Conference and Exposition","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102332084","display_name":"Xiaoyong Wu","orcid":null},"institutions":[{"id":"https://openalex.org/I4210133640","display_name":"MCNC Research and Development Institute","ror":"https://ror.org/042awg277","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210133640"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Xiaoyong Wu","raw_affiliation_strings":["MCNC-RDI, NC, USA"],"affiliations":[{"raw_affiliation_string":"MCNC-RDI, NC, USA","institution_ids":["https://openalex.org/I4210133640"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044913263","display_name":"Vinay A. Mahadik","orcid":null},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"V.A. Mahadik","raw_affiliation_strings":["North Carolina State University, Raleigh, NC, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, NC, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5030462464","display_name":"Douglas S. Reeves","orcid":"https://orcid.org/0000-0002-1775-0639"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"D.S. Reeves","raw_affiliation_strings":["North Carolina State University, Raleigh, NC, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, NC, USA","institution_ids":["https://openalex.org/I137902535"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5102332084"],"corresponding_institution_ids":["https://openalex.org/I4210133640"],"apc_list":null,"apc_paid":null,"fwci":0.927,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.8057405,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"2","issue":null,"first_page":"277","last_page":"282"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.808590292930603},{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.7511693239212036},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7246568202972412},{"id":"https://openalex.org/keywords/constant-false-alarm-rate","display_name":"Constant false alarm rate","score":0.6182982325553894},{"id":"https://openalex.org/keywords/quality-of-service","display_name":"Quality of service","score":0.5784358382225037},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5356568694114685},{"id":"https://openalex.org/keywords/emulation","display_name":"Emulation","score":0.4903910160064697},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.48432672023773193},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4831082820892334},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.4758146405220032},{"id":"https://openalex.org/keywords/ewma-chart","display_name":"EWMA chart","score":0.44628849625587463},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4423786401748657},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.33912235498428345},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.25681889057159424},{"id":"https://openalex.org/keywords/control-chart","display_name":"Control chart","score":0.21077409386634827},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.14936783909797668},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.09691277146339417},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.0854223370552063},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07488083839416504}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.808590292930603},{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.7511693239212036},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7246568202972412},{"id":"https://openalex.org/C77052588","wikidata":"https://www.wikidata.org/wiki/Q644307","display_name":"Constant false alarm rate","level":2,"score":0.6182982325553894},{"id":"https://openalex.org/C5119721","wikidata":"https://www.wikidata.org/wiki/Q220501","display_name":"Quality of service","level":2,"score":0.5784358382225037},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5356568694114685},{"id":"https://openalex.org/C149810388","wikidata":"https://www.wikidata.org/wiki/Q5374873","display_name":"Emulation","level":2,"score":0.4903910160064697},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.48432672023773193},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4831082820892334},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.4758146405220032},{"id":"https://openalex.org/C74746147","wikidata":"https://www.wikidata.org/wiki/Q5324652","display_name":"EWMA chart","level":4,"score":0.44628849625587463},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4423786401748657},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.33912235498428345},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.25681889057159424},{"id":"https://openalex.org/C196985124","wikidata":"https://www.wikidata.org/wiki/Q1369242","display_name":"Control chart","level":3,"score":0.21077409386634827},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.14936783909797668},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.09691277146339417},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.0854223370552063},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07488083839416504},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/discex.2003.1194978","is_oa":false,"landing_page_url":"https://doi.org/10.1109/discex.2003.1194978","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings DARPA Information Survivability Conference and Exposition","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W88712262","https://openalex.org/W330408192","https://openalex.org/W1797472426","https://openalex.org/W1854288931","https://openalex.org/W1994212840","https://openalex.org/W2107409339","https://openalex.org/W2138528079","https://openalex.org/W2148275477","https://openalex.org/W2169384417","https://openalex.org/W4236369288","https://openalex.org/W4285719527","https://openalex.org/W6603671570","https://openalex.org/W6638215083","https://openalex.org/W6638866978","https://openalex.org/W6680609238"],"related_works":["https://openalex.org/W2054331165","https://openalex.org/W2042250228","https://openalex.org/W2791338065","https://openalex.org/W4385626305","https://openalex.org/W1500481227","https://openalex.org/W1423394455","https://openalex.org/W1970444427","https://openalex.org/W1984271571","https://openalex.org/W2044993109","https://openalex.org/W2168083929"],"abstract_inverted_index":{"This":[0],"paper":[1],"summarizes":[2],"our":[3,76,128],"approach":[4,15,79],"of":[5,8,65,92],"detecting":[6],"denial":[7],"QoS":[9,34],"attacks":[10],"on":[11,17,82],"DiffServ":[12],"networks.":[13],"Our":[14],"focuses":[16],"online":[18],"quick":[19],"detection,":[20],"scalability":[21],"to":[22,70,101,105,116],"large":[23],"networks,":[24],"and":[25,39,53,85,95],"a":[26,68,83,99,130],"low":[27],"false":[28,108],"alarm":[29,109],"generation":[30],"rate.":[31],"Sensors":[32],"sample":[33],"metric":[35],"at":[36,111],"strategic":[37],"points":[38],"we":[40],"detect":[41],"anomalies":[42],"in":[43],"sampled":[44],"network":[45],"flow":[46],"statistics":[47],"using":[48,80,86],"the":[49,93,112],"/spl":[50],"chi//sup":[51],"2/":[52],"EWMA":[54],"Control":[55],"Chart":[56],"test":[57],"methods.":[58],"We":[59,73],"also":[60],"use":[61],"rule-based":[62],"intrusion":[63,77],"detection":[64,78,119],"SLA":[66],"as":[67],"complement":[69],"these":[71,118],"techniques.":[72],"have":[74],"tested":[75],"emulation":[81],"testbed,":[84],"simulation.":[87],"Attacks":[88],"are":[89],"detected":[90],"100%":[91],"time,":[94],"require":[96],"from":[97],"under":[98],"minute":[100],"approximately":[102],"15":[103],"minutes":[104],"detect.":[106],"The":[107],"rate":[110],"sensitivity":[113],"level":[114],"used":[115],"achieve":[117],"results":[120,126],"is":[121],"less":[122],"than":[123],"1%.":[124],"These":[125],"make":[127],"work":[129],"strong":[131],"candidate":[132],"for":[133],"deployment.":[134]},"counts_by_year":[{"year":2013,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}