{"id":"https://openalex.org/W2132081438","doi":"https://doi.org/10.1109/dsn.2011.5958211","title":"An analysis of signature overlaps in Intrusion Detection Systems","display_name":"An analysis of signature overlaps in Intrusion Detection Systems","publication_year":2011,"publication_date":"2011-06-01","ids":{"openalex":"https://openalex.org/W2132081438","doi":"https://doi.org/10.1109/dsn.2011.5958211","mag":"2132081438"},"language":"en","primary_location":{"id":"doi:10.1109/dsn.2011.5958211","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsn.2011.5958211","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 IEEE/IFIP 41st International Conference on Dependable Systems &amp; Networks (DSN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050336773","display_name":"Fr\u00e9d\u00e9ric Massicotte","orcid":null},"institutions":[{"id":"https://openalex.org/I4210151552","display_name":"Communications Research Centre Canada","ror":"https://ror.org/05dybt340","country_code":"CA","type":"facility","lineage":["https://openalex.org/I4210151552"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Frederic Massicotte","raw_affiliation_strings":["Communications Rcscarch Centre, Ottawa, Canada","Communications Research Centre Canada, Ottawa, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Communications Rcscarch Centre, Ottawa, Canada","institution_ids":["https://openalex.org/I4210151552"]},{"raw_affiliation_string":"Communications Research Centre Canada, Ottawa, Canada","institution_ids":["https://openalex.org/I4210151552"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5007057846","display_name":"Yvan Labiche","orcid":"https://orcid.org/0000-0001-8880-4836"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Yvan Labiche","raw_affiliation_strings":["Software Quality Engineering Laboratory, Department of Systems and Computer Engineering, Carleton University, Ottawa, Canada","[Software Quality Engineering Laboratory, Department of Systems and Computer Engineering, Carleton University, Ottawa, Canada]"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Software Quality Engineering Laboratory, Department of Systems and Computer Engineering, Carleton University, Ottawa, Canada","institution_ids":["https://openalex.org/I67031392"]},{"raw_affiliation_string":"[Software Quality Engineering Laboratory, Department of Systems and Computer Engineering, Carleton University, Ottawa, Canada]","institution_ids":["https://openalex.org/I67031392"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.4628,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.84077603,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"109","last_page":"120"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7986090779304504},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7944388389587402},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.786501944065094},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.6607608795166016},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5879391431808472},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5018448829650879},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.47151103615760803},{"id":"https://openalex.org/keywords/automaton","display_name":"Automaton","score":0.4652218818664551},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.4467692971229553},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.43920421600341797},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.437029093503952},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.37380215525627136},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2918168008327484},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.1679842472076416},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.08952325582504272}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7986090779304504},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7944388389587402},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.786501944065094},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.6607608795166016},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5879391431808472},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5018448829650879},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.47151103615760803},{"id":"https://openalex.org/C112505250","wikidata":"https://www.wikidata.org/wiki/Q787116","display_name":"Automaton","level":2,"score":0.4652218818664551},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.4467692971229553},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.43920421600341797},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.437029093503952},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.37380215525627136},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2918168008327484},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.1679842472076416},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.08952325582504272},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/dsn.2011.5958211","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsn.2011.5958211","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 IEEE/IFIP 41st International Conference on Dependable Systems &amp; Networks (DSN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.699999988079071,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W192309743","https://openalex.org/W1516506771","https://openalex.org/W1814821709","https://openalex.org/W1859718522","https://openalex.org/W1952056635","https://openalex.org/W1999427165","https://openalex.org/W2003250112","https://openalex.org/W2034362794","https://openalex.org/W2081357650","https://openalex.org/W2091805711","https://openalex.org/W2126345423","https://openalex.org/W2129854660","https://openalex.org/W2149726907","https://openalex.org/W2161064628","https://openalex.org/W2167423345","https://openalex.org/W2171070266","https://openalex.org/W2490117859","https://openalex.org/W2611730778","https://openalex.org/W3216240862","https://openalex.org/W4302339081","https://openalex.org/W6607792004","https://openalex.org/W6640726002","https://openalex.org/W6681857310"],"related_works":["https://openalex.org/W2337148208","https://openalex.org/W3004832009","https://openalex.org/W3036013726","https://openalex.org/W1971929717","https://openalex.org/W1724519426","https://openalex.org/W2061466315","https://openalex.org/W2355532322","https://openalex.org/W2368329025","https://openalex.org/W3157271777","https://openalex.org/W1485296229"],"abstract_inverted_index":{"An":[0],"Intrusion":[1],"Detection":[2],"System":[3],"(IDS)":[4],"protects":[5],"computer":[6],"networks":[7],"against":[8],"attacks":[9],"and":[10,16,72,107,129,134,143,164],"intrusions,":[11],"in":[12,41,68,159],"combination":[13],"with":[14,137],"firewalls":[15],"anti-virus":[17],"systems.":[18],"One":[19,62],"class":[20],"of":[21,36,92,115],"IDS":[22,117,161],"is":[23,74,78,124,151],"called":[24],"signature-based":[25,53],"network":[26,31,54],"IDSs,":[27,51,55],"as":[28,39,46],"they":[29],"monitor":[30],"traffic,":[32],"looking":[33],"for":[34],"evidence":[35],"malicious":[37],"behaviour":[38],"specified":[40],"attack":[42],"descriptions":[43],"(referred":[44],"to":[45,58,105],"signatures).Many":[47],"studies":[48],"report":[49],"that":[50,65,73,79,148],"including":[52],"have":[56],"problems":[57],"accurately":[59],"identify":[60],"attacks.":[61],"possible":[63],"reason":[64],"we":[66,96,122,135],"observed":[67],"our":[69,138,149],"past":[70],"work,":[71],"worth":[75],"investigating":[76],"further,":[77],"several":[80,83],"signatures":[81],"(i.e.,":[82],"alarms)":[84],"can":[85,165],"be":[86,166],"triggered":[87],"on":[88,126,140,169],"the":[89,111,156],"same":[90],"group":[91],"packets,":[93],"a":[94,103],"situation":[95],"coined":[97],"overlapping":[98,113],"signatures.":[99],"This":[100],"paper":[101],"presents":[102],"technique":[104,139],"precisely":[106],"systemat":[108],"ically":[109],"quantify":[110],"signature":[112,118,162],"problem":[114,158],"an":[116],"database.":[119],"The":[120],"solution":[121],"describe":[123],"based":[125],"set":[127],"theory":[128],"finite":[130],"state":[131],"automaton":[132],"theory,":[133],"experiment":[136],"one":[141,160],"widely-used":[142],"maintained":[144],"IDS.":[145],"Results":[146],"show":[147],"approach":[150],"effective":[152],"at":[153],"systematically":[154],"quantifying":[155],"overlap":[157],"database,":[163],"potentially":[167],"used":[168],"other":[170],"IDSs.":[171]},"counts_by_year":[{"year":2022,"cited_by_count":3},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}