{"id":"https://openalex.org/W2048480717","doi":"https://doi.org/10.1109/isias.2010.5604041","title":"Using vulnerability information and attack graphs for intrusion detection","display_name":"Using vulnerability information and attack graphs for intrusion detection","publication_year":2010,"publication_date":"2010-08-01","ids":{"openalex":"https://openalex.org/W2048480717","doi":"https://doi.org/10.1109/isias.2010.5604041","mag":"2048480717"},"language":"en","primary_location":{"id":"doi:10.1109/isias.2010.5604041","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isias.2010.5604041","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2010 Sixth International Conference on Information Assurance and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5062060869","display_name":"Sebastian Roschke","orcid":null},"institutions":[{"id":"https://openalex.org/I176453806","display_name":"University of Potsdam","ror":"https://ror.org/03bnmw459","country_code":"DE","type":"education","lineage":["https://openalex.org/I176453806"]},{"id":"https://openalex.org/I143288331","display_name":"Hasso Plattner Institute","ror":"https://ror.org/058rn5r42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Sebastian Roschke","raw_affiliation_strings":["Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany","Hasso Plattner Institute (HPI), University of Potsdam, P.O.Box 900460, 14440, Germany"],"affiliations":[{"raw_affiliation_string":"Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]},{"raw_affiliation_string":"Hasso Plattner Institute (HPI), University of Potsdam, P.O.Box 900460, 14440, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077726105","display_name":"Feng Cheng","orcid":"https://orcid.org/0000-0001-5880-8131"},"institutions":[{"id":"https://openalex.org/I176453806","display_name":"University of Potsdam","ror":"https://ror.org/03bnmw459","country_code":"DE","type":"education","lineage":["https://openalex.org/I176453806"]},{"id":"https://openalex.org/I143288331","display_name":"Hasso Plattner Institute","ror":"https://ror.org/058rn5r42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Feng Cheng","raw_affiliation_strings":["Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany","Hasso Plattner Institute (HPI), University of Potsdam, P.O.Box 900460, 14440, Germany"],"affiliations":[{"raw_affiliation_string":"Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]},{"raw_affiliation_string":"Hasso Plattner Institute (HPI), University of Potsdam, P.O.Box 900460, 14440, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102919398","display_name":"Christoph Meinel","orcid":"https://orcid.org/0000-0002-3410-3193"},"institutions":[{"id":"https://openalex.org/I176453806","display_name":"University of Potsdam","ror":"https://ror.org/03bnmw459","country_code":"DE","type":"education","lineage":["https://openalex.org/I176453806"]},{"id":"https://openalex.org/I143288331","display_name":"Hasso Plattner Institute","ror":"https://ror.org/058rn5r42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christoph Meinel","raw_affiliation_strings":["Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany","Hasso Plattner Institute (HPI), University of Potsdam, P.O.Box 900460, 14440, Germany"],"affiliations":[{"raw_affiliation_string":"Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]},{"raw_affiliation_string":"Hasso Plattner Institute (HPI), University of Potsdam, P.O.Box 900460, 14440, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5062060869"],"corresponding_institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"],"apc_list":null,"apc_paid":null,"fwci":0.7122,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.7236677,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"68","last_page":"73"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8403856754302979},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7401442527770996},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.7040441036224365},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.5298274159431458},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5196931958198547},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5188011527061462},{"id":"https://openalex.org/keywords/visualization","display_name":"Visualization","score":0.49889707565307617},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4362648129463196},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.41402679681777954},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.274968683719635},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.19209274649620056},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.137291818857193}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8403856754302979},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7401442527770996},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.7040441036224365},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.5298274159431458},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5196931958198547},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5188011527061462},{"id":"https://openalex.org/C36464697","wikidata":"https://www.wikidata.org/wiki/Q451553","display_name":"Visualization","level":2,"score":0.49889707565307617},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4362648129463196},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.41402679681777954},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.274968683719635},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.19209274649620056},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.137291818857193},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isias.2010.5604041","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isias.2010.5604041","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2010 Sixth International Conference on Information Assurance and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.4000000059604645,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W1278625838","https://openalex.org/W1495304983","https://openalex.org/W1521141765","https://openalex.org/W1549716092","https://openalex.org/W1550136732","https://openalex.org/W1582247085","https://openalex.org/W1582506709","https://openalex.org/W1590752147","https://openalex.org/W1774789632","https://openalex.org/W1846280258","https://openalex.org/W1965332127","https://openalex.org/W1970903699","https://openalex.org/W2007790938","https://openalex.org/W2048125321","https://openalex.org/W2059826422","https://openalex.org/W2073165180","https://openalex.org/W2108867737","https://openalex.org/W2118807767","https://openalex.org/W2121805588","https://openalex.org/W2136561182","https://openalex.org/W2137928260","https://openalex.org/W2141200504","https://openalex.org/W2161830378","https://openalex.org/W2620244897","https://openalex.org/W3118517595","https://openalex.org/W4206706721","https://openalex.org/W4231518042","https://openalex.org/W6628148685","https://openalex.org/W6629622667","https://openalex.org/W6631225259","https://openalex.org/W6632843234","https://openalex.org/W6633076644","https://openalex.org/W6676373661","https://openalex.org/W6680369147","https://openalex.org/W6680441834","https://openalex.org/W6788651489"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W2280562859","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2062873522","https://openalex.org/W1756374135","https://openalex.org/W2789975780"],"abstract_inverted_index":{"Intrusion":[0],"Detection":[1],"Systems":[2],"(IDS)":[3],"have":[4],"been":[5],"used":[6,76,135,147],"widely":[7],"to":[8,31,57,63,81,123,136,152],"detect":[9,58],"malicious":[10],"behavior":[11],"in":[12,49],"network":[13],"communication":[14],"and":[15,33,41,59,70,84,107,126,131,138,154,166],"hosts.":[16],"IDS":[17,25,120,142],"management":[18,121],"is":[19,75,134,146,160],"an":[20,78,119],"important":[21],"capability":[22],"for":[23,68],"distributed":[24,51],"solutions,":[26],"which":[27],"makes":[28],"it":[29,61],"possible":[30],"integrate":[32,64],"handle":[34],"different":[35],"types":[36],"of":[37,88,99,114],"sensors":[38],"or":[39,92],"collect":[40],"synthesize":[42],"alerts":[43],"generated":[44],"from":[45],"multiple":[46,65],"hosts":[47],"located":[48],"the":[50,86,112,115,140,149],"environment.":[52],"Sophisticated":[53],"attacks":[54],"are":[55],"difficult":[56],"make":[60],"necessary":[62],"data":[66,172],"sources":[67],"detection":[69],"correlation.":[71],"Attack":[72],"graph":[73,96,105],"(AG)":[74],"as":[77],"effective":[79],"method":[80],"model,":[82],"analyze,":[83],"evaluate":[85],"security":[87],"complicated":[89],"computer":[90],"systems":[91],"networks.":[93],"The":[94,129,144],"attack":[95,104],"workflow":[97,117],"consists":[98],"three":[100],"parts:":[101],"information":[102,133],"gathering,":[103],"construction,":[106],"visualization.":[108],"This":[109],"paper":[110],"proposes":[111],"integration":[113],"AG":[116,145,167],"with":[118],"system":[122,132],"improve":[124],"alert":[125],"correlation":[127,150,156],"quality.":[128],"vulnerability":[130,164],"prioritize":[137],"tag":[139],"incoming":[141],"alerts.":[143],"during":[148],"process":[151],"filter":[153],"optimize":[155],"results.":[157],"A":[158],"prototype":[159],"implemented":[161],"using":[162],"automatic":[163],"extraction":[165],"creation":[168],"based":[169],"on":[170],"unified":[171],"models.":[173]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}