{"id":"https://openalex.org/W2172051193","doi":"https://doi.org/10.1109/pccc.2008.4745080","title":"Noise-Resistant Payload Anomaly Detection for Network Intrusion Detection Systems","display_name":"Noise-Resistant Payload Anomaly Detection for Network Intrusion Detection Systems","publication_year":2008,"publication_date":"2008-12-01","ids":{"openalex":"https://openalex.org/W2172051193","doi":"https://doi.org/10.1109/pccc.2008.4745080","mag":"2172051193"},"language":"en","primary_location":{"id":"doi:10.1109/pccc.2008.4745080","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pccc.2008.4745080","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2008 IEEE International Performance, Computing and Communications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101622608","display_name":"Sun-il Kim","orcid":"https://orcid.org/0000-0003-0846-8620"},"institutions":[{"id":"https://openalex.org/I82495205","display_name":"University of Alabama in Huntsville","ror":"https://ror.org/02zsxwr40","country_code":"US","type":"education","lineage":["https://openalex.org/I82495205"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Sun-il Kim","raw_affiliation_strings":["Department of Computer Science, Information Technology and Systems Center, University of Alabama Huntsville, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Information Technology and Systems Center, University of Alabama Huntsville, USA","institution_ids":["https://openalex.org/I82495205"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015939233","display_name":"Nnamdi Nwanze","orcid":null},"institutions":[{"id":"https://openalex.org/I123946342","display_name":"Binghamton University","ror":"https://ror.org/008rmbt77","country_code":"US","type":"education","lineage":["https://openalex.org/I123946342"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nnamdi Nwanze","raw_affiliation_strings":["Department of Electrical and Computer Engineering, State University of New York, Binghamton, USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, State University of New York, Binghamton, USA","institution_ids":["https://openalex.org/I123946342"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5101622608"],"corresponding_institution_ids":["https://openalex.org/I82495205"],"apc_list":null,"apc_paid":null,"fwci":1.4665,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.85694498,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"517","last_page":"523"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.8937160968780518},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.8300708532333374},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7716848850250244},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.712070107460022},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6089801788330078},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5856075882911682},{"id":"https://openalex.org/keywords/noise","display_name":"Noise (video)","score":0.4564944803714752},{"id":"https://openalex.org/keywords/false-positives-and-false-negatives","display_name":"False positives and false negatives","score":0.45569485425949097},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.4260440766811371},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.421329528093338},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.41280707716941833},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.4006147086620331},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3126589059829712},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2514636516571045}],"concepts":[{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.8937160968780518},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.8300708532333374},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7716848850250244},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.712070107460022},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6089801788330078},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5856075882911682},{"id":"https://openalex.org/C99498987","wikidata":"https://www.wikidata.org/wiki/Q2210247","display_name":"Noise (video)","level":3,"score":0.4564944803714752},{"id":"https://openalex.org/C112789634","wikidata":"https://www.wikidata.org/wiki/Q18207010","display_name":"False positives and false negatives","level":3,"score":0.45569485425949097},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.4260440766811371},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.421329528093338},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.41280707716941833},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.4006147086620331},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3126589059829712},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2514636516571045},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C115961682","wikidata":"https://www.wikidata.org/wiki/Q860623","display_name":"Image (mathematics)","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pccc.2008.4745080","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pccc.2008.4745080","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2008 IEEE International Performance, Computing and Communications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W341626899","https://openalex.org/W1566480186","https://openalex.org/W1594536929","https://openalex.org/W1674877186","https://openalex.org/W1993426957","https://openalex.org/W1996309984","https://openalex.org/W2025087771","https://openalex.org/W2104824447","https://openalex.org/W2111947034","https://openalex.org/W2116065364","https://openalex.org/W2134903203","https://openalex.org/W2148694408","https://openalex.org/W2157428947","https://openalex.org/W2162240407","https://openalex.org/W2559773779","https://openalex.org/W4244733066","https://openalex.org/W4366454906","https://openalex.org/W6611633390","https://openalex.org/W6633944860","https://openalex.org/W6635283633","https://openalex.org/W6676910948"],"related_works":["https://openalex.org/W4292605373","https://openalex.org/W2951146195","https://openalex.org/W3123215897","https://openalex.org/W3119537175","https://openalex.org/W2810356275","https://openalex.org/W2027184711","https://openalex.org/W2153600354","https://openalex.org/W2102140417","https://openalex.org/W2133437368","https://openalex.org/W4282824511"],"abstract_inverted_index":{"Anomaly-based":[0],"intrusion":[1,50],"detection":[2,17,51,131],"systems":[3],"are":[4],"an":[5],"essential":[6],"part":[7],"of":[8,96,101,122],"a":[9,46,119],"global":[10],"security":[11],"solution":[12],"and":[13,25,118],"effectively":[14],"complement":[15],"signature-based":[16],"schemes.":[18],"Its":[19],"strength":[20],"in":[21,77,115],"detecting":[22],"previously":[23],"unknown":[24],"never":[26],"seen":[27],"attacks":[28,84],"make":[29],"it":[30,33],"attractive,":[31],"but":[32],"is":[34,54,90,110],"more":[35],"prone":[36],"to":[37,56,82,113,127],"higher":[38],"false":[39,88,137],"positives.":[40],"In":[41],"this":[42],"paper,":[43],"we":[44],"present":[45],"simple":[47],"payload":[48],"based":[49],"scheme":[52],"that":[53,59,107],"resilient":[55],"contaminated":[57],"traffic":[58,99],"may":[60],"unintentionally":[61],"be":[62,125],"used":[63,76,126],"during":[64],"training.":[65],"Our":[66],"results":[67,104],"show":[68,106],"that,":[69],"by":[70],"adjusting":[71],"the":[72,80,97,116],"two":[73],"tuning":[74],"parameters":[75],"our":[78,108],"approach,":[79],"ability":[81],"detect":[83],"while":[85,135],"maintaining":[86],"low":[87,139],"positives":[89,138],"not":[91,111],"hindered,":[92],"even":[93],"when":[94],"10%":[95],"training":[98],"consists":[100],"attacks.":[102],"Test":[103],"also":[105],"approach":[109],"sensitive":[112],"changes":[114],"parameters,":[117],"wide":[120],"range":[121],"values":[123],"can":[124],"yield":[128],"high":[129],"per-packet":[130],"rates":[132],"(over":[133],"99.5%)":[134],"keeping":[136],"(below":[140],"0.3%).":[141]},"counts_by_year":[{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}