{"id":"https://openalex.org/W2137559158","doi":"https://doi.org/10.1109/secpri.2002.1004378","title":"Stateful intrusion detection for high-speed network's","display_name":"Stateful intrusion detection for high-speed network's","publication_year":2005,"publication_date":"2005-08-25","ids":{"openalex":"https://openalex.org/W2137559158","doi":"https://doi.org/10.1109/secpri.2002.1004378","mag":"2137559158"},"language":"en","primary_location":{"id":"doi:10.1109/secpri.2002.1004378","is_oa":false,"landing_page_url":"https://doi.org/10.1109/secpri.2002.1004378","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings 2002 IEEE Symposium on Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022177364","display_name":"Christopher Kruegel","orcid":"https://orcid.org/0000-0001-5140-3414"},"institutions":[{"id":"https://openalex.org/I4210109270","display_name":"Reliable Software Resources (United States)","ror":"https://ror.org/01v5fm873","country_code":"US","type":"company","lineage":["https://openalex.org/I4210109270"]},{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"C. Kruegel","raw_affiliation_strings":["Reliable Software Group, University of California, Santa Barbara, USA","Reliable Software Group, California Univ., Santa Barbara, CA, USA"],"affiliations":[{"raw_affiliation_string":"Reliable Software Group, University of California, Santa Barbara, USA","institution_ids":["https://openalex.org/I4210109270","https://openalex.org/I154570441"]},{"raw_affiliation_string":"Reliable Software Group, California Univ., Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111944085","display_name":"F. Valeur","orcid":null},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]},{"id":"https://openalex.org/I4210109270","display_name":"Reliable Software Resources (United States)","ror":"https://ror.org/01v5fm873","country_code":"US","type":"company","lineage":["https://openalex.org/I4210109270"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"F. Valeur","raw_affiliation_strings":["Reliable Software Group, University of California, Santa Barbara, USA","Reliable Software Group, California Univ., Santa Barbara, CA, USA"],"affiliations":[{"raw_affiliation_string":"Reliable Software Group, University of California, Santa Barbara, USA","institution_ids":["https://openalex.org/I4210109270","https://openalex.org/I154570441"]},{"raw_affiliation_string":"Reliable Software Group, California Univ., Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075685499","display_name":"Giovanni Vigna","orcid":"https://orcid.org/0000-0002-3422-5369"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]},{"id":"https://openalex.org/I4210109270","display_name":"Reliable Software Resources (United States)","ror":"https://ror.org/01v5fm873","country_code":"US","type":"company","lineage":["https://openalex.org/I4210109270"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"G. Vigna","raw_affiliation_strings":["Reliable Software Group, University of California, Santa Barbara, USA","Reliable Software Group, California Univ., Santa Barbara, CA, USA"],"affiliations":[{"raw_affiliation_string":"Reliable Software Group, University of California, Santa Barbara, USA","institution_ids":["https://openalex.org/I4210109270","https://openalex.org/I154570441"]},{"raw_affiliation_string":"Reliable Software Group, California Univ., Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109057758","display_name":"Richard A. Kemmerer","orcid":null},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]},{"id":"https://openalex.org/I4210109270","display_name":"Reliable Software Resources (United States)","ror":"https://ror.org/01v5fm873","country_code":"US","type":"company","lineage":["https://openalex.org/I4210109270"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Kemmerer","raw_affiliation_strings":["Reliable Software Group, University of California, Santa Barbara, USA","Reliable Software Group, California Univ., Santa Barbara, CA, USA"],"affiliations":[{"raw_affiliation_string":"Reliable Software Group, University of California, Santa Barbara, USA","institution_ids":["https://openalex.org/I4210109270","https://openalex.org/I154570441"]},{"raw_affiliation_string":"Reliable Software Group, California Univ., Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5022177364"],"corresponding_institution_ids":["https://openalex.org/I154570441","https://openalex.org/I4210109270"],"apc_list":null,"apc_paid":null,"fwci":29.5464,"has_fulltext":false,"cited_by_count":237,"citation_normalized_percentile":{"value":0.99697978,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"285","last_page":"293"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.9471304416656494},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.83144211769104},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7778792381286621},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.6775554418563843},{"id":"https://openalex.org/keywords/throughput","display_name":"Throughput","score":0.6031598448753357},{"id":"https://openalex.org/keywords/slicing","display_name":"Slicing","score":0.6030030250549316},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5854853987693787},{"id":"https://openalex.org/keywords/traffic-analysis","display_name":"Traffic analysis","score":0.531037449836731},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.5158485770225525},{"id":"https://openalex.org/keywords/host-based-intrusion-detection-system","display_name":"Host-based intrusion detection system","score":0.41647955775260925},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.38430947065353394},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2478821873664856},{"id":"https://openalex.org/keywords/intrusion-prevention-system","display_name":"Intrusion prevention system","score":0.1923191249370575},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09909355640411377},{"id":"https://openalex.org/keywords/wireless","display_name":"Wireless","score":0.07176560163497925}],"concepts":[{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.9471304416656494},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.83144211769104},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7778792381286621},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6775554418563843},{"id":"https://openalex.org/C157764524","wikidata":"https://www.wikidata.org/wiki/Q1383412","display_name":"Throughput","level":3,"score":0.6031598448753357},{"id":"https://openalex.org/C2776190703","wikidata":"https://www.wikidata.org/wiki/Q488148","display_name":"Slicing","level":2,"score":0.6030030250549316},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5854853987693787},{"id":"https://openalex.org/C2781317605","wikidata":"https://www.wikidata.org/wiki/Q7832483","display_name":"Traffic analysis","level":2,"score":0.531037449836731},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.5158485770225525},{"id":"https://openalex.org/C90936777","wikidata":"https://www.wikidata.org/wiki/Q917189","display_name":"Host-based intrusion detection system","level":4,"score":0.41647955775260925},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.38430947065353394},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2478821873664856},{"id":"https://openalex.org/C27061796","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion prevention system","level":3,"score":0.1923191249370575},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09909355640411377},{"id":"https://openalex.org/C555944384","wikidata":"https://www.wikidata.org/wiki/Q249","display_name":"Wireless","level":2,"score":0.07176560163497925},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0}],"mesh":[],"locations_count":7,"locations":[{"id":"doi:10.1109/secpri.2002.1004378","is_oa":false,"landing_page_url":"https://doi.org/10.1109/secpri.2002.1004378","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings 2002 IEEE Symposium on Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.10.9488","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.10.9488","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.snort.org/docs/2002_04.ps","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.106.8020","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.106.8020","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.unc.edu/~jeffay/courses/nidsS05/signatures/kemerer-slicing-SP02.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.128.3970","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.128.3970","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://ise.gmu.edu/~xwangc/teaching/ISA674/IDS-Reading/SP02-StatefulIntrusionDetection.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.18.7874","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.18.7874","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.ucsb.edu/~vigna/pub/2002_kruegel_valeur_vigna_kemmerer_secpriv02.ps.gz","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.588.4005","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.588.4005","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www4.comp.polyu.edu.hk/~cszjwang/pattern_matching/high_ids.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.72.772","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.72.772","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.infosys.tuwien.ac.at/Staff/chris/doc/2002_04.ps","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320337525","display_name":"Air Force Materiel Command","ror":"https://ror.org/006gmme17"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W1502950592","https://openalex.org/W1516506771","https://openalex.org/W1621186777","https://openalex.org/W1674877186","https://openalex.org/W2072453486","https://openalex.org/W3021187106","https://openalex.org/W3105162108","https://openalex.org/W6629743290","https://openalex.org/W6630856255","https://openalex.org/W6636526530","https://openalex.org/W6637096788"],"related_works":["https://openalex.org/W1998706977","https://openalex.org/W2241522187","https://openalex.org/W1992118813","https://openalex.org/W1571530516","https://openalex.org/W2137559158","https://openalex.org/W2380136752","https://openalex.org/W2384741105","https://openalex.org/W1977863481","https://openalex.org/W2344573374","https://openalex.org/W2010561419"],"abstract_inverted_index":{"As":[0],"networks":[1],"become":[2],"faster":[3],"there":[4],"is":[5,87,107],"an":[6,55],"emerging":[7],"need":[8],"for":[9],"security,":[10,74],"analysis":[11,63,75],"techniques":[12],"that":[13,40,76,93,110],"can":[14,27,41],"keep":[15,29],"up":[16,30],"with":[17,31,43],"the":[18,62,95,116,131],"increased":[19],"network":[20,73,97],"throughput.":[21],"Existing":[22],"network-based":[23],"intrusion":[24,80],"detection":[25,81],"sensors":[26],"barely,":[28],"bandwidths":[32],"of":[33,54,64,101,139],"a":[34,69,90,111,121,135],"few":[35],"hundred":[36],"Mbps.":[37],"Analysis":[38],"tools":[39],"deal":[42],"higher":[44],"throughput":[45],"are":[46,59],"unable":[47],"to":[48,61,72,119],"maintain":[49],"state":[50],"between":[51],"different":[52],"steps":[53],"attack":[56],"or":[57],"they":[58],"limited":[60],"packet":[65],"headers.":[66],"We":[67],"propose":[68],"partitioning":[70,106],"approach":[71,86,132],"supports":[77],"in-depth,":[78],"stateful":[79],"on":[82],"high-speed":[83],"links.":[84],"The":[85,104],"centered":[88],"around":[89],"slicing":[91],"mechanism":[92],"divides":[94],"overall":[96],"traffic":[98,105],"into":[99],"subsets":[100],"manageable":[102],"size.":[103],"done":[108],"so":[109],"single":[112],"slice":[113],"contains":[114],"all":[115],"evidence":[117],"necessary":[118],"detect":[120],"specific":[122],"attack,":[123],"making":[124],"sensor-to-sensor":[125],"interactions":[126],"unnecessary.":[127],"This":[128],"paper":[129],"describes":[130],"and":[133],"presents":[134],"first":[136],"experimental":[137],"evaluation":[138],"its":[140],"effectiveness.":[141]},"counts_by_year":[{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":8},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":8},{"year":2014,"cited_by_count":7},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":10}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}