{"id":"https://openalex.org/W4221154189","doi":"https://doi.org/10.1109/tdsc.2022.3201582","title":"Maintainable Log Datasets for Evaluation of Intrusion Detection Systems","display_name":"Maintainable Log Datasets for Evaluation of Intrusion Detection Systems","publication_year":2022,"publication_date":"2022-08-25","ids":{"openalex":"https://openalex.org/W4221154189","doi":"https://doi.org/10.1109/tdsc.2022.3201582"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2022.3201582","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3201582","pdf_url":"https://ieeexplore.ieee.org/ielx7/8858/4358699/09866880.pdf","source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://ieeexplore.ieee.org/ielx7/8858/4358699/09866880.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072210863","display_name":"Max Landauer","orcid":"https://orcid.org/0000-0003-3813-3151"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":true,"raw_author_name":"Max Landauer","raw_affiliation_strings":["Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria"],"raw_orcid":"https://orcid.org/0000-0003-3813-3151","affiliations":[{"raw_affiliation_string":"Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088439816","display_name":"Florian Skopik","orcid":"https://orcid.org/0000-0002-1922-7892"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Florian Skopik","raw_affiliation_strings":["Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria"],"raw_orcid":"https://orcid.org/0000-0002-1922-7892","affiliations":[{"raw_affiliation_string":"Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046959670","display_name":"Maximilian Frank","orcid":"https://orcid.org/0000-0002-8140-3519"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Maximilian Frank","raw_affiliation_strings":["Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090203198","display_name":"Wolfgang Hotwagner","orcid":"https://orcid.org/0000-0002-2127-4997"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Wolfgang Hotwagner","raw_affiliation_strings":["Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria"],"raw_orcid":"https://orcid.org/0000-0002-2127-4997","affiliations":[{"raw_affiliation_string":"Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029942543","display_name":"Markus Wurzenberger","orcid":"https://orcid.org/0000-0003-3259-6972"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Markus Wurzenberger","raw_affiliation_strings":["Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria"],"raw_orcid":"https://orcid.org/0000-0003-3259-6972","affiliations":[{"raw_affiliation_string":"Center for Digital Safety &#x0026; Security, Austrian Institute of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5057690103","display_name":"Andreas Rauber","orcid":"https://orcid.org/0000-0002-9272-6225"},"institutions":[{"id":"https://openalex.org/I145847075","display_name":"TU Wien","ror":"https://ror.org/04d836q62","country_code":"AT","type":"education","lineage":["https://openalex.org/I145847075"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Andreas Rauber","raw_affiliation_strings":["Institute of Information Systems Engineering, Vienna University of Technology, Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Systems Engineering, Vienna University of Technology, Vienna, Austria","institution_ids":["https://openalex.org/I145847075"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5072210863"],"corresponding_institution_ids":["https://openalex.org/I132118926"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.03406784,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"20","issue":"4","first_page":"3466","last_page":"3482"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.7889000177383423,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.7889000177383423,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.1331000030040741,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.014399999752640724,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.9030284881591797},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8410433530807495},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7174147367477417},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6417938470840454},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.565672755241394},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5297200083732605},{"id":"https://openalex.org/keywords/ground-truth","display_name":"Ground truth","score":0.46454715728759766},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4564914107322693},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.28762322664260864},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.20602720975875854},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.14946943521499634},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.14099320769309998}],"concepts":[{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.9030284881591797},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8410433530807495},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7174147367477417},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6417938470840454},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.565672755241394},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5297200083732605},{"id":"https://openalex.org/C146849305","wikidata":"https://www.wikidata.org/wiki/Q370766","display_name":"Ground truth","level":2,"score":0.46454715728759766},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4564914107322693},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.28762322664260864},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.20602720975875854},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.14946943521499634},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.14099320769309998}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tdsc.2022.3201582","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3201582","pdf_url":"https://ieeexplore.ieee.org/ielx7/8858/4358699/09866880.pdf","source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:2203.08580","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2203.08580","pdf_url":"https://arxiv.org/pdf/2203.08580","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2203.08580","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2203.08580","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.1109/tdsc.2022.3201582","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3201582","pdf_url":"https://ieeexplore.ieee.org/ielx7/8858/4358699/09866880.pdf","source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4221154189.pdf","grobid_xml":"https://content.openalex.org/works/W4221154189.grobid-xml"},"referenced_works_count":34,"referenced_works":["https://openalex.org/W433644524","https://openalex.org/W1981738628","https://openalex.org/W1987513422","https://openalex.org/W2015034701","https://openalex.org/W2039157918","https://openalex.org/W2070627221","https://openalex.org/W2077137143","https://openalex.org/W2089647250","https://openalex.org/W2122646361","https://openalex.org/W2292857353","https://openalex.org/W2560021099","https://openalex.org/W2601474892","https://openalex.org/W2767094836","https://openalex.org/W2770942607","https://openalex.org/W2789828921","https://openalex.org/W2792581684","https://openalex.org/W2890792016","https://openalex.org/W2894542239","https://openalex.org/W2903872466","https://openalex.org/W2958285686","https://openalex.org/W2974504164","https://openalex.org/W3006926329","https://openalex.org/W3016974523","https://openalex.org/W3102029110","https://openalex.org/W3201763010","https://openalex.org/W3212815918","https://openalex.org/W4220983750","https://openalex.org/W4243065151","https://openalex.org/W4293234321","https://openalex.org/W4300038061","https://openalex.org/W6657300619","https://openalex.org/W6729497825","https://openalex.org/W6862842115","https://openalex.org/W6927331436"],"related_works":["https://openalex.org/W1295707","https://openalex.org/W1283707","https://openalex.org/W264604","https://openalex.org/W11100131","https://openalex.org/W2931259","https://openalex.org/W493721","https://openalex.org/W15414116","https://openalex.org/W1278881","https://openalex.org/W1079135","https://openalex.org/W9561701"],"abstract_inverted_index":{"Intrusion":[0],"detection":[1,25,44],"systems":[2],"(IDS)":[3],"monitor":[4],"system":[5,66],"logs":[6],"and":[7,18,112,131,179,184,194],"network":[8],"traffic":[9],"to":[10,23,107,189,192],"recognize":[11],"malicious":[12],"activities":[13],"in":[14,33,94],"computer":[15],"networks.":[16],"Evaluating":[17],"comparing":[19],"IDSs":[20],"with":[21,145],"respect":[22],"their":[24,31],"accuracies":[26],"is":[27],"thereby":[28],"essential":[29],"for":[30,168,181],"selection":[32],"specific":[34],"use-cases.":[35],"Despite":[36],"a":[37,50,70,83,87,95,98,114],"great":[38],"need,":[39],"hardly":[40],"any":[41],"labeled":[42,176],"intrusion":[43],"datasets":[45,58,76,92,138,154,178],"are":[46,53],"publicly":[47],"available.":[48],"As":[49,82],"consequence,":[51],"evaluations":[52],"often":[54],"carried":[55],"out":[56],"on":[57],"from":[59,124],"real":[60],"infrastructures,":[61],"where":[62],"analysts":[63],"cannot":[64],"control":[65],"parameters":[67],"or":[68,74],"generate":[69],"reliable":[71],"ground":[72],"truth,":[73],"private":[75],"that":[77,127,139],"prevent":[78],"reproducibility":[79],"of":[80,89,133,137,142,147,159,162],"results.":[81,197],"solution,":[84],"we":[85,102,121,151,164],"present":[86],"collection":[88],"maintainable":[90],"log":[91,160,177],"collected":[93],"testbed":[96,119,182],"representing":[97],"small":[99],"enterprise.":[100],"Thereby,":[101],"employ":[103],"extensive":[104],"state":[105],"machines":[106],"simulate":[108],"normal":[109],"user":[110],"behavior":[111],"inject":[113],"multi-step":[115],"attack.":[116],"For":[117],"scalable":[118],"deployment,":[120],"use":[122],"concepts":[123],"model-driven":[125],"engineering":[126],"enable":[128,190],"automatic":[129],"generation":[130],"labeling":[132],"an":[134],"arbitrary":[135],"number":[136],"comprise":[140],"repetitions":[141],"attack":[143,171],"executions":[144],"variations":[146],"parameters.":[148],"In":[149],"total,":[150],"provide":[152],"8":[153,166],"containing":[155],"20":[156],"distinct":[157],"types":[158],"files,":[161],"which":[163],"label":[165],"files":[167],"10":[169],"unique":[170],"steps.":[172],"We":[173],"publish":[174],"the":[175],"code":[180],"setup":[183],"simulation":[185],"online":[186],"as":[187],"open-source":[188],"others":[191],"reproduce":[193],"extend":[195],"our":[196]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2022-04-03T00:00:00"}