{"id":"https://openalex.org/W3136916314","doi":"https://doi.org/10.1109/tr.2021.3061297","title":"Syrius: Synthesis of Rules for Intrusion Detectors","display_name":"Syrius: Synthesis of Rules for Intrusion Detectors","publication_year":2021,"publication_date":"2021-03-17","ids":{"openalex":"https://openalex.org/W3136916314","doi":"https://doi.org/10.1109/tr.2021.3061297","mag":"3136916314"},"language":"en","primary_location":{"id":"doi:10.1109/tr.2021.3061297","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tr.2021.3061297","pdf_url":null,"source":{"id":"https://openalex.org/S87725633","display_name":"IEEE Transactions on Reliability","issn_l":"0018-9529","issn":["0018-9529","1558-1721"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Reliability","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003878696","display_name":"Lucas Alcantara","orcid":"https://orcid.org/0000-0002-9282-4730"},"institutions":[{"id":"https://openalex.org/I25112270","display_name":"Universidade Federal de Pernambuco","ror":"https://ror.org/047908t24","country_code":"BR","type":"education","lineage":["https://openalex.org/I25112270"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Lucas Alcantara","raw_affiliation_strings":["Centro de Informatica - CIn, Universidade Federal de Pernambuco, Recife, Brazil"],"raw_orcid":"https://orcid.org/0000-0002-9282-4730","affiliations":[{"raw_affiliation_string":"Centro de Informatica - CIn, Universidade Federal de Pernambuco, Recife, Brazil","institution_ids":["https://openalex.org/I25112270"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084205657","display_name":"Guilherme Afonso Galindo Padilha","orcid":"https://orcid.org/0000-0002-5612-9298"},"institutions":[{"id":"https://openalex.org/I25112270","display_name":"Universidade Federal de Pernambuco","ror":"https://ror.org/047908t24","country_code":"BR","type":"education","lineage":["https://openalex.org/I25112270"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Guilherme Padilha","raw_affiliation_strings":["Centro de Informatica - CIn, Universidade Federal de Pernambuco, Recife, Brazil"],"raw_orcid":"https://orcid.org/0000-0002-5612-9298","affiliations":[{"raw_affiliation_string":"Centro de Informatica - CIn, Universidade Federal de Pernambuco, Recife, Brazil","institution_ids":["https://openalex.org/I25112270"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030785658","display_name":"Rui Abreu","orcid":"https://orcid.org/0000-0003-3734-3157"},"institutions":[{"id":"https://openalex.org/I121345201","display_name":"Instituto de Engenharia de Sistemas e Computadores Investiga\u00e7\u00e3o e Desenvolvimento","ror":"https://ror.org/04mqy3p58","country_code":"PT","type":"nonprofit","lineage":["https://openalex.org/I121345201","https://openalex.org/I4210125590"]},{"id":"https://openalex.org/I182534213","display_name":"Universidade do Porto","ror":"https://ror.org/043pwc612","country_code":"PT","type":"education","lineage":["https://openalex.org/I182534213"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Rui Abreu","raw_affiliation_strings":["Faculty of Engineering, University of Porto, Porto, Portugal","INESC-ID, Lisboa, Portugal"],"raw_orcid":"https://orcid.org/0000-0003-3734-3157","affiliations":[{"raw_affiliation_string":"Faculty of Engineering, University of Porto, Porto, Portugal","institution_ids":["https://openalex.org/I182534213"]},{"raw_affiliation_string":"INESC-ID, Lisboa, Portugal","institution_ids":["https://openalex.org/I121345201"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020353093","display_name":"Marcelo d\u2019Amorim","orcid":"https://orcid.org/0000-0002-1323-8769"},"institutions":[{"id":"https://openalex.org/I25112270","display_name":"Universidade Federal de Pernambuco","ror":"https://ror.org/047908t24","country_code":"BR","type":"education","lineage":["https://openalex.org/I25112270"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Marcelo d'Amorim","raw_affiliation_strings":["Centro de Informatica - CIn, Universidade Federal de Pernambuco, Recife, Brazil"],"raw_orcid":"https://orcid.org/0000-0002-1323-8769","affiliations":[{"raw_affiliation_string":"Centro de Informatica - CIn, Universidade Federal de Pernambuco, Recife, Brazil","institution_ids":["https://openalex.org/I25112270"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5003878696"],"corresponding_institution_ids":["https://openalex.org/I25112270"],"apc_list":null,"apc_paid":null,"fwci":1.7614,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.85028777,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"71","issue":"1","first_page":"370","last_page":"381"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5336661338806152},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.47241440415382385},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.4641052484512329},{"id":"https://openalex.org/keywords/intelligent-design","display_name":"Intelligent design","score":0.4608575403690338},{"id":"https://openalex.org/keywords/rank","display_name":"Rank (graph theory)","score":0.4132484495639801},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.39667651057243347},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.32551178336143494},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.1969635784626007},{"id":"https://openalex.org/keywords/combinatorics","display_name":"Combinatorics","score":0.14617791771888733},{"id":"https://openalex.org/keywords/philosophy","display_name":"Philosophy","score":0.12526127696037292}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5336661338806152},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.47241440415382385},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.4641052484512329},{"id":"https://openalex.org/C61563769","wikidata":"https://www.wikidata.org/wiki/Q172618","display_name":"Intelligent design","level":2,"score":0.4608575403690338},{"id":"https://openalex.org/C164226766","wikidata":"https://www.wikidata.org/wiki/Q7293202","display_name":"Rank (graph theory)","level":2,"score":0.4132484495639801},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.39667651057243347},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.32551178336143494},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.1969635784626007},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.14617791771888733},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.12526127696037292},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tr.2021.3061297","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tr.2021.3061297","pdf_url":null,"source":{"id":"https://openalex.org/S87725633","display_name":"IEEE Transactions on Reliability","issn_l":"0018-9529","issn":["0018-9529","1558-1721"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Reliability","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7400000095367432}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W2103876481","https://openalex.org/W2161630727","https://openalex.org/W2168801335","https://openalex.org/W2292926767","https://openalex.org/W2342408547","https://openalex.org/W2399941526","https://openalex.org/W2490420619","https://openalex.org/W2507901336","https://openalex.org/W2527840540","https://openalex.org/W2529049317","https://openalex.org/W2606697812","https://openalex.org/W2767549482","https://openalex.org/W2772008372","https://openalex.org/W2810065972","https://openalex.org/W2898621501","https://openalex.org/W2923204647","https://openalex.org/W2959799120","https://openalex.org/W3083510345","https://openalex.org/W6760990770"],"related_works":["https://openalex.org/W1991504774","https://openalex.org/W2051487156","https://openalex.org/W2073681303","https://openalex.org/W26271133","https://openalex.org/W2109483136","https://openalex.org/W2362790226","https://openalex.org/W3172717759","https://openalex.org/W2906422846","https://openalex.org/W2357468538","https://openalex.org/W2133389611"],"abstract_inverted_index":{"Network":[0],"intrusion":[1],"detection":[2],"systems":[3,15],"(NIDS)":[4],"are":[5],"popular":[6],"tools":[7],"to":[8,46,79,95,112],"defend":[9],"local":[10],"networks":[11],"against":[12,33,136],"attacks.":[13,100],"These":[14],"monitor":[16],"the":[17,30,124,153,157,163,171],"network":[18,31,141],"traffic":[19,32,94],"and":[20,91,126,159,168],"flag":[21],"suspicious":[22],"behavior.":[23],"Rule-based":[24],"NIDS":[25],"do":[26],"that":[27],"by":[28],"checking":[29],"a":[34,76,107,137],"set":[35,138],"of":[36,57,109,139,151,162,170],"rules,":[37],"which":[38],"become":[39],"obsolete":[40],"as":[41,106],"attackers":[42],"learn":[43],"new":[44,99],"strategies":[45],"circumvent":[47],"existing":[48],"defenses.":[49],"This":[50],"article":[51],"proposes":[52],"<bold":[53,59,64,68],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[54,60,65,69,73,86,102,134,147],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">sy</b>":[55],"nthesis":[56],"su":[58],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">ri</b>":[61],"cata":[62],"r":[63],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">u</b>":[66],"le":[67],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">s</b>":[70],"(":[71],"<sc":[72,85,101,133,146],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Syrius</small>":[74,87,103,135,148],"),":[75],"novel":[77],"approach":[78],"synthesize":[80],"rules":[81,97,122,161],"for":[82,98],"rule-based":[83],"NIDS.":[84],"leverages":[88],"malicious":[89],"(positive)":[90],"benign":[92],"(negative)":[93],"create":[96,114],"is":[104],"organized":[105],"pipeline":[108],"three":[110],"components":[111],"1)":[113],"an":[115],"overspecified":[116],"seed":[117],"rule,":[118],"2)":[119],"derive":[120],"plausible":[121,129],"from":[123],"seed,":[125],"3)":[127],"rank":[128],"rules.":[130],"We":[131],"evaluated":[132],"21":[140],"attacks":[142],"with":[143],"various":[144],"characteristics.":[145],"was":[149],"capable":[150],"generating":[152],"correct":[154],"rule":[155],"among":[156],"top-3":[158],"top-1":[160],"ranking,":[164],"respectively,":[165],"in":[166],"80.1%":[167],"47.6%":[169],"cases.":[172]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}