{"id":"https://openalex.org/W2125916719","doi":"https://doi.org/10.1109/icccn.2005.1523864","title":"Detecting denial-of-service attacks with incomplete audit data","display_name":"Detecting denial-of-service attacks with incomplete audit data","publication_year":2006,"publication_date":"2006-10-11","ids":{"openalex":"https://openalex.org/W2125916719","doi":"https://doi.org/10.1109/icccn.2005.1523864","mag":"2125916719"},"language":"en","primary_location":{"id":"doi:10.1109/icccn.2005.1523864","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccn.2005.1523864","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings. 14th International Conference on Computer Communications and Networks, 2005. ICCCN 2005.","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010710333","display_name":"Animesh Patcha","orcid":null},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"A. Patcha","raw_affiliation_strings":["Bradley Department of Electrical and Computer Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA, USA"],"affiliations":[{"raw_affiliation_string":"Bradley Department of Electrical and Computer Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA, USA","institution_ids":["https://openalex.org/I859038795"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113422035","display_name":"J.-M. Park","orcid":null},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jung-Min Park","raw_affiliation_strings":["Bradley Department of Electrical and Computer Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA, USA","Virginia Tech"],"affiliations":[{"raw_affiliation_string":"Bradley Department of Electrical and Computer Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA, USA","institution_ids":["https://openalex.org/I859038795"]},{"raw_affiliation_string":"Virginia Tech","institution_ids":["https://openalex.org/I859038795"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5010710333"],"corresponding_institution_ids":["https://openalex.org/I859038795"],"apc_list":null,"apc_paid":null,"fwci":0.6036,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.73060582,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"263","last_page":"268"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7905433177947998},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7301468849182129},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.6852978467941284},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.6649662256240845},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5901669263839722},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.46407368779182434},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4402201473712921},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.1678529977798462},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.09569668769836426}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7905433177947998},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7301468849182129},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.6852978467941284},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.6649662256240845},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5901669263839722},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.46407368779182434},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4402201473712921},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.1678529977798462},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.09569668769836426},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icccn.2005.1523864","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccn.2005.1523864","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings. 14th International Conference on Computer Communications and Networks, 2005. ICCCN 2005.","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6499999761581421,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W44307044","https://openalex.org/W1543388142","https://openalex.org/W1552339598","https://openalex.org/W1554085250","https://openalex.org/W1566480186","https://openalex.org/W1592090717","https://openalex.org/W1993284846","https://openalex.org/W2026450968","https://openalex.org/W2044758663","https://openalex.org/W2049633694","https://openalex.org/W2057712948","https://openalex.org/W2095897464","https://openalex.org/W2099581008","https://openalex.org/W2108601876","https://openalex.org/W2123845384","https://openalex.org/W2129281431","https://openalex.org/W2187867856","https://openalex.org/W2567948266","https://openalex.org/W3197494818","https://openalex.org/W4230773251","https://openalex.org/W4231029117","https://openalex.org/W4253461361","https://openalex.org/W4255911135","https://openalex.org/W6601831299","https://openalex.org/W6632547301","https://openalex.org/W6632829031","https://openalex.org/W6635595544","https://openalex.org/W6648522431","https://openalex.org/W6687285320","https://openalex.org/W6721667826"],"related_works":["https://openalex.org/W4386482731","https://openalex.org/W2765763546","https://openalex.org/W4385302085","https://openalex.org/W2360429410","https://openalex.org/W4390188535","https://openalex.org/W4256682929","https://openalex.org/W335511927","https://openalex.org/W2471811227","https://openalex.org/W2217591390","https://openalex.org/W2157496457"],"abstract_inverted_index":{"With":[0],"the":[1,29,37,54,59,62,70,82,85,110,127,132,138,142,147,152,166],"ever":[2],"increasing":[3],"deployment":[4],"and":[5,33,61,136,159],"usage":[6],"of":[7,31,39,58,65,81,87,149,151],"gigabit":[8],"networks,":[9],"traditional":[10],"network":[11,66,71,83,105],"anomaly":[12,88,96,106],"detection":[13,16,97,171],"based":[14],"intrusion":[15,40,170],"systems":[17,26],"have":[18],"not":[19,24,48,123],"scaled":[20],"accordingly.":[21],"Most,":[22],"if":[23],"all,":[25],"deployed":[27],"assume":[28],"availability":[30],"complete":[32],"clean":[34],"data":[35,67,121,135,160],"for":[36,84,104],"purpose":[38,86],"detection.":[41,89],"We":[42,125,145,162],"contend":[43],"that":[44,108],"this":[45,91],"assumption":[46],"is":[47,122],"valid.":[49],"Factors":[50],"like":[51],"noise":[52],"in":[53,141],"audit":[55,120,134,143],"data,":[56],"mobility":[57],"nodes":[60],"large":[63],"amount":[64],"generated":[68],"by":[69,155],"make":[72],"it":[73],"difficult":[74],"to":[75,112,130],"build":[76],"a":[77],"normal":[78],"traffic":[79],"profile":[80],"From":[90],"perspective,":[92],"we":[93],"present":[94],"an":[95],"scheme,":[98],"called":[99],"SCAN":[100,164],"(stochastic":[101],"clustering":[102,153],"algorithm":[103,129],"detection),":[107],"has":[109],"capability":[111],"detect":[113],"intrusions":[114],"with":[115],"high":[116],"accuracy":[117],"even":[118],"when":[119],"complete.":[124],"use":[126],"expectation-maximization":[128],"cluster":[131],"incoming":[133],"compute":[137],"missing":[139],"values":[140],"data.":[144],"improve":[146],"speed":[148],"convergence":[150],"process":[154],"using":[156,165],"Bloom":[157],"filters":[158],"summaries.":[161],"evaluate":[163],"1999":[167],"DARPA/Lincoln":[168],"Laboratory":[169],"evaluation":[172],"dataset.":[173]},"counts_by_year":[{"year":2017,"cited_by_count":2},{"year":2013,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}