{"id":"https://openalex.org/W2066608078","doi":"https://doi.org/10.1145/1599272.1599276","title":"Combining incremental Hidden Markov Model and Adaboost algorithm for anomaly intrusion detection","display_name":"Combining incremental Hidden Markov Model and Adaboost algorithm for anomaly intrusion detection","publication_year":2009,"publication_date":"2009-06-28","ids":{"openalex":"https://openalex.org/W2066608078","doi":"https://doi.org/10.1145/1599272.1599276","mag":"2066608078"},"language":"en","primary_location":{"id":"doi:10.1145/1599272.1599276","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1599272.1599276","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003202344","display_name":"Yushu Chen","orcid":"https://orcid.org/0000-0003-0731-0813"},"institutions":[{"id":"https://openalex.org/I22265921","display_name":"National Central University","ror":"https://ror.org/00944ve71","country_code":"TW","type":"education","lineage":["https://openalex.org/I22265921"]}],"countries":["TW"],"is_corresponding":true,"raw_author_name":"Yu-Shu Chen","raw_affiliation_strings":["National Central University, Jhongli, Taiwan, R.O.C"],"affiliations":[{"raw_affiliation_string":"National Central University, Jhongli, Taiwan, R.O.C","institution_ids":["https://openalex.org/I22265921"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100333361","display_name":"Yiming Chen","orcid":"https://orcid.org/0000-0002-8894-2902"},"institutions":[{"id":"https://openalex.org/I22265921","display_name":"National Central University","ror":"https://ror.org/00944ve71","country_code":"TW","type":"education","lineage":["https://openalex.org/I22265921"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Yi-Ming Chen","raw_affiliation_strings":["National Central University, Jhongli, Taiwan, R.O.C"],"affiliations":[{"raw_affiliation_string":"National Central University, Jhongli, Taiwan, R.O.C","institution_ids":["https://openalex.org/I22265921"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5003202344"],"corresponding_institution_ids":["https://openalex.org/I22265921"],"apc_list":null,"apc_paid":null,"fwci":4.1142,"has_fulltext":false,"cited_by_count":30,"citation_normalized_percentile":{"value":0.94184521,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"3","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adaboost","display_name":"AdaBoost","score":0.8700778484344482},{"id":"https://openalex.org/keywords/hidden-markov-model","display_name":"Hidden Markov model","score":0.8627338409423828},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.747552752494812},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6831325888633728},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6830615997314453},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.6195852160453796},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.610373854637146},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.5373325347900391},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.4421796500682831},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.37304550409317017},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.10871580243110657}],"concepts":[{"id":"https://openalex.org/C141404830","wikidata":"https://www.wikidata.org/wiki/Q2823869","display_name":"AdaBoost","level":3,"score":0.8700778484344482},{"id":"https://openalex.org/C23224414","wikidata":"https://www.wikidata.org/wiki/Q176769","display_name":"Hidden Markov model","level":2,"score":0.8627338409423828},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.747552752494812},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6831325888633728},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6830615997314453},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.6195852160453796},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.610373854637146},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.5373325347900391},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.4421796500682831},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.37304550409317017},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.10871580243110657},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1599272.1599276","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1599272.1599276","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4250678509","display_name":null,"funder_award_id":"NSC 95-2221-E-008-059NSC 96-2628-E-008-008-MY3","funder_id":"https://openalex.org/F4320321040","funder_display_name":"National Science Council"}],"funders":[{"id":"https://openalex.org/F4320321040","display_name":"National Science Council","ror":"https://ror.org/02kv4zf79"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W41799534","https://openalex.org/W1487831638","https://openalex.org/W1502260130","https://openalex.org/W1521548765","https://openalex.org/W1988790447","https://openalex.org/W2081811445","https://openalex.org/W2101916222","https://openalex.org/W2105594594","https://openalex.org/W2114672699","https://openalex.org/W2123031544","https://openalex.org/W2125485365","https://openalex.org/W2125727422","https://openalex.org/W2125838338","https://openalex.org/W2126329223","https://openalex.org/W2129860818","https://openalex.org/W2134521188","https://openalex.org/W2145073242","https://openalex.org/W2150755264","https://openalex.org/W2155714768","https://openalex.org/W2156332321","https://openalex.org/W2166855330","https://openalex.org/W2171924504","https://openalex.org/W2400267228","https://openalex.org/W4241231219","https://openalex.org/W4244364296","https://openalex.org/W6678897868","https://openalex.org/W6681651645"],"related_works":["https://openalex.org/W2393267898","https://openalex.org/W2938728536","https://openalex.org/W2369874171","https://openalex.org/W2104955141","https://openalex.org/W2383301100","https://openalex.org/W2392864074","https://openalex.org/W2352639800","https://openalex.org/W195614647","https://openalex.org/W3112374511","https://openalex.org/W4283582846"],"abstract_inverted_index":{"Traditional":[0],"Hidden":[1],"Markov":[2],"Model":[3],"(HMM)":[4],"has":[5],"been":[6],"successfully":[7],"applied":[8],"to":[9,44,59,108,151],"anomaly":[10,50],"intrusion":[11,51],"detection.":[12,52],"Incremental":[13],"HMM":[14,25,140],"(IHMM)":[15],"further":[16],"improves":[17],"the":[18,30,65,70,74,86,92,110,132,146],"training":[19,147],"time":[20,148],"of":[21,32,67,77,120,134],"HMM.":[22],"However,":[23],"both":[24],"and":[26,47],"IHMM":[27,46],"still":[28],"have":[29],"problem":[31],"high":[33],"false":[34,93],"positive":[35,94],"rate.":[36,101],"In":[37],"this":[38],"paper,":[39],"we":[40,103],"propose":[41,105],"an":[42],"Adaboost-IHMM":[43,71],"combine":[45],"adaboost":[48,54],"for":[49,113],"As":[53],"firstly":[55],"uses":[56],"many":[57],"IHMMs":[58],"collectively":[60],"classify":[61],"samples":[62],"then":[63],"decides":[64],"results":[66,80],"samples'":[68],"classifications,":[69],"can":[72,89,144],"improve":[73,91,145],"accurate":[75],"rate":[76,95],"classifications.":[78],"Experimental":[79],"with":[81,125,127,138],"Stide":[82],"datasets":[83,129],"show":[84],"that":[85],"proposed":[87],"method":[88,107,143],"significantly":[90],"by":[96,118,149],"70%":[97],"without":[98],"decreasing":[99],"detection":[100,116],"Besides,":[102],"also":[104],"a":[106,153],"adjust":[109],"normal":[111,121,155],"profile":[112],"avoiding":[114],"erroneous":[115],"caused":[117],"changes":[119],"behavior.":[122],"We":[123],"perform":[124],"experiments":[126],"realistic":[128],"extracted":[130],"from":[131],"use":[133],"popular":[135],"browsers.":[136],"Compared":[137],"traditional":[139],"method,":[141],"our":[142],"90%":[150],"build":[152],"new":[154],"profile.":[156]},"counts_by_year":[{"year":2023,"cited_by_count":2},{"year":2021,"cited_by_count":3},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":6},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}