{"id":"https://openalex.org/W2118581001","doi":"https://doi.org/10.1145/1852666.1852712","title":"Alerts visualization and clustering in network-based intrusion detection","display_name":"Alerts visualization and clustering in network-based intrusion detection","publication_year":2010,"publication_date":"2010-04-21","ids":{"openalex":"https://openalex.org/W2118581001","doi":"https://doi.org/10.1145/1852666.1852712","mag":"2118581001"},"language":"en","primary_location":{"id":"doi:10.1145/1852666.1852712","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1852666.1852712","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043354707","display_name":"Swetha Dasireddy","orcid":null},"institutions":[{"id":"https://openalex.org/I177097968","display_name":"University of Tennessee at Chattanooga","ror":"https://ror.org/00nqb1v70","country_code":"US","type":"education","lineage":["https://openalex.org/I177097968"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Swetha Dasireddy","raw_affiliation_strings":["University of TN at Chattanooga, Chattanooga, TN"],"affiliations":[{"raw_affiliation_string":"University of TN at Chattanooga, Chattanooga, TN","institution_ids":["https://openalex.org/I177097968"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010611316","display_name":"Wade Gasior","orcid":null},"institutions":[{"id":"https://openalex.org/I177097968","display_name":"University of Tennessee at Chattanooga","ror":"https://ror.org/00nqb1v70","country_code":"US","type":"education","lineage":["https://openalex.org/I177097968"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wade Gasior","raw_affiliation_strings":["University of TN at Chattanooga, Chattanooga, TN"],"affiliations":[{"raw_affiliation_string":"University of TN at Chattanooga, Chattanooga, TN","institution_ids":["https://openalex.org/I177097968"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041280931","display_name":"Xiaohui Cui","orcid":"https://orcid.org/0000-0001-6079-009X"},"institutions":[{"id":"https://openalex.org/I1289243028","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56","country_code":"US","type":"facility","lineage":["https://openalex.org/I1289243028","https://openalex.org/I1330989302","https://openalex.org/I39565521","https://openalex.org/I4210159294"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaohui Cui","raw_affiliation_strings":["Oak Ridge National Laboratory, Oak Ridge, TN","Oak Ridge National Laboratory, Oak Ridge, TN#TAB#"],"affiliations":[{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN","institution_ids":["https://openalex.org/I1289243028"]},{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN#TAB#","institution_ids":["https://openalex.org/I1289243028"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101863952","display_name":"Li Yang","orcid":"https://orcid.org/0000-0003-0314-503X"},"institutions":[{"id":"https://openalex.org/I177097968","display_name":"University of Tennessee at Chattanooga","ror":"https://ror.org/00nqb1v70","country_code":"US","type":"education","lineage":["https://openalex.org/I177097968"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Li Yang","raw_affiliation_strings":["University of TN at Chattanooga, Chattanooga, TN"],"affiliations":[{"raw_affiliation_string":"University of TN at Chattanooga, Chattanooga, TN","institution_ids":["https://openalex.org/I177097968"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5043354707"],"corresponding_institution_ids":["https://openalex.org/I177097968"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.19920484,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7752269506454468},{"id":"https://openalex.org/keywords/visualization","display_name":"Visualization","score":0.7546558380126953},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.703216552734375},{"id":"https://openalex.org/keywords/network-administrator","display_name":"Network administrator","score":0.6082991361618042},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5329892039299011},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.5249050855636597},{"id":"https://openalex.org/keywords/network-topology","display_name":"Network topology","score":0.4989783763885498},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.47894102334976196},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4639316201210022},{"id":"https://openalex.org/keywords/data-visualization","display_name":"Data visualization","score":0.45764416456222534},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4439721405506134},{"id":"https://openalex.org/keywords/network-monitoring","display_name":"Network monitoring","score":0.4393320083618164},{"id":"https://openalex.org/keywords/node","display_name":"Node (physics)","score":0.42426639795303345},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.42168623208999634},{"id":"https://openalex.org/keywords/network-forensics","display_name":"Network forensics","score":0.41836270689964294},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3216424882411957},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.19911110401153564},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.19426178932189941},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11159753799438477}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7752269506454468},{"id":"https://openalex.org/C36464697","wikidata":"https://www.wikidata.org/wiki/Q451553","display_name":"Visualization","level":2,"score":0.7546558380126953},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.703216552734375},{"id":"https://openalex.org/C2779173999","wikidata":"https://www.wikidata.org/wiki/Q680296","display_name":"Network administrator","level":2,"score":0.6082991361618042},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5329892039299011},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.5249050855636597},{"id":"https://openalex.org/C199845137","wikidata":"https://www.wikidata.org/wiki/Q145490","display_name":"Network topology","level":2,"score":0.4989783763885498},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.47894102334976196},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4639316201210022},{"id":"https://openalex.org/C172367668","wikidata":"https://www.wikidata.org/wiki/Q6504956","display_name":"Data visualization","level":3,"score":0.45764416456222534},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4439721405506134},{"id":"https://openalex.org/C81877898","wikidata":"https://www.wikidata.org/wiki/Q1965787","display_name":"Network monitoring","level":2,"score":0.4393320083618164},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.42426639795303345},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.42168623208999634},{"id":"https://openalex.org/C50747538","wikidata":"https://www.wikidata.org/wiki/Q7001032","display_name":"Network forensics","level":3,"score":0.41836270689964294},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3216424882411957},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.19911110401153564},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.19426178932189941},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11159753799438477},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1852666.1852712","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1852666.1852712","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.414.9944","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.414.9944","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://aser.ornl.gov/cui/personal/document/csiirw6_submission_93.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320316373","display_name":"Tennessee Higher Education Commission","ror":"https://ror.org/05qx7aj05"},{"id":"https://openalex.org/F4320316958","display_name":"Center of Excellence in Applied Computational Science and Engineering","ror":null},{"id":"https://openalex.org/F4320338287","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1565377632","https://openalex.org/W1592090113","https://openalex.org/W1887038067","https://openalex.org/W1938740620","https://openalex.org/W1984616659","https://openalex.org/W2033123765","https://openalex.org/W2037369246","https://openalex.org/W2055416592","https://openalex.org/W2063329049","https://openalex.org/W2072695755","https://openalex.org/W2082600559","https://openalex.org/W2084687655","https://openalex.org/W2089509121","https://openalex.org/W2130598833","https://openalex.org/W2161830378","https://openalex.org/W2482589566","https://openalex.org/W6633894697"],"related_works":["https://openalex.org/W2770733137","https://openalex.org/W2360330114","https://openalex.org/W2035643924","https://openalex.org/W3139002588","https://openalex.org/W1685415006","https://openalex.org/W3112536095","https://openalex.org/W2553802035","https://openalex.org/W4207048601","https://openalex.org/W2537496145","https://openalex.org/W2587426284"],"abstract_inverted_index":{"Today's":[0],"Intrusion":[1],"detection":[2,30],"systems":[3,31],"when":[4],"deployed":[5],"on":[6],"a":[7,36,52],"busy":[8],"network":[9,12,27,65,73,95,123],"overload":[10],"the":[11,42,64,68,72,94,98,114,126,135],"with":[13,67,97,116,125],"huge":[14],"number":[15],"of":[16,20,71,77,101,128,131],"alerts.":[17],"This":[18,121],"behavior":[19],"producing":[21],"too":[22],"much":[23],"raw":[24],"information":[25,76],"makes":[26],"based":[28],"intrusion":[29],"less":[32],"effective.":[33],"We":[34],"propose":[35],"system":[37],"which":[38,105],"groups":[39],"and":[40,74,85,113],"analyzes":[41],"alerts":[43,84,115],"generated":[44],"by":[45],"Snort":[46],"to":[47],"visualize":[48],"possible":[49],"intrusions":[50,132],"in":[51,104,110],"network.":[53],"Our":[54,60],"Visualization":[55],"model":[56],"contains":[57],"two":[58],"components.":[59],"first":[61],"component":[62],"gives":[63,122],"administrator":[66,96,124],"logical":[69],"topology":[70],"detailed":[75],"each":[78,106],"node":[79],"that":[80],"involves":[81],"its":[82],"associated":[83],"connections.":[86],"The":[87],"second":[88],"visualization":[89],"component,":[90],"flocking":[91],"model,":[92],"presents":[93],"visual":[99],"representation":[100],"IDS":[102],"data":[103],"alert":[107,136],"is":[108],"represented":[109],"different":[111],"color":[112],"maximum":[117],"similarity":[118],"move":[119],"together.":[120],"idea":[127],"detecting":[129],"various":[130],"through":[133],"visualizing":[134],"patterns.":[137]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2014,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}