{"id":"https://openalex.org/W2085869645","doi":"https://doi.org/10.1145/2381896.2381905","title":"Nonparametric semi-supervised learning for network intrusion detection","display_name":"Nonparametric semi-supervised learning for network intrusion detection","publication_year":2012,"publication_date":"2012-10-19","ids":{"openalex":"https://openalex.org/W2085869645","doi":"https://doi.org/10.1145/2381896.2381905","mag":"2085869645"},"language":"en","primary_location":{"id":"doi:10.1145/2381896.2381905","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2381896.2381905","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM workshop on Security and artificial intelligence","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055365897","display_name":"Christopher T. Symons","orcid":null},"institutions":[{"id":"https://openalex.org/I1289243028","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56","country_code":"US","type":"facility","lineage":["https://openalex.org/I1289243028","https://openalex.org/I1330989302","https://openalex.org/I39565521","https://openalex.org/I4210159294"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Christopher T. Symons","raw_affiliation_strings":["Oak Ridge National Laboratory, Oak Ridge, TN, USA"],"affiliations":[{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN, USA","institution_ids":["https://openalex.org/I1289243028"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5066770245","display_name":"Justin M. Beaver","orcid":"https://orcid.org/0000-0002-0281-6017"},"institutions":[{"id":"https://openalex.org/I1289243028","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56","country_code":"US","type":"facility","lineage":["https://openalex.org/I1289243028","https://openalex.org/I1330989302","https://openalex.org/I39565521","https://openalex.org/I4210159294"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Justin M. Beaver","raw_affiliation_strings":["Oak Ridge National Laboratory, Oak Ridge, TN, USA"],"affiliations":[{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN, USA","institution_ids":["https://openalex.org/I1289243028"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5055365897"],"corresponding_institution_ids":["https://openalex.org/I1289243028"],"apc_list":null,"apc_paid":null,"fwci":5.6735,"has_fulltext":false,"cited_by_count":28,"citation_normalized_percentile":{"value":0.962965,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"49","last_page":"58"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9868000149726868,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7871826887130737},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7044230699539185},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6843130588531494},{"id":"https://openalex.org/keywords/generalization","display_name":"Generalization","score":0.6752572655677795},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6452646255493164},{"id":"https://openalex.org/keywords/supervised-learning","display_name":"Supervised learning","score":0.5770580768585205},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5736464262008667},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5486659407615662},{"id":"https://openalex.org/keywords/nonparametric-statistics","display_name":"Nonparametric statistics","score":0.5192139744758606},{"id":"https://openalex.org/keywords/semi-supervised-learning","display_name":"Semi-supervised learning","score":0.51216721534729},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.47520074248313904},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.465317964553833},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4487272799015045},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4410092234611511}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7871826887130737},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7044230699539185},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6843130588531494},{"id":"https://openalex.org/C177148314","wikidata":"https://www.wikidata.org/wiki/Q170084","display_name":"Generalization","level":2,"score":0.6752572655677795},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6452646255493164},{"id":"https://openalex.org/C136389625","wikidata":"https://www.wikidata.org/wiki/Q334384","display_name":"Supervised learning","level":3,"score":0.5770580768585205},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5736464262008667},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5486659407615662},{"id":"https://openalex.org/C102366305","wikidata":"https://www.wikidata.org/wiki/Q1097688","display_name":"Nonparametric statistics","level":2,"score":0.5192139744758606},{"id":"https://openalex.org/C58973888","wikidata":"https://www.wikidata.org/wiki/Q1041418","display_name":"Semi-supervised learning","level":2,"score":0.51216721534729},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.47520074248313904},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.465317964553833},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4487272799015045},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4410092234611511},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2381896.2381905","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2381896.2381905","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM workshop on Security and artificial intelligence","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","score":0.6299999952316284,"display_name":"Reduced inequalities"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306084","display_name":"U.S. Department of Energy","ror":"https://ror.org/01bj3aw27"},{"id":"https://openalex.org/F4320337547","display_name":"Laboratory Directed Research and Development","ror":"https://ror.org/01e41cf67"},{"id":"https://openalex.org/F4320338287","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":37,"referenced_works":["https://openalex.org/W36398315","https://openalex.org/W149219451","https://openalex.org/W1479807131","https://openalex.org/W1484672383","https://openalex.org/W1530010412","https://openalex.org/W1530215515","https://openalex.org/W1540484164","https://openalex.org/W1578099820","https://openalex.org/W1952056635","https://openalex.org/W1966949944","https://openalex.org/W1975196881","https://openalex.org/W1985987493","https://openalex.org/W1991357106","https://openalex.org/W2008224380","https://openalex.org/W2033692734","https://openalex.org/W2097308346","https://openalex.org/W2101109743","https://openalex.org/W2104290444","https://openalex.org/W2106426069","https://openalex.org/W2106885368","https://openalex.org/W2116753650","https://openalex.org/W2122646361","https://openalex.org/W2130903752","https://openalex.org/W2147454001","https://openalex.org/W2156204309","https://openalex.org/W2164262940","https://openalex.org/W2400028470","https://openalex.org/W2480689818","https://openalex.org/W2997701990","https://openalex.org/W3016683077","https://openalex.org/W3100014375","https://openalex.org/W4312091107","https://openalex.org/W6632212546","https://openalex.org/W6634702315","https://openalex.org/W6713140404","https://openalex.org/W6721905787","https://openalex.org/W7011929552"],"related_works":["https://openalex.org/W122912556","https://openalex.org/W1586607209","https://openalex.org/W4312414840","https://openalex.org/W2621411691","https://openalex.org/W2271357838","https://openalex.org/W2556866732","https://openalex.org/W2348322200","https://openalex.org/W2981952041","https://openalex.org/W2328989934","https://openalex.org/W4288358127"],"abstract_inverted_index":{"A":[0],"barrier":[1],"to":[2,49,97,137,146],"the":[3,13,47,69,85,100,104,115,119,127,138,144,196],"widespread":[4],"adoption":[5],"of":[6,20,29,58,71,118,129,181],"learning-based":[7,79],"network":[8,62,139,175],"intrusion":[9,63,140],"detection":[10,168],"tools":[11],"is":[12,33,95],"in-situ":[14,93],"training":[15,72,94],"requirements":[16,67],"for":[17],"effective":[18],"discrimination":[19],"malicious":[21,174],"traffic.":[22],"Supervised":[23],"learning":[24,105,135,165],"techniques":[25,44],"necessitate":[26],"a":[27,54,78,111,130,190],"quantity":[28],"labeled":[30,59],"examples":[31,73],"that":[32,77,99],"often":[34],"intractable,":[35],"and":[36,108,142,166],"at":[37],"best":[38],"cost-prohibitive.":[39],"Recent":[40],"advances":[41],"in":[42,84,114,169],"semi-supervised":[43,134],"have":[45],"demonstrated":[46],"ability":[48,117],"generalize":[50],"well":[51],"based":[52],"on":[53,68,195],"significantly":[55],"smaller":[56],"set":[57],"samples.":[60],"In":[61,122],"detection,":[64],"placing":[65],"reasonable":[66,112],"number":[70],"provides":[74],"realistic":[75],"expectations":[76],"system":[80],"can":[81],"be":[82,90],"trained":[83],"environment":[86],"where":[87],"it":[88],"will":[89],"deployed.":[91],"This":[92],"necessary":[96],"ensure":[98],"assumptions":[101],"associated":[102],"with":[103],"process":[106],"hold,":[107],"thereby":[109],"support":[110],"belief":[113],"generalization":[116],"resulting":[120],"model.":[121],"this":[123],"paper,":[124],"we":[125],"describe":[126],"application":[128],"carefully":[131],"selected":[132],"nonparametric,":[133],"algorithm":[136],"problem,":[141],"compare":[143],"performance":[145,161],"other":[147],"model":[148],"types":[149],"using":[150],"feature-based":[151],"data":[152],"derived":[153],"from":[154],"an":[155,179],"operational":[156],"network.":[157,198],"We":[158],"demonstrate":[159],"dramatic":[160],"improvements":[162],"over":[163],"supervised":[164],"anomaly":[167],"discriminating":[170],"real,":[171],"previously":[172],"unseen,":[173],"traffic":[176],"while":[177],"generating":[178],"order":[180],"magnitude":[182],"fewer":[183],"false":[184],"alerts":[185],"than":[186],"any":[187],"alternative,":[188],"including":[189],"signature":[191],"IDS":[192],"tool":[193],"deployed":[194],"same":[197]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":7},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}