{"id":"https://openalex.org/W2785123216","doi":"https://doi.org/10.1145/3143422","title":"Exploiting Content Spatial Distribution to Improve Detection of Intrusions","display_name":"Exploiting Content Spatial Distribution to Improve Detection of Intrusions","publication_year":2018,"publication_date":"2018-01-20","ids":{"openalex":"https://openalex.org/W2785123216","doi":"https://doi.org/10.1145/3143422","mag":"2785123216"},"language":"en","primary_location":{"id":"doi:10.1145/3143422","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3143422","pdf_url":null,"source":{"id":"https://openalex.org/S97833917","display_name":"ACM Transactions on Internet Technology","issn_l":"1533-5399","issn":["1533-5399","1557-6051"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Internet Technology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075369704","display_name":"Fabrizio Angiulli","orcid":"https://orcid.org/0000-0002-9860-7569"},"institutions":[{"id":"https://openalex.org/I45204951","display_name":"University of Calabria","ror":"https://ror.org/02rc97e94","country_code":"IT","type":"education","lineage":["https://openalex.org/I45204951"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Fabrizio Angiulli","raw_affiliation_strings":["University of Calabria, Rende(CS), Italy"],"raw_orcid":"https://orcid.org/0000-0002-9860-7569","affiliations":[{"raw_affiliation_string":"University of Calabria, Rende(CS), Italy","institution_ids":["https://openalex.org/I45204951"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039729001","display_name":"Luciano Argento","orcid":"https://orcid.org/0000-0001-8869-5035"},"institutions":[{"id":"https://openalex.org/I45204951","display_name":"University of Calabria","ror":"https://ror.org/02rc97e94","country_code":"IT","type":"education","lineage":["https://openalex.org/I45204951"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Luciano Argento","raw_affiliation_strings":["University of Calabria, Rende(CS), Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Calabria, Rende(CS), Italy","institution_ids":["https://openalex.org/I45204951"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008194864","display_name":"Angelo Furfaro","orcid":"https://orcid.org/0000-0003-2537-8918"},"institutions":[{"id":"https://openalex.org/I45204951","display_name":"University of Calabria","ror":"https://ror.org/02rc97e94","country_code":"IT","type":"education","lineage":["https://openalex.org/I45204951"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Angelo Furfaro","raw_affiliation_strings":["University of Calabria, Rende(CS), Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Calabria, Rende(CS), Italy","institution_ids":["https://openalex.org/I45204951"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5075369704"],"corresponding_institution_ids":["https://openalex.org/I45204951"],"apc_list":null,"apc_paid":null,"fwci":0.5926,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.70245642,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"18","issue":"2","first_page":"1","last_page":"21"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.887911856174469},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7325453162193298},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.6976505517959595},{"id":"https://openalex.org/keywords/content","display_name":"Content (measure theory)","score":0.6014440655708313},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.5581049919128418},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.49291253089904785},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.46722444891929626},{"id":"https://openalex.org/keywords/content-distribution","display_name":"Content distribution","score":0.45408207178115845},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.37425944209098816},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3655688166618347},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.33899009227752686},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.19272056221961975},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.18995052576065063},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.08176901936531067}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.887911856174469},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7325453162193298},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.6976505517959595},{"id":"https://openalex.org/C2778152352","wikidata":"https://www.wikidata.org/wiki/Q5165061","display_name":"Content (measure theory)","level":2,"score":0.6014440655708313},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.5581049919128418},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.49291253089904785},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.46722444891929626},{"id":"https://openalex.org/C3018752578","wikidata":"https://www.wikidata.org/wiki/Q269415","display_name":"Content distribution","level":2,"score":0.45408207178115845},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.37425944209098816},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3655688166618347},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.33899009227752686},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.19272056221961975},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.18995052576065063},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.08176901936531067},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3143422","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3143422","pdf_url":null,"source":{"id":"https://openalex.org/S97833917","display_name":"ACM Transactions on Internet Technology","issn_l":"1533-5399","issn":["1533-5399","1557-6051"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Internet Technology","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7599999904632568,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":48,"referenced_works":["https://openalex.org/W44307044","https://openalex.org/W134520987","https://openalex.org/W148963669","https://openalex.org/W166342712","https://openalex.org/W959081337","https://openalex.org/W1197477582","https://openalex.org/W1511682410","https://openalex.org/W1512382707","https://openalex.org/W1551618785","https://openalex.org/W1567375724","https://openalex.org/W1577117059","https://openalex.org/W1594536929","https://openalex.org/W1649901946","https://openalex.org/W1954903228","https://openalex.org/W1965334909","https://openalex.org/W1978779053","https://openalex.org/W1983291981","https://openalex.org/W1991830413","https://openalex.org/W1995064042","https://openalex.org/W1999427165","https://openalex.org/W2004912246","https://openalex.org/W2036145579","https://openalex.org/W2082550445","https://openalex.org/W2083761314","https://openalex.org/W2097860933","https://openalex.org/W2100537916","https://openalex.org/W2103154003","https://openalex.org/W2108860402","https://openalex.org/W2114296159","https://openalex.org/W2114996745","https://openalex.org/W2115529843","https://openalex.org/W2121035740","https://openalex.org/W2121227244","https://openalex.org/W2129879631","https://openalex.org/W2142889610","https://openalex.org/W2142992973","https://openalex.org/W2144906988","https://openalex.org/W2146211060","https://openalex.org/W2146211964","https://openalex.org/W2146232384","https://openalex.org/W2248500462","https://openalex.org/W2293768274","https://openalex.org/W2485076821","https://openalex.org/W2914982603","https://openalex.org/W3111818035","https://openalex.org/W4230542187","https://openalex.org/W4232737009","https://openalex.org/W4250206013"],"related_works":["https://openalex.org/W2808001300","https://openalex.org/W1548771250","https://openalex.org/W2393267898","https://openalex.org/W2938728536","https://openalex.org/W4205383432","https://openalex.org/W2369874171","https://openalex.org/W2383301100","https://openalex.org/W2619636815","https://openalex.org/W2392864074","https://openalex.org/W2352639800"],"abstract_inverted_index":{"We":[0,44],"present":[1],"PCkAD,":[2],"a":[3,66],"novel":[4],"semisupervised":[5],"anomaly-based":[6],"IDS":[7],"(Intrusion":[8],"Detection":[9],"System)":[10],"technique,":[11],"detecting":[12],"application-level":[13],"content-based":[14],"attacks.":[15],"Its":[16],"peculiarity":[17],"is":[18,37,52,79],"to":[19,39,72],"learn":[20],"legitimate":[21,50],"payloads":[22],"by":[23],"splitting":[24],"packets":[25],"into":[26],"chunks":[27],"and":[28],"determining":[29],"the":[30,48,55,62,73,76],"within-packet":[31],"distribution":[32],"of":[33,57],"n-grams.":[34],"This":[35],"strategy":[36],"resistant":[38],"evasion":[40],"techniques":[41],"as":[42],"blending.":[43],"prove":[45],"that":[46,89],"finding":[47],"right":[49],"content":[51],"NP-hard":[53],"in":[54],"presence":[56],"chunks.":[58],"Moreover,":[59],"it":[60],"improves":[61],"false-positive":[63],"rate":[64,69],"for":[65],"given":[67],"detection":[68],"with":[70,83],"respect":[71],"case":[74],"where":[75],"spatial":[77],"information":[78],"not":[80],"considered.":[81],"Comparison":[82],"well-known":[84],"IDSs":[85],"using":[86],"n-grams":[87],"highlights":[88],"PCkAD":[90],"achieves":[91],"state-of-the-art":[92],"performances.":[93]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1}],"updated_date":"2026-05-21T09:19:25.381259","created_date":"2025-10-10T00:00:00"}