{"id":"https://openalex.org/W2902478145","doi":"https://doi.org/10.1186/s13638-018-1303-2","title":"A research survey in stepping-stone intrusion detection","display_name":"A research survey in stepping-stone intrusion detection","publication_year":2018,"publication_date":"2018-12-01","ids":{"openalex":"https://openalex.org/W2902478145","doi":"https://doi.org/10.1186/s13638-018-1303-2","mag":"2902478145"},"language":"en","primary_location":{"id":"doi:10.1186/s13638-018-1303-2","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13638-018-1303-2","pdf_url":null,"source":{"id":"https://openalex.org/S82675988","display_name":"EURASIP Journal on Wireless Communications and Networking","issn_l":"1687-1472","issn":["1687-1472","1687-1499"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Wireless Communications and Networking","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1186/s13638-018-1303-2","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076183476","display_name":"Lixin Wang","orcid":"https://orcid.org/0000-0003-4965-5510"},"institutions":[{"id":"https://openalex.org/I199172307","display_name":"Columbus State University","ror":"https://ror.org/002nf6z37","country_code":"US","type":"education","lineage":["https://openalex.org/I199172307"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Lixin Wang","raw_affiliation_strings":["TSYS School of Computer Science, Columbus State University, Columbus, GA, 31907, USA"],"raw_orcid":"https://orcid.org/0000-0003-4965-5510","affiliations":[{"raw_affiliation_string":"TSYS School of Computer Science, Columbus State University, Columbus, GA, 31907, USA","institution_ids":["https://openalex.org/I199172307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088671813","display_name":"Jianhua Yang","orcid":"https://orcid.org/0000-0003-2745-8524"},"institutions":[{"id":"https://openalex.org/I199172307","display_name":"Columbus State University","ror":"https://ror.org/002nf6z37","country_code":"US","type":"education","lineage":["https://openalex.org/I199172307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jianhua Yang","raw_affiliation_strings":["TSYS School of Computer Science, Columbus State University, Columbus, GA, 31907, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TSYS School of Computer Science, Columbus State University, Columbus, GA, 31907, USA","institution_ids":["https://openalex.org/I199172307"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5076183476"],"corresponding_institution_ids":["https://openalex.org/I199172307"],"apc_list":{"value":1140,"currency":"GBP","value_usd":1398},"apc_paid":{"value":1140,"currency":"GBP","value_usd":1398},"fwci":1.0155,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.83213851,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"2018","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9829999804496765,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12357","display_name":"Digital Media Forensic Detection","score":0.9726999998092651,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8864156007766724},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6077784299850464},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.5141242146492004},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39028269052505493},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.1750873625278473}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8864156007766724},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6077784299850464},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.5141242146492004},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39028269052505493},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.1750873625278473},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1186/s13638-018-1303-2","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13638-018-1303-2","pdf_url":null,"source":{"id":"https://openalex.org/S82675988","display_name":"EURASIP Journal on Wireless Communications and Networking","issn_l":"1687-1472","issn":["1687-1472","1687-1499"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Wireless Communications and Networking","raw_type":"journal-article"},{"id":"pmh:oai:csuepress.columbusstate.edu:bibliography_faculty-3882","is_oa":false,"landing_page_url":"https://csuepress.columbusstate.edu/bibliography_faculty/2834","pdf_url":null,"source":{"id":"https://openalex.org/S4377196711","display_name":"CSU ePress (Columbus State University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I199172307","host_organization_name":"Columbus State University","host_organization_lineage":["https://openalex.org/I199172307"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Faculty Bibliography","raw_type":"text"},{"id":"pmh:oai:doaj.org/article:77241764245b4297b0c2275bf32e0079","is_oa":true,"landing_page_url":"https://doaj.org/article/77241764245b4297b0c2275bf32e0079","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"EURASIP Journal on Wireless Communications and Networking, Vol 2018, Iss 1, Pp 1-15 (2018)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s13638-018-1303-2","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13638-018-1303-2","pdf_url":null,"source":{"id":"https://openalex.org/S82675988","display_name":"EURASIP Journal on Wireless Communications and Networking","issn_l":"1687-1472","issn":["1687-1472","1687-1499"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Wireless Communications and Networking","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.7799999713897705,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G7000636840","display_name":null,"funder_award_id":"H98230-17-1-0396","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"}],"funders":[{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W127688506","https://openalex.org/W629537191","https://openalex.org/W1541939527","https://openalex.org/W1565896516","https://openalex.org/W1579427489","https://openalex.org/W1587423795","https://openalex.org/W1600930409","https://openalex.org/W1602499992","https://openalex.org/W1971784203","https://openalex.org/W2018522314","https://openalex.org/W2037744768","https://openalex.org/W2071184135","https://openalex.org/W2099829430","https://openalex.org/W2128945468","https://openalex.org/W2131712672","https://openalex.org/W2139275469","https://openalex.org/W2142014025","https://openalex.org/W2146132533","https://openalex.org/W2146486112","https://openalex.org/W2148275477","https://openalex.org/W2159262496","https://openalex.org/W2319660501","https://openalex.org/W2397977104","https://openalex.org/W2625759419","https://openalex.org/W2884143800","https://openalex.org/W2914982603","https://openalex.org/W4237313411","https://openalex.org/W4285719527","https://openalex.org/W4292478130","https://openalex.org/W4302333773","https://openalex.org/W6600195515","https://openalex.org/W6600577311","https://openalex.org/W6600648412","https://openalex.org/W6608100073","https://openalex.org/W6825130202"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W2133389611"],"abstract_inverted_index":{"Attackers":[0],"on":[1,33,245],"the":[2,17,34,90,111,117,135,142,145,149,158,166,169,178,186,221,227,235,246,251,254,257],"Internet":[3,35],"often":[4],"launch":[5,59],"network":[6],"intrusions":[7],"through":[8],"compromised":[9,118],"hosts,":[10],"called":[11],"stepping-stones,":[12],"in":[13,42,177,198,220,226,250,267],"order":[14],"to":[15,58,109,128,161,216],"reduce":[16],"chance":[18],"of":[19,31,55,85,132,148,168,180,185,229,256],"being":[20],"detected.":[21],"In":[22,232],"a":[23,29,68,78,81,97,130,174],"stepping-stone":[24,181,193],"attack,":[25],"an":[26],"intruder":[27],"uses":[28],"chain":[30,223],"hosts":[32,44,219],"as":[36,48],"relay":[37],"machines":[38],"and":[39,80,124,152,210,261],"remotely":[40],"log":[41],"these":[43],"using":[45,56],"tools":[46],"such":[47,129],"telnet,":[49],"rlogin,":[50],"or":[51],"SSH.":[52],"A":[53],"benefit":[54],"stepping-stones":[57],"attacks":[60],"is":[61,83,154],"that":[62],"intruders":[63],"can":[64,104,139],"be":[65,93],"hidden":[66],"by":[67,190],"long":[69],"interactive":[70,74],"session.":[71],"Since":[72],"each":[73,122,233],"TCP":[75,102,133],"session":[76,147],"between":[77],"client":[79],"server":[82,98],"independent":[84],"other":[86,123],"sessions":[87,91,103],"even":[88],"though":[89],"may":[92],"relayed,":[94],"so":[95],"accessing":[96],"via":[99],"multiple":[100,218],"relayed":[101],"make":[105],"it":[106,153],"much":[107],"harder":[108],"tell":[110],"intruder\u2019s":[112],"geographical":[113],"location":[114],"unless":[115],"all":[116],"servers":[119],"collaborate":[120],"with":[121],"work":[125],"efficiently.":[126],"Due":[127],"nature":[131],"protocol,":[134],"final":[136],"victim":[137,159],"host":[138,160],"only":[140],"see":[141],"traffic":[143],"from":[144],"last":[146],"connection":[150,222],"chain,":[151],"extremely":[155],"difficult":[156],"for":[157,192],"learn":[162],"any":[163],"information":[164],"about":[165],"origin":[167],"attack.":[170],"This":[171],"paper":[172],"provides":[173],"research":[175],"survey":[176],"area":[179],"intrusion":[182,194],"detection.":[183],"Most":[184],"significant":[187],"approaches":[188],"developed":[189],"far":[191],"detection":[195,202,230,236],"are":[196,204,224,238,265],"included":[197],"this":[199,268],"paper.":[200],"These":[201],"methods":[203],"put":[205],"into":[206,240],"two":[207],"categories:":[208],"host-based":[209],"network-based":[211],"(i.e.,":[212],"connection-chain":[213],"based),":[214],"according":[215],"whether":[217],"involved":[225],"design":[228],"algorithms.":[231,252],"category,":[234],"algorithms":[237],"divided":[239],"several":[241,259],"different":[242],"subsections":[243],"based":[244],"key":[247],"techniques":[248],"used":[249],"At":[253],"end":[255],"paper,":[258],"important":[260],"challenging":[262],"open":[263],"problems":[264],"proposed":[266],"area.":[269]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1}],"updated_date":"2026-05-10T08:33:47.465468","created_date":"2025-10-10T00:00:00"}