{"id":"https://openalex.org/W4405014478","doi":"https://doi.org/10.1186/s42400-024-00249-1","title":"Renyi entropy-driven network traffic anomaly detection with dynamic threshold","display_name":"Renyi entropy-driven network traffic anomaly detection with dynamic threshold","publication_year":2024,"publication_date":"2024-12-04","ids":{"openalex":"https://openalex.org/W4405014478","doi":"https://doi.org/10.1186/s42400-024-00249-1"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-024-00249-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-024-00249-1","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-024-00249-1","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-024-00249-1","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075599732","display_name":"Haoran Yu","orcid":"https://orcid.org/0000-0002-3344-7066"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Haoran Yu","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5104473006","display_name":"Wenchuan Yang","orcid":"https://orcid.org/0000-0003-3194-1690"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wenchuan Yang","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001653986","display_name":"Baojiang Cui","orcid":null},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baojiang Cui","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081673334","display_name":"Runqi Sui","orcid":"https://orcid.org/0000-0002-5125-1198"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Runqi Sui","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100446411","display_name":"Xuedong Wu","orcid":"https://orcid.org/0009-0002-6915-9856"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xuedong Wu","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China","institution_ids":["https://openalex.org/I139759216"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5075599732"],"corresponding_institution_ids":["https://openalex.org/I139759216"],"apc_list":null,"apc_paid":null,"fwci":4.4913,"has_fulltext":true,"cited_by_count":14,"citation_normalized_percentile":{"value":0.95219521,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"7","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.8199683427810669},{"id":"https://openalex.org/keywords/ewma-chart","display_name":"EWMA chart","score":0.7338392734527588},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6974902153015137},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.609244704246521},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.5245647430419922},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.5046447515487671},{"id":"https://openalex.org/keywords/sliding-window-protocol","display_name":"Sliding window protocol","score":0.4780738353729248},{"id":"https://openalex.org/keywords/traffic-generation-model","display_name":"Traffic generation model","score":0.4504299759864807},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.4444468021392822},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4240644574165344},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3084896206855774},{"id":"https://openalex.org/keywords/window","display_name":"Window (computing)","score":0.20015385746955872},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.15739455819129944},{"id":"https://openalex.org/keywords/control-chart","display_name":"Control chart","score":0.0904063880443573}],"concepts":[{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.8199683427810669},{"id":"https://openalex.org/C74746147","wikidata":"https://www.wikidata.org/wiki/Q5324652","display_name":"EWMA chart","level":4,"score":0.7338392734527588},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6974902153015137},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.609244704246521},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.5245647430419922},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.5046447515487671},{"id":"https://openalex.org/C102392041","wikidata":"https://www.wikidata.org/wiki/Q592860","display_name":"Sliding window protocol","level":3,"score":0.4780738353729248},{"id":"https://openalex.org/C176715033","wikidata":"https://www.wikidata.org/wiki/Q2080768","display_name":"Traffic generation model","level":2,"score":0.4504299759864807},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.4444468021392822},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4240644574165344},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3084896206855774},{"id":"https://openalex.org/C2778751112","wikidata":"https://www.wikidata.org/wiki/Q835016","display_name":"Window (computing)","level":2,"score":0.20015385746955872},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.15739455819129944},{"id":"https://openalex.org/C196985124","wikidata":"https://www.wikidata.org/wiki/Q1369242","display_name":"Control chart","level":3,"score":0.0904063880443573},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.0},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-024-00249-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-024-00249-1","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-024-00249-1","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:3b95342bea9048e58cb3e00a4a3e56e6","is_oa":true,"landing_page_url":"https://doaj.org/article/3b95342bea9048e58cb3e00a4a3e56e6","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 7, Iss 1, Pp 1-13 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-024-00249-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-024-00249-1","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-024-00249-1","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1882683931","display_name":null,"funder_award_id":"61936008","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8494875690","display_name":null,"funder_award_id":"No.61936008","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4405014478.pdf"},"referenced_works_count":26,"referenced_works":["https://openalex.org/W2141910941","https://openalex.org/W2169384417","https://openalex.org/W2183397118","https://openalex.org/W2296509296","https://openalex.org/W2316916266","https://openalex.org/W2603295249","https://openalex.org/W2783245345","https://openalex.org/W2805912040","https://openalex.org/W2940145198","https://openalex.org/W2982682021","https://openalex.org/W3005374015","https://openalex.org/W3010612350","https://openalex.org/W3035311645","https://openalex.org/W3103656239","https://openalex.org/W3105350477","https://openalex.org/W3127161477","https://openalex.org/W3178453898","https://openalex.org/W3181596493","https://openalex.org/W4200045591","https://openalex.org/W4205320794","https://openalex.org/W4206742508","https://openalex.org/W4210445337","https://openalex.org/W4226342332","https://openalex.org/W4283019128","https://openalex.org/W4361792298","https://openalex.org/W4384518576"],"related_works":["https://openalex.org/W2054331165","https://openalex.org/W2042250228","https://openalex.org/W2791338065","https://openalex.org/W4200608769","https://openalex.org/W1500481227","https://openalex.org/W4294551911","https://openalex.org/W2114158132","https://openalex.org/W1990746329","https://openalex.org/W2349145360","https://openalex.org/W2793528815"],"abstract_inverted_index":{"Abstract":[0],"Network":[1],"traffic":[2,14,33,46,83,129,148],"anomaly":[3,84,112,156],"detection":[4,15,25,47,85,130],"is":[5,124,139],"a":[6,29,81,94,151],"critical":[7],"issue":[8],"in":[9,44,121,132],"network":[10,56,72,82,147],"security.":[11],"Existing":[12],"Abnormal":[13],"methods":[16,26,131],"rely":[17],"on":[18,88],"statistical-based":[19],"or":[20],"anomaly-based":[21],"approaches,":[22],"and":[23,35,69,98,136,149],"these":[24,76],"all":[27],"require":[28],"full":[30],"understanding":[31],"of":[32,55,71,134,146],"characteristics":[34,54],"attack":[36],"patterns.":[37],"Information":[38],"entropy":[39],"has":[40],"been":[41],"widely":[42],"studied":[43],"abnormal":[45,128],"because":[48],"it":[49,62,138],"can":[50],"describe":[51],"the":[52,67,118,143],"distribution":[53],"traffic.":[57,73],"However,":[58],"this":[59,78,105,122],"method":[60,86,119],"makes":[61],"difficult":[63],"to":[64,107,126,142],"cope":[65],"with":[66],"timing":[68],"variability":[70],"To":[74],"address":[75],"challenges,":[77],"paper":[79,123],"proposes":[80],"based":[87],"Renyi":[89],"entropy.":[90],"Simultaneously,":[91],"we":[92],"introduce":[93],"fixed":[95],"time":[96],"window":[97,106],"utilize":[99],"an":[100],"improved":[101],"EWMA":[102],"model":[103],"within":[104],"dynamically":[108],"set":[109],"thresholds":[110],"for":[111,155],"detection.":[113,157],"Experimental":[114],"results":[115],"show":[116],"that":[117],"proposed":[120],"superior":[125],"popular":[127],"terms":[133],"effectiveness":[135],"efficiency,":[137],"better":[140],"adapted":[141],"dynamic":[144],"changes":[145],"provides":[150],"more":[152],"reliable":[153],"solution":[154]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":9}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}