{"id":"https://openalex.org/W1718158504","doi":"https://doi.org/10.3233/jcs-2002-101-203","title":"Using internal sensors and embedded detectors for intrusion detection1","display_name":"Using internal sensors and embedded detectors for intrusion detection1","publication_year":2002,"publication_date":"2002-01-01","ids":{"openalex":"https://openalex.org/W1718158504","doi":"https://doi.org/10.3233/jcs-2002-101-203","mag":"1718158504"},"language":"en","primary_location":{"id":"doi:10.3233/jcs-2002-101-203","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-2002-101-203","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102985450","display_name":"Florian Kerschbaum","orcid":"https://orcid.org/0000-0003-4288-2286"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Florian Kerschbaum","raw_affiliation_strings":["Center for Education and Research in Information Assurance and Security, 1315 Recitation Building, Purdue University, West Lafayette, IN 47907-1315, USA. E-mail: kerschf@cerias.purdue.edu, spaf@cerias.purdue.edu, zamboni@cerias.purdue.edu"],"affiliations":[{"raw_affiliation_string":"Center for Education and Research in Information Assurance and Security, 1315 Recitation Building, Purdue University, West Lafayette, IN 47907-1315, USA. E-mail: kerschf@cerias.purdue.edu, spaf@cerias.purdue.edu, zamboni@cerias.purdue.edu","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038958507","display_name":"Eugene H. Spafford","orcid":"https://orcid.org/0000-0002-5555-8330"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Eugene H. Spafford","raw_affiliation_strings":["Center for Education and Research in Information Assurance and Security, 1315 Recitation Building, Purdue University, West Lafayette, IN 47907-1315, USA. E-mail: kerschf@cerias.purdue.edu, spaf@cerias.purdue.edu, zamboni@cerias.purdue.edu"],"affiliations":[{"raw_affiliation_string":"Center for Education and Research in Information Assurance and Security, 1315 Recitation Building, Purdue University, West Lafayette, IN 47907-1315, USA. E-mail: kerschf@cerias.purdue.edu, spaf@cerias.purdue.edu, zamboni@cerias.purdue.edu","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080111108","display_name":"Diego Zamboni","orcid":"https://orcid.org/0000-0003-2427-6434"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Diego Zamboni","raw_affiliation_strings":["Center for Education and Research in Information Assurance and Security, 1315 Recitation Building, Purdue University, West Lafayette, IN 47907-1315, USA. E-mail: kerschf@cerias.purdue.edu, spaf@cerias.purdue.edu, zamboni@cerias.purdue.edu"],"affiliations":[{"raw_affiliation_string":"Center for Education and Research in Information Assurance and Security, 1315 Recitation Building, Purdue University, West Lafayette, IN 47907-1315, USA. E-mail: kerschf@cerias.purdue.edu, spaf@cerias.purdue.edu, zamboni@cerias.purdue.edu","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5080111108"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":0.9237,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.78149848,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"10","issue":"1-2","first_page":"23","last_page":"70"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8027529716491699},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7692421078681946},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.6040558815002441},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.5047491788864136},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.502387523651123},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.36653438210487366},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3309693932533264},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.2350737452507019},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.07531347870826721}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8027529716491699},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7692421078681946},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.6040558815002441},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.5047491788864136},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.502387523651123},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.36653438210487366},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3309693932533264},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2350737452507019},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.07531347870826721},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C163258240","wikidata":"https://www.wikidata.org/wiki/Q25342","display_name":"Power (physics)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.3233/jcs-2002-101-203","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-2002-101-203","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.4000000059604645}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W41490337","https://openalex.org/W147687952","https://openalex.org/W165642900","https://openalex.org/W1483817343","https://openalex.org/W1490025813","https://openalex.org/W1495172800","https://openalex.org/W1497039936","https://openalex.org/W1500501810","https://openalex.org/W1500757873","https://openalex.org/W1525451939","https://openalex.org/W1541939527","https://openalex.org/W1557885409","https://openalex.org/W1570754081","https://openalex.org/W1573137014","https://openalex.org/W1591563483","https://openalex.org/W1598022263","https://openalex.org/W1605890732","https://openalex.org/W1941427975","https://openalex.org/W2002286749","https://openalex.org/W2006611045","https://openalex.org/W2100903665","https://openalex.org/W2103042216","https://openalex.org/W2117002131","https://openalex.org/W2124365372","https://openalex.org/W2125109784","https://openalex.org/W2128217000","https://openalex.org/W2129994716","https://openalex.org/W2131963831","https://openalex.org/W2145185087","https://openalex.org/W2150277819","https://openalex.org/W2154081981","https://openalex.org/W2155547871","https://openalex.org/W2160992991","https://openalex.org/W2161781143","https://openalex.org/W2165844498","https://openalex.org/W2282318976","https://openalex.org/W2288766236","https://openalex.org/W2500136291","https://openalex.org/W2978757628","https://openalex.org/W3105682467"],"related_works":["https://openalex.org/W2373866020","https://openalex.org/W2351252967","https://openalex.org/W2388271354","https://openalex.org/W2377933504","https://openalex.org/W2347970476","https://openalex.org/W2371474181","https://openalex.org/W2998813341","https://openalex.org/W1587227328","https://openalex.org/W2790319517","https://openalex.org/W2110890874"],"abstract_inverted_index":{"We":[0,15,29,91,109],"introduce":[1,30,92,122],"the":[2,118,123,164,168,186],"concept":[3,124],"of":[4,33,81,125,158,163,188,193],"using":[5,64],"internal":[6,67,107],"sensors":[7,70],"to":[8,75,85,142,154],"perform":[9],"intrusion":[10,38,102],"detection":[11,39,103],"in":[12,83,111],"computer":[13,177],"systems.":[14],"show":[16],"its":[17,22],"practical":[18,57],"feasibility":[19],"and":[20,26,52,79,87,121,151],"discuss":[21],"characteristics,":[23],"related":[24],"design":[25],"implementation":[27,115,136,166],"issues.":[28],"a":[31,43,56,98,113,129,148,176,190],"classification":[32],"data":[34,133],"collection":[35],"mechanisms":[36,47],"for":[37,100,131,147],"sys":[40],"tems.":[41],"At":[42,55],"conceptual":[44],"level,":[45,58],"these":[46],"are":[48],"classified":[49],"as":[50,97,128],"direct":[51,59],"indirect":[53],"monitoring.":[54],"monitoring":[60],"can":[61,173],"be":[62],"implemented":[63],"external":[65],"or":[66],"sensors.":[68,108],"Internal":[69],"provide":[71],"advantages":[72],"with":[73],"respect":[74],"reliability,":[76],"completeness,":[77],"timeliness":[78],"volume":[80],"data,":[82],"addition":[84],"efficiency":[86],"resistance":[88],"against":[89],"attacks.":[90,195],"an":[93],"architecture":[94,120],"called":[95],"ESP":[96,119,165],"framework":[99],"building":[101],"systems":[104],"based":[105,116],"on":[106,117,175],"describe":[110],"detail":[112],"prototype":[114],"embedded":[126,171,183],"detectors":[127,172,184],"mechanism":[130],"localized":[132],"reduction.":[134],"Our":[135],"shows":[137,167,181],"that":[138,170,182],"it":[139],"is":[140],"possible":[141],"build":[143],"both":[144],"specific":[145],"(specialized":[146],"certain":[149],"intrusion)":[150],"generic":[152],"(able":[153],"detect":[155],"different":[156],"types":[157],"intrusions)":[159],"detectors.":[160],"Performance":[161],"testing":[162,180],"impact":[169],"have":[174,185],"system.":[178],"Detection":[179],"capability":[187],"detecting":[189],"significant":[191],"percentage":[192],"new":[194]},"counts_by_year":[{"year":2020,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2012,"cited_by_count":2}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}