{"id":"https://openalex.org/W1949061866","doi":"https://doi.org/10.3390/e17096239","title":"Using Generalized Entropies and OC-SVM with Mahalanobis Kernel for Detection and Classification of Anomalies in Network Traffic","display_name":"Using Generalized Entropies and OC-SVM with Mahalanobis Kernel for Detection and Classification of Anomalies in Network Traffic","publication_year":2015,"publication_date":"2015-09-08","ids":{"openalex":"https://openalex.org/W1949061866","doi":"https://doi.org/10.3390/e17096239","mag":"1949061866"},"language":"en","primary_location":{"id":"doi:10.3390/e17096239","is_oa":true,"landing_page_url":"https://doi.org/10.3390/e17096239","pdf_url":"https://www.mdpi.com/1099-4300/17/9/6239/pdf?version=1441722405","source":{"id":"https://openalex.org/S195231649","display_name":"Entropy","issn_l":"1099-4300","issn":["1099-4300"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1099-4300/17/9/6239/pdf?version=1441722405","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075803496","display_name":"Jayro Santiago-Paz","orcid":"https://orcid.org/0000-0002-7036-0074"},"institutions":[{"id":"https://openalex.org/I68368234","display_name":"Centro de Investigaci\u00f3n y de Estudios Avanzados del Instituto Polit\u00e9cnico Nacional","ror":"https://ror.org/009eqmr18","country_code":"MX","type":"facility","lineage":["https://openalex.org/I59361560","https://openalex.org/I68368234"]}],"countries":["MX"],"is_corresponding":true,"raw_author_name":"Jayro Santiago-Paz","raw_affiliation_strings":["CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico"],"raw_orcid":"https://orcid.org/0000-0002-7036-0074","affiliations":[{"raw_affiliation_string":"CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico","institution_ids":["https://openalex.org/I68368234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086698147","display_name":"Deni Torres-Rom\u00e1n","orcid":"https://orcid.org/0000-0002-9813-7712"},"institutions":[{"id":"https://openalex.org/I68368234","display_name":"Centro de Investigaci\u00f3n y de Estudios Avanzados del Instituto Polit\u00e9cnico Nacional","ror":"https://ror.org/009eqmr18","country_code":"MX","type":"facility","lineage":["https://openalex.org/I59361560","https://openalex.org/I68368234"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Deni Torres-Roman","raw_affiliation_strings":["CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico","institution_ids":["https://openalex.org/I68368234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033943486","display_name":"Angel Figueroa-Ypi\u00f1a","orcid":null},"institutions":[{"id":"https://openalex.org/I68368234","display_name":"Centro de Investigaci\u00f3n y de Estudios Avanzados del Instituto Polit\u00e9cnico Nacional","ror":"https://ror.org/009eqmr18","country_code":"MX","type":"facility","lineage":["https://openalex.org/I59361560","https://openalex.org/I68368234"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Angel Figueroa-Ypi\u00f1a","raw_affiliation_strings":["CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico","institution_ids":["https://openalex.org/I68368234"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031921769","display_name":"Jesus Argaez-Xool","orcid":null},"institutions":[{"id":"https://openalex.org/I68368234","display_name":"Centro de Investigaci\u00f3n y de Estudios Avanzados del Instituto Polit\u00e9cnico Nacional","ror":"https://ror.org/009eqmr18","country_code":"MX","type":"facility","lineage":["https://openalex.org/I59361560","https://openalex.org/I68368234"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Jesus Argaez-Xool","raw_affiliation_strings":["CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CINVESTAV, Campus Guadalajara, Av. del Bosque 1145, Col. El Bajio, Zapopan 45019, Mexico","institution_ids":["https://openalex.org/I68368234"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5075803496"],"corresponding_institution_ids":["https://openalex.org/I68368234"],"apc_list":{"value":2000,"currency":"CHF","value_usd":2165},"apc_paid":{"value":2000,"currency":"CHF","value_usd":2165},"fwci":1.4022,"has_fulltext":true,"cited_by_count":14,"citation_normalized_percentile":{"value":0.83735813,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"17","issue":"9","first_page":"6239","last_page":"6257"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mahalanobis-distance","display_name":"Mahalanobis distance","score":0.9098670482635498},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7129887938499451},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.6885377168655396},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5242170095443726},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.521414041519165},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5069484710693359},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.502901017665863},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.48470568656921387},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4758579134941101},{"id":"https://openalex.org/keywords/traffic-classification","display_name":"Traffic classification","score":0.4397137463092804},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.41747140884399414},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.40968960523605347},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.15664121508598328}],"concepts":[{"id":"https://openalex.org/C1921717","wikidata":"https://www.wikidata.org/wiki/Q1334846","display_name":"Mahalanobis distance","level":2,"score":0.9098670482635498},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7129887938499451},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.6885377168655396},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5242170095443726},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.521414041519165},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5069484710693359},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.502901017665863},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.48470568656921387},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4758579134941101},{"id":"https://openalex.org/C169988225","wikidata":"https://www.wikidata.org/wiki/Q7832484","display_name":"Traffic classification","level":3,"score":0.4397137463092804},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.41747140884399414},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.40968960523605347},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.15664121508598328},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.3390/e17096239","is_oa":true,"landing_page_url":"https://doi.org/10.3390/e17096239","pdf_url":"https://www.mdpi.com/1099-4300/17/9/6239/pdf?version=1441722405","source":{"id":"https://openalex.org/S195231649","display_name":"Entropy","issn_l":"1099-4300","issn":["1099-4300"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:ad1fae4aa1464f6c8982e60351191cbd","is_oa":true,"landing_page_url":"https://doaj.org/article/ad1fae4aa1464f6c8982e60351191cbd","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Entropy, Vol 17, Iss 9, Pp 6239-6257 (2015)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1099-4300/17/9/6239/","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3390/e17096239","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Entropy","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/e17096239","is_oa":true,"landing_page_url":"https://doi.org/10.3390/e17096239","pdf_url":"https://www.mdpi.com/1099-4300/17/9/6239/pdf?version=1441722405","source":{"id":"https://openalex.org/S195231649","display_name":"Entropy","issn_l":"1099-4300","issn":["1099-4300"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Entropy","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W1949061866.pdf","grobid_xml":"https://content.openalex.org/works/W1949061866.grobid-xml"},"referenced_works_count":26,"referenced_works":["https://openalex.org/W129305155","https://openalex.org/W1481388343","https://openalex.org/W1547527303","https://openalex.org/W1607810777","https://openalex.org/W1965343849","https://openalex.org/W1983874169","https://openalex.org/W1995875735","https://openalex.org/W2029025881","https://openalex.org/W2029649669","https://openalex.org/W2087347434","https://openalex.org/W2107146446","https://openalex.org/W2113061123","https://openalex.org/W2121420728","https://openalex.org/W2122646361","https://openalex.org/W2128165614","https://openalex.org/W2130598205","https://openalex.org/W2132870739","https://openalex.org/W2153635508","https://openalex.org/W2155915275","https://openalex.org/W2156909104","https://openalex.org/W2158698691","https://openalex.org/W2164210932","https://openalex.org/W2168388331","https://openalex.org/W2490586035","https://openalex.org/W4251036056","https://openalex.org/W6683199847"],"related_works":["https://openalex.org/W2061466315","https://openalex.org/W2376886931","https://openalex.org/W2010561419","https://openalex.org/W2393267898","https://openalex.org/W2374845301","https://openalex.org/W2351448539","https://openalex.org/W1977863481","https://openalex.org/W2384741105","https://openalex.org/W2185594426","https://openalex.org/W3157271777"],"abstract_inverted_index":{"Network":[0,193],"anomaly":[1,67,127],"detection":[2,68,253,257,291,301],"and":[3,15,25,39,69,75,81,94,108,114,118,195,223,243,268],"classification":[4,70,131],"is":[5,53,132,306],"an":[6,43,64,189,294],"important":[7],"open":[8],"issue":[9],"in":[10,167,255,266,274],"network":[11,37],"security.":[12],"Several":[13],"approaches":[14],"systems":[16],"based":[17,71],"on":[18,72],"different":[19,102,177],"mathematical":[20],"tools":[21],"have":[22,144],"been":[23,145],"studied":[24],"developed,":[26],"among":[27],"them,":[28],"the":[29,57,82,90,130,135,141,152,196,201,240,244,252,256,260,278,283,286],"Anomaly-Network":[30],"Intrusion":[31],"Detection":[32],"System":[33],"(A-NIDS),":[34],"which":[35],"monitors":[36],"traffic":[38,49,124,186],"compares":[40],"it":[41,52],"against":[42],"established":[44],"baseline":[45],"of":[46,78,84,154,184,200,239,246,263],"a":[47,198,209,216,224],"\u201cnormal\u201d":[48,58,113,123],"profile.":[50],"Then,":[51],"necessary":[54],"to":[55,140,172,214,221],"characterize":[56],"Internet":[59],"traffic.":[60,116],"This":[61],"paper":[62],"presents":[63],"approach":[65,150],"for":[66,112],"Shannon,":[73],"R\u00e9nyi":[74],"Tsallis":[76],"entropies":[77,242],"selected":[79,166],"features,":[80],"construction":[83],"regions":[85,120,138],"from":[86,122,188],"entropy":[87],"data":[88,178,207],"employing":[89],"Mahalanobis":[91,109,287],"distance":[92,288],"(MD),":[93],"One":[95],"Class":[96],"Support":[97],"Vector":[98],"Machine":[99],"(OC-SVM)":[100],"with":[101,248,293],"kernels":[103],"(Radial":[104],"Basis":[105],"Function":[106],"(RBF)":[107],"Kernel":[110],"(MK))":[111],"abnormal":[115],"Regular":[117],"non-regular":[119],"built":[121],"profiles":[125],"allow":[126],"detection,":[128],"while":[129,259,298],"performed":[133],"under":[134],"assumption":[136],"that":[137,236,281],"corresponding":[139],"attack":[142],"classes":[143],"previously":[146],"characterized.":[147],"Although":[148],"this":[149],"allows":[151],"use":[153,245],"as":[155,158],"many":[156],"features":[157,164],"required,":[159],"only":[160],"four":[161],"well-known":[162],"significant":[163],"were":[165,180,231],"our":[168,174],"case.":[169],"In":[170,276],"order":[171],"evaluate":[173],"approach,":[175],"two":[176],"sets":[179],"used:":[181],"one":[182],"set":[183],"real":[185],"obtained":[187],"Academic":[190],"Local":[191],"Area":[192],"(LAN),":[194],"other":[197],"subset":[199],"1998":[202],"MIT-DARPA":[203],"set.":[204],"For":[205],"these":[206],"sets,":[208],"True":[210,217],"positive":[211],"rate":[212,219,227,254],"up":[213,220],"99.35%,":[215],"negative":[218,226],"99.83%":[222],"False":[225],"at":[228],"about":[229],"0.16%":[230],"yielded.":[232],"Experimental":[233],"results":[234,279],"show":[235,280],"certain":[237],"q-values":[238],"generalized":[241],"OC-SVM":[247,267,299],"RBF":[249],"kernel":[250,265],"improve":[251,272],"stage,":[258],"novel":[261],"inclusion":[262],"MK":[264],"k-temporal":[269],"nearest":[270],"neighbors":[271],"accuracy":[273],"classification.":[275],"addition,":[277],"using":[282],"Box-Cox":[284],"transformation,":[285],"yielded":[289],"high":[290],"rates":[292,302],"efficient":[295],"computation":[296],"time,":[297],"achieved":[300],"slightly":[303],"higher,":[304],"but":[305],"more":[307],"computationally":[308],"expensive.":[309]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1}],"updated_date":"2026-05-21T09:19:25.381259","created_date":"2025-10-10T00:00:00"}