{"id":"https://openalex.org/W1524993063","doi":"https://doi.org/10.3390/fi7020094","title":"Inefficiency of IDS Static Anomaly Detectors in Real-World Networks","display_name":"Inefficiency of IDS Static Anomaly Detectors in Real-World Networks","publication_year":2015,"publication_date":"2015-05-06","ids":{"openalex":"https://openalex.org/W1524993063","doi":"https://doi.org/10.3390/fi7020094","mag":"1524993063"},"language":"en","primary_location":{"id":"doi:10.3390/fi7020094","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi7020094","pdf_url":"https://www.mdpi.com/1999-5903/7/2/94/pdf?version=1430920103","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1999-5903/7/2/94/pdf?version=1430920103","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029019598","display_name":"Edward Guill\u00e9n","orcid":"https://orcid.org/0000-0002-2002-4021"},"institutions":[{"id":"https://openalex.org/I41047195","display_name":"Military University Nueva Granada","ror":"https://ror.org/05n0gsn30","country_code":"CO","type":"education","lineage":["https://openalex.org/I41047195"]}],"countries":["CO"],"is_corresponding":true,"raw_author_name":"Edward Guillen","raw_affiliation_strings":["Telecommunication Engineering Department, Nueva Granada Military University, Bogot\u00e1 110911, Colombia"],"affiliations":[{"raw_affiliation_string":"Telecommunication Engineering Department, Nueva Granada Military University, Bogot\u00e1 110911, Colombia","institution_ids":["https://openalex.org/I41047195"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059606471","display_name":"Jeisson S\u00e1nchez","orcid":"https://orcid.org/0000-0002-6779-3354"},"institutions":[{"id":"https://openalex.org/I233745408","display_name":"Pontificia Universidad Javeriana","ror":"https://ror.org/03etyjw28","country_code":"CO","type":"education","lineage":["https://openalex.org/I233745408"]},{"id":"https://openalex.org/I41047195","display_name":"Military University Nueva Granada","ror":"https://ror.org/05n0gsn30","country_code":"CO","type":"education","lineage":["https://openalex.org/I41047195"]}],"countries":["CO"],"is_corresponding":false,"raw_author_name":"Jeisson S\u00e1nchez","raw_affiliation_strings":["Telecommunication Engineering Department, Nueva Granada Military University, Bogot\u00e1 110911, Colombia","Universidad  Javeriana"],"affiliations":[{"raw_affiliation_string":"Telecommunication Engineering Department, Nueva Granada Military University, Bogot\u00e1 110911, Colombia","institution_ids":["https://openalex.org/I41047195"]},{"raw_affiliation_string":"Universidad  Javeriana","institution_ids":["https://openalex.org/I233745408"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040985467","display_name":"Rafael P\u00e1ez","orcid":"https://orcid.org/0000-0003-1721-0883"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Rafael Paez","raw_affiliation_strings":["Engineering Systems Department, Xaverian University, Bogot\u00e1 110911, Colombia"],"affiliations":[{"raw_affiliation_string":"Engineering Systems Department, Xaverian University, Bogot\u00e1 110911, Colombia","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5029019598"],"corresponding_institution_ids":["https://openalex.org/I41047195"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":1.0495,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.79282389,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"7","issue":"2","first_page":"94","last_page":"109"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.867283046245575},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.7307032942771912},{"id":"https://openalex.org/keywords/inefficiency","display_name":"Inefficiency","score":0.7298532724380493},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6297208070755005},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.5786611437797546},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5574281811714172},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5211800932884216},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.41261428594589233},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.41237831115722656},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3994908630847931},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3800909221172333},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3663676679134369},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12321004271507263},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.11601468920707703}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.867283046245575},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.7307032942771912},{"id":"https://openalex.org/C2778869765","wikidata":"https://www.wikidata.org/wiki/Q6028363","display_name":"Inefficiency","level":2,"score":0.7298532724380493},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6297208070755005},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.5786611437797546},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5574281811714172},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5211800932884216},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.41261428594589233},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.41237831115722656},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3994908630847931},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3800909221172333},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3663676679134369},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12321004271507263},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.11601468920707703},{"id":"https://openalex.org/C175444787","wikidata":"https://www.wikidata.org/wiki/Q39072","display_name":"Microeconomics","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/fi7020094","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi7020094","pdf_url":"https://www.mdpi.com/1999-5903/7/2/94/pdf?version=1430920103","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:gam:jftint:v:7:y:2015:i:2:p:94-109:d:49244","is_oa":false,"landing_page_url":"https://www.mdpi.com/1999-5903/7/2/94/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},{"id":"pmh:oai:doaj.org/article:1023bb120b334d3ea07c47eec51037c1","is_oa":true,"landing_page_url":"https://doaj.org/article/1023bb120b334d3ea07c47eec51037c1","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet, Vol 7, Iss 2, Pp 94-109 (2015)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1999-5903/7/2/94/","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3390/fi7020094","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/fi7020094","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi7020094","pdf_url":"https://www.mdpi.com/1999-5903/7/2/94/pdf?version=1430920103","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W1524993063.pdf","grobid_xml":"https://content.openalex.org/works/W1524993063.grobid-xml"},"referenced_works_count":43,"referenced_works":["https://openalex.org/W17092949","https://openalex.org/W42722137","https://openalex.org/W44307044","https://openalex.org/W433644524","https://openalex.org/W1577117059","https://openalex.org/W1578447803","https://openalex.org/W1598874232","https://openalex.org/W1983559153","https://openalex.org/W1985987493","https://openalex.org/W1996087849","https://openalex.org/W2015401767","https://openalex.org/W2044769919","https://openalex.org/W2057552436","https://openalex.org/W2058614926","https://openalex.org/W2061951830","https://openalex.org/W2066832805","https://openalex.org/W2076384720","https://openalex.org/W2093931563","https://openalex.org/W2106539366","https://openalex.org/W2116065364","https://openalex.org/W2120617515","https://openalex.org/W2130558347","https://openalex.org/W2130676130","https://openalex.org/W2133764509","https://openalex.org/W2138617772","https://openalex.org/W2165698076","https://openalex.org/W2167287136","https://openalex.org/W2169041657","https://openalex.org/W2234993000","https://openalex.org/W2262045390","https://openalex.org/W2440247466","https://openalex.org/W2460401766","https://openalex.org/W2488544472","https://openalex.org/W2678934292","https://openalex.org/W2738208587","https://openalex.org/W3142860917","https://openalex.org/W3144134378","https://openalex.org/W4285719527","https://openalex.org/W6654147000","https://openalex.org/W6718221061","https://openalex.org/W6718361076","https://openalex.org/W6722687045","https://openalex.org/W6739612070"],"related_works":["https://openalex.org/W2264067234","https://openalex.org/W3124243301","https://openalex.org/W1571502335","https://openalex.org/W1589409554","https://openalex.org/W2759038785","https://openalex.org/W2172232600","https://openalex.org/W3123876860","https://openalex.org/W4214835788","https://openalex.org/W2891652452","https://openalex.org/W4206552806"],"abstract_inverted_index":{"A":[0],"wide":[1],"range":[2],"of":[3,64,126,133,165],"IDS":[4],"implementations":[5],"with":[6,85,147],"anomaly":[7],"detection":[8,84,92,134],"modules":[9,16],"have":[10],"been":[11],"deployed.":[12],"In":[13],"general,":[14],"those":[15],"depend":[17],"on":[18],"intrusion":[19],"knowledge":[20],"databases,":[21],"such":[22],"as":[23],"Knowledge":[24],"Discovery":[25],"Dataset":[26],"(KDD99),":[27],"Center":[28],"for":[29,38,88],"Applied":[30],"Internet":[31],"Data":[32,41],"Analysis":[33],"(CAIDA)":[34],"or":[35,163],"Community":[36],"Resource":[37],"Archiving":[39],"Wireless":[40],"at":[42],"Dartmouth":[43],"(CRAWDAD),":[44],"among":[45],"others.":[46],"Once":[47],"the":[48,95,103,131,161],"database":[49],"is":[50,57,98,114,154],"analyzed":[51],"and":[52,91,111],"a":[53],"machine":[54],"learning":[55],"method":[56],"employed":[58],"to":[59,73,82,102,123,159],"generate":[60],"detectors,":[61],"some":[62,137],"classes":[63],"new":[65],"detectors":[66,70,118,143],"are":[67,71,119],"created.":[68],"Thereafter,":[69],"supposed":[72,115],"be":[74],"deployed":[75,155],"in":[76,80,156],"real":[77],"network":[78,105,138],"environments":[79],"order":[81],"achieve":[83],"good":[86],"results":[87,135],"false":[89],"positives":[90],"rates.":[93],"Since":[94],"traffic":[96],"behavior":[97],"quite":[99],"different":[100,157],"according":[101],"user\u2019s":[104],"activities":[106],"over":[107],"available":[108],"services,":[109],"restrictions":[110],"applications,":[112],"it":[113],"that":[116,144],"behavioral-based":[117],"not":[120],"well":[121],"suited":[122],"all":[124],"kind":[125],"networks.":[127,150],"This":[128],"paper":[129],"presents":[130],"differences":[132],"between":[136],"scenarios":[139,158],"by":[140],"applying":[141],"traditional":[142],"were":[145],"calculated":[146],"artificial":[148],"neural":[149],"The":[151],"same":[152],"detector":[153],"measure":[160],"efficiency":[162],"inefficiency":[164],"static":[166],"training":[167],"detectors.":[168]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":2}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}