{"id":"https://openalex.org/W2975969914","doi":"https://doi.org/10.1108/ics-01-2019-0008","title":"Mobile agent-based SIEM for event collection and normalization externalization","display_name":"Mobile agent-based SIEM for event collection and normalization externalization","publication_year":2019,"publication_date":"2019-08-28","ids":{"openalex":"https://openalex.org/W2975969914","doi":"https://doi.org/10.1108/ics-01-2019-0008","mag":"2975969914"},"language":"en","primary_location":{"id":"doi:10.1108/ics-01-2019-0008","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-01-2019-0008","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005408176","display_name":"Nabil Moukafih","orcid":"https://orcid.org/0000-0002-2148-7896"},"institutions":[{"id":"https://openalex.org/I126477371","display_name":"Mohammed V University","ror":"https://ror.org/00r8w8f84","country_code":"MA","type":"education","lineage":["https://openalex.org/I126477371"]}],"countries":["MA"],"is_corresponding":true,"raw_author_name":"Nabil Moukafih","raw_affiliation_strings":["Laboratory of Mathematics, Computing and Applications \u2013 Information Security, Faculty of Sciences, Mohammed V University in Rabat, Rabat, Morocco"],"affiliations":[{"raw_affiliation_string":"Laboratory of Mathematics, Computing and Applications \u2013 Information Security, Faculty of Sciences, Mohammed V University in Rabat, Rabat, Morocco","institution_ids":["https://openalex.org/I126477371"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024180599","display_name":"Ghizlane Orhanou","orcid":"https://orcid.org/0000-0002-6065-2284"},"institutions":[{"id":"https://openalex.org/I126477371","display_name":"Mohammed V University","ror":"https://ror.org/00r8w8f84","country_code":"MA","type":"education","lineage":["https://openalex.org/I126477371"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Ghizlane Orhanou","raw_affiliation_strings":["Laboratory of Mathematics, Computing and Applications \u2013 Information Security, Faculty of Sciences, Mohammed V University in Rabat, Rabat, Morocco"],"affiliations":[{"raw_affiliation_string":"Laboratory of Mathematics, Computing and Applications \u2013 Information Security, Faculty of Sciences, Mohammed V University in Rabat, Rabat, Morocco","institution_ids":["https://openalex.org/I126477371"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072687141","display_name":"Sa\u00efd El Hajji","orcid":"https://orcid.org/0000-0001-9864-4872"},"institutions":[{"id":"https://openalex.org/I126477371","display_name":"Mohammed V University","ror":"https://ror.org/00r8w8f84","country_code":"MA","type":"education","lineage":["https://openalex.org/I126477371"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Said Elhajji","raw_affiliation_strings":["Laboratory of Mathematics, Computing and Applications \u2013 Information Security, Faculty of Sciences, Mohammed V University in Rabat, Rabat, Morocco"],"affiliations":[{"raw_affiliation_string":"Laboratory of Mathematics, Computing and Applications \u2013 Information Security, Faculty of Sciences, Mohammed V University in Rabat, Rabat, Morocco","institution_ids":["https://openalex.org/I126477371"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5005408176"],"corresponding_institution_ids":["https://openalex.org/I126477371"],"apc_list":null,"apc_paid":null,"fwci":0.5306,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.6938439,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"28","issue":"1","first_page":"15","last_page":"34"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10742","display_name":"Peer-to-Peer Network Technologies","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/normalization","display_name":"Normalization (sociology)","score":0.764949381351471},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7135567665100098},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.5794886946678162},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3639722466468811},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3629196286201477},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.33725255727767944},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.33400624990463257},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3286399245262146}],"concepts":[{"id":"https://openalex.org/C136886441","wikidata":"https://www.wikidata.org/wiki/Q926129","display_name":"Normalization (sociology)","level":2,"score":0.764949381351471},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7135567665100098},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.5794886946678162},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3639722466468811},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3629196286201477},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.33725255727767944},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33400624990463257},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3286399245262146},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C19165224","wikidata":"https://www.wikidata.org/wiki/Q23404","display_name":"Anthropology","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/ics-01-2019-0008","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-01-2019-0008","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W1427431057","https://openalex.org/W1777343309","https://openalex.org/W2012169431","https://openalex.org/W2061666455","https://openalex.org/W2119996128","https://openalex.org/W2123371000","https://openalex.org/W2155983555","https://openalex.org/W2289300083","https://openalex.org/W2541267187","https://openalex.org/W2557728737","https://openalex.org/W2736387491","https://openalex.org/W2738046073","https://openalex.org/W2763003137","https://openalex.org/W2765782188","https://openalex.org/W2790583291","https://openalex.org/W2896538196","https://openalex.org/W2899131196","https://openalex.org/W2929282331","https://openalex.org/W2937592706"],"related_works":["https://openalex.org/W2591697403","https://openalex.org/W2953716828","https://openalex.org/W2904857019","https://openalex.org/W2944728705","https://openalex.org/W3011538607","https://openalex.org/W2904022177","https://openalex.org/W2359348847","https://openalex.org/W4321441197","https://openalex.org/W4294432981","https://openalex.org/W4321276295"],"abstract_inverted_index":{"Purpose":[0],"This":[1],"paper":[2,155],"aims":[3],"to":[4,148,177],"propose":[5],"a":[6,49,89,106,165],"mobile":[7,18,41,185,200],"agent-based":[8],"security":[9],"information":[10],"and":[11,25,46,56,87,117,161,163],"event":[12,23],"management":[13],"architecture":[14,60,86,116],"(MA-SIEM)":[15],"that":[16,118,130],"uses":[17],"agents":[19,42],"for":[20,54,92,169,181],"near":[21,174],"real-time":[22],"collection":[24],"normalization":[26,35,195],"on":[27,43],"the":[28,34,68,71,74,78,84,93,99,103,110,114,127,143,178,194],"source":[29],"device.":[30],"The":[31,59,124,188],"externalization":[32],"of":[33,77,95,119,126],"process,":[36],"executed":[37],"by":[38],"several":[39],"distributed":[40],"interconnected":[44],"computers":[45],"devices,":[47],"proposes":[48,164],"SIEM":[50,100,121,138,144,179],"server":[51,180],"dedicated":[52,147],"mainly":[53],"correlation":[55,150],"analysis.":[57,151],"Design/methodology/approach":[58],"has":[61],"been":[62],"proposed":[63,79,85,115],"in":[64,113,173],"three":[65],"stages.":[66],"In":[67,152],"first":[69],"step,":[70],"authors":[72,104],"described":[73],"different":[75],"aspects":[76],"approach.":[80],"Then":[81],"they":[82,141],"implemented":[83],"presented":[88],"new":[90,191],"vision":[91],"insertion":[94],"normalized":[96,171],"data":[97],"into":[98,157,193],"database.":[101],"Finally,":[102],"performed":[105],"numerical":[107],"comparison":[108],"between":[109],"approach":[111],"used":[112],"existing":[120,137],"systems.":[122],"Findings":[123],"results":[125],"experiments":[128],"showed":[129],"MA-SIEM":[131],"systems":[132,139],"are":[133],"more":[134],"efficient":[135],"than":[136],"because":[140],"leave":[142],"resources":[145],"primarily":[146],"advanced":[149],"addition,":[153],"this":[154],"takes":[156],"account":[158],"realistic":[159],"scenarios":[160],"use-cases":[162],"fully":[166],"automated":[167],"process":[168],"transferring":[170],"events":[172,197],"real":[175],"time":[176],"further":[182],"analysis":[183],"using":[184,198],"agents.":[186,201],"Originality/value":[187],"work":[189],"provides":[190],"insights":[192],"security-related":[196],"light":[199]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}