{"id":"https://openalex.org/W3015183627","doi":"https://doi.org/10.1109/access.2020.2985367","title":"REMaDD: Resource-Efficient Malicious Domains Detector in Large-Scale Networks","display_name":"REMaDD: Resource-Efficient Malicious Domains Detector in Large-Scale Networks","publication_year":2020,"publication_date":"2020-01-01","ids":{"openalex":"https://openalex.org/W3015183627","doi":"https://doi.org/10.1109/access.2020.2985367","mag":"3015183627"},"language":"en","primary_location":{"id":"doi:10.1109/access.2020.2985367","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2020.2985367","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09056547.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09056547.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066302005","display_name":"Ofir Erets Kdosha","orcid":"https://orcid.org/0000-0001-6028-6723"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Ofir Erets Kdosha","raw_affiliation_strings":["School of Electrical and Computer Engineering, Ben-Gurion University of the Negev, Beer Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0001-6028-6723","affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, Ben-Gurion University of the Negev, Beer Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090919089","display_name":"Gilad Rosenthal","orcid":"https://orcid.org/0000-0002-0933-1338"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Gilad Rosenthal","raw_affiliation_strings":["School of Electrical and Computer Engineering, Ben-Gurion University of the Negev, Beer Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-0933-1338","affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, Ben-Gurion University of the Negev, Beer Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066085947","display_name":"Kobi Cohen","orcid":"https://orcid.org/0000-0003-0532-009X"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Kobi Cohen","raw_affiliation_strings":["School of Electrical and Computer Engineering, Ben-Gurion University of the Negev, Beer Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0003-0532-009X","affiliations":[{"raw_affiliation_string":"School of Electrical and Computer Engineering, Ben-Gurion University of the Negev, Beer Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067977927","display_name":"Alon Freund","orcid":"https://orcid.org/0000-0002-9768-7018"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alon Freund","raw_affiliation_strings":["IBM Cyber Security Center of Excellence, Beer Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-9768-7018","affiliations":[{"raw_affiliation_string":"IBM Cyber Security Center of Excellence, Beer Sheva, Israel","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033762600","display_name":"Avishay Bartik","orcid":"https://orcid.org/0000-0002-0454-4043"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Avishay Bartik","raw_affiliation_strings":["IBM Cyber Security Center of Excellence, Beer Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-0454-4043","affiliations":[{"raw_affiliation_string":"IBM Cyber Security Center of Excellence, Beer Sheva, Israel","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019238211","display_name":"Aviv Ron","orcid":"https://orcid.org/0000-0002-5936-973X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Aviv Ron","raw_affiliation_strings":["IBM Cyber Security Center of Excellence, Beer Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-5936-973X","affiliations":[{"raw_affiliation_string":"IBM Cyber Security Center of Excellence, Beer Sheva, Israel","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.3241,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.60929001,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":"8","issue":null,"first_page":"66327","last_page":"66337"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8322329521179199},{"id":"https://openalex.org/keywords/haystack","display_name":"Haystack","score":0.7277965545654297},{"id":"https://openalex.org/keywords/ibm","display_name":"IBM","score":0.6064115166664124},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.4815414547920227},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.43378469347953796},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.43356218934059143},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4177439212799072},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.39893412590026855},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.33213353157043457},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2807771563529968},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.24726873636245728}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8322329521179199},{"id":"https://openalex.org/C13424479","wikidata":"https://www.wikidata.org/wiki/Q5687237","display_name":"Haystack","level":2,"score":0.7277965545654297},{"id":"https://openalex.org/C70388272","wikidata":"https://www.wikidata.org/wiki/Q5968558","display_name":"IBM","level":2,"score":0.6064115166664124},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.4815414547920227},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.43378469347953796},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.43356218934059143},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4177439212799072},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.39893412590026855},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.33213353157043457},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2807771563529968},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.24726873636245728},{"id":"https://openalex.org/C192562407","wikidata":"https://www.wikidata.org/wiki/Q228736","display_name":"Materials science","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C171250308","wikidata":"https://www.wikidata.org/wiki/Q11468","display_name":"Nanotechnology","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2020.2985367","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2020.2985367","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09056547.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:0b24b440762f45ebbc0dc5f8b5e57ea2","is_oa":true,"landing_page_url":"https://doaj.org/article/0b24b440762f45ebbc0dc5f8b5e57ea2","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 8, Pp 66327-66337 (2020)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2020.2985367","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2020.2985367","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8948470/09056547.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G46667588","display_name":null,"funder_award_id":"2017723","funder_id":"https://openalex.org/F4320320950","funder_display_name":"United States-Israel Binational Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320320950","display_name":"United States-Israel Binational Science Foundation","ror":"https://ror.org/00j8z2m73"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3015183627.pdf","grobid_xml":"https://content.openalex.org/works/W3015183627.grobid-xml"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W17316494","https://openalex.org/W155384935","https://openalex.org/W196740607","https://openalex.org/W1498756827","https://openalex.org/W1550514379","https://openalex.org/W1809063480","https://openalex.org/W1951556645","https://openalex.org/W1954903228","https://openalex.org/W1980003963","https://openalex.org/W2003116136","https://openalex.org/W2082550445","https://openalex.org/W2102283838","https://openalex.org/W2122111042","https://openalex.org/W2164348526","https://openalex.org/W2168248885","https://openalex.org/W2191989567","https://openalex.org/W2292932216","https://openalex.org/W2546910111","https://openalex.org/W2768793959","https://openalex.org/W2797742547","https://openalex.org/W2804240301","https://openalex.org/W2808012850","https://openalex.org/W2808451423","https://openalex.org/W2809104090","https://openalex.org/W2889547652","https://openalex.org/W2901528928","https://openalex.org/W2911964244","https://openalex.org/W2940958568","https://openalex.org/W3105750153","https://openalex.org/W4205883304","https://openalex.org/W6600692465","https://openalex.org/W6606342502","https://openalex.org/W6608030608","https://openalex.org/W6632893704","https://openalex.org/W6640663528","https://openalex.org/W6645197167","https://openalex.org/W6729497825"],"related_works":["https://openalex.org/W4253878822","https://openalex.org/W1965563707","https://openalex.org/W1736550718","https://openalex.org/W4210692028","https://openalex.org/W2808729870","https://openalex.org/W2479343091","https://openalex.org/W2278064783","https://openalex.org/W3174858427","https://openalex.org/W1972480475","https://openalex.org/W2381436100"],"abstract_inverted_index":{"Detecting":[0],"malicious":[1,56,87,104,131],"activities":[2,132],"in":[3,30,85,106,133,167,179],"cyber":[4],"systems":[5],"is":[6,23,37,159],"a":[7,28,31,51,79,99],"major":[8],"challenge":[9],"of":[10,19,39,43,54,66,169,181],"cybersecurity":[11],"service":[12],"providers.":[13],"Due":[14],"to":[15,26,91,102,190],"the":[16,40,44,92,117,122,138,213],"large":[17],"amount":[18],"network":[20],"traffic,":[21,109],"it":[22,48,60],"often":[24],"likened":[25],"finding":[27],"needle":[29],"haystack.":[32],"Domain":[33,113],"name":[34],"system":[35],"(DNS)":[36],"one":[38],"fundamental":[41],"protocols":[42],"internet,":[45],"and":[46,61,77,151,163,172,185,207,215,224],"therefore":[47],"can":[49],"give":[50],"broad":[52],"view":[53],"those":[55],"activities,":[57],"which":[58],"abuse":[59],"leave":[62],"fingerprints":[63],"as":[64,89,188],"part":[65],"their":[67],"attack":[68],"vector.":[69],"In":[70],"this":[71],"collaborative":[72],"research":[73],"between":[74],"Ben-Gurion":[75],"University,":[76],"IBM,":[78],"significant":[80],"performance":[81,178],"improvement":[82],"was":[83],"achieved":[84,203,218],"detecting":[86],"domains":[88,105],"compared":[90,189],"state-of-the-art":[93],"software":[94],"solutions.":[95],"Specifically,":[96,193],"we":[97],"establish":[98],"novel":[100],"algorithm":[101,123,158],"detect":[103],"large-scale":[107],"DNS":[108],"named":[110],"Resource-Efficient":[111],"Malicious":[112],"Detector":[114],"(REMaDD),":[115],"with":[116],"following":[118],"desired":[119],"properties.":[120],"First,":[121],"does":[124],"not":[125],"require":[126],"prior":[127],"knowledge":[128],"on":[129,153,196],"historical":[130],"its":[134],"real-time":[135,154,165],"operations.":[136],"Second,":[137],"development":[139],"used":[140],"real":[141],"live":[142],"streaming":[143],"data":[144],"from":[145],"The":[146,157],"Inter-University":[147],"Computation":[148],"Center":[149],"(IUCC),":[150],"operated":[152],"IBM":[155,197],"system.":[156],"highly":[160],"computational":[161,173,186],"efficient":[162],"satisfies":[164],"requirements":[166],"terms":[168,180],"running":[170],"time":[171],"complexity.":[174],"REMaDD":[175,202],"demonstrated":[176,200],"strong":[177],"both":[182],"detection":[183],"accuracy":[184],"efficiency":[187],"existing":[191],"algorithms.":[192],"experimental":[194],"results":[195],"production":[198],"environment":[199],"that":[201],"89.4%":[204],"Precision":[205,222],"score,":[206,223,228],"82.9%":[208],"Recall":[209,227],"score.":[210],"By":[211],"contrast,":[212],"DomainObserver,":[214],"LSTM.MI":[216],"algorithms":[217],"only":[219],"76.7%,":[220],"67.2%":[221],"81.7%,":[225],"75.3%":[226],"respectively.":[229]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}