{"id":"https://openalex.org/W4406610533","doi":"https://doi.org/10.1109/access.2025.3532353","title":"Reinforcement Learning-Based Generative Security Framework for Host Intrusion Detection","display_name":"Reinforcement Learning-Based Generative Security Framework for Host Intrusion Detection","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4406610533","doi":"https://doi.org/10.1109/access.2025.3532353"},"language":"en","primary_location":{"id":"doi:10.1109/access.2025.3532353","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3532353","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2025.3532353","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028118535","display_name":"Y. J. Kim","orcid":"https://orcid.org/0009-0005-1558-1180"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Yongsik Kim","raw_affiliation_strings":["School of Cybersecurity, Korea University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"School of Cybersecurity, Korea University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009470622","display_name":"Su-Youn Hong","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089444","display_name":"GS Caltex (South Korea)","ror":"https://ror.org/00bvkj141","country_code":"KR","type":"company","lineage":["https://openalex.org/I4210089444"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Su-Youn Hong","raw_affiliation_strings":["LIG Nex1, Yongin-si, South Korea","LIG Nex1, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"LIG Nex1, Yongin-si, South Korea","institution_ids":["https://openalex.org/I4210089444"]},{"raw_affiliation_string":"LIG Nex1, Republic of Korea","institution_ids":["https://openalex.org/I4210089444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101585378","display_name":"Sungjin Park","orcid":"https://orcid.org/0000-0002-0121-4022"},"institutions":[{"id":"https://openalex.org/I4210089444","display_name":"GS Caltex (South Korea)","ror":"https://ror.org/00bvkj141","country_code":"KR","type":"company","lineage":["https://openalex.org/I4210089444"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Sungjin Park","raw_affiliation_strings":["LIG Nex1, Yongin-si, South Korea","LIG Nex1, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"LIG Nex1, Yongin-si, South Korea","institution_ids":["https://openalex.org/I4210089444"]},{"raw_affiliation_string":"LIG Nex1, Republic of Korea","institution_ids":["https://openalex.org/I4210089444"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091602017","display_name":"Huy Kang Kim","orcid":"https://orcid.org/0000-0002-0760-8807"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Huy Kang Kim","raw_affiliation_strings":["School of Cybersecurity, Korea University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"School of Cybersecurity, Korea University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5028118535"],"corresponding_institution_ids":["https://openalex.org/I197347611"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":6.6857,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.9587979,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":100},"biblio":{"volume":"13","issue":null,"first_page":"15346","last_page":"15362"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9793000221252441,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.796657919883728},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7756553888320923},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6901201605796814},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.6884340047836304},{"id":"https://openalex.org/keywords/generative-grammar","display_name":"Generative grammar","score":0.5010671615600586},{"id":"https://openalex.org/keywords/reinforcement","display_name":"Reinforcement","score":0.4882548153400421},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.43288663029670715},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.39969882369041443},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.06782510876655579}],"concepts":[{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.796657919883728},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7756553888320923},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6901201605796814},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.6884340047836304},{"id":"https://openalex.org/C39890363","wikidata":"https://www.wikidata.org/wiki/Q36108","display_name":"Generative grammar","level":2,"score":0.5010671615600586},{"id":"https://openalex.org/C67203356","wikidata":"https://www.wikidata.org/wiki/Q1321905","display_name":"Reinforcement","level":2,"score":0.4882548153400421},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.43288663029670715},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.39969882369041443},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.06782510876655579},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2025.3532353","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3532353","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:44e03b1f623b4e61b9cad51d6c22d505","is_oa":true,"landing_page_url":"https://doaj.org/article/44e03b1f623b4e61b9cad51d6c22d505","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 13, Pp 15346-15362 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2025.3532353","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3532353","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W1981261802","https://openalex.org/W1981738628","https://openalex.org/W2091565802","https://openalex.org/W2109969076","https://openalex.org/W2118516194","https://openalex.org/W2604587076","https://openalex.org/W2747669027","https://openalex.org/W2751301573","https://openalex.org/W2760313715","https://openalex.org/W2885999345","https://openalex.org/W2897600072","https://openalex.org/W2900713154","https://openalex.org/W2914521857","https://openalex.org/W2968831808","https://openalex.org/W2973862992","https://openalex.org/W3099104041","https://openalex.org/W3120973779","https://openalex.org/W3126389064","https://openalex.org/W3133528530","https://openalex.org/W3159364646","https://openalex.org/W3165853173","https://openalex.org/W3167387776","https://openalex.org/W3173427323","https://openalex.org/W3197817719","https://openalex.org/W3212868562","https://openalex.org/W3216768217","https://openalex.org/W4225927428","https://openalex.org/W4283310784","https://openalex.org/W4295346826","https://openalex.org/W4312996076","https://openalex.org/W4323338673","https://openalex.org/W4362554721","https://openalex.org/W4386859011","https://openalex.org/W4386920816","https://openalex.org/W4387046648","https://openalex.org/W4387394709","https://openalex.org/W4387569451","https://openalex.org/W4388499189","https://openalex.org/W4391677521","https://openalex.org/W4402936492","https://openalex.org/W4403125877","https://openalex.org/W4404180395","https://openalex.org/W6631501603","https://openalex.org/W6636510571","https://openalex.org/W6679436768","https://openalex.org/W6682631176","https://openalex.org/W6729739840","https://openalex.org/W6785849752","https://openalex.org/W6788241328","https://openalex.org/W6854193797"],"related_works":["https://openalex.org/W4310083477","https://openalex.org/W2328553770","https://openalex.org/W2920061524","https://openalex.org/W1977959518","https://openalex.org/W2038908348","https://openalex.org/W2107890255","https://openalex.org/W2106552856","https://openalex.org/W2145821588","https://openalex.org/W2086122291","https://openalex.org/W1987513656"],"abstract_inverted_index":{"Protecting":[0],"users\u2019":[1],"systems":[2,86,126],"from":[3,288],"evolving":[4],"cybercrime":[5],"is":[6,31,61,78,142],"becoming":[7],"increasingly":[8],"challenging.":[9],"Attackers":[10],"create":[11,365],"more":[12,192],"complicated":[13],"attack":[14,18,48,172,186,254,266,430],"patterns":[15],"and":[16,87,103,110,122,138,166,213,226,248,294,354,412],"configure":[17,34],"behavior":[19,23],"to":[20,24,33,113,144,163,183,215,232,272,278,316,364],"resemble":[21],"normal":[22,362],"evade":[25],"detection":[26,159,236],"by":[27,100,127,346,360],"defenders.":[28],"Thus,":[29],"it":[30],"indispensable":[32],"a":[35,54,62,79,114,228,274,389,419],"security":[36,98,121,148],"system":[37,105,223,290,377],"that":[38,218],"accurately":[39],"detects":[40],"attacks":[41,165],"on":[42,201,220,260,286,305,351,406],"each":[43,221,253,265],"user\u2019s":[44],"system.":[45],"Since":[46],"the":[47,58,120,156,238,243,250,257,261,289,301,306,309,317,326,333,337,341,347,355,361,372,376,403,407,421],"does":[49],"not":[50],"occur":[51,219],"only":[52],"at":[53],"specific":[55,112,164],"point":[56],"in":[57,64,181,321,328],"network,":[59],"there":[60],"limitation":[63],"identifying":[65],"computer":[66,85],"intrusion":[67,235],"simply":[68],"using":[69,237,246,300,375],"network":[70],"packets.":[71],"A":[72],"Host-based":[73],"Intrusion":[74],"Detection":[75],"System":[76],"(HIDS)":[77],"highly":[80],"effective":[81],"tool":[82],"for":[83,197],"monitoring":[84,102],"detecting":[88,128,198],"unusual":[89],"or":[90,131],"unauthorized":[91,129],"activities.":[92],"HIDS":[93,141,151,158,182],"can":[94,152],"quickly":[95],"identify":[96],"potential":[97],"threats":[99],"closely":[101],"analyzing":[104],"logs,":[106],"configurations,":[107],"file":[108],"integrity,":[109],"events":[111],"host":[115],"machine.":[116],"It":[117],"helps":[118],"maintain":[119],"integrity":[123],"of":[124,252,264,276,393],"individual":[125],"activities":[130],"policy":[132],"violations.":[133],"With":[134],"its":[135,366],"advanced":[136],"capabilities":[137],"reliable":[139],"performance,":[140],"essential":[143],"any":[145],"comprehensive":[146],"host-based":[147],"strategy.":[149],"Although":[150],"detect":[153],"insider":[154],"intrusions,":[155],"known":[157],"methods":[160],"are":[161],"limited":[162],"may":[167],"be":[168],"ineffective":[169],"against":[170,280,428],"new":[171],"patterns.":[173,203],"Recently,":[174],"researchers":[175],"applied":[176],"Natural":[177],"Language":[178],"Processing":[179],"(NLP)":[180],"scrutinize":[184],"complex":[185],"patterns,":[187],"but":[188],"they":[189],"could":[190],"have":[191],"effectively":[193],"provided":[194,296],"useful":[195],"outputs":[196],"intrusions":[199],"based":[200,285,350,405],"these":[202],"In":[204],"this":[205],"paper,":[206],"we":[207,268,331],"use":[208],"reinforcement":[209,270,322,329,352],"learning":[210,271],"methodology,":[211],"Actor-Critic,":[212],"NLP":[214,247],"extract":[216,249],"keywords":[217,263,284],"anomaly":[222,244],"call":[224,291,378],"log":[225,245,255,292,343,379],"propose":[227],"rule":[229,348,368],"generation":[230],"framework":[231,374,387,409,423],"prevent":[233],"future":[234],"extracted":[239,283,302,307],"words.":[240],"We":[241,282,370,401],"analyze":[242],"characteristics":[251],"as":[256],"\u2018keyword.\u2019":[258],"Based":[259,304],"unique":[262],"log,":[267],"utilize":[269],"establish":[273],"set":[275,349],"rules":[277,314],"protect":[279],"attacks.":[281,400],"textrank":[287],"sequence":[293,344],"simultaneously":[295],"ground":[297],"truth":[298],"data":[299,363],"keywords.":[303],"keywords,":[308],"pre-trained":[310,338],"Seq2Seq":[311,339,413],"model":[312],"generate":[313],"according":[315],"reward":[318,327],"calculation":[319],"method":[320],"learning.":[323],"When":[324],"calculating":[325],"learning,":[330,353],"used":[332],"comparison":[334],"value":[335,358],"with":[336,398],"model,":[340],"malware":[342],"detected":[345],"false":[356],"positive":[357],"generated":[359],"own":[367],"set.":[369],"verified":[371],"proposed":[373,386,408,422],"datasets:":[380],"ADFA-LD,":[381],"LID-DS":[382],"2021":[383],"dataset.":[384],"The":[385],"demonstrated":[388],"high":[390,426],"accuracy":[391,404,427],"rate":[392],"96.5%":[394],"average":[395],"when":[396],"faced":[397],"different":[399],"compared":[402],"detection,":[410],"textrank,":[411],"model-based":[414],"keyword":[415],"extraction":[416],"methods.":[417],"As":[418],"result,":[420],"showed":[424],"relatively":[425],"various":[429],"logs.":[431]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-06T13:50:29.536080","created_date":"2025-10-10T00:00:00"}