{"id":"https://openalex.org/W2784273262","doi":"https://doi.org/10.1109/bigdata.2017.8258527","title":"Anomaly detection on bipartite graphs for cyber situational awareness and threat detection","display_name":"Anomaly detection on bipartite graphs for cyber situational awareness and threat detection","publication_year":2017,"publication_date":"2017-12-01","ids":{"openalex":"https://openalex.org/W2784273262","doi":"https://doi.org/10.1109/bigdata.2017.8258527","mag":"2784273262"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata.2017.8258527","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata.2017.8258527","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036081460","display_name":"Mohammed Eslami","orcid":"https://orcid.org/0000-0001-5488-1542"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Mohammed Eslami","raw_affiliation_strings":["Netrias, LLC"],"affiliations":[{"raw_affiliation_string":"Netrias, LLC","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108527022","display_name":"George Zheng","orcid":null},"institutions":[{"id":"https://openalex.org/I4210155082","display_name":"KeyW (United States)","ror":"https://ror.org/048maeh80","country_code":"US","type":"company","lineage":["https://openalex.org/I4210155082"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"George Zheng","raw_affiliation_strings":["KeyW Corporation, Bethesda, MD"],"affiliations":[{"raw_affiliation_string":"KeyW Corporation, Bethesda, MD","institution_ids":["https://openalex.org/I4210155082"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010119669","display_name":"Hamed Eramian","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hamed Eramian","raw_affiliation_strings":["Netrias, LLC"],"affiliations":[{"raw_affiliation_string":"Netrias, LLC","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5003796254","display_name":"Georgiy Levchuk","orcid":null},"institutions":[{"id":"https://openalex.org/I4210118379","display_name":"Aptima (United States)","ror":"https://ror.org/02js2n445","country_code":"US","type":"company","lineage":["https://openalex.org/I4210118379"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Georgiy Levchuk","raw_affiliation_strings":["Aptima Inc, Woburn, MA"],"affiliations":[{"raw_affiliation_string":"Aptima Inc, Woburn, MA","institution_ids":["https://openalex.org/I4210118379"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5036081460"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.4144,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.68499375,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"4741","last_page":"4743"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/bipartite-graph","display_name":"Bipartite graph","score":0.8169061541557312},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7182662487030029},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5597789287567139},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4727811813354492},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4723540246486664},{"id":"https://openalex.org/keywords/situation-awareness","display_name":"Situation awareness","score":0.4614409804344177},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.4425404965877533},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3986979126930237},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.15041884779930115}],"concepts":[{"id":"https://openalex.org/C197657726","wikidata":"https://www.wikidata.org/wiki/Q174733","display_name":"Bipartite graph","level":3,"score":0.8169061541557312},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7182662487030029},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5597789287567139},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4727811813354492},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4723540246486664},{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.4614409804344177},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.4425404965877533},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3986979126930237},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.15041884779930115},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata.2017.8258527","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata.2017.8258527","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5299999713897705}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306078","display_name":"U.S. Department of Defense","ror":"https://ror.org/0447fe631"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W1991357106","https://openalex.org/W2031163547","https://openalex.org/W2098153194","https://openalex.org/W2111492941"],"related_works":["https://openalex.org/W2371352078","https://openalex.org/W2953461625","https://openalex.org/W2077383796","https://openalex.org/W2080136900","https://openalex.org/W2372768926","https://openalex.org/W2999799752","https://openalex.org/W2567825307","https://openalex.org/W2054458431","https://openalex.org/W2115167491","https://openalex.org/W3013576436"],"abstract_inverted_index":{"Data":[0],"from":[1,73],"cyber":[2,106],"logs":[3,107],"can":[4,54,109],"often":[5,24],"be":[6,110],"represented":[7,111],"as":[8,47,112],"a":[9,56,96,123],"bipartite":[10,33,113],"graph":[11,20,44,67,100,119,127],"(e.g.":[12],"internal":[13],"IP-external":[14],"IP,":[15],"user-application,":[16],"or":[17],"client-server).":[18],"State-of-the-art":[19],"based":[21],"anomaly":[22],"detection":[23],"generalizes":[25],"across":[26],"all":[27],"types":[28],"of":[29,42,63,125],"graphs":[30],"-":[31],"namely":[32],"and":[34,40,51,121],"non-bipartite.":[35],"This":[36,115],"confounds":[37],"the":[38,88],"interpretation":[39],"use":[41],"specific":[43],"features":[45,128],"such":[46],"degree,":[48],"page":[49],"rank,":[50],"eigencentrality":[52],"that":[53,82,103,108,129],"provide":[55,95],"security":[57],"analyst":[58],"with":[59],"rapid":[60],"situational":[61],"awareness":[62],"their":[64],"network.":[65],"Furthermore,":[66],"algorithms":[68],"applied":[69],"to":[70,85,87],"data":[71,89],"collected":[72],"large,":[74],"distributed":[75],"enterprise":[76],"scale":[77,86],"networks":[78],"require":[79],"accompanying":[80],"methods":[81],"allow":[83],"them":[84],"collected.":[90],"In":[91],"this":[92],"paper,":[93],"we":[94],"novel,":[97],"scalable,":[98],"directional":[99,118],"projection":[101],"framework":[102,116],"operates":[104],"on":[105],"graphs.":[114],"computes":[117],"projections":[120],"identifies":[122],"set":[124],"interpretable":[126],"describe":[130],"anomalies":[131],"within":[132],"each":[133],"partite.":[134]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}