{"id":"https://openalex.org/W4402811718","doi":"https://doi.org/10.1109/csr61664.2024.10679441","title":"Attack-Specific Feature Construction to Detect Malicious TCP Flows","display_name":"Attack-Specific Feature Construction to Detect Malicious TCP Flows","publication_year":2024,"publication_date":"2024-09-02","ids":{"openalex":"https://openalex.org/W4402811718","doi":"https://doi.org/10.1109/csr61664.2024.10679441"},"language":"en","primary_location":{"id":"doi:10.1109/csr61664.2024.10679441","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679441","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054832413","display_name":"Vasudha Vedula","orcid":null},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vasudha Vedula","raw_affiliation_strings":["University of Texas at San Antonio"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at San Antonio","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058293481","display_name":"Rajendra V. Boppana","orcid":"https://orcid.org/0000-0001-9195-777X"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rajendra V. Boppana","raw_affiliation_strings":["University of Texas at San Antonio"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at San Antonio","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108522835","display_name":"Palden Lama","orcid":null},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Palden Lama","raw_affiliation_strings":["University of Texas at San Antonio"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at San Antonio","institution_ids":["https://openalex.org/I45438204"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.16799583,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"34","issue":null,"first_page":"208","last_page":"215"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9815000295639038,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6032212376594543},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.5605822801589966},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.372244656085968},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.32701483368873596}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6032212376594543},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.5605822801589966},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.372244656085968},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.32701483368873596},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr61664.2024.10679441","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679441","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G664188414","display_name":null,"funder_award_id":"W911NF2110188","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G7460946831","display_name":null,"funder_award_id":"H98230-21-1-0171,H98230-20-1-0392","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"}],"funders":[{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"},{"id":"https://openalex.org/F4320338281","display_name":"Army Research Office","ror":"https://ror.org/05epdh915"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1884606608","https://openalex.org/W2003282593","https://openalex.org/W2105779206","https://openalex.org/W2489416479","https://openalex.org/W2768426510","https://openalex.org/W2911614936","https://openalex.org/W2946445608","https://openalex.org/W2958285686","https://openalex.org/W2978116063","https://openalex.org/W3014732532","https://openalex.org/W3160455160","https://openalex.org/W3198430296","https://openalex.org/W3213057391","https://openalex.org/W4324093415","https://openalex.org/W4382998648","https://openalex.org/W6600635881","https://openalex.org/W6797080668"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W2382290278","https://openalex.org/W4395014643"],"abstract_inverted_index":{"Malicious":[0],"network":[1,11,67,80,97],"flow":[2],"detection":[3,99],"and":[4,13,35,54,156],"mitigation":[5],"is":[6,61],"a":[7,16,71],"major":[8],"part":[9],"of":[10,47,90],"security":[12],"has":[14,118],"been":[15],"widely":[17],"researched":[18],"topic":[19],"for":[20,128],"decades":[21],"now.":[22],"Various":[23],"approaches,":[24],"from":[25,109],"simple":[26],"filtering":[27],"to":[28],"complex":[29],"deep":[30,51],"packet":[31],"inspection,":[32],"were":[33,37],"proposed":[34,145],"technologies":[36],"leveraged":[38],"with":[39,105,143],"the":[40,45,64,75,91,115,119,139,144,149],"recent":[41],"research":[42],"focus":[43],"on":[44],"implemen-tation":[46],"machine":[48],"learning":[49,52],"(ML),":[50],"(DL),":[53],"artificial":[55],"intelligence":[56],"(AI)":[57],"techniques.":[58],"While":[59],"it":[60],"evident":[62],"that":[63,131,138],"features":[65,95,107,146],"representing":[66],"traffic":[68,81],"patterns":[69],"play":[70],"vital":[72],"role":[73],"in":[74,96],"ML,":[76],"DL,":[77],"or":[78,151],"AI-based":[79],"analysis,":[82],"feature":[83,126],"construction":[84,127],"received":[85],"limited":[86],"attention.":[87],"The":[88,135],"robustness":[89],"frequently":[92],"used":[93],"statistical":[94,106],"attack":[98],"are":[100],"unclear.":[101],"ML":[102,140],"models":[103,141],"trained":[104,142],"suffer":[108],"out-of-distribution":[110],"(OOD)":[111],"problem":[112],"even":[113],"when":[114],"test":[116],"set":[117],"same":[120,150],"attacks.":[121],"This":[122],"paper":[123],"proposes":[124],"attack-specific":[125],"TCP-based":[129],"attacks":[130],"exploit":[132],"protocol":[133,153],"features.":[134],"results":[136],"show":[137],"effectively":[147],"detect":[148],"similar":[152],"exploits":[154],"whenever":[155],"wherever":[157],"they":[158],"occur.":[159]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}