{"id":"https://openalex.org/W4367042240","doi":"https://doi.org/10.1109/drcn57075.2023.10108333","title":"A Machine Learning-Driven Threat Hunting Architecture for Protecting Critical Infrastructures","display_name":"A Machine Learning-Driven Threat Hunting Architecture for Protecting Critical Infrastructures","publication_year":2023,"publication_date":"2023-04-17","ids":{"openalex":"https://openalex.org/W4367042240","doi":"https://doi.org/10.1109/drcn57075.2023.10108333"},"language":"en","primary_location":{"id":"doi:10.1109/drcn57075.2023.10108333","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/drcn57075.2023.10108333","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 19th International Conference on the Design of Reliable Communication Networks (DRCN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012810713","display_name":"Mario Aragon\u00e9s Lozano","orcid":"https://orcid.org/0000-0002-8278-3947"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Mario Aragon\u00e9s Lozano","raw_affiliation_strings":["Universitat Politècnica de València,Communications Department,Valencia,Spain"],"affiliations":[{"raw_affiliation_string":"Universitat Politècnica de València,Communications Department,Valencia,Spain","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084979118","display_name":"Israel P\u00e9rez Llopis","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Israel P\u00e9rez Llopis","raw_affiliation_strings":["Universitat Politècnica de València,Communications Department,Valencia,Spain"],"affiliations":[{"raw_affiliation_string":"Universitat Politècnica de València,Communications Department,Valencia,Spain","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045874706","display_name":"Alfonso Climente Alarc\u00f3n","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alfonso Climente Alarc\u00f3n","raw_affiliation_strings":["Universitat Politècnica de València,Communications Department,Valencia,Spain"],"affiliations":[{"raw_affiliation_string":"Universitat Politècnica de València,Communications Department,Valencia,Spain","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103715340","display_name":"Manuel Esteve Domingo","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Manuel Esteve Domingo","raw_affiliation_strings":["Universitat Politècnica de València,Communications Department,Valencia,Spain"],"affiliations":[{"raw_affiliation_string":"Universitat Politècnica de València,Communications Department,Valencia,Spain","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5012810713"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.6179,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.66643965,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7042439579963684},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6872072219848633},{"id":"https://openalex.org/keywords/situation-awareness","display_name":"Situation awareness","score":0.63959801197052},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4963696599006653},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.4770309627056122},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.4258236885070801},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.41899219155311584},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.4165344834327698},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.38017159700393677},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2601807117462158},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.15588101744651794},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.15277177095413208}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7042439579963684},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6872072219848633},{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.63959801197052},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4963696599006653},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.4770309627056122},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.4258236885070801},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.41899219155311584},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.4165344834327698},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.38017159700393677},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2601807117462158},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.15588101744651794},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.15277177095413208},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/drcn57075.2023.10108333","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/drcn57075.2023.10108333","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 19th International Conference on the Design of Reliable Communication Networks (DRCN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W2055631879","https://openalex.org/W2065890363","https://openalex.org/W2075893278","https://openalex.org/W2087336585","https://openalex.org/W2096575147","https://openalex.org/W2150761772","https://openalex.org/W2161573379","https://openalex.org/W2309113855","https://openalex.org/W2566899386","https://openalex.org/W2751495347","https://openalex.org/W2756675797","https://openalex.org/W2791879367","https://openalex.org/W2794501214","https://openalex.org/W2904686161","https://openalex.org/W2908954810","https://openalex.org/W2922110906","https://openalex.org/W2982379052","https://openalex.org/W3036491774","https://openalex.org/W3131542938","https://openalex.org/W3139164743","https://openalex.org/W3174621618","https://openalex.org/W3185102761","https://openalex.org/W4214829033","https://openalex.org/W4232387886","https://openalex.org/W4235439437"],"related_works":["https://openalex.org/W3024912289","https://openalex.org/W2415747217","https://openalex.org/W2389214306","https://openalex.org/W2561023719","https://openalex.org/W4235240664","https://openalex.org/W2094708502","https://openalex.org/W1542973883","https://openalex.org/W2965083567","https://openalex.org/W1838576100","https://openalex.org/W2357468538"],"abstract_inverted_index":{"The":[0,134],"number":[1],"and":[2,14,39,74,103,116,118,153,161,170,209],"the":[3,23,48,130,147,167],"diversity":[4],"in":[5,22,47,122],"nature":[6],"of":[7,100,112,136,150,201,213],"daily":[8],"cyber-attacks":[9],"increased":[10],"last":[11],"few":[12],"years,":[13],"trends":[15],"are":[16,55],"that":[17,96,188],"both":[18],"will":[19],"grow":[20],"exponentially":[21],"near":[24],"future,":[25],"therefore,":[26],"Critical":[27,202],"Infrastructures\u2019":[28],"Security":[29],"Departments":[30],"must":[31,88,97,108],"have":[32,89],"their":[33,58,65,72,93,175],"own":[34],"IT":[35],"specialists":[36],"to":[37,41,125,156,173,183],"prevent":[38],"respond":[40],"cyber-attacks.":[42],"To":[43,76],"introduce":[44],"more":[45],"challenges":[46],"existing":[49],"cyber":[50],"security":[51,94],"landscape,":[52],"many":[53],"attacks":[54],"unknown":[56],"until":[57],"spawn,":[59],"even":[60],"a":[61,185,193,206],"long":[62],"time":[63],"after":[64],"initial":[66],"actions,":[67],"posing":[68],"increasing":[69],"difficulties":[70],"on":[71,205],"detection":[73],"remediation.":[75],"be":[77,98],"reactive":[78],"against":[79],"those":[80,151],"cyber-attacks,":[81],"usually":[82],"defined":[83],"as":[84],"zero-day":[85],"attacks,":[86],"organizations":[87],"Threat":[90,106,190],"Hunters":[91,107,191],"at":[92],"departments":[95],"aware":[99],"unusual":[101],"behaviors":[102],"Modus":[104],"Operandi.":[105],"face":[109],"vast":[110],"amounts":[111],"data":[113,152,160],"(mainly":[114],"benign":[115],"repetitive,":[117],"following":[119],"predictable":[120],"patterns)":[121],"short":[123],"periods":[124],"detect":[126],"any":[127],"anomaly,":[128],"with":[129],"associated":[131],"cognitive":[132],"overwhelm.":[133],"application":[135],"Artificial":[137],"Intelligence,":[138],"specifically":[139],"Machine":[140,194],"Learning":[141,195],"(ML)":[142],"techniques,":[143],"can":[144,154],"remarkably":[145],"impact":[146],"real-time":[148],"analysis":[149],"help":[155],"discriminate":[157],"between":[158],"harm-less":[159],"malicious":[162],"data,":[163],"alleviating":[164],"analysts":[165],"from":[166],"above-mentioned":[168],"overload":[169],"providing":[171],"means":[172],"enhance":[174],"Cyber":[176],"Situational":[177],"Awareness":[178],"(CSA).":[179],"This":[180],"work":[181],"aims":[182],"design":[184],"system":[186],"architecture":[187],"helps":[189],"using":[192],"approach":[196],"for":[197],"protecting":[198],"all":[199],"kind":[200],"Infrastructures":[203],"based":[204],"distributed,":[207],"scalable":[208],"online":[210],"configurable":[211],"framework":[212],"interconnected":[214],"modular":[215],"components.":[216]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2025-12-24T23:09:58.560324","created_date":"2025-10-10T00:00:00"}