{"id":"https://openalex.org/W4392152379","doi":"https://doi.org/10.1109/globecom54140.2023.10436884","title":"Real-Time Anomaly Detection in SDN Architecture Using Integrated SIEM and Machine Learning for Enhancing Network Security","display_name":"Real-Time Anomaly Detection in SDN Architecture Using Integrated SIEM and Machine Learning for Enhancing Network Security","publication_year":2023,"publication_date":"2023-12-04","ids":{"openalex":"https://openalex.org/W4392152379","doi":"https://doi.org/10.1109/globecom54140.2023.10436884"},"language":"en","primary_location":{"id":"doi:10.1109/globecom54140.2023.10436884","is_oa":false,"landing_page_url":"https://doi.org/10.1109/globecom54140.2023.10436884","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"GLOBECOM 2023 - 2023 IEEE Global Communications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5051342741","display_name":"Anass Sebbar","orcid":"https://orcid.org/0000-0002-0526-3569"},"institutions":[{"id":"https://openalex.org/I4210106663","display_name":"International University of Rabat","ror":"https://ror.org/01t9czq80","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210106663"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Anass Sebbar","raw_affiliation_strings":["International University of Rabat, School of Computer Science ESIN,TICLab,Rabat,Morocco","TICLab, International University of Rabat, School of Computer Science ESIN, Rabat, Morocco"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"International University of Rabat, School of Computer Science ESIN,TICLab,Rabat,Morocco","institution_ids":["https://openalex.org/I4210106663"]},{"raw_affiliation_string":"TICLab, International University of Rabat, School of Computer Science ESIN, Rabat, Morocco","institution_ids":["https://openalex.org/I4210106663"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066482633","display_name":"Othmane Cherqi","orcid":"https://orcid.org/0009-0006-2432-0385"},"institutions":[{"id":"https://openalex.org/I4210106663","display_name":"International University of Rabat","ror":"https://ror.org/01t9czq80","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210106663"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Othmane Cherqi","raw_affiliation_strings":["International University of Rabat, School of Computer Science ESIN,TICLab,Rabat,Morocco","TICLab, International University of Rabat, School of Computer Science ESIN, Rabat, Morocco"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"International University of Rabat, School of Computer Science ESIN,TICLab,Rabat,Morocco","institution_ids":["https://openalex.org/I4210106663"]},{"raw_affiliation_string":"TICLab, International University of Rabat, School of Computer Science ESIN, Rabat, Morocco","institution_ids":["https://openalex.org/I4210106663"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075132083","display_name":"Khalid Chougdali","orcid":"https://orcid.org/0000-0002-1072-0461"},"institutions":[{"id":"https://openalex.org/I3121676899","display_name":"Universit\u00e9 Ibn-Tofail","ror":"https://ror.org/02wj89n04","country_code":"MA","type":"education","lineage":["https://openalex.org/I3121676899"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Khalid Chougdali","raw_affiliation_strings":["National School of Applied Sciences, Ibn Tofail University,K&#x00E9;nitra,Morocco"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National School of Applied Sciences, Ibn Tofail University,K&#x00E9;nitra,Morocco","institution_ids":["https://openalex.org/I3121676899"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089539531","display_name":"Mohammed Boulmalf","orcid":"https://orcid.org/0009-0002-9760-0215"},"institutions":[{"id":"https://openalex.org/I4210106663","display_name":"International University of Rabat","ror":"https://ror.org/01t9czq80","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210106663"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Mohammed Boulmalf","raw_affiliation_strings":["International University of Rabat, School of Computer Science ESIN,TICLab,Rabat,Morocco","TICLab, International University of Rabat, School of Computer Science ESIN, Rabat, Morocco"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"International University of Rabat, School of Computer Science ESIN,TICLab,Rabat,Morocco","institution_ids":["https://openalex.org/I4210106663"]},{"raw_affiliation_string":"TICLab, International University of Rabat, School of Computer Science ESIN, Rabat, Morocco","institution_ids":["https://openalex.org/I4210106663"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.5173,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.84357165,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1795","last_page":"1800"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.731604814529419},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6748388409614563},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.6229233741760254},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.5776224136352539},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.43355119228363037},{"id":"https://openalex.org/keywords/learning-network","display_name":"Learning network","score":0.43302029371261597},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4102494716644287},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.40575891733169556}],"concepts":[{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.731604814529419},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6748388409614563},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.6229233741760254},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.5776224136352539},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.43355119228363037},{"id":"https://openalex.org/C2987015589","wikidata":"https://www.wikidata.org/wiki/Q1040098","display_name":"Learning network","level":2,"score":0.43302029371261597},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4102494716644287},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.40575891733169556},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/globecom54140.2023.10436884","is_oa":false,"landing_page_url":"https://doi.org/10.1109/globecom54140.2023.10436884","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"GLOBECOM 2023 - 2023 IEEE Global Communications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4300000071525574,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W2908941882","https://openalex.org/W2949647805","https://openalex.org/W2979946095","https://openalex.org/W2992282119","https://openalex.org/W3012454270","https://openalex.org/W3147914029","https://openalex.org/W3179245071","https://openalex.org/W4210878212","https://openalex.org/W4239528431","https://openalex.org/W4315629640","https://openalex.org/W4315629688"],"related_works":["https://openalex.org/W2806741695","https://openalex.org/W4290647774","https://openalex.org/W3189286258","https://openalex.org/W3207797160","https://openalex.org/W3210364259","https://openalex.org/W4300558037","https://openalex.org/W2667207928","https://openalex.org/W2912112202","https://openalex.org/W4377864969","https://openalex.org/W3120251014"],"abstract_inverted_index":{"The":[0,77],"Software-Defined":[1],"Networking":[2],"(SDN)":[3],"paradigm":[4],"has":[5],"introduced":[6],"heightened":[7],"flexibility":[8],"and":[9,37,63,68,84,94,122,159,194],"scalability":[10],"to":[11,26,73,115,127,183,218],"network":[12,75,87,118,141,192],"infrastructure":[13],"management.":[14],"However,":[15],"the":[16,33,58,100,153,156,179,197,204],"centralized":[17],"control":[18],"plane":[19],"inherent":[20],"in":[21,187],"SDN":[22,54,198,212],"architectures":[23,213],"is":[24,133,178],"susceptible":[25],"an":[27,136,144,188],"array":[28,146],"of":[29,35,139,147,155,174,191,206],"security":[30,193],"vulnerabilities,":[31],"necessitating":[32],"development":[34],"efficient":[36],"real-time":[38,50,207],"anomaly":[39,51,162,208],"detection":[40,52,163,167,209],"systems.":[41],"This":[42,200],"paper":[43],"presents":[44],"a":[45,215],"novel":[46],"integrated":[47],"methodology":[48],"for":[49],"within":[53,196],"architectures,":[55],"capitalizing":[56],"on":[57],"synergies":[59],"between":[60],"Security":[61],"Information":[62],"Event":[64],"Management":[65],"(SIEM)":[66],"systems":[67],"advanced":[69],"machine":[70,110,160],"learning":[71,111],"techniques":[72],"bolster":[74],"security.":[76],"proposed":[78],"framework":[79],"operates":[80],"by":[81],"seamlessly":[82],"collecting":[83],"analyzing":[85],"live":[86],"traffic":[88,119],"data,":[89],"promptly":[90],"pinpointing":[91],"potential":[92],"anomalies,":[93],"subsequently":[95],"correlating":[96],"these":[97],"events":[98],"via":[99],"SIEM":[101,158],"system.":[102],"To":[103],"enhance":[104],"accuracy":[105,168],"while":[106,169],"mitigating":[107],"false":[108,175],"positives,":[109],"algorithms":[112],"are":[113],"harnessed":[114],"accurately":[116],"categorize":[117],"into":[120],"benign":[121],"malicious":[123],"activities,":[124],"dynamically":[125],"adapting":[126],"evolving":[128],"threat":[129],"landscapes.":[130],"Empirical":[131],"validation":[132],"conducted":[134],"through":[135],"exhaustive":[137],"dataset":[138],"real-world":[140],"traffic,":[142],"encompassing":[143],"extensive":[145],"attack":[148],"scenarios.":[149],"Findings":[150],"vividly":[151],"underscore":[152],"efficacy":[154],"amalgamated":[157],"learning-driven":[161],"system,":[164],"yielding":[165],"impressive":[166],"maintaining":[170],"notably":[171],"low":[172],"rates":[173],"positives.":[176],"Noteworthy":[177],"system's":[180],"intrinsic":[181],"adaptability":[182],"emergent":[184],"threats,":[185],"culminating":[186],"elevated":[189],"caliber":[190],"fortitude":[195],"domain.":[199],"contribution":[201],"significantly":[202],"enriches":[203],"realm":[205],"research,":[210],"endowing":[211],"with":[214],"pioneering":[216],"strategy":[217],"counteract":[219],"intricate":[220],"cyber":[221],"threats":[222],"effectively.":[223]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}