{"id":"https://openalex.org/W3034126460","doi":"https://doi.org/10.1109/icccn49398.2020.9209657","title":"SuperB: Superior Behavior-based Anomaly Detection Defining Authorized Users\u2019 Traffic Patterns","display_name":"SuperB: Superior Behavior-based Anomaly Detection Defining Authorized Users\u2019 Traffic Patterns","publication_year":2020,"publication_date":"2020-08-01","ids":{"openalex":"https://openalex.org/W3034126460","doi":"https://doi.org/10.1109/icccn49398.2020.9209657","mag":"3034126460"},"language":"en","primary_location":{"id":"doi:10.1109/icccn49398.2020.9209657","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccn49398.2020.9209657","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 29th International Conference on Computer Communications and Networks (ICCCN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036851720","display_name":"Daniel Y. Karasek","orcid":null},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Daniel Y. Karasek","raw_affiliation_strings":["dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA"],"affiliations":[{"raw_affiliation_string":"dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA","institution_ids":["https://openalex.org/I172980758"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034390433","display_name":"Jeehyeong Kim","orcid":"https://orcid.org/0000-0002-1650-0902"},"institutions":[{"id":"https://openalex.org/I4575257","display_name":"Hanyang University","ror":"https://ror.org/046865y68","country_code":"KR","type":"education","lineage":["https://openalex.org/I4575257"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Jeehyeong Kim","raw_affiliation_strings":["dept. of Computer Science and Engineering, Hanyang University, Ansan, South Korea"],"affiliations":[{"raw_affiliation_string":"dept. of Computer Science and Engineering, Hanyang University, Ansan, South Korea","institution_ids":["https://openalex.org/I4575257"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003674499","display_name":"Victor Youdom Kemmoe","orcid":"https://orcid.org/0000-0003-1887-6396"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Victor Youdom Kemmoe","raw_affiliation_strings":["dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA"],"affiliations":[{"raw_affiliation_string":"dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA","institution_ids":["https://openalex.org/I172980758"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086666436","display_name":"Md Zakirul Alam Bhuiyan","orcid":"https://orcid.org/0000-0002-9513-9990"},"institutions":[{"id":"https://openalex.org/I164389053","display_name":"Fordham University","ror":"https://ror.org/03qnxaf80","country_code":"US","type":"education","lineage":["https://openalex.org/I164389053"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Md Zakirul Alam Bhuiyan","raw_affiliation_strings":["dept. of Computer and Information Sciences, Fordham University, Bronx, New York, USA"],"affiliations":[{"raw_affiliation_string":"dept. of Computer and Information Sciences, Fordham University, Bronx, New York, USA","institution_ids":["https://openalex.org/I164389053"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024545505","display_name":"Sunghyun Cho","orcid":"https://orcid.org/0000-0002-1847-6088"},"institutions":[{"id":"https://openalex.org/I4575257","display_name":"Hanyang University","ror":"https://ror.org/046865y68","country_code":"KR","type":"education","lineage":["https://openalex.org/I4575257"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Sunghyun Cho","raw_affiliation_strings":["dept. of Computer Science and Engineering, Hanyang University, Ansan, South Korea"],"affiliations":[{"raw_affiliation_string":"dept. of Computer Science and Engineering, Hanyang University, Ansan, South Korea","institution_ids":["https://openalex.org/I4575257"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079998325","display_name":"Junggab Son","orcid":"https://orcid.org/0000-0002-6206-083X"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Junggab Son","raw_affiliation_strings":["dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA"],"affiliations":[{"raw_affiliation_string":"dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA","institution_ids":["https://openalex.org/I172980758"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5036851720"],"corresponding_institution_ids":["https://openalex.org/I172980758"],"apc_list":null,"apc_paid":null,"fwci":0.3234,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.61487437,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"96","issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7960032224655151},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7401818633079529},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.61892169713974},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.6125955581665039},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5834420919418335},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4994840621948242},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.47835060954093933},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.47476696968078613},{"id":"https://openalex.org/keywords/precision-and-recall","display_name":"Precision and recall","score":0.44842201471328735},{"id":"https://openalex.org/keywords/recall","display_name":"Recall","score":0.42679375410079956},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.41776201128959656},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3858950138092041},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3708735704421997},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.23847675323486328}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7960032224655151},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7401818633079529},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.61892169713974},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.6125955581665039},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5834420919418335},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4994840621948242},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.47835060954093933},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.47476696968078613},{"id":"https://openalex.org/C81669768","wikidata":"https://www.wikidata.org/wiki/Q2359161","display_name":"Precision and recall","level":2,"score":0.44842201471328735},{"id":"https://openalex.org/C100660578","wikidata":"https://www.wikidata.org/wiki/Q18733","display_name":"Recall","level":2,"score":0.42679375410079956},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.41776201128959656},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3858950138092041},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3708735704421997},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.23847675323486328},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/icccn49398.2020.9209657","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccn49398.2020.9209657","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 29th International Conference on Computer Communications and Networks (ICCCN)","raw_type":"proceedings-article"},{"id":"pmh:oai:digitalcommons.kennesaw.edu:cs_etd-1035","is_oa":false,"landing_page_url":"https://digitalcommons.kennesaw.edu/cs_etd/32","pdf_url":null,"source":{"id":"https://openalex.org/S4377196456","display_name":"DigitalCommons - Kennesaw State University (Kennesaw State University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172980758","host_organization_name":"Kennesaw State University","host_organization_lineage":["https://openalex.org/I172980758"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Master of Science in Computer Science Theses","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7400000095367432}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W1985987493","https://openalex.org/W2016258134","https://openalex.org/W2156204309","https://openalex.org/W2340896621","https://openalex.org/W2534437297","https://openalex.org/W2732560875","https://openalex.org/W2740802195","https://openalex.org/W2766196489","https://openalex.org/W2767094836","https://openalex.org/W2789159078","https://openalex.org/W2789828921","https://openalex.org/W2794951181","https://openalex.org/W2795175906","https://openalex.org/W2796013264","https://openalex.org/W2809684781","https://openalex.org/W2914521857","https://openalex.org/W3000689925","https://openalex.org/W3100054152","https://openalex.org/W4293321333","https://openalex.org/W4388506701","https://openalex.org/W6748366383","https://openalex.org/W6749973653","https://openalex.org/W6758818525","https://openalex.org/W6773250199","https://openalex.org/W6857997136"],"related_works":["https://openalex.org/W2806741695","https://openalex.org/W3210364259","https://openalex.org/W4290647774","https://openalex.org/W3189286258","https://openalex.org/W3207797160","https://openalex.org/W2143820878","https://openalex.org/W2912112202","https://openalex.org/W2667207928","https://openalex.org/W4300558037","https://openalex.org/W4377864969"],"abstract_inverted_index":{"Network":[0],"anomalies":[1,140],"are":[2,17,22],"correlated":[3],"to":[4,50,80,118,158,207,223,227],"activities":[5],"that":[6,70,148],"deviate":[7],"from":[8,44,104,128],"regular":[9],"behavior":[10],"patterns":[11],"in":[12,28,78],"a":[13,58,63,134],"network,":[14],"and":[15,34,163,173,215],"they":[16],"undetectable":[18],"until":[19],"their":[20],"actions":[21],"defined":[23,130],"as":[24,126],"malicious.":[25],"Current":[26],"work":[27],"network":[29,73,87,105,142,180],"anomaly":[30,66],"detection":[31,37,47,67],"includes":[32],"network-based":[33],"host-based":[35],"intrusion":[36],"systems.":[38],"However,":[39],"most":[40],"of":[41,75,89,107,109,141,193],"them":[42],"suffer":[43],"high":[45],"false":[46],"rates":[48],"due":[49],"the":[51,86,90,95,110,113,129,149,184],"base":[52],"rate":[53,198],"fallacy.":[54],"To":[55],"overcome":[56],"such":[57],"drawback,":[59],"this":[60],"paper":[61],"proposes":[62],"superior":[64],"behavior-based":[65],"system":[68],"(SuperB)":[69],"defines":[71],"legitimate":[72,131],"behaviors":[74,88,122],"authorized":[76,91],"users":[77,92],"order":[79],"identify":[81,228],"unauthorized":[82],"accesses.":[83],"We":[84],"define":[85,124],"by":[93],"training":[94],"proposed":[96,150],"deep":[97],"learning":[98],"model":[99,115],"with":[100,183,199],"time-series":[101],"data":[102,181,186],"extracted":[103],"packets":[106],"each":[108,209],"users.":[111],"Then,":[112],"trained":[114],"is":[116,211],"used":[117],"classify":[119],"all":[120,139],"other":[121],"(we":[123],"these":[125],"anomalies)":[127],"behaviors.":[132,143],"As":[133],"result,":[135],"SuperB":[136],"effectively":[137],"detects":[138],"Our":[144,176],"simulation":[145],"results":[146],"show":[147,170],"algorithm":[151],"needs":[152],"at":[153],"least":[154],"five":[155,225],"end-to-end":[156],"conversations":[157,226],"achieve":[159],"over":[160,164],"95%":[161],"accuracy":[162,172],"93%":[165],"recall":[166,174],"rate.":[167,175],"Some":[168],"simulations":[169,177,201],"100%":[171],"use":[178],"live":[179],"combined":[182],"CICIDS2017":[185],"set.":[187],"The":[188,204],"performance":[189],"has":[190],"an":[191],"average":[192],"less":[194],"than":[195],"1.1%":[196],"false-positive":[197],"some":[200],"showing":[202],"0%.":[203],"execution":[205],"time":[206],"process":[208,224],"conversation":[210],"85.20\u00b10.60":[212],"milliseconds":[213],"(ms),":[214],"thus":[216],"it":[217],"takes":[218],"about":[219],"only":[220],"426":[221],"ms":[222],"anomaly.":[229]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}