{"id":"https://openalex.org/W4403212842","doi":"https://doi.org/10.1109/icecet61485.2024.10698256","title":"Anomalous Host Identification in High Cardinality Network Streams using Adaptive Reverse Sketching","display_name":"Anomalous Host Identification in High Cardinality Network Streams using Adaptive Reverse Sketching","publication_year":2024,"publication_date":"2024-07-25","ids":{"openalex":"https://openalex.org/W4403212842","doi":"https://doi.org/10.1109/icecet61485.2024.10698256"},"language":"en","primary_location":{"id":"doi:10.1109/icecet61485.2024.10698256","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icecet61485.2024.10698256","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 International Conference on Electrical, Computer and Energy Technologies (ICECET","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079692899","display_name":"Taimur Bakhshi","orcid":"https://orcid.org/0000-0003-4750-7864"},"institutions":[{"id":"https://openalex.org/I84027002","display_name":"Leeds Beckett University","ror":"https://ror.org/02xsh5r57","country_code":"GB","type":"education","lineage":["https://openalex.org/I84027002"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Taimur Bakhshi","raw_affiliation_strings":["School of Computing, Leeds Beckett University,Leeds,United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Computing, Leeds Beckett University,Leeds,United Kingdom","institution_ids":["https://openalex.org/I84027002"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044709278","display_name":"Bogdan Ghita","orcid":"https://orcid.org/0000-0002-1788-547X"},"institutions":[{"id":"https://openalex.org/I897542642","display_name":"University of Plymouth","ror":"https://ror.org/008n7pv89","country_code":"GB","type":"education","lineage":["https://openalex.org/I897542642"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Bogdan Ghita","raw_affiliation_strings":["University of Plymouth,Department of Computing,Plymouth,United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Plymouth,Department of Computing,Plymouth,United Kingdom","institution_ids":["https://openalex.org/I897542642"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5078595850","display_name":"Abiodun Brimmo Yusuf","orcid":"https://orcid.org/0000-0002-7053-1443"},"institutions":[{"id":"https://openalex.org/I84027002","display_name":"Leeds Beckett University","ror":"https://ror.org/02xsh5r57","country_code":"GB","type":"education","lineage":["https://openalex.org/I84027002"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Abiodun Yusuf","raw_affiliation_strings":["School of Computing, Leeds Beckett University,Leeds,United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Computing, Leeds Beckett University,Leeds,United Kingdom","institution_ids":["https://openalex.org/I84027002"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5079692899"],"corresponding_institution_ids":["https://openalex.org/I84027002"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.19077382,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cardinality","display_name":"Cardinality (data modeling)","score":0.7862359881401062},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.7608458995819092},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7374658584594727},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.7024076581001282},{"id":"https://openalex.org/keywords/streams","display_name":"STREAMS","score":0.6403607130050659},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.34427571296691895},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.30039113759994507},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.21273711323738098}],"concepts":[{"id":"https://openalex.org/C87117476","wikidata":"https://www.wikidata.org/wiki/Q362383","display_name":"Cardinality (data modeling)","level":2,"score":0.7862359881401062},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.7608458995819092},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7374658584594727},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.7024076581001282},{"id":"https://openalex.org/C42090638","wikidata":"https://www.wikidata.org/wiki/Q4048907","display_name":"STREAMS","level":2,"score":0.6403607130050659},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.34427571296691895},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.30039113759994507},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.21273711323738098},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icecet61485.2024.10698256","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icecet61485.2024.10698256","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 International Conference on Electrical, Computer and Energy Technologies (ICECET","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1965406800","https://openalex.org/W2033251161","https://openalex.org/W2067711584","https://openalex.org/W2136053377","https://openalex.org/W2138326128","https://openalex.org/W2150399692","https://openalex.org/W2168305032","https://openalex.org/W2205557629","https://openalex.org/W2327315875","https://openalex.org/W2522626811","https://openalex.org/W2899576538","https://openalex.org/W2955396105","https://openalex.org/W2969998124","https://openalex.org/W3011354655","https://openalex.org/W3047429575","https://openalex.org/W3199406030","https://openalex.org/W6635935638"],"related_works":["https://openalex.org/W2010317732","https://openalex.org/W2483328176","https://openalex.org/W2061705145","https://openalex.org/W193205649","https://openalex.org/W45006177","https://openalex.org/W2016919266","https://openalex.org/W2002177687","https://openalex.org/W1982793386","https://openalex.org/W2537623333","https://openalex.org/W1533592795"],"abstract_inverted_index":{"Network-connected":[0],"hosts":[1,46,131,144],"reporting":[2],"high":[3],"cardinality":[4,25,72,141,189],"changes":[5,26,142],"may":[6,78],"exhibit":[7],"anomalous":[8,45],"behaviour":[9],"and":[10,36,47,70,113,129,139,159,167,192],"remain":[11],"an":[12,93,175],"evolving":[13],"cyber":[14],"security":[15,35],"risk":[16],"for":[17,34,98,137],"the":[18,90,147,151,154],"network":[19,28,37],"infrastructure.":[20],"High-speed":[21],"line-rate":[22],"detection":[23,77,100],"of":[24,92,108,181],"by":[27,178],"monitors":[29],"presents":[30],"a":[31,81,106,124,179],"significant":[32],"challenge":[33],"operations":[38],"center":[39],"(SoC/NoC)":[40],"analysts":[41],"to":[42,63],"accurately":[43],"identify":[44],"mitigate":[48],"threats":[49],"in":[50,101,188],"real":[51],"time.":[52],"State-of-the-art":[53],"monitoring":[54],"solutions":[55],"have":[56],"typically":[57],"focused":[58],"on":[59,133,164],"specific":[60],"functionalities":[61],"limited":[62],"host":[64,194],"address":[65,195],"detection,":[66],"overhead":[67],"cost":[68],"optimization,":[69],"distributed":[71],"measurements.":[73],"However,":[74],"real-time":[75],"anomaly":[76,99],"benefit":[79],"from":[80,116],"holistic":[82],"operational":[83],"approach.":[84],"In":[85],"this":[86],"study,":[87],"we":[88],"propose":[89],"use":[91],"adaptive":[94,134],"reverse":[95,114],"sketching":[96,115],"scheme":[97,122,156],"high-cardinality":[102],"traffic":[103,117],"streams":[104],"using":[105],"combination":[107],"machine":[109],"learning":[110],"threshold":[111],"prediction":[112],"(data":[118],"structure)":[119],"derivation.":[120],"The":[121,171],"offers":[123],"parallel":[125],"distinction":[126],"between":[127],"source":[128],"destination":[130],"based":[132],"counters,":[135],"accounting":[136],"minor":[138],"large":[140],"among":[143],"while":[145],"optimizing":[146],"resource":[148],"consumption.":[149],"During":[150],"validation":[152],"phase,":[153],"proposed":[155],"was":[157],"evaluated":[158],"compared":[160,184],"with":[161,185],"existing":[162],"approaches":[163,187],"locally":[165],"generated":[166],"CAIDA":[168],"2007":[169],"datasets.":[170],"present":[172],"model":[173],"reported":[174],"accuracy":[176],"improvement":[177],"margin":[180],"32-46%":[182],"when":[183],"previous":[186],"change":[190],"estimation":[191],"abnormal":[193],"identification.":[196]},"counts_by_year":[],"updated_date":"2025-12-23T23:11:35.936235","created_date":"2025-10-10T00:00:00"}