{"id":"https://openalex.org/W4224217020","doi":"https://doi.org/10.1109/icin53892.2022.9758121","title":"Software Architecture for an Intelligent Firewall Based on Linux Netfilter","display_name":"Software Architecture for an Intelligent Firewall Based on Linux Netfilter","publication_year":2022,"publication_date":"2022-03-07","ids":{"openalex":"https://openalex.org/W4224217020","doi":"https://doi.org/10.1109/icin53892.2022.9758121"},"language":"en","primary_location":{"id":"doi:10.1109/icin53892.2022.9758121","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icin53892.2022.9758121","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 25th Conference on Innovation in Clouds, Internet and Networks (ICIN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024052778","display_name":"Sergey Staroletov","orcid":"https://orcid.org/0000-0001-5183-9736"},"institutions":[{"id":"https://openalex.org/I4210143759","display_name":"Altai Scientific Research Institute of Machine Building Technology","ror":"https://ror.org/03cmpa045","country_code":"RU","type":"facility","lineage":["https://openalex.org/I4210143759"]}],"countries":["RU"],"is_corresponding":true,"raw_author_name":"Sergey Staroletov","raw_affiliation_strings":["Independent Research Enthusiast,Altai territory,Russia"],"affiliations":[{"raw_affiliation_string":"Independent Research Enthusiast,Altai territory,Russia","institution_ids":["https://openalex.org/I4210143759"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5024052778"],"corresponding_institution_ids":["https://openalex.org/I4210143759"],"apc_list":null,"apc_paid":null,"fwci":0.8288,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.72981874,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"160","last_page":"162"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7571151256561279},{"id":"https://openalex.org/keywords/firewall","display_name":"Firewall (physics)","score":0.6455270051956177},{"id":"https://openalex.org/keywords/router","display_name":"Router","score":0.4896698296070099},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.4786019027233124},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4646444022655487},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4609994888305664},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45498576760292053},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.4542336165904999},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.41539323329925537},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.35597342252731323},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3404526710510254},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.20279929041862488},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.15493935346603394},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.11675533652305603}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7571151256561279},{"id":"https://openalex.org/C77714075","wikidata":"https://www.wikidata.org/wiki/Q5452017","display_name":"Firewall (physics)","level":5,"score":0.6455270051956177},{"id":"https://openalex.org/C2775896111","wikidata":"https://www.wikidata.org/wiki/Q642560","display_name":"Router","level":2,"score":0.4896698296070099},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.4786019027233124},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4646444022655487},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4609994888305664},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45498576760292053},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.4542336165904999},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.41539323329925537},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.35597342252731323},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3404526710510254},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.20279929041862488},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.15493935346603394},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.11675533652305603},{"id":"https://openalex.org/C183915046","wikidata":"https://www.wikidata.org/wiki/Q1316152","display_name":"Charged black hole","level":4,"score":0.0},{"id":"https://openalex.org/C74650414","wikidata":"https://www.wikidata.org/wiki/Q11397","display_name":"Classical mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C124017977","wikidata":"https://www.wikidata.org/wiki/Q11412","display_name":"Gravitation","level":2,"score":0.0},{"id":"https://openalex.org/C115304011","wikidata":"https://www.wikidata.org/wiki/Q72755","display_name":"Schwarzschild radius","level":3,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icin53892.2022.9758121","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icin53892.2022.9758121","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 25th Conference on Innovation in Clouds, Internet and Networks (ICIN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W2021200789","https://openalex.org/W2100423944","https://openalex.org/W2105545278","https://openalex.org/W3151470781","https://openalex.org/W6636548729","https://openalex.org/W6675016256","https://openalex.org/W6793871885"],"related_works":["https://openalex.org/W2765763546","https://openalex.org/W4386482731","https://openalex.org/W4385302085","https://openalex.org/W2360429410","https://openalex.org/W4390188535","https://openalex.org/W2387982609","https://openalex.org/W2364669875","https://openalex.org/W2359453783","https://openalex.org/W2382357074","https://openalex.org/W2388455374"],"abstract_inverted_index":{"A":[0],"firewall":[1,91,171],"is":[2,60,213],"a":[3,11,53,61,120,127,141],"tool":[4],"for":[5,89,184,205],"filtering":[6],"network":[7,15,70,121],"traffic":[8,30,136,207,227],"passing":[9,226],"through":[10],"given":[12],"router":[13],"or":[14,28,36,215],"endpoint.":[16],"Initially,":[17],"such":[18],"systems":[19,44,51],"used":[20],"to":[21,32,63,140,155,163,169,177,193,224],"have":[22],"only":[23],"static":[24],"rules":[25,88],"that":[26,173],"allowed":[27],"denied":[29],"according":[31],"specified":[33],"addresses,":[34],"ports":[35],"protocols.":[37],"Today,":[38],"with":[39,145],"the":[40,46,68,86,90,116,135,149,153,159,164,185],"complication":[41],"of":[42,48,56,119,161],"information":[43,162],"and":[45,79,96,99,137,209,229],"construction":[47],"decentralized":[49],"IoT":[50],"containing":[52],"large":[54],"number":[55],"embedded":[57],"controllers,":[58],"there":[59],"need":[62],"detect":[64],"potential":[65],"anomalies":[66,195],"in":[67,131,148,158,196],"transmitted":[69,175],"traffic.":[71],"Such":[72],"detection":[73,123],"should":[74,92],"be":[75,93,103],"performed":[76],"quickly":[77],"enough":[78],"not":[80],"require":[81],"serious":[82],"hardware":[83],"resources.":[84],"After":[85],"detection,":[87],"automatically":[94],"mined":[95],"applied":[97],"immediately,":[98],"they":[100],"can":[101],"later":[102],"potentially":[104],"canceled":[105],"after":[106],"some":[107],"new":[108],"data":[109],"arrives.":[110],"In":[111],"this":[112],"paper,":[113],"we":[114,133,187,218],"discuss":[115],"software":[117,222],"architecture":[118],"anomaly":[122],"system.":[124],"We":[125],"install":[126],"Linux":[128],"Netfilter":[129],"hook,":[130],"which":[132],"capture":[134],"send":[138],"it":[139,212],"ring":[142],"buffer":[143],"shared":[144],"analysis":[146],"pipelines":[147],"userspace.":[150],"It":[151],"allows":[152],"system":[154],"make":[156],"reactions":[157],"form":[160],"user":[165],"as":[166,168,199],"well":[167],"mine":[170],"rules,":[172],"are":[174],"back":[176],"kernel":[178],"space":[179],"using":[180,232],"Netlink":[181],"sockets.":[182],"As":[183],"detectors,":[186],"currently":[188],"use":[189],"variable-order":[190],"Markov":[191],"chains":[192],"reveal":[194],"TCP":[197],"traffic,":[198],"wellass":[200],"elf-organizing":[201],"K":[202],"ohonen":[203],"maps":[204],"classifying":[206],"flows":[208],"determining":[210],"whether":[211],"normal":[214],"abnormal.":[216],"Thus,":[217],"briefly":[219],"describe":[220],"all":[221],"solutions":[223],"handle":[225],"frames":[228],"analyze":[230],"them":[231],"fast":[233],"processing":[234],"techniques.":[235]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}