{"id":"https://openalex.org/W4407131000","doi":"https://doi.org/10.1109/icnp61940.2024.10858538","title":"Detecting Attacks at Switching Speed: Ai/Ml and Active Learning for in-Network Monitoring in Data Planes","display_name":"Detecting Attacks at Switching Speed: Ai/Ml and Active Learning for in-Network Monitoring in Data Planes","publication_year":2024,"publication_date":"2024-10-28","ids":{"openalex":"https://openalex.org/W4407131000","doi":"https://doi.org/10.1109/icnp61940.2024.10858538"},"language":"en","primary_location":{"id":"doi:10.1109/icnp61940.2024.10858538","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icnp61940.2024.10858538","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 32nd International Conference on Network Protocols (ICNP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5099292796","display_name":"Bel\u00e9n Brandino","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Bel\u00e9n Brandino","raw_affiliation_strings":["Universidad de la Rep&#x00FA;blica,INCO&#x2013;FING"],"affiliations":[{"raw_affiliation_string":"Universidad de la Rep&#x00FA;blica,INCO&#x2013;FING","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081556750","display_name":"Pedro Casas","orcid":"https://orcid.org/0000-0002-0951-2331"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Pedro Casas","raw_affiliation_strings":["AIT Austrian Institute of Technology"],"affiliations":[{"raw_affiliation_string":"AIT Austrian Institute of Technology","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5003075625","display_name":"Eduardo Gramp\u00edn","orcid":"https://orcid.org/0000-0001-6046-0023"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Eduardo Gramp\u00edn","raw_affiliation_strings":["Universidad de la Rep&#x00FA;blica,INCO&#x2013;FING"],"affiliations":[{"raw_affiliation_string":"Universidad de la Rep&#x00FA;blica,INCO&#x2013;FING","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5099292796"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.1265,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.81114245,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9843999743461609,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.714993953704834},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.46141964197158813},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3248908519744873}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.714993953704834},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.46141964197158813},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3248908519744873}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icnp61940.2024.10858538","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icnp61940.2024.10858538","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 32nd International Conference on Network Protocols (ICNP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W1994926493","https://openalex.org/W2809684781","https://openalex.org/W2978654659","https://openalex.org/W3100529623","https://openalex.org/W3125704518","https://openalex.org/W4386260575","https://openalex.org/W4389077804","https://openalex.org/W4393241014","https://openalex.org/W4399852518","https://openalex.org/W6756615331","https://openalex.org/W6768046412"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W4387369504","https://openalex.org/W3046775127","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W3107602296","https://openalex.org/W4364306694","https://openalex.org/W4312192474"],"abstract_inverted_index":{"Early":[0],"decision-making":[1,29],"at":[2],"the":[3,39,57,67,72,163,183],"network":[4,9,21,82,117,195],"device":[5,118],"is":[6,30,186],"crucial":[7],"for":[8,116,131,154],"security.":[10],"This":[11],"entails":[12],"moving":[13],"beyond":[14],"traditional":[15],"forwarding":[16],"functions":[17],"towards":[18],"more":[19,146,155],"intelligent":[20,33],"devices.":[22],"One":[23],"possible":[24],"strategy":[25],"to":[26,31,90,110,120,122],"speed":[27],"up":[28],"incorporate":[32],"traffic":[34,44,99,124,175],"analysis":[35],"functionality":[36],"directly":[37],"into":[38,56],"data":[40,58],"plane,":[41],"such":[42,103],"that":[43,182],"can":[45],"be":[46,190],"analyzed":[47],"before":[48],"forwarding.":[49],"Integrating":[50],"Artificial":[51],"Intelligence/Machine":[52],"Learning":[53],"(AI/ML)":[54],"models":[55],"plane":[59],"enables":[60],"quicker":[61],"processing":[62],"and":[63,97,114,169,188,199],"reduced":[64],"reliance":[65],"on":[66,95],"control":[68],"plane.":[69],"We":[70,126,159],"address":[71],"development":[73],"of":[74],"an":[75,91,150,197],"AI/ML-driven":[76],"Intrusion":[77],"Detection":[78],"System":[79],"(IDS)":[80],"where":[81],"devices":[83],"autonomously":[84],"make":[85],"security":[86,202],"decisions":[87],"or":[88],"defer":[89],"expert":[92],"oracle,":[93],"relying":[94],"in-band":[96,132,157],"off-band":[98,138],"analysis.":[100,158],"Programmable":[101],"devices,":[102],"as":[104,196],"those":[105],"using":[106,134,162],"P4,":[107,135],"are":[108],"essential":[109],"enable":[111],"these":[112],"functionalities":[113],"allow":[115],"retraining":[119],"adapt":[121],"changing":[123],"patterns.":[125],"introduce":[127],"HALIDS,":[128],"a":[129,193],"prototype":[130],"AI/ML-IDS":[133],"complemented":[136],"with":[137,145,173],"oracles":[139],"which":[140],"support":[141],"in-network":[142],"ML-driven":[143],"classification":[144],"confident":[147],"classifications,":[148],"targeting":[149],"active":[151],"learning":[152],"logic":[153],"accurate":[156],"implement":[160],"HALIDS":[161],"open":[164],"source":[165],"software":[166],"switch":[167],"BMv2,":[168],"show":[170,181],"its":[171],"operation":[172],"real":[174,194],"traces":[176],"publicly":[177],"available.":[178],"Evaluation":[179],"results":[180],"proposed":[184],"system":[185],"sound":[187],"could":[189],"implemented":[191],"in":[192],"efficient":[198],"highly":[200],"adaptive":[201],"mechanism.":[203]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}