{"id":"https://openalex.org/W2607328788","doi":"https://doi.org/10.1109/icoin.2017.7899513","title":"Malware originated HTTP traffic detection utilizing cluster appearance ratio","display_name":"Malware originated HTTP traffic detection utilizing cluster appearance ratio","publication_year":2017,"publication_date":"2017-01-01","ids":{"openalex":"https://openalex.org/W2607328788","doi":"https://doi.org/10.1109/icoin.2017.7899513","mag":"2607328788"},"language":"en","primary_location":{"id":"doi:10.1109/icoin.2017.7899513","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icoin.2017.7899513","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 International Conference on Information Networking (ICOIN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5112292130","display_name":"Hideki Ogawa","orcid":null},"institutions":[{"id":"https://openalex.org/I60134161","display_name":"Nagoya University","ror":"https://ror.org/04chrp450","country_code":"JP","type":"education","lineage":["https://openalex.org/I60134161"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Hideki Ogawa","raw_affiliation_strings":["Graduate school of Information Science, Nagoya University Furo-cho, Nagoya, Japan"],"affiliations":[{"raw_affiliation_string":"Graduate school of Information Science, Nagoya University Furo-cho, Nagoya, Japan","institution_ids":["https://openalex.org/I60134161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086392139","display_name":"Yukiko Yamaguchi","orcid":null},"institutions":[{"id":"https://openalex.org/I60134161","display_name":"Nagoya University","ror":"https://ror.org/04chrp450","country_code":"JP","type":"education","lineage":["https://openalex.org/I60134161"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Yukiko Yamaguchi","raw_affiliation_strings":["Information Technology Center, Nagoya University, Nagoya, Japan"],"affiliations":[{"raw_affiliation_string":"Information Technology Center, Nagoya University, Nagoya, Japan","institution_ids":["https://openalex.org/I60134161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102265280","display_name":"Hajime Shimada","orcid":null},"institutions":[{"id":"https://openalex.org/I60134161","display_name":"Nagoya University","ror":"https://ror.org/04chrp450","country_code":"JP","type":"education","lineage":["https://openalex.org/I60134161"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hajime Shimada","raw_affiliation_strings":["Information Technology Center, Nagoya University, Nagoya, Japan"],"affiliations":[{"raw_affiliation_string":"Information Technology Center, Nagoya University, Nagoya, Japan","institution_ids":["https://openalex.org/I60134161"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103015266","display_name":"Hiroki Takakura","orcid":"https://orcid.org/0000-0003-0238-4506"},"institutions":[{"id":"https://openalex.org/I184597095","display_name":"National Institute of Informatics","ror":"https://ror.org/04ksd4g47","country_code":"JP","type":"facility","lineage":["https://openalex.org/I1319490839","https://openalex.org/I184597095","https://openalex.org/I4210158934"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hiroki Takakura","raw_affiliation_strings":["National Institute of Informatics, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"National Institute of Informatics, Tokyo, Japan","institution_ids":["https://openalex.org/I184597095"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012291537","display_name":"Mitsuaki Akiyama","orcid":"https://orcid.org/0000-0001-7052-8562"},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Mitsuaki Akiyama","raw_affiliation_strings":["NTT Secure Platform Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Secure Platform Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101666644","display_name":"Takeshi Yagi","orcid":"https://orcid.org/0009-0006-6414-8815"},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Takeshi Yagi","raw_affiliation_strings":["NTT Secure Platform Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Secure Platform Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5112292130"],"corresponding_institution_ids":["https://openalex.org/I60134161"],"apc_list":null,"apc_paid":null,"fwci":1.2945,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.80990823,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"248","last_page":"253"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.840674638748169},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7644217014312744},{"id":"https://openalex.org/keywords/header","display_name":"Header","score":0.7618036866188049},{"id":"https://openalex.org/keywords/cluster","display_name":"Cluster (spacecraft)","score":0.4370136260986328},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38152602314949036},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.38056448101997375},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.34537389874458313},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3167068064212799}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.840674638748169},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7644217014312744},{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.7618036866188049},{"id":"https://openalex.org/C164866538","wikidata":"https://www.wikidata.org/wiki/Q367351","display_name":"Cluster (spacecraft)","level":2,"score":0.4370136260986328},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38152602314949036},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.38056448101997375},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.34537389874458313},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3167068064212799}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icoin.2017.7899513","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icoin.2017.7899513","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 International Conference on Information Networking (ICOIN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1673310716","https://openalex.org/W1827212170","https://openalex.org/W1979996642","https://openalex.org/W2073459066","https://openalex.org/W2105979081","https://openalex.org/W2176425074","https://openalex.org/W6637131181","https://openalex.org/W6638623425","https://openalex.org/W6668990524"],"related_works":["https://openalex.org/W2171597999","https://openalex.org/W2189136227","https://openalex.org/W1866537546","https://openalex.org/W630850086","https://openalex.org/W3200508093","https://openalex.org/W4372053344","https://openalex.org/W3193978431","https://openalex.org/W2519240373","https://openalex.org/W2379752180","https://openalex.org/W1496096987"],"abstract_inverted_index":{"Recent":[0],"cyber":[1],"attacks":[2],"are":[3],"sophisticated":[4],"so":[5],"that":[6,131],"it":[7,52],"is":[8,33],"difficult":[9],"to":[10,26,45],"prevent":[11],"malware":[12,16,24,55,142],"infection.":[13],"Therefore,":[14],"early":[15],"infection":[17,56],"detection":[18,57],"becomes":[19,136],"more":[20],"important.":[21],"Moreover,":[22],"latest":[23],"connects":[25],"C&C":[27],"server":[28],"by":[29,113,123,140],"utilizing":[30,114,141],"HTTP":[31,73,144],"which":[32],"widely":[34],"used":[35],"on":[36],"daily":[37],"business.":[38],"Furthermore,":[39],"some":[40],"of":[41,109],"them":[42],"utilizes":[43],"HTTPS":[44],"hide":[46],"its":[47],"content":[48],"from":[49,98],"analyzer.":[50],"Thus,":[51],"further":[53],"makes":[54],"harder":[58],"with":[59],"typical":[60],"traffic":[61,110],"analysis.":[62],"In":[63],"this":[64],"paper,":[65],"first,":[66],"we":[67,82,95,104],"extract":[68],"new":[69],"features":[70,84],"such":[71],"as":[72],"request":[74],"interval,":[75],"body":[76],"size,":[77],"and":[78,85],"header":[79],"bag-of-words.":[80],"Second,":[81],"cluster":[83,87,100,115],"calculate":[86],"appearance":[88,101,116],"ratio":[89],"per":[90],"communication":[91,106],"host":[92,107],"pairs.":[93],"Third,":[94],"make":[96],"classifier":[97],"learned":[99],"ratio.":[102,117],"Finally,":[103],"classify":[105],"pairs":[108],"for":[111],"evaluation":[112,133],"We":[118],"evaluated":[119],"our":[120],"proposed":[121],"method":[122],"5-fold":[124],"cross":[125],"validation.":[126],"The":[127],"experimental":[128],"result":[129],"shows":[130],"the":[132],"criterion":[134],"\u201cRecall\u201d":[135],"96%":[137],"in":[138],"average":[139],"originated":[143],"traffic.":[145]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}