{"id":"https://openalex.org/W3155567503","doi":"https://doi.org/10.1109/ipccc50635.2020.9391521","title":"Detect Stepping-stone Intrusion by Mining Network Traffic using k-Means Clustering","display_name":"Detect Stepping-stone Intrusion by Mining Network Traffic using k-Means Clustering","publication_year":2020,"publication_date":"2020-11-06","ids":{"openalex":"https://openalex.org/W3155567503","doi":"https://doi.org/10.1109/ipccc50635.2020.9391521","mag":"3155567503"},"language":"en","primary_location":{"id":"doi:10.1109/ipccc50635.2020.9391521","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ipccc50635.2020.9391521","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 39th International Performance Computing and Communications Conference (IPCCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076183476","display_name":"Lixin Wang","orcid":"https://orcid.org/0000-0003-4965-5510"},"institutions":[{"id":"https://openalex.org/I199172307","display_name":"Columbus State University","ror":"https://ror.org/002nf6z37","country_code":"US","type":"education","lineage":["https://openalex.org/I199172307"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Lixin Wang","raw_affiliation_strings":["TSYS School of Computer Science, Columbus State University, GA, USA"],"affiliations":[{"raw_affiliation_string":"TSYS School of Computer Science, Columbus State University, GA, USA","institution_ids":["https://openalex.org/I199172307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088671813","display_name":"Jianhua Yang","orcid":"https://orcid.org/0000-0003-2745-8524"},"institutions":[{"id":"https://openalex.org/I199172307","display_name":"Columbus State University","ror":"https://ror.org/002nf6z37","country_code":"US","type":"education","lineage":["https://openalex.org/I199172307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jianhua Yang","raw_affiliation_strings":["TSYS School of Computer Science, Columbus State University, GA, USA"],"affiliations":[{"raw_affiliation_string":"TSYS School of Computer Science, Columbus State University, GA, USA","institution_ids":["https://openalex.org/I199172307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040435467","display_name":"Mary Mccormick","orcid":null},"institutions":[{"id":"https://openalex.org/I199172307","display_name":"Columbus State University","ror":"https://ror.org/002nf6z37","country_code":"US","type":"education","lineage":["https://openalex.org/I199172307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mary Mccormick","raw_affiliation_strings":["TSYS School of Computer Science, Columbus State University, GA, USA"],"affiliations":[{"raw_affiliation_string":"TSYS School of Computer Science, Columbus State University, GA, USA","institution_ids":["https://openalex.org/I199172307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036031118","display_name":"Peng\u2010Jun Wan","orcid":"https://orcid.org/0000-0001-7926-5711"},"institutions":[{"id":"https://openalex.org/I180949307","display_name":"Illinois Institute of Technology","ror":"https://ror.org/037t3ry66","country_code":"US","type":"education","lineage":["https://openalex.org/I180949307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Peng-Jun Wan","raw_affiliation_strings":["Department of Computer Science, Illinois Institute of Technology, Chicago, Illinois, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Illinois Institute of Technology, Chicago, Illinois, USA","institution_ids":["https://openalex.org/I180949307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101619632","display_name":"Xiaohua Xu","orcid":"https://orcid.org/0000-0001-7770-803X"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaohua Xu","raw_affiliation_strings":["College of Computing and Software Engineering, Kennesaw State University, GA, USA"],"affiliations":[{"raw_affiliation_string":"College of Computing and Software Engineering, Kennesaw State University, GA, USA","institution_ids":["https://openalex.org/I172980758"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5076183476"],"corresponding_institution_ids":["https://openalex.org/I199172307"],"apc_list":null,"apc_paid":null,"fwci":0.4625,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.68899594,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":97},"biblio":{"volume":"2","issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7741731405258179},{"id":"https://openalex.org/keywords/stepping-stone","display_name":"Stepping stone","score":0.769403338432312},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.7022711038589478},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6879853010177612},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.663324236869812},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.6504204273223877},{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.6492878794670105},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5324134826660156},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.4428308606147766},{"id":"https://openalex.org/keywords/connection","display_name":"Connection (principal bundle)","score":0.4374810457229614},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.42112958431243896},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3843751549720764},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3397335112094879},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2005709707736969},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.10217863321304321},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.10066086053848267},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.0752057135105133}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7741731405258179},{"id":"https://openalex.org/C3019463535","wikidata":"https://www.wikidata.org/wiki/Q7611136","display_name":"Stepping stone","level":3,"score":0.769403338432312},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.7022711038589478},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6879853010177612},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.663324236869812},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.6504204273223877},{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.6492878794670105},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5324134826660156},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.4428308606147766},{"id":"https://openalex.org/C13355873","wikidata":"https://www.wikidata.org/wiki/Q2920850","display_name":"Connection (principal bundle)","level":2,"score":0.4374810457229614},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.42112958431243896},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3843751549720764},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3397335112094879},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2005709707736969},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.10217863321304321},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.10066086053848267},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0752057135105133},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C2778126366","wikidata":"https://www.wikidata.org/wiki/Q41171","display_name":"Unemployment","level":2,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ipccc50635.2020.9391521","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ipccc50635.2020.9391521","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 39th International Performance Computing and Communications Conference (IPCCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"},{"id":"https://openalex.org/F4320312452","display_name":"Columbus State University","ror":"https://ror.org/002nf6z37"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W127688506","https://openalex.org/W1550624107","https://openalex.org/W1565896516","https://openalex.org/W1579427489","https://openalex.org/W1587423795","https://openalex.org/W1600930409","https://openalex.org/W1602499992","https://openalex.org/W2018522314","https://openalex.org/W2097407734","https://openalex.org/W2098171501","https://openalex.org/W2099829430","https://openalex.org/W2103322041","https://openalex.org/W2121910516","https://openalex.org/W2128945468","https://openalex.org/W2131712672","https://openalex.org/W2139275469","https://openalex.org/W2142014025","https://openalex.org/W2146132533","https://openalex.org/W2146486112","https://openalex.org/W2148275477","https://openalex.org/W2159262496","https://openalex.org/W2161160262","https://openalex.org/W2397977104","https://openalex.org/W2625759419","https://openalex.org/W2800806089","https://openalex.org/W2884143800","https://openalex.org/W2982407593","https://openalex.org/W3012539654","https://openalex.org/W3137423196","https://openalex.org/W4285719527","https://openalex.org/W6605166902","https://openalex.org/W6654702290","https://openalex.org/W6675427988","https://openalex.org/W6739907194"],"related_works":["https://openalex.org/W4235220108","https://openalex.org/W4256170434","https://openalex.org/W1667647204","https://openalex.org/W2404647514","https://openalex.org/W4233948907","https://openalex.org/W4247536566","https://openalex.org/W4238894392","https://openalex.org/W4311722428","https://openalex.org/W2133389611","https://openalex.org/W3107748604"],"abstract_inverted_index":{"Attackers":[0],"on":[1,33],"the":[2,17,34,59,82,134],"Internet":[3,35],"often":[4],"launch":[5],"network":[6,79,156],"intrusions":[7],"through":[8,154],"compromised":[9],"hosts,":[10],"called":[11],"stepping-stones,":[12],"in":[13],"order":[14],"to":[15,52,57,73,99,129],"reduce":[16],"chance":[18],"of":[19,31,61,96,106,133,147],"being":[20],"detected.":[21],"In":[22,65],"a":[23,29,62,93,107],"stepping-stone":[24,54,75,140],"attack,":[25],"an":[26,70],"attacker":[27],"uses":[28],"chain":[30,109],"hosts":[32,43],"as":[36,47],"relay":[37],"machines":[38],"and":[39,102,127,145],"remotely":[40],"login":[41],"these":[42],"using":[44,81,115],"tools":[45],"such":[46],"SSH.":[48],"An":[49],"effective":[50],"method":[51],"detect":[53,74],"intrusion":[55,76,141],"is":[56,124],"estimate":[58],"length":[60,105],"connection":[63,108],"chain.":[64],"this":[66],"paper,":[67],"we":[68],"develop":[69],"efficient":[71,126],"algorithm":[72,89,123,151],"by":[77,114],"mining":[78],"traffic":[80],"k-Means":[83],"clustering":[84],"algorithm.":[85],"Our":[86,120],"proposed":[87,117,121,149],"detection":[88,118,122,150],"does":[90],"not":[91],"require":[92],"large":[94],"number":[95],"TCP":[97],"packets":[98],"be":[100,111],"captured":[101],"processed.":[103],"The":[104,143],"can":[110],"accurately":[112],"determined":[113],"our":[116,148],"method.":[119],"more":[125],"easier":[128],"implement":[130],"than":[131],"all":[132],"existing":[135],"connection-chain":[136],"based":[137],"approaches":[138],"for":[139],"detection.":[142],"effectiveness":[144],"correctness":[146],"are":[152],"verified":[153],"well-designed":[155],"experiments.":[157]},"counts_by_year":[{"year":2021,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}