{"id":"https://openalex.org/W2560865921","doi":"https://doi.org/10.1109/issa.2016.7802938","title":"Adaptable exploit detection through scalable NetFlow analysis","display_name":"Adaptable exploit detection through scalable NetFlow analysis","publication_year":2016,"publication_date":"2016-08-01","ids":{"openalex":"https://openalex.org/W2560865921","doi":"https://doi.org/10.1109/issa.2016.7802938","mag":"2560865921"},"language":"en","primary_location":{"id":"doi:10.1109/issa.2016.7802938","is_oa":false,"landing_page_url":"https://doi.org/10.1109/issa.2016.7802938","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 Information Security for South Africa (ISSA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5061906205","display_name":"Alan Herbert","orcid":null},"institutions":[{"id":"https://openalex.org/I203238179","display_name":"Rhodes University","ror":"https://ror.org/016sewp10","country_code":"ZA","type":"education","lineage":["https://openalex.org/I203238179"]}],"countries":["ZA"],"is_corresponding":true,"raw_author_name":"Alan Herbert","raw_affiliation_strings":["Rhodes University, Grahamstown, RSA"],"affiliations":[{"raw_affiliation_string":"Rhodes University, Grahamstown, RSA","institution_ids":["https://openalex.org/I203238179"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5054384302","display_name":"Barry Irwin","orcid":"https://orcid.org/0000-0002-2727-2124"},"institutions":[{"id":"https://openalex.org/I203238179","display_name":"Rhodes University","ror":"https://ror.org/016sewp10","country_code":"ZA","type":"education","lineage":["https://openalex.org/I203238179"]}],"countries":["ZA"],"is_corresponding":false,"raw_author_name":"Barry Irwin","raw_affiliation_strings":["Rhodes University, Grahamstown, RSA"],"affiliations":[{"raw_affiliation_string":"Rhodes University, Grahamstown, RSA","institution_ids":["https://openalex.org/I203238179"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5061906205"],"corresponding_institution_ids":["https://openalex.org/I203238179"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.16634198,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"5","issue":null,"first_page":"121","last_page":"128"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9215033054351807},{"id":"https://openalex.org/keywords/netflow","display_name":"NetFlow","score":0.8244788646697998},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8061501383781433},{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.6840000152587891},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.6475747227668762},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5620318651199341},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5275454521179199},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5248239636421204},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.45739445090293884},{"id":"https://openalex.org/keywords/ipv6","display_name":"IPv6","score":0.4309563636779785},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.42396777868270874},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3102821707725525},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.30298471450805664}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9215033054351807},{"id":"https://openalex.org/C188067584","wikidata":"https://www.wikidata.org/wiki/Q219363","display_name":"NetFlow","level":2,"score":0.8244788646697998},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8061501383781433},{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.6840000152587891},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6475747227668762},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5620318651199341},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5275454521179199},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5248239636421204},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.45739445090293884},{"id":"https://openalex.org/C84555802","wikidata":"https://www.wikidata.org/wiki/Q2551624","display_name":"IPv6","level":3,"score":0.4309563636779785},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.42396777868270874},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3102821707725525},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.30298471450805664}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/issa.2016.7802938","is_oa":false,"landing_page_url":"https://doi.org/10.1109/issa.2016.7802938","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 Information Security for South Africa (ISSA)","raw_type":"proceedings-article"},{"id":"mag:2745719319","is_oa":false,"landing_page_url":"http://jglobal.jst.go.jp/en/public/20090422/201702267160832022","pdf_url":null,"source":{"id":"https://openalex.org/S4306512817","display_name":"IEEE Conference Proceedings","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":"IEEE Conference Proceedings","raw_type":null}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320683","display_name":"Rhodes University","ror":"https://ror.org/016sewp10"},{"id":"https://openalex.org/F4320320721","display_name":"Council of Scientific and Industrial Research, India","ror":"https://ror.org/021wm7p51"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W40890042","https://openalex.org/W654785806","https://openalex.org/W1279320161","https://openalex.org/W1498585374","https://openalex.org/W1514368868","https://openalex.org/W1775772884","https://openalex.org/W1849243243","https://openalex.org/W2039390926","https://openalex.org/W2065890363","https://openalex.org/W2131906261","https://openalex.org/W2140564944","https://openalex.org/W2144648100","https://openalex.org/W2149882173","https://openalex.org/W2165357553","https://openalex.org/W2472185210","https://openalex.org/W2506695221","https://openalex.org/W2791048002","https://openalex.org/W2947198853","https://openalex.org/W4205788945","https://openalex.org/W4245089706","https://openalex.org/W6604161952","https://openalex.org/W6621965707","https://openalex.org/W6629791766","https://openalex.org/W6630780968","https://openalex.org/W6638021444"],"related_works":["https://openalex.org/W2057135347","https://openalex.org/W2393445026","https://openalex.org/W2625204818","https://openalex.org/W3088530179","https://openalex.org/W1980872188","https://openalex.org/W2061466315","https://openalex.org/W4385692127","https://openalex.org/W2121836138","https://openalex.org/W2376886931","https://openalex.org/W2377721740"],"abstract_inverted_index":{"Full":[0],"packet":[1,35],"analysis":[2,36],"on":[3,112,142],"firewalls":[4],"and":[5,66,71,99,114,137],"intrusion":[6],"detection,":[7],"although":[8],"effective,":[9],"has":[10],"been":[11],"found":[12,141],"in":[13,160],"recent":[14],"times":[15],"to":[16,19,45,68,88,162],"be":[17],"detrimental":[18],"the":[20,40,56,143,164,166],"overall":[21],"performance":[22],"of":[23,29,58,118,123],"networks":[24],"that":[25,90],"receive":[26],"large":[27],"volumes":[28],"throughput.":[30],"For":[31],"this":[32],"reason":[33],"partial":[34],"technologies":[37],"such":[38],"as":[39,154],"NetFlow":[41,63],"protocol":[42],"have":[43],"emerged":[44],"better":[46],"mitigate":[47],"these":[48],"bottlenecks":[49],"through":[50,108,115,130],"log":[51,59],"generation.":[52],"This":[53,145],"paper":[54],"researches":[55],"use":[57],"files":[60],"generated":[61],"by":[62,77],"version":[64],"9":[65],"IPFIX":[67],"identify":[69],"successful":[70],"unsuccessful":[72],"exploit":[73,110],"attacks":[74,105,126],"commonly":[75,140],"used":[76],"automated":[78],"systems.":[79],"These":[80,104,125],"malicious":[81],"communications":[82],"include":[83],"but":[84],"are":[85,106,127],"not":[86],"limited":[87],"exploits":[89,119],"attack":[91,147,169],"Microsoft":[92],"RPC,":[93],"Samba,":[94],"NTP":[95],"(Network":[96],"Time":[97],"Protocol)":[98],"IRC":[100],"(Internet":[101],"Relay":[102],"Chat).":[103],"recreated":[107],"existing":[109],"implementations":[111],"Metasploit":[113],"hand-crafted":[116],"reconstructions":[117],"via":[120],"known":[121],"documentation":[122],"vulnerabilities.":[124],"then":[128],"monitored":[129],"a":[131,155],"preconfigured":[132],"virtual":[133],"testbed":[134],"containing":[135],"gateways":[136],"network":[138],"connections":[139],"Internet.":[144],"common":[146],"identification":[148],"system":[149],"is":[150],"intended":[151],"for":[152,158],"insertion":[153],"parallel":[156],"module":[157],"Bolvedere":[159,167],"order":[161],"further":[163],"increase":[165],"system's":[168],"detection":[170],"capability.":[171]},"counts_by_year":[],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}