{"id":"https://openalex.org/W1665721420","doi":"https://doi.org/10.1109/ntms.2015.7266510","title":"Online detection of anomalous network flows with soft clustering","display_name":"Online detection of anomalous network flows with soft clustering","publication_year":2015,"publication_date":"2015-07-01","ids":{"openalex":"https://openalex.org/W1665721420","doi":"https://doi.org/10.1109/ntms.2015.7266510","mag":"1665721420"},"language":"en","primary_location":{"id":"doi:10.1109/ntms.2015.7266510","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ntms.2015.7266510","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 7th International Conference on New Technologies, Mobility and Security (NTMS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058345703","display_name":"Mikhail Zolotukhin","orcid":"https://orcid.org/0000-0001-8058-7902"},"institutions":[{"id":"https://openalex.org/I94722563","display_name":"University of Jyv\u00e4skyl\u00e4","ror":"https://ror.org/05n3dz165","country_code":"FI","type":"education","lineage":["https://openalex.org/I94722563"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Mikhail Zolotukhin","raw_affiliation_strings":["Department of Mathematical Information Technology, University of Jyvaskyla, Jyvaskyla, Finland"],"affiliations":[{"raw_affiliation_string":"Department of Mathematical Information Technology, University of Jyvaskyla, Jyvaskyla, Finland","institution_ids":["https://openalex.org/I94722563"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036786418","display_name":"Timo H\u00e4m\u00e4l\u00e4inen","orcid":"https://orcid.org/0000-0002-4168-9102"},"institutions":[{"id":"https://openalex.org/I94722563","display_name":"University of Jyv\u00e4skyl\u00e4","ror":"https://ror.org/05n3dz165","country_code":"FI","type":"education","lineage":["https://openalex.org/I94722563"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Timo Hamalainen","raw_affiliation_strings":["Department of Mathematical Information Technology, University of Jyvaskyla, Jyvaskyla, Finland"],"affiliations":[{"raw_affiliation_string":"Department of Mathematical Information Technology, University of Jyvaskyla, Jyvaskyla, Finland","institution_ids":["https://openalex.org/I94722563"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013935409","display_name":"Tero Kokkonen","orcid":"https://orcid.org/0000-0001-9988-6259"},"institutions":[{"id":"https://openalex.org/I19002584","display_name":"JAMK University of Applied Sciences","ror":"https://ror.org/01dn2ng71","country_code":"FI","type":"education","lineage":["https://openalex.org/I19002584"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Tero Kokkonen","raw_affiliation_strings":["Institute of Information Technology, JAMK University of Applied Sciences, Jyvaskyla, Finland","Institute of Information Technology, JAMK University of Applied Sciences, Jyv\u00e4skyl\u00e4, Finland"],"affiliations":[{"raw_affiliation_string":"Institute of Information Technology, JAMK University of Applied Sciences, Jyvaskyla, Finland","institution_ids":["https://openalex.org/I19002584"]},{"raw_affiliation_string":"Institute of Information Technology, JAMK University of Applied Sciences, Jyv\u00e4skyl\u00e4, Finland","institution_ids":["https://openalex.org/I19002584"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5055970779","display_name":"Jarmo Siltanen","orcid":null},"institutions":[{"id":"https://openalex.org/I19002584","display_name":"JAMK University of Applied Sciences","ror":"https://ror.org/01dn2ng71","country_code":"FI","type":"education","lineage":["https://openalex.org/I19002584"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Jarmo Siltanen","raw_affiliation_strings":["Institute of Information Technology, JAMK University of Applied Sciences, Jyvaskyla, Finland","Institute of Information Technology, JAMK University of Applied Sciences, Jyv\u00e4skyl\u00e4, Finland"],"affiliations":[{"raw_affiliation_string":"Institute of Information Technology, JAMK University of Applied Sciences, Jyvaskyla, Finland","institution_ids":["https://openalex.org/I19002584"]},{"raw_affiliation_string":"Institute of Information Technology, JAMK University of Applied Sciences, Jyv\u00e4skyl\u00e4, Finland","institution_ids":["https://openalex.org/I19002584"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5058345703"],"corresponding_institution_ids":["https://openalex.org/I94722563"],"apc_list":null,"apc_paid":null,"fwci":0.6656,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.73068956,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"5","issue":null,"first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10064","display_name":"Complex Network Analysis Techniques","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/3109","display_name":"Statistical and Nonlinear Physics"},"field":{"id":"https://openalex.org/fields/31","display_name":"Physics and Astronomy"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8051570653915405},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7752535343170166},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.7639752626419067},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.7003154754638672},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6805055141448975},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.6462483406066895},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.507267415523529},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.4876329004764557},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4453135132789612},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.4157814383506775},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.34916725754737854},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.2144157886505127},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.18620356917381287}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8051570653915405},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7752535343170166},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.7639752626419067},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.7003154754638672},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6805055141448975},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.6462483406066895},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.507267415523529},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.4876329004764557},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4453135132789612},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.4157814383506775},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.34916725754737854},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.2144157886505127},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.18620356917381287},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ntms.2015.7266510","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ntms.2015.7266510","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 7th International Conference on New Technologies, Mobility and Security (NTMS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W1419210192","https://openalex.org/W1486632395","https://openalex.org/W1583108845","https://openalex.org/W1970350787","https://openalex.org/W1983488804","https://openalex.org/W1986497098","https://openalex.org/W2038571043","https://openalex.org/W2047555270","https://openalex.org/W2056413992","https://openalex.org/W2069685920","https://openalex.org/W2087119637","https://openalex.org/W2087986722","https://openalex.org/W2104936918","https://openalex.org/W2158844134","https://openalex.org/W2163950614","https://openalex.org/W2171331105","https://openalex.org/W2260798440","https://openalex.org/W2340406763","https://openalex.org/W2883460582","https://openalex.org/W6628849183"],"related_works":["https://openalex.org/W2337148208","https://openalex.org/W3004832009","https://openalex.org/W2806741695","https://openalex.org/W1971929717","https://openalex.org/W3036013726","https://openalex.org/W2061466315","https://openalex.org/W2355532322","https://openalex.org/W2368329025","https://openalex.org/W3157271777","https://openalex.org/W1485296229"],"abstract_inverted_index":{"In":[0],"this":[1,62],"study,":[2],"we":[3],"apply":[4],"an":[5],"anomaly-based":[6],"approach":[7,63,82],"to":[8,16,21,54,101,130,150],"analyze":[9],"traffic":[10],"flows":[11,19,33],"transferred":[12],"over":[13],"a":[14,34,78,103,122,144],"network":[15,32],"detect":[17,55,73],"the":[18,28,43,115,119,139],"related":[20],"different":[22],"types":[23],"of":[24,36,45,107,121],"attacks.":[25],"Based":[26],"on":[27,66,93,114],"information":[29,94],"extracted":[30],"from":[31],"model":[35,50],"normal":[37,67],"user":[38,68],"behavior":[39],"is":[40,51,64,91,112],"discovered":[41],"with":[42,118],"help":[44,120],"several":[46],"clustering":[47],"techniques.":[48,154],"This":[49],"then":[52],"used":[53,85],"anomalies":[56],"within":[57],"recent":[58],"time":[59],"intervals.":[60],"Since":[61],"based":[65,92],"behavior,":[69],"it":[70,90],"can":[71,83],"potentially":[72],"zero-day":[74],"intrusions.":[75],"Moreover,":[76],"such":[77],"flow-based":[79],"intrusion":[80,152],"detection":[81,153],"be":[84],"in":[86,95,143],"high":[87],"speeds":[88],"since":[89],"packet":[96],"headers,":[97],"and,":[98],"therefore,":[99],"has":[100],"handle":[102],"considerably":[104],"lesser":[105],"amount":[106],"data.":[108],"The":[109,135],"proposed":[110,140],"framework":[111],"tested":[113],"data":[116],"obtained":[117],"realistic":[123],"cyber":[124],"environment":[125],"(RGCE)":[126],"that":[127,138],"enables":[128],"one":[129],"construct":[131],"real":[132],"attack":[133],"vectors.":[134],"simulations":[136],"show":[137],"method":[141],"results":[142],"higher":[145],"accuracy":[146],"rate":[147],"when":[148],"compared":[149],"other":[151]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2016,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}