{"id":"https://openalex.org/W2563225006","doi":"https://doi.org/10.1109/ntms.2016.7792484","title":"Towards a Big Data Architecture for Facilitating Cyber Threat Intelligence","display_name":"Towards a Big Data Architecture for Facilitating Cyber Threat Intelligence","publication_year":2016,"publication_date":"2016-11-01","ids":{"openalex":"https://openalex.org/W2563225006","doi":"https://doi.org/10.1109/ntms.2016.7792484","mag":"2563225006"},"language":"en","primary_location":{"id":"doi:10.1109/ntms.2016.7792484","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ntms.2016.7792484","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056300209","display_name":"Charles Wheelus","orcid":"https://orcid.org/0000-0002-4646-7533"},"institutions":[{"id":"https://openalex.org/I63772739","display_name":"Florida Atlantic University","ror":"https://ror.org/05p8w6387","country_code":"US","type":"education","lineage":["https://openalex.org/I63772739"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Charles Wheelus","raw_affiliation_strings":["Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, USA","institution_ids":["https://openalex.org/I63772739"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039079298","display_name":"Elias Bou\u2010Harb","orcid":"https://orcid.org/0000-0001-8040-4635"},"institutions":[{"id":"https://openalex.org/I63772739","display_name":"Florida Atlantic University","ror":"https://ror.org/05p8w6387","country_code":"US","type":"education","lineage":["https://openalex.org/I63772739"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elias Bou-Harb","raw_affiliation_strings":["Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, USA","institution_ids":["https://openalex.org/I63772739"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5084641325","display_name":"Xingquan Zhu","orcid":"https://orcid.org/0000-0003-4129-9611"},"institutions":[{"id":"https://openalex.org/I63772739","display_name":"Florida Atlantic University","ror":"https://ror.org/05p8w6387","country_code":"US","type":"education","lineage":["https://openalex.org/I63772739"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xingquan Zhu","raw_affiliation_strings":["Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer & Electrical Engineering and Computer Science, Florida Atlantic University, USA","institution_ids":["https://openalex.org/I63772739"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5056300209"],"corresponding_institution_ids":["https://openalex.org/I63772739"],"apc_list":null,"apc_paid":null,"fwci":0.8686,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.78719912,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7971694469451904},{"id":"https://openalex.org/keywords/sophistication","display_name":"Sophistication","score":0.670609712600708},{"id":"https://openalex.org/keywords/big-data","display_name":"Big data","score":0.6468977928161621},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5759709477424622},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.5608014464378357},{"id":"https://openalex.org/keywords/analytics","display_name":"Analytics","score":0.5501004457473755},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.5488484501838684},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.539859414100647},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5182873606681824},{"id":"https://openalex.org/keywords/disk-formatting","display_name":"Disk formatting","score":0.4551619589328766},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.17331114411354065},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1379278600215912}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7971694469451904},{"id":"https://openalex.org/C168725872","wikidata":"https://www.wikidata.org/wiki/Q991663","display_name":"Sophistication","level":2,"score":0.670609712600708},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.6468977928161621},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5759709477424622},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.5608014464378357},{"id":"https://openalex.org/C79158427","wikidata":"https://www.wikidata.org/wiki/Q485396","display_name":"Analytics","level":2,"score":0.5501004457473755},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.5488484501838684},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.539859414100647},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5182873606681824},{"id":"https://openalex.org/C88006597","wikidata":"https://www.wikidata.org/wiki/Q690117","display_name":"Disk formatting","level":2,"score":0.4551619589328766},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.17331114411354065},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1379278600215912},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ntms.2016.7792484","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ntms.2016.7792484","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.47999998927116394}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W1525028514","https://openalex.org/W1775772884","https://openalex.org/W1966809779","https://openalex.org/W1985987493","https://openalex.org/W1989714227","https://openalex.org/W2005043824","https://openalex.org/W2025001960","https://openalex.org/W2065643612","https://openalex.org/W2081675971","https://openalex.org/W2082758646","https://openalex.org/W2096049976","https://openalex.org/W2112736324","https://openalex.org/W2124808847","https://openalex.org/W2127084909","https://openalex.org/W2132667707","https://openalex.org/W2133990480","https://openalex.org/W2152436591","https://openalex.org/W2186090720","https://openalex.org/W4285719527","https://openalex.org/W6631176726","https://openalex.org/W6638021444","https://openalex.org/W6686415897"],"related_works":["https://openalex.org/W4244466418","https://openalex.org/W2104062382","https://openalex.org/W2162878363","https://openalex.org/W2389021890","https://openalex.org/W2479325685","https://openalex.org/W4245101192","https://openalex.org/W2146588098","https://openalex.org/W3183791698","https://openalex.org/W3111710556","https://openalex.org/W2317823609"],"abstract_inverted_index":{"Internet":[0],"and":[1,25,44,64,79,95,137,156,170],"organizational":[2],"network":[3,71,90,114,163],"security":[4],"is":[5,28,86,106],"still":[6],"threatened":[7],"by":[8,55,68,132,148,157],"devastating":[9],"malicious":[10],"activities.":[11],"Given":[12],"the":[13,56,103,110,117,142,150,153,167,173],"continuous":[14],"escalation":[15],"of":[16,21,29,58,112,144,152,161,172],"such":[17,46,49],"attacks":[18],"in":[19,88],"terms":[20],"their":[22],"frequency,":[23],"sophistication":[24],"stealthiness,":[26],"it":[27,108],"paramount":[30],"importance":[31],"to":[32,119],"generate":[33],"effective":[34,123],"cyber":[35,124],"threat":[36,125],"intelligence":[37,67,126],"that":[38,60,85,107],"aim":[39],"at":[40],"inferring,":[41],"attributing,":[42],"characterizing":[43],"mitigating":[45],"misdemeanors.":[47],"Nevertheless,":[48],"imperative":[50],"tasks":[51],"are":[52],"partially":[53],"impeded":[54],"lack":[57],"approaches":[59],"can":[61],"produce":[62],"prompt":[63],"accurate":[65],"actionable":[66],"investigating":[69,141],"various":[70],"traffic":[72,91],"sources.":[73],"In":[74],"this":[75],"paper,":[76],"we":[77],"propose":[78],"evaluate":[80],"a":[81],"big":[82],"data":[83,97,133],"architecture":[84,105,155],"rooted":[87],"real-time":[89],"processing,":[92],"distributed":[93],"messaging":[94],"scalable":[96],"storage.":[98],"The":[99],"key":[100],"innovation":[101],"behind":[102],"proposed":[104,154,174],"automates":[109],"analysis":[111],"heterogeneous":[113],"data,":[115],"allowing":[116],"focus":[118],"remain":[120],"on":[121],"devising":[122],"analytics,":[127],"rather":[128],"than":[129],"being":[130],"hindered":[131],"management,":[134],"aggregation,":[135],"reconciliation":[136],"formatting.":[138],"Empirical":[139],"evaluations":[140],"application":[143],"machine":[145],"learning":[146],"analytics":[147],"exploiting":[149],"artifacts":[151],"using":[158],"100":[159],"GB":[160],"real":[162],"traffic,":[164],"indeed":[165],"demonstrate":[166],"practicality,":[168],"effectiveness,":[169],"addedvalue":[171],"architecture.":[175]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}