{"id":"https://openalex.org/W3178039307","doi":"https://doi.org/10.1109/tr.2021.3089511","title":"A Firewall Policy Anomaly Detection Framework for Reliable Network Security","display_name":"A Firewall Policy Anomaly Detection Framework for Reliable Network Security","publication_year":2021,"publication_date":"2021-07-08","ids":{"openalex":"https://openalex.org/W3178039307","doi":"https://doi.org/10.1109/tr.2021.3089511","mag":"3178039307"},"language":"en","primary_location":{"id":"doi:10.1109/tr.2021.3089511","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tr.2021.3089511","pdf_url":null,"source":{"id":"https://openalex.org/S87725633","display_name":"IEEE Transactions on Reliability","issn_l":"0018-9529","issn":["0018-9529","1558-1721"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Reliability","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://edepot.wur.nl/564373","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5045801451","display_name":"Cengiz To\u011fay","orcid":"https://orcid.org/0000-0001-5739-1784"},"institutions":[{"id":"https://openalex.org/I131835042","display_name":"Bursa Uluda\u011f \u00dcni\u0307versi\u0307tesi\u0307","ror":"https://ror.org/03tg3eb07","country_code":"TR","type":"education","lineage":["https://openalex.org/I131835042"]}],"countries":["TR"],"is_corresponding":true,"raw_author_name":"Cengiz Togay","raw_affiliation_strings":["Department of Computer Engineering, Uludag University, Bursa, Turkey"],"raw_orcid":"https://orcid.org/0000-0001-5739-1784","affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Uludag University, Bursa, Turkey","institution_ids":["https://openalex.org/I131835042"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049248460","display_name":"Ahmet Ka\u015fif","orcid":"https://orcid.org/0000-0003-2707-6075"},"institutions":[{"id":"https://openalex.org/I192257213","display_name":"Bursa Technical University","ror":"https://ror.org/03rdpn141","country_code":"TR","type":"education","lineage":["https://openalex.org/I192257213"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Ahmet Kasif","raw_affiliation_strings":["Department of Computer Engineering, Bursa Technical University, Bursa, Turkey"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Bursa Technical University, Bursa, Turkey","institution_ids":["https://openalex.org/I192257213"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038073619","display_name":"Cagatay Catal","orcid":"https://orcid.org/0000-0003-0959-2930"},"institutions":[{"id":"https://openalex.org/I60342839","display_name":"Qatar University","ror":"https://ror.org/00yhnba62","country_code":"QA","type":"education","lineage":["https://openalex.org/I60342839"]}],"countries":["QA"],"is_corresponding":false,"raw_author_name":"Cagatay Catal","raw_affiliation_strings":["Department of Computer Science and Engineering, Qatar University, Doha, Qatar"],"raw_orcid":"https://orcid.org/0000-0003-0959-2930","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Qatar University, Doha, Qatar","institution_ids":["https://openalex.org/I60342839"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002683918","display_name":"Bedir Teki\u0307nerdo\u011fan","orcid":"https://orcid.org/0000-0002-8538-7261"},"institutions":[{"id":"https://openalex.org/I913481162","display_name":"Wageningen University & Research","ror":"https://ror.org/04qw24q55","country_code":"NL","type":"education","lineage":["https://openalex.org/I913481162"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Bedir Tekinerdogan","raw_affiliation_strings":["Information Technology Group, Wageningen University &amp; Research, Wageningen, PB, The Netherlands"],"raw_orcid":"https://orcid.org/0000-0002-8538-7261","affiliations":[{"raw_affiliation_string":"Information Technology Group, Wageningen University &amp; Research, Wageningen, PB, The Netherlands","institution_ids":["https://openalex.org/I913481162"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5045801451"],"corresponding_institution_ids":["https://openalex.org/I131835042"],"apc_list":null,"apc_paid":null,"fwci":6.0849,"has_fulltext":true,"cited_by_count":53,"citation_normalized_percentile":{"value":0.96467995,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"71","issue":"1","first_page":"339","last_page":"347"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firewall","display_name":"Firewall (physics)","score":0.8867602944374084},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7273956537246704},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.6609214544296265},{"id":"https://openalex.org/keywords/application-firewall","display_name":"Application firewall","score":0.6428124904632568},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5947183966636658},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.5788460373878479},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5767701268196106},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5642443299293518},{"id":"https://openalex.org/keywords/internet-security","display_name":"Internet security","score":0.5085173845291138},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49999332427978516},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4687766134738922},{"id":"https://openalex.org/keywords/dmz","display_name":"DMZ","score":0.43128451704978943},{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.27547186613082886},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2595544457435608},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.22004440426826477},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.20502203702926636},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.1069096028804779}],"concepts":[{"id":"https://openalex.org/C77714075","wikidata":"https://www.wikidata.org/wiki/Q5452017","display_name":"Firewall (physics)","level":5,"score":0.8867602944374084},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7273956537246704},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.6609214544296265},{"id":"https://openalex.org/C86444895","wikidata":"https://www.wikidata.org/wiki/Q451816","display_name":"Application firewall","level":4,"score":0.6428124904632568},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5947183966636658},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.5788460373878479},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5767701268196106},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5642443299293518},{"id":"https://openalex.org/C22111027","wikidata":"https://www.wikidata.org/wiki/Q1070427","display_name":"Internet security","level":4,"score":0.5085173845291138},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49999332427978516},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4687766134738922},{"id":"https://openalex.org/C23103841","wikidata":"https://www.wikidata.org/wiki/Q1074209","display_name":"DMZ","level":3,"score":0.43128451704978943},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.27547186613082886},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2595544457435608},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.22004440426826477},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.20502203702926636},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.1069096028804779},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C104062141","wikidata":"https://www.wikidata.org/wiki/Q2601295","display_name":"Extremal black hole","level":3,"score":0.0},{"id":"https://openalex.org/C183915046","wikidata":"https://www.wikidata.org/wiki/Q1316152","display_name":"Charged black hole","level":4,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tr.2021.3089511","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tr.2021.3089511","pdf_url":null,"source":{"id":"https://openalex.org/S87725633","display_name":"IEEE Transactions on Reliability","issn_l":"0018-9529","issn":["0018-9529","1558-1721"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Reliability","raw_type":"journal-article"},{"id":"pmh:oai:library.wur.nl:wurpubs/594021","is_oa":true,"landing_page_url":"https://research.wur.nl/en/publications/a-firewall-policy-anomaly-detection-framework-for-reliable-networ","pdf_url":"https://edepot.wur.nl/564373","source":{"id":"https://openalex.org/S4210201231","display_name":"Socio-Environmental Systems Modeling","issn_l":"2663-3027","issn":["2663-3027"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ISSN: 0018-9529","raw_type":"Article/Letter to editor"},{"id":"pmh:a03597e0-5ff5-4ff6-92c9-de0db1f01bd9","is_oa":false,"landing_page_url":"https://avesis.uludag.edu.tr/publication/details/a03597e0-5ff5-4ff6-92c9-de0db1f01bd9/oai","pdf_url":null,"source":{"id":"https://openalex.org/S7407055210","display_name":"Bursa Uludag University - AVESIS","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:qspace.qu.edu.qa:10576/36804","is_oa":false,"landing_page_url":"http://hdl.handle.net/10576/36804","pdf_url":null,"source":{"id":"https://openalex.org/S4306400014","display_name":"Qatar University QSpace (Qatar University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I60342839","host_organization_name":"Qatar University","host_organization_lineage":["https://openalex.org/I60342839"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article"}],"best_oa_location":{"id":"pmh:oai:library.wur.nl:wurpubs/594021","is_oa":true,"landing_page_url":"https://research.wur.nl/en/publications/a-firewall-policy-anomaly-detection-framework-for-reliable-networ","pdf_url":"https://edepot.wur.nl/564373","source":{"id":"https://openalex.org/S4210201231","display_name":"Socio-Environmental Systems Modeling","issn_l":"2663-3027","issn":["2663-3027"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ISSN: 0018-9529","raw_type":"Article/Letter to editor"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.44999998807907104,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3178039307.pdf","grobid_xml":"https://content.openalex.org/works/W3178039307.grobid-xml"},"referenced_works_count":28,"referenced_works":["https://openalex.org/W844911133","https://openalex.org/W1504662986","https://openalex.org/W1584046620","https://openalex.org/W1982255089","https://openalex.org/W2096050295","https://openalex.org/W2131999424","https://openalex.org/W2140073547","https://openalex.org/W2145185087","https://openalex.org/W2148656332","https://openalex.org/W2154840930","https://openalex.org/W2169856608","https://openalex.org/W2294667916","https://openalex.org/W2328461639","https://openalex.org/W2443299711","https://openalex.org/W2728126758","https://openalex.org/W2755239810","https://openalex.org/W2805119960","https://openalex.org/W2963312828","https://openalex.org/W3013149934","https://openalex.org/W3020687048","https://openalex.org/W3021238006","https://openalex.org/W3034362473","https://openalex.org/W3100009627","https://openalex.org/W4232308400","https://openalex.org/W4237549041","https://openalex.org/W6748974338","https://openalex.org/W6775212727","https://openalex.org/W7026974150"],"related_works":["https://openalex.org/W2370543097","https://openalex.org/W2057573940","https://openalex.org/W2382066006","https://openalex.org/W2369001869","https://openalex.org/W2393991738","https://openalex.org/W2370191912","https://openalex.org/W2916429898","https://openalex.org/W2360045469","https://openalex.org/W577568228","https://openalex.org/W2370365793"],"abstract_inverted_index":{"One":[0],"of":[1,29,54,62,65,79,114,127,138],"the":[2,13,27,41,45,51,59,63,66,80,112,117,124,128,146],"key":[3],"challenges":[4],"in":[5,152],"computer":[6],"networks":[7],"is":[8,132,148],"network":[9,21,42,92],"security.":[10,93],"For":[11],"securing":[12],"network,":[14],"various":[15],"solutions":[16,86],"have":[17],"been":[18],"proposed,":[19],"including":[20],"security":[22,47,125],"protocols":[23],"and":[24,43,57,122,150],"firewalls.":[25],"In":[26,94],"case":[28],"so-called":[30],"packet-filtering":[31],"firewalls,":[32],"policy":[33,67,70,81,106,140,155],"rules":[34,82],"are":[35],"implemented":[36],"to":[37,40,50,83,90],"monitor":[38],"changes":[39],"preserve":[44],"required":[46],"level.":[48],"Due":[49],"dramatic":[52],"increase":[53,61],"devices,":[55],"however,":[56],"herewith":[58],"rapid":[60],"size":[64],"rules,":[68],"firewall":[69,118,139,154],"anomalies":[71],"occur":[72],"more":[73],"frequently.":[74],"This":[75],"requires":[76],"careful":[77],"implementation":[78],"ensure":[84],"cost-efficient":[85],"for":[87,103,120],"anomaly":[88,100,107],"detection":[89,101],"support":[91],"this":[95],"study,":[96],"we":[97],"present":[98],"an":[99],"framework":[102,110,131,147],"detecting":[104,153],"intrafirewall":[105],"rules.":[108],"The":[109,130],"supports":[111],"simulation":[113],"packets":[115],"through":[116],"ruleset":[119],"validating":[121],"enhancing":[123],"level":[126],"network.":[129],"validated":[133],"using":[134],"four":[135],"different":[136],"types":[137],"anomalies.":[141,156],"Experimental":[142],"results":[143],"demonstrate":[144],"that":[145],"effective":[149],"efficient":[151]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":10},{"year":2024,"cited_by_count":13},{"year":2023,"cited_by_count":15},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}