{"id":"https://openalex.org/W4402262179","doi":"https://doi.org/10.1109/wincom62286.2024.10656538","title":"Improving Cyber Defense with DNS Query Clustering Analysis","display_name":"Improving Cyber Defense with DNS Query Clustering Analysis","publication_year":2024,"publication_date":"2024-07-23","ids":{"openalex":"https://openalex.org/W4402262179","doi":"https://doi.org/10.1109/wincom62286.2024.10656538"},"language":"en","primary_location":{"id":"doi:10.1109/wincom62286.2024.10656538","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/wincom62286.2024.10656538","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 11th International Conference on Wireless Networks and Mobile Communications (WINCOM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5033952772","display_name":"Radi Khaoula","orcid":null},"institutions":[{"id":"https://openalex.org/I4210119856","display_name":"Universit\u00e9 Sultan Moulay Slimane","ror":"https://ror.org/02m8tb249","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210119856"]}],"countries":["MA"],"is_corresponding":true,"raw_author_name":"Radi Khaoula","raw_affiliation_strings":["National School of Applied Sciences, Sultan Moulay Slimane University,LaSTI Laboratory,Khouribga,Morocco"],"affiliations":[{"raw_affiliation_string":"National School of Applied Sciences, Sultan Moulay Slimane University,LaSTI Laboratory,Khouribga,Morocco","institution_ids":["https://openalex.org/I4210119856"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107013403","display_name":"Moughit Imane","orcid":null},"institutions":[{"id":"https://openalex.org/I4210119856","display_name":"Universit\u00e9 Sultan Moulay Slimane","ror":"https://ror.org/02m8tb249","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210119856"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Moughit Imane","raw_affiliation_strings":["National School of Applied Sciences Sultan Moulay Slimane University,LIPIM Laboratory,Khouribga,Morocco"],"affiliations":[{"raw_affiliation_string":"National School of Applied Sciences Sultan Moulay Slimane University,LIPIM Laboratory,Khouribga,Morocco","institution_ids":["https://openalex.org/I4210119856"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5073432430","display_name":"Mohamed Moughit","orcid":"https://orcid.org/0000-0003-0453-351X"},"institutions":[{"id":"https://openalex.org/I4210119856","display_name":"Universit\u00e9 Sultan Moulay Slimane","ror":"https://ror.org/02m8tb249","country_code":"MA","type":"education","lineage":["https://openalex.org/I4210119856"]}],"countries":["MA"],"is_corresponding":false,"raw_author_name":"Moughit Mohamed","raw_affiliation_strings":["National School of Applied Sciences, Sultan Moulay Slimane University,LaSTI Laboratory,Khouribga,Morocco"],"affiliations":[{"raw_affiliation_string":"National School of Applied Sciences, Sultan Moulay Slimane University,LaSTI Laboratory,Khouribga,Morocco","institution_ids":["https://openalex.org/I4210119856"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5033952772"],"corresponding_institution_ids":["https://openalex.org/I4210119856"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.15673086,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"3","issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7527000904083252},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.6280198097229004},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.47872304916381836},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.4647250771522522},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.33398374915122986},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2877572774887085},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.17021429538726807},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.09358152747154236}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7527000904083252},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.6280198097229004},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47872304916381836},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.4647250771522522},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.33398374915122986},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2877572774887085},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.17021429538726807},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.09358152747154236}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/wincom62286.2024.10656538","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/wincom62286.2024.10656538","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 11th International Conference on Wireless Networks and Mobile Communications (WINCOM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1976383685","https://openalex.org/W2028060714","https://openalex.org/W2030382024","https://openalex.org/W2101737524","https://openalex.org/W2102283838","https://openalex.org/W2135349594","https://openalex.org/W2158703410","https://openalex.org/W2804240301","https://openalex.org/W2916401208","https://openalex.org/W2955934446","https://openalex.org/W2963401152","https://openalex.org/W3048804154","https://openalex.org/W4300672471","https://openalex.org/W4310793371","https://openalex.org/W4388893842"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2183899684","https://openalex.org/W3004039032","https://openalex.org/W2012920909","https://openalex.org/W2073523380","https://openalex.org/W3010674707","https://openalex.org/W2791352643","https://openalex.org/W1517101574","https://openalex.org/W4378190626"],"abstract_inverted_index":{"The":[0,229],"Domain":[1],"Name":[2],"System":[3],"(DNS)":[4],"serves":[5],"as":[6,76],"a":[7,29,196],"critical":[8],"component":[9,114],"of":[10,16,55,106,140,151,159,183,192,199,226,238,241],"internet":[11],"infrastructure,":[12],"facilitating":[13],"the":[14,53,102,138,147,157,181,224,239,249,260],"translation":[15],"domain":[17,65],"names":[18,66],"to":[19,96,169,217],"IP":[20,68],"addresses.":[21,69],"However,":[22],"its":[23],"widespread":[24],"usage":[25],"also":[26],"renders":[27],"it":[28],"prominent":[30],"target":[31],"for":[32,45,205,251],"cyber":[33,246],"threats.":[34,99,193],"Detecting":[35],"and":[36,60,67,81,92,104,117,146,190,202,222,255],"mitigating":[37],"malicious":[38,62,152,166],"activities":[39],"within":[40,64,143],"DNS":[41,87,144,206,227],"queries":[42,145],"are":[43,94,123],"imperative":[44],"upholding":[46],"online":[47],"security":[48,225],"standards.":[49],"This":[50],"study":[51,210],"investigates":[52],"effectiveness":[54],"clustering":[56,73,107,161,200,242],"algorithms":[57,162,201],"in":[58,128,163,232,244,259],"identifying":[59],"analyzing":[61],"activity":[63,167],"By":[70,194],"employing":[71],"various":[72],"techniques":[74,111,126,178,243],"such":[75],"k-means,":[77],"DBSCAN,":[78],"hierarchical":[79],"clustering,":[80],"Gaussian":[82],"mixture":[83],"models":[84],"(GMM)":[85],"on":[86],"query":[88,207],"datasets,":[89],"insightful":[90],"patterns":[91],"trends":[93],"uncovered":[95],"reveal":[97],"potential":[98,220],"To":[100],"augment":[101],"accuracy":[103],"efficiency":[105],"algorithms,":[108,185],"advanced":[109,252],"preprocessing":[110,203],"like":[112],"principal":[113],"analysis":[115],"(PCA)":[116],"t-distributed":[118],"stochastic":[119],"neighbor":[120],"embedding":[121],"(t-SNE)":[122],"utilized.":[124],"These":[125],"aid":[127],"reducing":[129],"data":[130],"dimensionality":[131,176],"while":[132],"preserving":[133],"essential":[134],"characteristics,":[135],"thereby":[136],"enabling":[137,186],"capture":[139],"intricate":[141],"relationships":[142],"more":[148,187],"effective":[149],"identification":[150,189],"behavior.":[153],"Our":[154],"research":[155],"underscores":[156],"superiority":[158],"specific":[160],"accurately":[164],"detecting":[165],"compared":[168],"others.":[170],"Furthermore,":[171],"we":[172],"demonstrate":[173],"how":[174],"integrating":[175],"reduction":[177],"significantly":[179],"enhances":[180],"performance":[182],"these":[184],"precise":[188],"classification":[191],"offering":[195],"comprehensive":[197],"evaluation":[198],"methods":[204],"analysis,":[208],"this":[209,233],"equips":[211],"cybersecurity":[212,257],"professionals":[213],"with":[214],"valuable":[215],"insights":[216],"safeguard":[218],"against":[219],"threats":[221],"fortify":[223],"infrastructure.":[228],"findings":[230],"presented":[231],"paper":[234],"provide":[235],"compelling":[236],"evidence":[237],"efficacy":[240],"combating":[245],"attacks,":[247],"paving":[248],"way":[250],"defense":[253],"mechanisms":[254],"improved":[256],"practices":[258],"diaital":[261],"landscape.":[262]},"counts_by_year":[],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}