{"id":"https://openalex.org/W2021838212","doi":"https://doi.org/10.1145/1815396.1815667","title":"Reconstruction of malicious internet flows","display_name":"Reconstruction of malicious internet flows","publication_year":2010,"publication_date":"2010-06-28","ids":{"openalex":"https://openalex.org/W2021838212","doi":"https://doi.org/10.1145/1815396.1815667","mag":"2021838212"},"language":"en","primary_location":{"id":"doi:10.1145/1815396.1815667","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1815396.1815667","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th International Wireless Communications and Mobile Computing Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003580218","display_name":"\u00d6mer Demir","orcid":"https://orcid.org/0000-0003-4376-8733"},"institutions":[{"id":"https://openalex.org/I174216632","display_name":"City University of New York","ror":"https://ror.org/00453a208","country_code":"US","type":"education","lineage":["https://openalex.org/I174216632"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Omer Demir","raw_affiliation_strings":["City University of New York (CUNY), New York, NY"],"affiliations":[{"raw_affiliation_string":"City University of New York (CUNY), New York, NY","institution_ids":["https://openalex.org/I174216632"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091193777","display_name":"Bilal Khan","orcid":"https://orcid.org/0000-0002-0382-4502"},"institutions":[{"id":"https://openalex.org/I174216632","display_name":"City University of New York","ror":"https://ror.org/00453a208","country_code":"US","type":"education","lineage":["https://openalex.org/I174216632"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bilal Khan","raw_affiliation_strings":["City University of New York (CUNY), New York, NY"],"affiliations":[{"raw_affiliation_string":"City University of New York (CUNY), New York, NY","institution_ids":["https://openalex.org/I174216632"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008695053","display_name":"Ala Al\u2010Fuqaha","orcid":"https://orcid.org/0000-0002-0903-1204"},"institutions":[{"id":"https://openalex.org/I141649380","display_name":"Western Michigan University","ror":"https://ror.org/04j198w64","country_code":"US","type":"education","lineage":["https://openalex.org/I141649380"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ala Al-Fuqaha","raw_affiliation_strings":["Western Michigan University, Kalamazoo, MI","Western Michigan University; Kalamazoo; MI"],"affiliations":[{"raw_affiliation_string":"Western Michigan University, Kalamazoo, MI","institution_ids":["https://openalex.org/I141649380"]},{"raw_affiliation_string":"Western Michigan University; Kalamazoo; MI","institution_ids":["https://openalex.org/I141649380"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5003580218"],"corresponding_institution_ids":["https://openalex.org/I174216632"],"apc_list":null,"apc_paid":null,"fwci":0.3725,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.63795537,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1182","last_page":"1187"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10138","display_name":"Network Traffic and Congestion Control","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.807435154914856},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.7379246354103088},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.6667121052742004},{"id":"https://openalex.org/keywords/spoofing-attack","display_name":"Spoofing attack","score":0.6389883756637573},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.6114850640296936},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6055557727813721},{"id":"https://openalex.org/keywords/ip-traceback","display_name":"IP traceback","score":0.5791463851928711},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5470482110977173},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.5044213533401489},{"id":"https://openalex.org/keywords/ip-address-spoofing","display_name":"IP address spoofing","score":0.48801150918006897},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.48454442620277405},{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.4823969602584839},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.47492629289627075},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.45315149426460266},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.44663190841674805},{"id":"https://openalex.org/keywords/network-topology","display_name":"Network topology","score":0.4158198833465576},{"id":"https://openalex.org/keywords/internet-protocol","display_name":"Internet Protocol","score":0.1624746322631836},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.08833786845207214}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.807435154914856},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.7379246354103088},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6667121052742004},{"id":"https://openalex.org/C167900197","wikidata":"https://www.wikidata.org/wiki/Q11081100","display_name":"Spoofing attack","level":2,"score":0.6389883756637573},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.6114850640296936},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6055557727813721},{"id":"https://openalex.org/C2776059407","wikidata":"https://www.wikidata.org/wiki/Q5973212","display_name":"IP traceback","level":4,"score":0.5791463851928711},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5470482110977173},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.5044213533401489},{"id":"https://openalex.org/C111814575","wikidata":"https://www.wikidata.org/wiki/Q550893","display_name":"IP address spoofing","level":5,"score":0.48801150918006897},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.48454442620277405},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.4823969602584839},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.47492629289627075},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.45315149426460266},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.44663190841674805},{"id":"https://openalex.org/C199845137","wikidata":"https://www.wikidata.org/wiki/Q145490","display_name":"Network topology","level":2,"score":0.4158198833465576},{"id":"https://openalex.org/C35341882","wikidata":"https://www.wikidata.org/wiki/Q8795","display_name":"Internet Protocol","level":3,"score":0.1624746322631836},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.08833786845207214},{"id":"https://openalex.org/C136264566","wikidata":"https://www.wikidata.org/wiki/Q159810","display_name":"Economy","level":1,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C147873670","wikidata":"https://www.wikidata.org/wiki/Q11182","display_name":"Network address translation","level":4,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1815396.1815667","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1815396.1815667","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th International Wireless Communications and Mobile Computing Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.622.7373","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.622.7373","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.systemic-inquiry.com/pdf/52.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6499999761581421,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W1604794090","https://openalex.org/W1967949770","https://openalex.org/W2089276145","https://openalex.org/W2096802008","https://openalex.org/W2105808107","https://openalex.org/W2117222554","https://openalex.org/W2119030343","https://openalex.org/W2123845384"],"related_works":["https://openalex.org/W2170470865","https://openalex.org/W2167302331","https://openalex.org/W1493760256","https://openalex.org/W2359167911","https://openalex.org/W2342208107","https://openalex.org/W2151002785","https://openalex.org/W2791075267","https://openalex.org/W2290771989","https://openalex.org/W2127772962","https://openalex.org/W1969940477"],"abstract_inverted_index":{"We":[0],"describe":[1],"a":[2,30,45,55,89,94,133],"general-purpose":[3],"distributed":[4,98],"system":[5,23,35,92,128,152],"capable":[6,61],"of":[7,9,27,32,38,48,62,100,143,164],"traceback":[8,95],"malicious":[10,69,118,157],"flow":[11,158],"trajectories":[12],"in":[13,166],"the":[14,25,33,39,74,91,109,130,150,171],"wide":[15],"area":[16],"despite":[17],"possible":[18],"source":[19],"IP":[20],"spoofing.":[21],"Our":[22],"requires":[24],"placement":[26],"agents":[28,53,131],"on":[29,82,117],"subset":[31],"inter-autonomous":[34],"(AS)":[36],"links":[37],"Internet.":[40],"Agents":[41],"are":[42],"instrumented":[43],"with":[44],"uniform":[46],"notion":[47],"attack":[49,75,110],"criterion.":[50],"Deployed,":[51],"these":[52],"implement":[54],"self-organizing,":[56],"decentralized":[57],"mechanism":[58],"that":[59,149],"is":[60,77,112,146,153],"reconstructing":[63],"topological":[64],"and":[65],"temporal":[66],"information":[67],"about":[68],"flows.":[70],"For":[71],"example,":[72],"when":[73,108],"criterion":[76,111],"taken":[78,113],"to":[79,88,114,147],"be":[80,115],"based":[81,116],"excessive":[83],"TCP":[84],"connection":[85],"establishment":[86],"traffic":[87],"destination,":[90],"becomes":[93],"service":[96,101,134],"for":[97,135],"denial":[99],"(DDoS)":[102],"attacks.":[103],"As":[104],"another":[105],"special":[106],"case,":[107],"payload":[119],"signature":[120],"match":[121],"as":[122],"defined":[123],"by":[124],"an":[125],"intrusion":[126],"detection":[127],"(IDS),":[129],"provide":[132],"tracing":[136],"malware":[137],"propagation":[138],"pathways.":[139],"The":[140],"main":[141],"contribution":[142],"this":[144],"paper,":[145],"demonstrate":[148],"proposed":[151],"effective":[154],"at":[155,161],"recovering":[156],"structure":[159],"even":[160],"moderate":[162],"levels":[163],"deployment":[165],"large":[167],"networks,":[168],"including":[169],"within":[170],"present":[172],"Internet":[173],"topology.":[174]},"counts_by_year":[{"year":2022,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}