{"id":"https://openalex.org/W2014663433","doi":"https://doi.org/10.1145/2602087.2602109","title":"Detection of SSH host spoofing in control systems through network telemetry analysis","display_name":"Detection of SSH host spoofing in control systems through network telemetry analysis","publication_year":2014,"publication_date":"2014-01-01","ids":{"openalex":"https://openalex.org/W2014663433","doi":"https://doi.org/10.1145/2602087.2602109","mag":"2014663433"},"language":"en","primary_location":{"id":"doi:10.1145/2602087.2602109","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2602087.2602109","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 9th Annual Cyber and Information Security Research Conference on - CISR '14","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012400349","display_name":"Stanislav Ponomarev","orcid":null},"institutions":[{"id":"https://openalex.org/I919208787","display_name":"Louisiana Tech University","ror":"https://ror.org/04q9esz89","country_code":"US","type":"education","lineage":["https://openalex.org/I2799628689","https://openalex.org/I919208787"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Stanislav Ponomarev","raw_affiliation_strings":["Louisiana Tech University, Ruston, LA","Louisiana Tech. University, Ruston, LA"],"affiliations":[{"raw_affiliation_string":"Louisiana Tech University, Ruston, LA","institution_ids":["https://openalex.org/I919208787"]},{"raw_affiliation_string":"Louisiana Tech. University, Ruston, LA","institution_ids":["https://openalex.org/I919208787"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056914630","display_name":"Nathan Wallace","orcid":"https://orcid.org/0000-0001-6530-9138"},"institutions":[{"id":"https://openalex.org/I919208787","display_name":"Louisiana Tech University","ror":"https://ror.org/04q9esz89","country_code":"US","type":"education","lineage":["https://openalex.org/I2799628689","https://openalex.org/I919208787"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nathan Wallace","raw_affiliation_strings":["Louisiana Tech University, Ruston, LA","Louisiana Tech. University, Ruston, LA"],"affiliations":[{"raw_affiliation_string":"Louisiana Tech University, Ruston, LA","institution_ids":["https://openalex.org/I919208787"]},{"raw_affiliation_string":"Louisiana Tech. University, Ruston, LA","institution_ids":["https://openalex.org/I919208787"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050233765","display_name":"Travis Atkison","orcid":"https://orcid.org/0000-0001-7258-7355"},"institutions":[{"id":"https://openalex.org/I919208787","display_name":"Louisiana Tech University","ror":"https://ror.org/04q9esz89","country_code":"US","type":"education","lineage":["https://openalex.org/I2799628689","https://openalex.org/I919208787"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Travis Atkison","raw_affiliation_strings":["Louisiana Tech University, Ruston, LA","Louisiana Tech. University, Ruston, LA"],"affiliations":[{"raw_affiliation_string":"Louisiana Tech University, Ruston, LA","institution_ids":["https://openalex.org/I919208787"]},{"raw_affiliation_string":"Louisiana Tech. University, Ruston, LA","institution_ids":["https://openalex.org/I919208787"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5012400349"],"corresponding_institution_ids":["https://openalex.org/I919208787"],"apc_list":null,"apc_paid":null,"fwci":2.4137,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.8974516,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"21","last_page":"24"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7789297103881836},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6316364407539368},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.6287522912025452},{"id":"https://openalex.org/keywords/spoofing-attack","display_name":"Spoofing attack","score":0.6286981701850891},{"id":"https://openalex.org/keywords/identifier","display_name":"Identifier","score":0.5181276202201843},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.4982905387878418},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.486218124628067},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2373177707195282}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7789297103881836},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6316364407539368},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6287522912025452},{"id":"https://openalex.org/C167900197","wikidata":"https://www.wikidata.org/wiki/Q11081100","display_name":"Spoofing attack","level":2,"score":0.6286981701850891},{"id":"https://openalex.org/C154504017","wikidata":"https://www.wikidata.org/wiki/Q853614","display_name":"Identifier","level":2,"score":0.5181276202201843},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.4982905387878418},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.486218124628067},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2373177707195282}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2602087.2602109","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2602087.2602109","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 9th Annual Cyber and Information Security Research Conference on - CISR '14","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1544837488","https://openalex.org/W2017528992","https://openalex.org/W2089365904","https://openalex.org/W2091833612","https://openalex.org/W2106847401","https://openalex.org/W2121973001","https://openalex.org/W2122646361","https://openalex.org/W2132047492","https://openalex.org/W2133972775","https://openalex.org/W2163809997","https://openalex.org/W2171769417","https://openalex.org/W2295782180","https://openalex.org/W2352668688"],"related_works":["https://openalex.org/W2188559950","https://openalex.org/W2989910292","https://openalex.org/W2998478967","https://openalex.org/W3128793638","https://openalex.org/W2607818178","https://openalex.org/W2123299109","https://openalex.org/W2021230337","https://openalex.org/W3153057489","https://openalex.org/W2895823926","https://openalex.org/W2614907253"],"abstract_inverted_index":{"Modern":[0],"networking":[1],"architecture":[2],"is":[3],"designed":[4],"with":[5,109],"high":[6],"scalability":[7],"in":[8,25,51,92],"mind.":[9],"Different":[10],"protocols":[11,52],"can":[12,28,65],"be":[13,29,66],"encapsulated":[14],"to":[15,44,58,86,107],"support":[16],"different":[17],"systems.":[18],"Machine":[19],"identifiers":[20],"(IP":[21],"and":[22,71,122,125],"MAC":[23,121],"addresses)":[24],"network":[26,60,84],"packets":[27],"modified":[30],"easily.":[31],"This":[32,75],"modification":[33],"prevents":[34],"servers":[35],"from":[36,115],"determining":[37],"whether":[38],"the":[39,101,127],"connecting":[40],"machines":[41,116],"are":[42],"allowed":[43],"communicate.":[45],"Cryptographic":[46],"functions":[47],"have":[48],"been":[49],"used":[50],"such":[53],"as":[54],"Secure":[55],"Shell":[56],"(SSH)":[57],"establish":[59],"node":[61],"authenticity,":[62],"but":[63],"they":[64],"circumvented":[67],"by":[68],"social":[69],"engineering":[70],"brute":[72],"force":[73],"attacks.":[74],"research":[76],"effort":[77],"created":[78],"a":[79,93,110],"new":[80],"classifier":[81],"that":[82,117],"processes":[83],"telemetry":[85],"determine":[87],"authenticity":[88],"of":[89],"SSH":[90,113],"clients":[91],"control":[94,102],"system's":[95,103],"network.":[96],"The":[97],"developed":[98],"classifier,":[99],"within":[100],"network,":[104],"was":[105],"able":[106],"differentiate":[108],"100%":[111],"accuracy":[112],"connections":[114],"were":[118],"transmitting":[119],"identical":[120],"IP":[123],"addresses,":[124],"had":[126],"same":[128],"RSA":[129],"key":[130],"for":[131],"authentication.":[132]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}