{"id":"https://openalex.org/W2768553818","doi":"https://doi.org/10.1145/3143361.3143399","title":"Jaal","display_name":"Jaal","publication_year":2017,"publication_date":"2017-11-22","ids":{"openalex":"https://openalex.org/W2768553818","doi":"https://doi.org/10.1145/3143361.3143399","mag":"2768553818"},"language":"en","primary_location":{"id":"doi:10.1145/3143361.3143399","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3143361.3143399","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5069402162","display_name":"Azeem Aqil","orcid":null},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Azeem Aqil","raw_affiliation_strings":["UC Riverside"],"affiliations":[{"raw_affiliation_string":"UC Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023346817","display_name":"Karim Khalil","orcid":"https://orcid.org/0000-0002-0907-5733"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Karim Khalil","raw_affiliation_strings":["UC Riverside"],"affiliations":[{"raw_affiliation_string":"UC Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085212625","display_name":"Ahmed Osama Fathy Atya","orcid":"https://orcid.org/0000-0002-5591-4657"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ahmed O.F. Atya","raw_affiliation_strings":["UC Riverside"],"affiliations":[{"raw_affiliation_string":"UC Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054849323","display_name":"Evangelos E. Papalexakis","orcid":"https://orcid.org/0000-0002-3411-8483"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Evangelos E. Papalexakis","raw_affiliation_strings":["UC Riverside"],"affiliations":[{"raw_affiliation_string":"UC Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086268637","display_name":"Srikanth V. Krishnamurthy","orcid":"https://orcid.org/0000-0002-6533-4381"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Srikanth V. Krishnamurthy","raw_affiliation_strings":["UC Riverside"],"affiliations":[{"raw_affiliation_string":"UC Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055045569","display_name":"Trent Jaeger","orcid":"https://orcid.org/0000-0002-4964-1170"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Trent Jaeger","raw_affiliation_strings":["The Pennsylvania State University"],"affiliations":[{"raw_affiliation_string":"The Pennsylvania State University","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053712998","display_name":"K. K. Ramakrishnan","orcid":"https://orcid.org/0000-0003-1849-5155"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"K. K. Ramakrishnan","raw_affiliation_strings":["UC Riverside"],"affiliations":[{"raw_affiliation_string":"UC Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000981358","display_name":"Paul Yu","orcid":"https://orcid.org/0000-0003-1577-3914"},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Paul Yu","raw_affiliation_strings":["U.S. Army Research Laboratory"],"affiliations":[{"raw_affiliation_string":"U.S. Army Research Laboratory","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113663310","display_name":"Ananthram Swami","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ananthram Swami","raw_affiliation_strings":["U.S. Army Research Laboratory"],"affiliations":[{"raw_affiliation_string":"U.S. Army Research Laboratory","institution_ids":["https://openalex.org/I166416128"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5069402162"],"corresponding_institution_ids":["https://openalex.org/I103635307"],"apc_list":null,"apc_paid":null,"fwci":1.7516,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.87377822,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"134","last_page":"146"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8430978059768677},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7699430584907532},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.7527353763580322},{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.7510441541671753},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5943533182144165},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5674764513969421},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4807719588279724},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.4765125811100006},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.34080350399017334},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.24003082513809204},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1215033233165741}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8430978059768677},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7699430584907532},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.7527353763580322},{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.7510441541671753},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5943533182144165},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5674764513969421},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4807719588279724},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.4765125811100006},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.34080350399017334},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.24003082513809204},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1215033233165741}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3143361.3143399","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3143361.3143399","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W158123262","https://openalex.org/W192309743","https://openalex.org/W1516506771","https://openalex.org/W1560486077","https://openalex.org/W1674877186","https://openalex.org/W1972257233","https://openalex.org/W2004026774","https://openalex.org/W2021132518","https://openalex.org/W2035055162","https://openalex.org/W2050345497","https://openalex.org/W2054746462","https://openalex.org/W2073459066","https://openalex.org/W2085845250","https://openalex.org/W2086959852","https://openalex.org/W2102481563","https://openalex.org/W2114538202","https://openalex.org/W2117747231","https://openalex.org/W2119351095","https://openalex.org/W2119885577","https://openalex.org/W2133910774","https://openalex.org/W2134562942","https://openalex.org/W2140260688","https://openalex.org/W2143439191","https://openalex.org/W2150593711","https://openalex.org/W2168654382","https://openalex.org/W2169087758","https://openalex.org/W2169636627","https://openalex.org/W2177058407","https://openalex.org/W2487095677","https://openalex.org/W2534519866","https://openalex.org/W2748868501","https://openalex.org/W2773722012","https://openalex.org/W2964110679","https://openalex.org/W3099514962","https://openalex.org/W3159998597","https://openalex.org/W3162728205","https://openalex.org/W4214680458","https://openalex.org/W6633662972","https://openalex.org/W6668990524"],"related_works":["https://openalex.org/W2883256816","https://openalex.org/W2171408034","https://openalex.org/W3003320923","https://openalex.org/W2106140982","https://openalex.org/W2152313554","https://openalex.org/W2064303750","https://openalex.org/W3048672182","https://openalex.org/W1509300825","https://openalex.org/W3092582874","https://openalex.org/W2590022098"],"abstract_inverted_index":{"We":[0,156,165],"have":[1],"recently":[2],"seen":[3],"an":[4,14,57],"increasing":[5],"number":[6],"of":[7,61,153,175,208],"attacks":[8,34,119],"that":[9,35,48,126,133,167],"are":[10,26,42,113,129,134,215],"distributed,":[11],"and":[12,31,78,106,143],"span":[13],"entire":[15],"wide":[16],"area":[17],"network":[18,76,92,186],"(WAN).":[19],"Today,":[20],"typically,":[21],"intrusion":[22,93,187],"detection":[23,79,94,173],"systems":[24],"(IDSs)":[25],"deployed":[27],"at":[28,44,52,95],"enterprise":[29],"scale":[30,162,185],"cannot":[32],"handle":[33,150],"cover":[36],"a":[37,45,70,87,160,172],"WAN.":[38],"Moreover,":[39],"such":[40],"IDSs":[41],"implemented":[43],"single":[46],"entity":[47],"expects":[49],"to":[50,55,64,103,117,138,149,199],"look":[51],"all":[53],"packets":[54,63,214],"determine":[56],"intrusion.":[58],"Transferring":[59],"copies":[60],"raw":[62,154,213],"centralized":[65],"engines":[66],"for":[67,89,183],"analysis":[68],"in":[69,100],"WAN":[71],"can":[72],"significantly":[73],"impact":[74],"both":[75],"performance":[77],"accuracy.":[80,122],"In":[81],"this":[82],"paper,":[83],"we":[84,127],"propose":[85],"Jaal,":[86],"framework":[88],"achieving":[90],"accurate":[91,141],"scale.":[96],"The":[97,111,123],"key":[98],"idea":[99],"Jaal":[101,158,170],"is":[102,179,204,210],"monitor":[104],"traffic":[105],"construct":[107],"in-network":[108],"packet":[109],"summaries.":[110],"summaries":[112,132,151,198],"then":[114],"processed":[115],"centrally":[116],"detect":[118],"with":[120,196],"high":[121],"main":[124],"challenges":[125],"address":[128],"(a)":[130],"creating":[131],"concise,":[135],"but":[136],"sufficient":[137],"draw":[139],"highly":[140],"inferences":[142],"(b)":[144],"transforming":[145],"traditional":[146],"IDS":[147],"rules":[148],"instead":[152],"packets.":[155],"implement":[157],"on":[159,168],"large":[161],"SDN":[163],"testbed.":[164],"show":[166],"average":[169],"yields":[171],"accuracy":[174],"about":[176,206],"98%,":[177],"which":[178],"the":[180,190,193,200],"highest":[181],"reported":[182],"ISP":[184],"detection.":[188],"At":[189],"same":[191],"time,":[192],"overhead":[194],"associated":[195],"transferring":[197],"central":[201],"inference":[202],"engine":[203],"only":[205],"35%":[207],"what":[209],"consumed":[211],"if":[212],"transferred.":[216]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":1}],"updated_date":"2026-03-25T13:04:00.132906","created_date":"2017-12-04T00:00:00"}