{"id":"https://openalex.org/W2930144424","doi":"https://doi.org/10.1145/3314148.3314352","title":"Detecting Volumetric Attacks on loT Devices via SDN-Based Monitoring of MUD Activity","display_name":"Detecting Volumetric Attacks on loT Devices via SDN-Based Monitoring of MUD Activity","publication_year":2019,"publication_date":"2019-04-03","ids":{"openalex":"https://openalex.org/W2930144424","doi":"https://doi.org/10.1145/3314148.3314352","mag":"2930144424"},"language":"en","primary_location":{"id":"doi:10.1145/3314148.3314352","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3314148.3314352","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM Symposium on SDN Research","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003745528","display_name":"Ayyoob Hamza","orcid":"https://orcid.org/0000-0002-6464-4898"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Ayyoob Hamza","raw_affiliation_strings":["UNSW Sydney"],"affiliations":[{"raw_affiliation_string":"UNSW Sydney","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030677680","display_name":"Hassan Habibi Gharakheili","orcid":"https://orcid.org/0000-0002-9333-7635"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Hassan Habibi Gharakheili","raw_affiliation_strings":["UNSW Sydney"],"affiliations":[{"raw_affiliation_string":"UNSW Sydney","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069985929","display_name":"Theophilus Benson","orcid":"https://orcid.org/0000-0002-5855-8811"},"institutions":[{"id":"https://openalex.org/I175594653","display_name":"John Brown University","ror":"https://ror.org/02ct41q97","country_code":"US","type":"education","lineage":["https://openalex.org/I175594653"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Theophilus A. Benson","raw_affiliation_strings":["Brown University"],"affiliations":[{"raw_affiliation_string":"Brown University","institution_ids":["https://openalex.org/I175594653"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091021682","display_name":"Vijay Sivaraman","orcid":"https://orcid.org/0000-0001-7985-6765"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Vijay Sivaraman","raw_affiliation_strings":["UNSW Sydney"],"affiliations":[{"raw_affiliation_string":"UNSW Sydney","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5003745528"],"corresponding_institution_ids":["https://openalex.org/I31746571"],"apc_list":null,"apc_paid":null,"fwci":15.7387,"has_fulltext":false,"cited_by_count":178,"citation_normalized_percentile":{"value":0.99314024,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"36","last_page":"48"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8149944543838501},{"id":"https://openalex.org/keywords/spoofing-attack","display_name":"Spoofing attack","score":0.8114228248596191},{"id":"https://openalex.org/keywords/flooding","display_name":"Flooding (psychology)","score":0.652266263961792},{"id":"https://openalex.org/keywords/internet-control-message-protocol","display_name":"Internet Control Message Protocol","score":0.6276895999908447},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5655108094215393},{"id":"https://openalex.org/keywords/deep-packet-inspection","display_name":"Deep packet inspection","score":0.5237731337547302},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5063430070877075},{"id":"https://openalex.org/keywords/networking-hardware","display_name":"Networking hardware","score":0.49109840393066406},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.48424527049064636},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.48418357968330383},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.48034727573394775},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.46098220348358154},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3896338641643524},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.19319197535514832},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.18221032619476318}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8149944543838501},{"id":"https://openalex.org/C167900197","wikidata":"https://www.wikidata.org/wiki/Q11081100","display_name":"Spoofing attack","level":2,"score":0.8114228248596191},{"id":"https://openalex.org/C186594467","wikidata":"https://www.wikidata.org/wiki/Q1429176","display_name":"Flooding (psychology)","level":2,"score":0.652266263961792},{"id":"https://openalex.org/C195219913","wikidata":"https://www.wikidata.org/wiki/Q13162","display_name":"Internet Control Message Protocol","level":3,"score":0.6276895999908447},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5655108094215393},{"id":"https://openalex.org/C204679922","wikidata":"https://www.wikidata.org/wiki/Q734252","display_name":"Deep packet inspection","level":3,"score":0.5237731337547302},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5063430070877075},{"id":"https://openalex.org/C159631557","wikidata":"https://www.wikidata.org/wiki/Q1546066","display_name":"Networking hardware","level":2,"score":0.49109840393066406},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.48424527049064636},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.48418357968330383},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.48034727573394775},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.46098220348358154},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3896338641643524},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.19319197535514832},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.18221032619476318},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3314148.3314352","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3314148.3314352","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM Symposium on SDN Research","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1516506771","https://openalex.org/W1583113493","https://openalex.org/W1585610988","https://openalex.org/W1606099259","https://openalex.org/W1674877186","https://openalex.org/W1985987493","https://openalex.org/W2014563571","https://openalex.org/W2017524370","https://openalex.org/W2115627867","https://openalex.org/W2128728535","https://openalex.org/W2142889610","https://openalex.org/W2160172778","https://openalex.org/W2163375756","https://openalex.org/W2165533158","https://openalex.org/W2187626237","https://openalex.org/W2485229854","https://openalex.org/W2519428799","https://openalex.org/W2560162835","https://openalex.org/W2582743722","https://openalex.org/W2606004741","https://openalex.org/W2734858986","https://openalex.org/W2766295581","https://openalex.org/W2768718335","https://openalex.org/W2771524937","https://openalex.org/W2797402970","https://openalex.org/W2797742547","https://openalex.org/W2886897065","https://openalex.org/W2887792592","https://openalex.org/W2997591727","https://openalex.org/W3105750153","https://openalex.org/W4235169531"],"related_works":["https://openalex.org/W2392196971","https://openalex.org/W2504080848","https://openalex.org/W2188559950","https://openalex.org/W2348219379","https://openalex.org/W2051979939","https://openalex.org/W2964966918","https://openalex.org/W2913402942","https://openalex.org/W2016714886","https://openalex.org/W4381058525","https://openalex.org/W2249620539"],"abstract_inverted_index":{"Smart":[0],"environments":[1],"equipped":[2],"with":[3,72],"IoT":[4,54,96],"devices":[5],"are":[6,20],"increasingly":[7],"under":[8],"threat":[9],"from":[10],"an":[11,53],"escalating":[12],"number":[13],"of":[14,30],"sophisticated":[15],"cyber-attacks.":[16],"Current":[17],"security":[18],"approaches":[19],"inaccurate,":[21],"expensive,":[22],"or":[23,35],"unscalable,":[24],"as":[25,87],"they":[26],"require":[27],"static":[28],"signatures":[29],"known":[31],"attacks,":[32],"specialized":[33],"hardware,":[34],"full":[36],"packet":[37],"inspection.":[38],"The":[39],"IETF":[40],"Manufacturer":[41],"Usage":[42],"Description":[43],"(MUD)":[44],"framework":[45],"aims":[46],"to":[47,69,82,95],"reduce":[48],"the":[49,73],"attack":[50],"surface":[51],"on":[52],"device":[55],"by":[56],"formally":[57],"defining":[58],"its":[59],"expected":[60],"network":[61],"behavior.":[62],"In":[63],"this":[64],"paper,":[65],"we":[66],"use":[67],"SDN":[68],"monitor":[70],"compliance":[71],"MUD":[74],"behavioral":[75],"profile,":[76],"and":[77,92],"develop":[78],"machine":[79],"learning":[80],"methods":[81],"detect":[83],"volumetric":[84],"attacks":[85],"such":[86],"DoS,":[88],"reflective":[89],"TCP/UDP/ICMP":[90],"flooding,":[91],"ARP":[93],"spoofing":[94],"devices.":[97]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":26},{"year":2024,"cited_by_count":24},{"year":2023,"cited_by_count":37},{"year":2022,"cited_by_count":25},{"year":2021,"cited_by_count":28},{"year":2020,"cited_by_count":29},{"year":2019,"cited_by_count":7}],"updated_date":"2026-02-25T23:00:34.991745","created_date":"2025-10-10T00:00:00"}