{"id":"https://openalex.org/W4406418707","doi":"https://doi.org/10.1145/3712262","title":"ZT-SDN: An ML-Powered Zero-Trust Architecture for Software-Defined Networks","display_name":"ZT-SDN: An ML-Powered Zero-Trust Architecture for Software-Defined Networks","publication_year":2025,"publication_date":"2025-01-15","ids":{"openalex":"https://openalex.org/W4406418707","doi":"https://doi.org/10.1145/3712262"},"language":"en","primary_location":{"id":"doi:10.1145/3712262","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3712262","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054016248","display_name":"Charalampos Katsis","orcid":"https://orcid.org/0000-0002-1876-8478"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Charalampos Katsis","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayette, United States"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayette, United States","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayette, United States"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayette, United States","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5054016248"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":15.5771,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.98869198,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"28","issue":"2","first_page":"1","last_page":"35"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9923999905586243,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/zero","display_name":"Zero (linguistics)","score":0.680897057056427},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.5789690017700195},{"id":"https://openalex.org/keywords/software-defined-networking","display_name":"Software-defined networking","score":0.565441906452179},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5466017723083496},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4115637242794037},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.35799700021743774},{"id":"https://openalex.org/keywords/computer-architecture","display_name":"Computer architecture","score":0.3497368097305298},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17750781774520874},{"id":"https://openalex.org/keywords/geography","display_name":"Geography","score":0.10119679570198059},{"id":"https://openalex.org/keywords/philosophy","display_name":"Philosophy","score":0.0741322934627533}],"concepts":[{"id":"https://openalex.org/C2780813799","wikidata":"https://www.wikidata.org/wiki/Q3274237","display_name":"Zero (linguistics)","level":2,"score":0.680897057056427},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.5789690017700195},{"id":"https://openalex.org/C77270119","wikidata":"https://www.wikidata.org/wiki/Q1655198","display_name":"Software-defined networking","level":2,"score":0.565441906452179},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5466017723083496},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4115637242794037},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.35799700021743774},{"id":"https://openalex.org/C118524514","wikidata":"https://www.wikidata.org/wiki/Q173212","display_name":"Computer architecture","level":1,"score":0.3497368097305298},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17750781774520874},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.10119679570198059},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0741322934627533},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3712262","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3712262","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7452998910","display_name":null,"funder_award_id":"00000","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W95608104","https://openalex.org/W1488684895","https://openalex.org/W1596758374","https://openalex.org/W1982255089","https://openalex.org/W2017524370","https://openalex.org/W2017528992","https://openalex.org/W2040340473","https://openalex.org/W2050802796","https://openalex.org/W2120561608","https://openalex.org/W2144994235","https://openalex.org/W2147118406","https://openalex.org/W2395150632","https://openalex.org/W2441142785","https://openalex.org/W2469255646","https://openalex.org/W2612558585","https://openalex.org/W2787957674","https://openalex.org/W2794280825","https://openalex.org/W2804647886","https://openalex.org/W2904849495","https://openalex.org/W2908941882","https://openalex.org/W2911580950","https://openalex.org/W2963197901","https://openalex.org/W2997437965","https://openalex.org/W3035311645","https://openalex.org/W3082972036","https://openalex.org/W3128341305","https://openalex.org/W3172913619","https://openalex.org/W4200173179","https://openalex.org/W4223889350","https://openalex.org/W4241753351","https://openalex.org/W4244283330","https://openalex.org/W4256438905","https://openalex.org/W4282562922","https://openalex.org/W4285274733","https://openalex.org/W4308469411","https://openalex.org/W4311165758","https://openalex.org/W4311165944","https://openalex.org/W4313060919","https://openalex.org/W4377966242","https://openalex.org/W4406226529"],"related_works":["https://openalex.org/W3013650182","https://openalex.org/W2989283631","https://openalex.org/W4249605382","https://openalex.org/W4313491656","https://openalex.org/W3279617","https://openalex.org/W4402958497","https://openalex.org/W4220837700","https://openalex.org/W1991183963","https://openalex.org/W2250701745","https://openalex.org/W2038503502"],"abstract_inverted_index":{"Zero":[0],"Trust":[1],"(ZT)":[2],"is":[3,29],"a":[4,15],"security":[5],"paradigm":[6],"aiming":[7],"to":[8,39,129,157],"curtail":[9],"an":[10,75,154,211],"attacker\u2019s":[11],"lateral":[12],"movements":[13],"within":[14],"network":[16,82,95,99,136,184,193,197],"by":[17,31,102,118],"implementing":[18],"least-privilege":[19],"and":[20,48,64,80,96,144,147,163,186,204],"per-request":[21],"access":[22,83,160],"control":[23,84,161],"policies.":[24],"However,":[25],"its":[26],"widespread":[27],"adoption":[28],"hindered":[30],"the":[32,40,49,93,98,112,135,140,178,205],"difficulty":[33],"of":[34,42,45,52,188],"generating":[35],"proper":[36],"rules":[37,162],"owing":[38],"lack":[41],"detailed":[43],"knowledge":[44],"communication":[46],"requirements":[47],"characteristic":[50],"behaviors":[51],"communicating":[53,103],"entities":[54,104],"under":[55],"benign":[56],"conditions.":[57],"Consequently,":[58],"manual":[59],"rule":[60,171],"generation":[61],"becomes":[62],"cumbersome":[63],"error":[65],"prone.":[66],"To":[67],"address":[68],"these":[69],"problems,":[70],"we":[71,200],"propose":[72],"ZT-SDN":[73,89,152],",":[74],"automated":[76],"framework":[77],"for":[78],"learning":[79,127],"enforcing":[81],"in":[85,173,181,191,210],"Software-Defined":[86],"Networks":[87],"(SDNs).":[88],"collects":[90],"data":[91,148],"from":[92,134],"underlying":[94],"models":[97],"\u201ctransactions\u201d":[100],"performed":[101],"as":[105,139],"graphs.":[106],"The":[107],"nodes":[108],"represent":[109,115],"entities,":[110],"whereas":[111],"directed":[113],"edges":[114],"transactions":[116],"identified":[117],"different":[119],"protocol":[120,142],"stacks":[121,143],"observed.":[122],"It":[123],"uses":[124,153],"novel":[125],"unsupervised":[126],"approaches":[128],"extract":[130],"transaction":[131],"patterns":[132],"directly":[133],"data,":[137],"such":[138],"allowed":[141],"port":[145],"numbers":[146],"transmission":[149],"behavior.":[150],"Finally,":[151],"innovative":[155],"approach":[156],"generate":[158],"correct":[159],"infer":[164],"strong":[165],"associations":[166],"between":[167],"them,":[168],"allowing":[169],"proactive":[170],"deployment":[172],"forwarding":[174],"devices.":[175],"We":[176],"show":[177],"framework\u2019s":[179],"efficacy":[180],"detecting":[182],"abnormal":[183],"accesses":[185],"abuses":[187],"permitted":[189],"flows":[190],"changing":[192],"conditions":[194],"with":[195],"real":[196],"datasets.":[198],"Additionally,":[199],"showcase":[201],"ZT-SDN\u2019s":[202],"scalability":[203],"network\u2019s":[206],"performance":[207],"when":[208],"applied":[209],"SDN":[212],"environment.":[213]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":7}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}