{"id":"https://openalex.org/W4409360552","doi":"https://doi.org/10.1186/s40537-025-01146-1","title":"Towards a minimum universal features set for IoT DDoS attack detection","display_name":"Towards a minimum universal features set for IoT DDoS attack detection","publication_year":2025,"publication_date":"2025-04-11","ids":{"openalex":"https://openalex.org/W4409360552","doi":"https://doi.org/10.1186/s40537-025-01146-1"},"language":"en","primary_location":{"id":"doi:10.1186/s40537-025-01146-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-025-01146-1","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01146-1","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01146-1","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107186714","display_name":"Osama Ebrahem","orcid":null},"institutions":[{"id":"https://openalex.org/I875646752","display_name":"Damascus University","ror":"https://ror.org/03m098d13","country_code":"SY","type":"education","lineage":["https://openalex.org/I875646752"]}],"countries":["SY"],"is_corresponding":true,"raw_author_name":"Osama Ebrahem","raw_affiliation_strings":["Department of Computer System and Networking, Faculty of Information Engineering, Damascus University, At Tabbaleh, Damascus, Syrian Arab Republic"],"affiliations":[{"raw_affiliation_string":"Department of Computer System and Networking, Faculty of Information Engineering, Damascus University, At Tabbaleh, Damascus, Syrian Arab Republic","institution_ids":["https://openalex.org/I875646752"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087214645","display_name":"Salah Dowaji","orcid":null},"institutions":[{"id":"https://openalex.org/I875646752","display_name":"Damascus University","ror":"https://ror.org/03m098d13","country_code":"SY","type":"education","lineage":["https://openalex.org/I875646752"]}],"countries":["SY"],"is_corresponding":false,"raw_author_name":"Salah Dowaji","raw_affiliation_strings":["Department of Computer System and Networking, Faculty of Information Engineering, Damascus University, At Tabbaleh, Damascus, Syrian Arab Republic"],"affiliations":[{"raw_affiliation_string":"Department of Computer System and Networking, Faculty of Information Engineering, Damascus University, At Tabbaleh, Damascus, Syrian Arab Republic","institution_ids":["https://openalex.org/I875646752"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5107186715","display_name":"Suhel Alhammoud","orcid":null},"institutions":[{"id":"https://openalex.org/I875646752","display_name":"Damascus University","ror":"https://ror.org/03m098d13","country_code":"SY","type":"education","lineage":["https://openalex.org/I875646752"]}],"countries":["SY"],"is_corresponding":false,"raw_author_name":"Suhel Alhammoud","raw_affiliation_strings":["Department of Computer System and Networking, Faculty of Information Engineering, Damascus University, At Tabbaleh, Damascus, Syrian Arab Republic"],"affiliations":[{"raw_affiliation_string":"Department of Computer System and Networking, Faculty of Information Engineering, Damascus University, At Tabbaleh, Damascus, Syrian Arab Republic","institution_ids":["https://openalex.org/I875646752"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5107186714"],"corresponding_institution_ids":["https://openalex.org/I875646752"],"apc_list":{"value":1060,"currency":"GBP","value_usd":1300},"apc_paid":{"value":1060,"currency":"GBP","value_usd":1300},"fwci":9.3446,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.97624811,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":"12","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.8443182706832886},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8361688852310181},{"id":"https://openalex.org/keywords/computational-science-and-engineering","display_name":"Computational Science and Engineering","score":0.638391375541687},{"id":"https://openalex.org/keywords/application-layer-ddos-attack","display_name":"Application layer DDoS attack","score":0.6372263431549072},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5950151085853577},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.5727167129516602},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.41655510663986206},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.18870678544044495},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.18075665831565857},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.10893115401268005},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.09299498796463013}],"concepts":[{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.8443182706832886},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8361688852310181},{"id":"https://openalex.org/C68597687","wikidata":"https://www.wikidata.org/wiki/Q362601","display_name":"Computational Science and Engineering","level":2,"score":0.638391375541687},{"id":"https://openalex.org/C120865594","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Application layer DDoS attack","level":4,"score":0.6372263431549072},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5950151085853577},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.5727167129516602},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.41655510663986206},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.18870678544044495},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.18075665831565857},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.10893115401268005},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.09299498796463013}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s40537-025-01146-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-025-01146-1","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01146-1","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:b7949e3174424d2e98d5df6e19160974","is_oa":true,"landing_page_url":"https://doaj.org/article/b7949e3174424d2e98d5df6e19160974","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Big Data, Vol 12, Iss 1, Pp 1-38 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s40537-025-01146-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-025-01146-1","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01146-1","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Climate action","score":0.44999998807907104,"id":"https://metadata.un.org/sdg/13"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4409360552.pdf","grobid_xml":"https://content.openalex.org/works/W4409360552.grobid-xml"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W1651266083","https://openalex.org/W1981976602","https://openalex.org/W2060495548","https://openalex.org/W2140190241","https://openalex.org/W2342408547","https://openalex.org/W2516066574","https://openalex.org/W2737502809","https://openalex.org/W2848880782","https://openalex.org/W3011776577","https://openalex.org/W3013306169","https://openalex.org/W3022550689","https://openalex.org/W3035366542","https://openalex.org/W3043530913","https://openalex.org/W3087306757","https://openalex.org/W3095531713","https://openalex.org/W3097016848","https://openalex.org/W3113530884","https://openalex.org/W3118220620","https://openalex.org/W3119918144","https://openalex.org/W3121493031","https://openalex.org/W3124423925","https://openalex.org/W3135294502","https://openalex.org/W3152794541","https://openalex.org/W3179438752","https://openalex.org/W3200626950","https://openalex.org/W4200163604","https://openalex.org/W4287981769","https://openalex.org/W4289130121","https://openalex.org/W4314446242","https://openalex.org/W4366748065","https://openalex.org/W4390955522","https://openalex.org/W4397009061","https://openalex.org/W4404936504"],"related_works":["https://openalex.org/W2360429410","https://openalex.org/W2898696280","https://openalex.org/W2204131204","https://openalex.org/W2383770723","https://openalex.org/W2921433547","https://openalex.org/W2958385475","https://openalex.org/W2783466926","https://openalex.org/W4286539397","https://openalex.org/W2370216173","https://openalex.org/W2754163055"],"abstract_inverted_index":{"Dimensionality":[0],"reduction":[1,82],"is":[2,19],"one":[3],"basic":[4],"and":[5,86,145,231],"critical":[6],"technology":[7],"for":[8,44,202],"data":[9,101],"mining,":[10],"especially":[11],"in":[12,30,182,205],"the":[13,20,24,52,58,70,88,99,130,135,139,147,161,166,169,175,180,187,203,214,223],"current":[14],"\u201cbig":[15],"data\u201d":[16],"era.":[17],"It":[18],"process":[21],"of":[22,26,47,54,60,93,111,149,168,184,190,225],"reducing":[23,51],"number":[25,110,224],"features":[27,91,95,112,141,209,226,230],"(or":[28],"dimensions)":[29],"a":[31,45,55,61,79,173],"dataset":[32,163],"while":[33],"retaining":[34],"as":[35,38,50,186],"much":[36],"information":[37],"possible.":[39],"This":[40],"can":[41],"be":[42],"done":[43],"variety":[46],"reasons,":[48,75],"such":[49],"complexity":[53],"model,":[56],"improving":[57],"performance":[59,148],"learning":[62],"algorithm,":[63],"or":[64],"making":[65],"it":[66],"easier":[67],"to":[68,97,134,164,227],"visualize":[69],"data.":[71],"Motivated":[72],"from":[73,92],"aforementioned":[74],"this":[76],"paper":[77],"proposed":[78,170,220],"new":[80],"feature":[81,117,217],"approach,":[83,136],"which":[84,127,206],"reduce":[85],"weight":[87],"most":[89],"important":[90,216],"universal":[94,140],"set":[96],"fit":[98],"big":[100],"analytics":[102],"on":[103,129,160],"IoT":[104],"based":[105],"cybersecurity":[106],"systems.":[107],"The":[108,219],"minimal":[109],"are":[113,158],"chosen":[114],"by":[115],"using":[116],"selection":[118],"methods":[119],"(ANOVA,":[120],"Variance":[121],"Threshold,":[122],"Information":[123],"Gain,":[124],"Chi":[125],"Square)":[126],"performed":[128,159],"IoT-23":[131],"dataset.":[132],"According":[133],"we":[137,197,207,211],"divided":[138],"into":[142],"several":[143],"subgroups,":[144],"evaluated":[146],"ML":[150],"Algorithms":[151],"(NB,":[152],"KNN,":[153],"RF,":[154],"LR).":[155],"Extensive":[156],"experiments":[157],"CICIDS2017":[162],"validate":[165],"effectiveness":[167],"approach.":[171],"As":[172],"result,":[174],"Random":[176],"Forest":[177],"algorithm":[178],"was":[179,199],"best":[181],"terms":[183],"performance,":[185],"lowest":[188],"value":[189],"all":[191],"metrics":[192],"(Accuracy,":[193],"Precision,":[194],"Recall,":[195],"F1-Score)":[196],"obtained":[198],"93%,":[200],"except":[201],"case":[204],"used":[208],"that":[210],"assumed":[212],"were":[213],"least":[215],"subset.":[218],"approach":[221],"reduced":[222],"only":[228],"two":[229],"achieved":[232],"high":[233],"results.":[234]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}