{"id":"https://openalex.org/W4413842065","doi":"https://doi.org/10.1186/s40537-025-01272-w","title":"An optimized hybrid ensemble machine learning model combining multiple classifiers for detecting advanced persistent threats in networks","display_name":"An optimized hybrid ensemble machine learning model combining multiple classifiers for detecting advanced persistent threats in networks","publication_year":2025,"publication_date":"2025-08-30","ids":{"openalex":"https://openalex.org/W4413842065","doi":"https://doi.org/10.1186/s40537-025-01272-w"},"language":"en","primary_location":{"id":"doi:10.1186/s40537-025-01272-w","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-025-01272-w","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01272-w","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01272-w","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5033377800","display_name":"Nadim Ibrahim","orcid":"https://orcid.org/0009-0003-9156-0432"},"institutions":[{"id":"https://openalex.org/I1330855593","display_name":"Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology","ror":"https://ror.org/05bc5bx80","country_code":"IN","type":"education","lineage":["https://openalex.org/I1330855593"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Nadim Ibrahim","raw_affiliation_strings":["Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, Tamil Nadu, India"],"affiliations":[{"raw_affiliation_string":"Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, Tamil Nadu, India","institution_ids":["https://openalex.org/I1330855593"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081401075","display_name":"N.R. Rajalakshmi","orcid":null},"institutions":[{"id":"https://openalex.org/I1330855593","display_name":"Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology","ror":"https://ror.org/05bc5bx80","country_code":"IN","type":"education","lineage":["https://openalex.org/I1330855593"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"N. R. Rajalakshmi","raw_affiliation_strings":["Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, Tamil Nadu, India"],"affiliations":[{"raw_affiliation_string":"Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, Tamil Nadu, India","institution_ids":["https://openalex.org/I1330855593"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5057892686","display_name":"V. Sivakumar","orcid":"https://orcid.org/0000-0001-9049-7599"},"institutions":[{"id":"https://openalex.org/I164861460","display_name":"Manipal Academy of Higher Education","ror":"https://ror.org/02xzytt36","country_code":"IN","type":"education","lineage":["https://openalex.org/I164861460"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"V. Sivakumar","raw_affiliation_strings":["Manipal Institute of Technology, Manipal Academy of Higher Education, Manipal, 576104, Karnataka, India"],"affiliations":[{"raw_affiliation_string":"Manipal Institute of Technology, Manipal Academy of Higher Education, Manipal, 576104, Karnataka, India","institution_ids":["https://openalex.org/I164861460"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065469028","display_name":"L. Sharmila","orcid":null},"institutions":[{"id":"https://openalex.org/I1330855593","display_name":"Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology","ror":"https://ror.org/05bc5bx80","country_code":"IN","type":"education","lineage":["https://openalex.org/I1330855593"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"L. Sharmila","raw_affiliation_strings":["Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, Tamil Nadu, India"],"affiliations":[{"raw_affiliation_string":"Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology, Chennai, Tamil Nadu, India","institution_ids":["https://openalex.org/I1330855593"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5033377800"],"corresponding_institution_ids":["https://openalex.org/I1330855593"],"apc_list":{"value":1060,"currency":"GBP","value_usd":1300},"apc_paid":{"value":1060,"currency":"GBP","value_usd":1300},"fwci":5.6453,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.9615835,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"12","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8373785614967346},{"id":"https://openalex.org/keywords/computational-science-and-engineering","display_name":"Computational Science and Engineering","score":0.7166719436645508},{"id":"https://openalex.org/keywords/ensemble-learning","display_name":"Ensemble learning","score":0.6825869679450989},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6212550401687622},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5683910250663757}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8373785614967346},{"id":"https://openalex.org/C68597687","wikidata":"https://www.wikidata.org/wiki/Q362601","display_name":"Computational Science and Engineering","level":2,"score":0.7166719436645508},{"id":"https://openalex.org/C45942800","wikidata":"https://www.wikidata.org/wiki/Q245652","display_name":"Ensemble learning","level":2,"score":0.6825869679450989},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6212550401687622},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5683910250663757}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s40537-025-01272-w","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-025-01272-w","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01272-w","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:5dabd36240e049f59290b385e01e12dd","is_oa":true,"landing_page_url":"https://doaj.org/article/5dabd36240e049f59290b385e01e12dd","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Big Data, Vol 12, Iss 1, Pp 1-28 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s40537-025-01272-w","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-025-01272-w","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-025-01272-w","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4413842065.pdf","grobid_xml":"https://content.openalex.org/works/W4413842065.grobid-xml"},"referenced_works_count":34,"referenced_works":["https://openalex.org/W2756955777","https://openalex.org/W2789828921","https://openalex.org/W2939867067","https://openalex.org/W2950250245","https://openalex.org/W3022483099","https://openalex.org/W3033897840","https://openalex.org/W3133157666","https://openalex.org/W4214611057","https://openalex.org/W4243756002","https://openalex.org/W4248336048","https://openalex.org/W4292823796","https://openalex.org/W4293221184","https://openalex.org/W4309128779","https://openalex.org/W4313204989","https://openalex.org/W4323321528","https://openalex.org/W4362571069","https://openalex.org/W4384695553","https://openalex.org/W4386134245","https://openalex.org/W4386814691","https://openalex.org/W4387385055","https://openalex.org/W4388835106","https://openalex.org/W4391877554","https://openalex.org/W4396601460","https://openalex.org/W4400873141","https://openalex.org/W4400873440","https://openalex.org/W4401164271","https://openalex.org/W4401443446","https://openalex.org/W4401974141","https://openalex.org/W4402170955","https://openalex.org/W4402223817","https://openalex.org/W4404720270","https://openalex.org/W4405652448","https://openalex.org/W4406115562","https://openalex.org/W4410086503"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W4387369504","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W3107602296","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"Abstract":[0],"Advanced":[1],"Persistent":[2],"Threats":[3],"(APTs)":[4],"are":[5],"among":[6],"the":[7,40,104,114,118,124,174,183,196,223,230],"most":[8],"dangerous":[9],"cyberattacks":[10],"due":[11,68],"to":[12,18,69,72,102,152,177,221],"their":[13,70,77,129],"stealth,":[14],"persistence,":[15],"and":[16,29,76,97,134,148,172,188,203,218,228],"ability":[17],"evade":[19],"traditional":[20],"intrusion":[21,234],"detection":[22,210,235],"systems.":[23,236],"This":[24,179,191],"study":[25],"proposes":[26],"a":[27,216],"novel":[28],"optimized":[30],"hybrid":[31],"ensemble-based":[32],"machine":[33,57],"learning":[34,58],"model":[35,87,159,205],"for":[36,131],"detecting":[37],"APTs,":[38],"using":[39],"realistically":[41],"simulated":[42],"Unraveled":[43],"dataset,":[44],"which":[45],"captures":[46],"long-term,":[47],"stealthy":[48],"attack":[49],"behaviors":[50],"often":[51,60],"missed":[52],"by":[53],"conventional":[54],"datasets.":[55],"Existing":[56],"models":[59],"fall":[61],"short":[62],"in":[63,113,207],"identifying":[64],"such":[65],"threats,":[66],"particularly":[67],"inability":[71],"capture":[73],"temporal":[74],"dependencies":[75],"reliance":[78],"on":[79,128],"monolithic":[80],"feature":[81,189,201],"spaces":[82],"that":[83],"limit":[84],"adaptability.":[85],"The":[86,156,212],"integrates":[88],"Long":[89],"Short-Term":[90],"Memory":[91],"(LSTM)":[92],"networks,":[93],"K-Nearest":[94],"Neighbors":[95],"(KNN),":[96],"Logistic":[98],"Regression":[99],"(LR)":[100],"algorithms":[101],"leverage":[103],"unique":[105],"strengths":[106],"of":[107,117,145,185,199,226,232],"each.":[108],"A":[109],"key":[110],"novelty":[111],"lies":[112],"logical":[115],"division":[116],"top":[119],"21":[120],"predictive":[121],"features":[122],"across":[123],"three":[125],"classifiers":[126],"based":[127],"suitability":[130],"temporal,":[132],"statistical,":[133],"relational":[135],"patterns.":[136],"Feature":[137],"selection":[138],"techniques,":[139],"including":[140],"Information":[141],"Value":[142],"(IV),":[143],"Weight":[144],"Evidence":[146],"(WoE),":[147],"XGBoost":[149],"were":[150],"employed":[151],"identify":[153],"these":[154],"features.":[155],"initial":[157],"ensemble":[158],"achieved":[160],"97.12%":[161],"accuracy,":[162],"demonstrating":[163],"its":[164],"effectiveness":[165],"even":[166],"before":[167],"optimization.":[168],"After":[169],"fine-tuning":[170],"LSTM":[171],"LR,":[173],"accuracy":[175],"improves":[176],"99.94%.":[178],"2.82%":[180],"gain":[181],"confirms":[182],"impact":[184],"model-specific":[186],"tuning":[187,206],"partitioning.":[190],"significant":[192],"performance":[193],"improvement":[194],"highlights":[195],"critical":[197],"role":[198],"strategic":[200],"partitioning":[202],"individualized":[204],"enhancing":[208],"APT":[209],"capabilities.":[211],"proposed":[213],"approach":[214],"offers":[215],"scalable":[217],"interpretable":[219],"solution":[220],"address":[222],"complex":[224],"nature":[225],"APTs":[227],"strengthens":[229],"robustness":[231],"modern":[233]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2}],"updated_date":"2026-04-11T08:14:18.477133","created_date":"2025-10-10T00:00:00"}