{"id":"https://openalex.org/W7129104080","doi":"https://doi.org/10.1186/s42400-025-00497-9","title":"A real-time machine-learning model for detecting and mitigating DDoS attacks","display_name":"A real-time machine-learning model for detecting and mitigating DDoS attacks","publication_year":2026,"publication_date":"2026-02-17","ids":{"openalex":"https://openalex.org/W7129104080","doi":"https://doi.org/10.1186/s42400-025-00497-9"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-025-00497-9","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-025-00497-9","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-025-00497-9.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://link.springer.com/content/pdf/10.1186/s42400-025-00497-9.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5126148277","display_name":"Mohammad Fathian","orcid":null},"institutions":[{"id":"https://openalex.org/I67009956","display_name":"Iran University of Science and Technology","ror":"https://ror.org/01jw2p796","country_code":"IR","type":"education","lineage":["https://openalex.org/I67009956"]}],"countries":["IR"],"is_corresponding":true,"raw_author_name":"Mohammad Fathian","raw_affiliation_strings":["School of Industrial Engineering, Iran University of Science and Technology, Tehran, Iran"],"affiliations":[{"raw_affiliation_string":"School of Industrial Engineering, Iran University of Science and Technology, Tehran, Iran","institution_ids":["https://openalex.org/I67009956"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015984716","display_name":"Alireza Seifousadati","orcid":null},"institutions":[{"id":"https://openalex.org/I67009956","display_name":"Iran University of Science and Technology","ror":"https://ror.org/01jw2p796","country_code":"IR","type":"education","lineage":["https://openalex.org/I67009956"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Alireza Seifousadati","raw_affiliation_strings":["School of Industrial Engineering, Iran University of Science and Technology, Tehran, Iran"],"affiliations":[{"raw_affiliation_string":"School of Industrial Engineering, Iran University of Science and Technology, Tehran, Iran","institution_ids":["https://openalex.org/I67009956"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5126148277"],"corresponding_institution_ids":["https://openalex.org/I67009956"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.46797337,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"9","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.6176000237464905,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.6176000237464905,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.027400000020861626,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13038","display_name":"Internet of Things and AI","score":0.01889999955892563,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.9448999762535095},{"id":"https://openalex.org/keywords/application-layer-ddos-attack","display_name":"Application layer DDoS attack","score":0.751800000667572},{"id":"https://openalex.org/keywords/trinoo","display_name":"Trinoo","score":0.7405999898910522},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.462799996137619},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.36320000886917114},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.3564000129699707}],"concepts":[{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.9448999762535095},{"id":"https://openalex.org/C120865594","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Application layer DDoS attack","level":4,"score":0.751800000667572},{"id":"https://openalex.org/C43639116","wikidata":"https://www.wikidata.org/wiki/Q7843050","display_name":"Trinoo","level":5,"score":0.7405999898910522},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7197999954223633},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6406000256538391},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.462799996137619},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.36320000886917114},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.3564000129699707},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.33559998869895935},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.32120001316070557},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.3174999952316284},{"id":"https://openalex.org/C2780102126","wikidata":"https://www.wikidata.org/wiki/Q10928179","display_name":"Online and offline","level":2,"score":0.26910001039505005},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.2581000030040741}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-025-00497-9","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-025-00497-9","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-025-00497-9.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:1dcefc3deea34626b191526e90dc6f40","is_oa":true,"landing_page_url":"https://doaj.org/article/1dcefc3deea34626b191526e90dc6f40","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 9, Iss 1 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-025-00497-9","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-025-00497-9","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-025-00497-9.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6418262124061584,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7129104080.pdf"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W2943427313","https://openalex.org/W2946156428","https://openalex.org/W2978866625","https://openalex.org/W2979323854","https://openalex.org/W2979590797","https://openalex.org/W2982682021","https://openalex.org/W2991210281","https://openalex.org/W3005967176","https://openalex.org/W3043187969","https://openalex.org/W3091945716","https://openalex.org/W3093459272","https://openalex.org/W3124423925","https://openalex.org/W3134031829","https://openalex.org/W3137718725","https://openalex.org/W4205441739","https://openalex.org/W4226267504","https://openalex.org/W4313213566","https://openalex.org/W4313558385","https://openalex.org/W4318570420","https://openalex.org/W4320917128","https://openalex.org/W4321365799","https://openalex.org/W4377691173","https://openalex.org/W4378194995","https://openalex.org/W4378900947","https://openalex.org/W4381235964","https://openalex.org/W4383535390","https://openalex.org/W4388052852"],"related_works":[],"abstract_inverted_index":{"Abstract":[0],"Denial":[1,7],"of":[2,8,41,60,99,133,147,178],"Service":[3,9],"(DoS)":[4],"and":[5,56,83,115,123,136,162,180,183],"Distributed":[6],"(DDoS)":[10],"attacks":[11,86,167],"are":[12],"among":[13],"the":[14,34,39,93,144,163],"most":[15,96],"lethal":[16],"cyber":[17],"threats":[18,142],"in":[19,44,67,71,154,172],"this":[20,72,155],"world,":[21],"which":[22],"make":[23],"an":[24,109],"online":[25,42,110],"service":[26,35],"unavailable":[27],"to":[28,54,91],"its":[29],"legitimate":[30],"users":[31],"by":[32],"overwhelming":[33],"provider\u2019s":[36],"resources.":[37],"Regarding":[38],"importance":[40],"services":[43],"a":[45,76,88,125,134],"human's":[46],"life,":[47],"researchers":[48],"have":[49],"been":[50],"working":[51],"on":[52,159],"techniques":[53],"detect":[55],"mitigate":[57],"these":[58],"kinds":[59],"attacks.":[61,121,192],"Machine-learning":[62],"models":[63],"showed":[64,169],"acceptable":[65],"performance":[66,171],"DDoS":[68,85,112,120,126,191],"detection.":[69],"Hence,":[70],"paper,":[73],"we":[74],"developed":[75,105],"machine-learning":[77,106],"model":[78,107,158],"for":[79],"classifying":[80],"network":[81],"traffic":[82,175],"detecting":[84,173],"using":[87],"unique":[89],"approach":[90],"pre-process":[92],"data.":[94],"The":[95,157],"innovative":[97],"aspect":[98],"our":[100,104],"work":[101,131],"is":[102],"deploying":[103],"into":[108],"real-time":[111],"detection":[113,127],"system":[114,128,164],"testing":[116,124],"it":[117],"under":[118,165],"real":[119,141,166],"Implementing":[122],"that":[129,151],"can":[130,137,186],"outside":[132],"dataset":[135],"be":[138,188],"used":[139,189],"against":[140,190],"was":[143],"missing":[145],"part":[146],"other":[148],"similar":[149],"works":[150],"were":[152],"done":[153],"paper.":[156],"offline":[160],"data":[161],"both":[168],"great":[170],"attack":[174],"with":[176],"accuracies":[177],"99.99%":[179],"95.30%,":[181],"respectively,":[182],"proved":[184],"they":[185],"effectively":[187]},"counts_by_year":[],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2026-02-17T00:00:00"}