{"id":"https://openalex.org/W2973371686","doi":"https://doi.org/10.15439/2019f87","title":"A Framework for Network Intrusion Detection using Network Programmability and Data Stream Clustering Machine Learning Algorithms","display_name":"A Framework for Network Intrusion Detection using Network Programmability and Data Stream Clustering Machine Learning Algorithms","publication_year":2019,"publication_date":"2019-09-20","ids":{"openalex":"https://openalex.org/W2973371686","doi":"https://doi.org/10.15439/2019f87","mag":"2973371686"},"language":"en","primary_location":{"id":"doi:10.15439/2019f87","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2019f87","pdf_url":"https://annals-csis.org/proceedings/2019/drp/pdf/87.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://annals-csis.org/proceedings/2019/drp/pdf/87.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5109845902","display_name":"Admilson de Ribamar Lima Ribeiro","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Admilson de Ribamar Lima Ribeiro","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035671529","display_name":"Edward David Moreno","orcid":"https://orcid.org/0000-0002-4786-9243"},"institutions":[{"id":"https://openalex.org/I190085865","display_name":"Universidade Federal de Sergipe","ror":"https://ror.org/028ka0n85","country_code":"BR","type":"education","lineage":["https://openalex.org/I190085865"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Edward David Moreno Ordonez","raw_affiliation_strings":["Computing Department, Federal University of Sergipe, UFS S\u00e3o Crist\u00f3v\u00e3o, Brazil"],"affiliations":[{"raw_affiliation_string":"Computing Department, Federal University of Sergipe, UFS S\u00e3o Crist\u00f3v\u00e3o, Brazil","institution_ids":["https://openalex.org/I190085865"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5070505291","display_name":"Anderson C. A. Nascimento","orcid":"https://orcid.org/0000-0002-8298-6250"},"institutions":[{"id":"https://openalex.org/I4210150356","display_name":"University of Washington Tacoma","ror":"https://ror.org/05n8t2628","country_code":"US","type":"education","lineage":["https://openalex.org/I201448701","https://openalex.org/I4210150356"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anderson Clayton Alves Nascimento","raw_affiliation_strings":["Institute of Technology, University of Washington Tacoma Tacoma, Washington"],"affiliations":[{"raw_affiliation_string":"Institute of Technology, University of Washington Tacoma Tacoma, Washington","institution_ids":["https://openalex.org/I4210150356"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5109845902"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.3596,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.55884956,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":93},"biblio":{"volume":"20","issue":null,"first_page":"57","last_page":"63"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8316165804862976},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.7453786134719849},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6192442178726196},{"id":"https://openalex.org/keywords/data-stream-clustering","display_name":"Data stream clustering","score":0.5056602954864502},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4592665433883667},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4109393358230591},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4081977605819702},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.35227012634277344},{"id":"https://openalex.org/keywords/correlation-clustering","display_name":"Correlation clustering","score":0.22734349966049194},{"id":"https://openalex.org/keywords/cure-data-clustering-algorithm","display_name":"CURE data clustering algorithm","score":0.19099780917167664}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8316165804862976},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.7453786134719849},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6192442178726196},{"id":"https://openalex.org/C193143536","wikidata":"https://www.wikidata.org/wiki/Q5227360","display_name":"Data stream clustering","level":5,"score":0.5056602954864502},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4592665433883667},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4109393358230591},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4081977605819702},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.35227012634277344},{"id":"https://openalex.org/C94641424","wikidata":"https://www.wikidata.org/wiki/Q5172845","display_name":"Correlation clustering","level":3,"score":0.22734349966049194},{"id":"https://openalex.org/C33704608","wikidata":"https://www.wikidata.org/wiki/Q5014717","display_name":"CURE data clustering algorithm","level":4,"score":0.19099780917167664}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.15439/2019f87","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2019f87","pdf_url":"https://annals-csis.org/proceedings/2019/drp/pdf/87.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},{"id":"pmh:oai:digitalcommons.tacoma.uw.edu:tech_pub-1376","is_oa":false,"landing_page_url":"https://digitalcommons.tacoma.uw.edu/tech_pub/377","pdf_url":null,"source":{"id":"https://openalex.org/S4306400628","display_name":"University of Washington Tacoma Digital Commons (University of Washington Tacoma)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210150356","host_organization_name":"University of Washington Tacoma","host_organization_lineage":["https://openalex.org/I4210150356"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"School of Engineering and Technology Publications","raw_type":"text"},{"id":"pmh:oai:doaj.org/article:d43ac98e3ad048ffb618e78d7c70a131","is_oa":true,"landing_page_url":"https://doaj.org/article/d43ac98e3ad048ffb618e78d7c70a131","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Annals of computer science and information systems, Vol 20, Pp 57-63 (2019)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.15439/2019f87","is_oa":true,"landing_page_url":"https://doi.org/10.15439/2019f87","pdf_url":"https://annals-csis.org/proceedings/2019/drp/pdf/87.pdf","source":{"id":"https://openalex.org/S4220651875","display_name":"Annals of Computer Science and Information Systems","issn_l":"2300-5963","issn":["2300-5963"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310317484","host_organization_name":"Polskie Towarzystwo Informatyczne","host_organization_lineage":["https://openalex.org/P4310317484"],"host_organization_lineage_names":["Polskie Towarzystwo Informatyczne"],"type":"conference"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annals of Computer Science and Information Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2973371686.pdf","grobid_xml":"https://content.openalex.org/works/W2973371686.grobid-xml"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W182707955","https://openalex.org/W640879901","https://openalex.org/W1516506771","https://openalex.org/W1540713332","https://openalex.org/W1555576437","https://openalex.org/W1674877186","https://openalex.org/W1985987493","https://openalex.org/W2040340473","https://openalex.org/W2054181184","https://openalex.org/W2082309976","https://openalex.org/W2087922528","https://openalex.org/W2088340225","https://openalex.org/W2101766313","https://openalex.org/W2122646361","https://openalex.org/W2123573631","https://openalex.org/W2145178600","https://openalex.org/W2153919695","https://openalex.org/W2158698691","https://openalex.org/W2159160833","https://openalex.org/W2186154121","https://openalex.org/W2606138355","https://openalex.org/W3170930805","https://openalex.org/W3208688400","https://openalex.org/W4233416247","https://openalex.org/W4249073649","https://openalex.org/W6683518832","https://openalex.org/W7064111672"],"related_works":["https://openalex.org/W4311602221","https://openalex.org/W4295135728","https://openalex.org/W1802840531","https://openalex.org/W2364419519","https://openalex.org/W2017948608","https://openalex.org/W2360767377","https://openalex.org/W2511403919","https://openalex.org/W2356198087","https://openalex.org/W2360951146","https://openalex.org/W1975081465"],"abstract_inverted_index":{"Several":[0],"operational":[1],"security":[2],"mechanisms":[3,18,34],"have":[4,95],"been":[5],"developed":[6],"to":[7,27,38,53,100],"mitigate":[8],"malicious":[9,30],"activity":[10],"in":[11,57],"the":[12,15,25,39,80,102,105,109,123,148,154],"Internet.":[13],"However,":[14],"most":[16],"these":[17],"require":[19],"a":[20,113,130,134],"signature":[21],"basis":[22],"and":[23,69,119,138],"present":[24,61],"inability":[26],"predict":[28],"new":[29],"activity.":[31],"Other":[32],"anomaly-based":[33,63,88],"are":[35],"inefficient":[36],"due":[37],"possibility":[40],"of":[41,104,128,132,136,141,156],"an":[42,62,87,97,126,139],"attacker":[43],"simulates":[44],"legitimate":[45],"traffic,":[46],"which":[47],"causes":[48],"many":[49],"false":[50],"alarms.":[51],"Thus,":[52],"overcome":[54],"that":[55,65,83,122],"problem,":[56],"this":[58],"paper":[59],"we":[60,111,120],"framework":[64],"uses":[66],"network":[67,117],"programmability":[68],"machine":[70,91],"learning":[71,92],"algorithms":[72],"over":[73],"continuous":[74],"data":[75],"stream.":[76],"Our":[77],"approach":[78],"overcomes":[79],"main":[81],"challenges":[82],"occur":[84],"when":[85],"develop":[86],"system":[89],"using":[90],"techniques.":[93],"We":[94],"done":[96],"experimental":[98],"evaluation":[99],"demonstrate":[101],"feasibility":[103],"proposed":[106],"framework.":[107],"In":[108],"experiments,":[110],"use":[112],"DDoS":[114,145],"attack":[115,146],"as":[116],"intrusion":[118],"show":[121],"technique":[124],"attains":[125],"Accuracy":[127],"98.98%,":[129],"Recall":[131],"60%,":[133],"Precision":[135],"60%":[137],"FPR":[140],"0.48%":[142],"for":[143],"1%":[144],"on":[147],"real":[149],"normal":[150],"traffic.":[151],"This":[152],"shows":[153],"effectiveness":[155],"our":[157],"technique.":[158]},"counts_by_year":[{"year":2021,"cited_by_count":1}],"updated_date":"2026-03-21T08:13:44.787528","created_date":"2025-10-10T00:00:00"}