{"id":"https://openalex.org/W4308085861","doi":"https://doi.org/10.23919/apnoms56106.2022.9919958","title":"DDoS Attack Detection Combining Time Series-based Multi-dimensional Sketch and Machine Learning","display_name":"DDoS Attack Detection Combining Time Series-based Multi-dimensional Sketch and Machine Learning","publication_year":2022,"publication_date":"2022-09-28","ids":{"openalex":"https://openalex.org/W4308085861","doi":"https://doi.org/10.23919/apnoms56106.2022.9919958"},"language":"en","primary_location":{"id":"doi:10.23919/apnoms56106.2022.9919958","is_oa":false,"landing_page_url":"https://doi.org/10.23919/apnoms56106.2022.9919958","pdf_url":null,"source":{"id":"https://openalex.org/S4363607423","display_name":"2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5080724634","display_name":"Yanchao Sun","orcid":null},"institutions":[{"id":"https://openalex.org/I66867065","display_name":"East China Normal University","ror":"https://ror.org/02n96ep67","country_code":"CN","type":"education","lineage":["https://openalex.org/I66867065"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yanchao Sun","raw_affiliation_strings":["Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017717938","display_name":"Yuanfeng Han","orcid":"https://orcid.org/0000-0001-5182-6804"},"institutions":[{"id":"https://openalex.org/I66867065","display_name":"East China Normal University","ror":"https://ror.org/02n96ep67","country_code":"CN","type":"education","lineage":["https://openalex.org/I66867065"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuanfeng Han","raw_affiliation_strings":["Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100333755","display_name":"Yue Zhang","orcid":"https://orcid.org/0000-0002-7786-0231"},"institutions":[{"id":"https://openalex.org/I66867065","display_name":"East China Normal University","ror":"https://ror.org/02n96ep67","country_code":"CN","type":"education","lineage":["https://openalex.org/I66867065"]},{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yue Zhang","raw_affiliation_strings":["Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China","National Trusted Embedded Software Engineering Technology Research Center, East China Normal University, Shanghai, China","State key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"National Trusted Embedded Software Engineering Technology Research Center, East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"State key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025413633","display_name":"Mingsong Chen","orcid":"https://orcid.org/0000-0002-3922-0989"},"institutions":[{"id":"https://openalex.org/I66867065","display_name":"East China Normal University","ror":"https://ror.org/02n96ep67","country_code":"CN","type":"education","lineage":["https://openalex.org/I66867065"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mingsong Chen","raw_affiliation_strings":["Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","National Trusted Embedded Software Engineering Technology Research Center, East China Normal University, Shanghai, China","Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"National Trusted Embedded Software Engineering Technology Research Center, East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005228053","display_name":"Shui Yu","orcid":"https://orcid.org/0000-0003-4485-6743"},"institutions":[{"id":"https://openalex.org/I114017466","display_name":"University of Technology Sydney","ror":"https://ror.org/03f0f6041","country_code":"AU","type":"education","lineage":["https://openalex.org/I114017466"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Shui Yu","raw_affiliation_strings":["School of Computer Science University of Technology Sydney,Sydney,Australia","School of Computer Science University of Technology Sydney, Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"School of Computer Science University of Technology Sydney,Sydney,Australia","institution_ids":["https://openalex.org/I114017466"]},{"raw_affiliation_string":"School of Computer Science University of Technology Sydney, Sydney, Australia","institution_ids":["https://openalex.org/I114017466"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100307675","display_name":"Yimin Xu","orcid":null},"institutions":[{"id":"https://openalex.org/I66867065","display_name":"East China Normal University","ror":"https://ror.org/02n96ep67","country_code":"CN","type":"education","lineage":["https://openalex.org/I66867065"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yimin Xu","raw_affiliation_strings":["Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Ministry of Education East China Normal University,Engineering Research Center of Software/Hardware Co-design Technology and Application,Shanghai,China","institution_ids":["https://openalex.org/I66867065"]},{"raw_affiliation_string":"Engineering Research Center of Software/Hardware Co-design Technology and Application, Ministry of Education East China Normal University, Shanghai, China","institution_ids":["https://openalex.org/I66867065"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5080724634"],"corresponding_institution_ids":["https://openalex.org/I66867065"],"apc_list":null,"apc_paid":null,"fwci":0.6486,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.59441046,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"01","last_page":"06"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9923999905586243,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9591000080108643,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8525357246398926},{"id":"https://openalex.org/keywords/sketch","display_name":"Sketch","score":0.8012239933013916},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.7877898216247559},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5838476419448853},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.4875468611717224},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4655305743217468},{"id":"https://openalex.org/keywords/series","display_name":"Series (stratigraphy)","score":0.45357832312583923},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4412076473236084},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3258066475391388},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.25715067982673645},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.12450045347213745},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.08434626460075378}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8525357246398926},{"id":"https://openalex.org/C2779231336","wikidata":"https://www.wikidata.org/wiki/Q7534724","display_name":"Sketch","level":2,"score":0.8012239933013916},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.7877898216247559},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5838476419448853},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.4875468611717224},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4655305743217468},{"id":"https://openalex.org/C143724316","wikidata":"https://www.wikidata.org/wiki/Q312468","display_name":"Series (stratigraphy)","level":2,"score":0.45357832312583923},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4412076473236084},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3258066475391388},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.25715067982673645},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.12450045347213745},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.08434626460075378},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.23919/apnoms56106.2022.9919958","is_oa":false,"landing_page_url":"https://doi.org/10.23919/apnoms56106.2022.9919958","pdf_url":null,"source":{"id":"https://openalex.org/S4363607423","display_name":"2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2823754234","display_name":null,"funder_award_id":"61872147","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2378994405","https://openalex.org/W2385974820","https://openalex.org/W2373478030","https://openalex.org/W2378679551","https://openalex.org/W3149739944","https://openalex.org/W2392363776","https://openalex.org/W2063051341","https://openalex.org/W2371326241","https://openalex.org/W2039821316","https://openalex.org/W2388081684"],"abstract_inverted_index":{"Machine":[0],"learning-based":[1],"DDoS":[2,34,90,105,120,147],"attack":[3,35,91,121,148],"detection":[4,25,36,92,122,135,149],"methods":[5,26,150],"are":[6],"mostly":[7],"implemented":[8],"at":[9],"the":[10,19,56,71,79,95,101,115,124,134,157,170],"packet":[11,48],"level":[12],"with":[13,61,70,103,110,167],"expensive":[14],"computational":[15,158],"time":[16,39,57,96,159],"costs,":[17],"and":[18,43,52,75],"space":[20,63],"cost":[21,64,160],"of":[22,82,137,145,161,172],"those":[23],"sketch-based":[24],"is":[27,133,164],"uncertain.":[28],"This":[29],"paper":[30],"proposes":[31],"a":[32],"two-stage":[33],"algorithm":[37,74],"combining":[38],"series-based":[40,58,97],"multi-dimensional":[41,59,98],"sketch":[42,60,102,116],"machine":[44,153,173],"learning":[45,174],"technologies.":[46],"Besides":[47],"numbers,":[49],"total":[50],"lengths,":[51],"protocols,":[53],"we":[54,84,107],"construct":[55],"limited":[62],"by":[65],"storing":[66],"elephant":[67],"flow":[68,111],"information":[69,112],"Boyer-Moore":[72],"voting":[73],"hash":[76],"index.":[77],"For":[78,100],"first":[80],"stage":[81],"detection,":[83],"adopt":[85],"CNN":[86],"to":[87,117,143,169],"generate":[88],"sketch-level":[89],"results":[93,128],"from":[94,114],"sketch.":[99],"potential":[104],"attacks,":[106],"use":[108],"RNN":[109],"extracted":[113],"implement":[118],"flow-level":[119],"in":[123],"second":[125],"stage.":[126],"Experimental":[127],"show":[129],"that":[130,144],"not":[131],"only":[132],"accuracy":[136],"our":[138,162],"proposed":[139],"method":[140,163],"much":[141,165],"close":[142],"packet-level":[146],"based":[151],"on":[152],"learning,":[154],"but":[155],"also":[156],"smaller":[166],"regard":[168],"number":[171],"operations.":[175]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}