{"id":"https://openalex.org/W1549829342","doi":"https://doi.org/10.31274/etd-180810-1825","title":"Securing Enterprise Networks with Statistical Node Behavior Profiling","display_name":"Securing Enterprise Networks with Statistical Node Behavior Profiling","publication_year":2009,"publication_date":"2009-01-01","ids":{"openalex":"https://openalex.org/W1549829342","doi":"https://doi.org/10.31274/etd-180810-1825","mag":"1549829342"},"language":"en","primary_location":{"id":"doi:10.31274/etd-180810-1825","is_oa":true,"landing_page_url":"https://doi.org/10.31274/etd-180810-1825","pdf_url":"https://lib.dr.iastate.edu/cgi/viewcontent.cgi?article=2463&context=etd","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Iowa State University, Digital Repository","raw_type":"dissertation"},"type":"dissertation","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://lib.dr.iastate.edu/cgi/viewcontent.cgi?article=2463&context=etd","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5115781256","display_name":"Chang Su","orcid":"https://orcid.org/0000-0003-3112-2724"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Su Chang","raw_affiliation_strings":["Iowa State University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5115781256"],"corresponding_institution_ids":["https://openalex.org/I173911158"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.7291398644447327},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5453788638114929},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.4736936092376709},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3684334456920624},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11106234788894653}],"concepts":[{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.7291398644447327},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5453788638114929},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.4736936092376709},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3684334456920624},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11106234788894653}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.31274/etd-180810-1825","is_oa":true,"landing_page_url":"https://doi.org/10.31274/etd-180810-1825","pdf_url":"https://lib.dr.iastate.edu/cgi/viewcontent.cgi?article=2463&context=etd","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Iowa State University, Digital Repository","raw_type":"dissertation"},{"id":"pmh:oai:lib.dr.iastate.edu:etd-2463","is_oa":false,"landing_page_url":"https://lib.dr.iastate.edu/etd/11483","pdf_url":null,"source":{"id":"https://openalex.org/S4377196104","display_name":"Iowa State University Digital Repository (Iowa State University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I173911158","host_organization_name":"Iowa State University","host_organization_lineage":["https://openalex.org/I173911158"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Graduate Theses and Dissertations","raw_type":"text"}],"best_oa_location":{"id":"doi:10.31274/etd-180810-1825","is_oa":true,"landing_page_url":"https://doi.org/10.31274/etd-180810-1825","pdf_url":"https://lib.dr.iastate.edu/cgi/viewcontent.cgi?article=2463&context=etd","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Iowa State University, Digital Repository","raw_type":"dissertation"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":90,"referenced_works":["https://openalex.org/W1655456","https://openalex.org/W23711711","https://openalex.org/W42722137","https://openalex.org/W47988595","https://openalex.org/W142345729","https://openalex.org/W172040345","https://openalex.org/W187875600","https://openalex.org/W191098608","https://openalex.org/W202500387","https://openalex.org/W205020860","https://openalex.org/W1462349742","https://openalex.org/W1481277647","https://openalex.org/W1497249636","https://openalex.org/W1499648394","https://openalex.org/W1510508184","https://openalex.org/W1512694399","https://openalex.org/W1513886380","https://openalex.org/W1514368868","https://openalex.org/W1522930108","https://openalex.org/W1532325895","https://openalex.org/W1540548505","https://openalex.org/W1542560754","https://openalex.org/W1551618785","https://openalex.org/W1583098994","https://openalex.org/W1584714765","https://openalex.org/W1744212210","https://openalex.org/W1775772884","https://openalex.org/W1887038067","https://openalex.org/W1903377156","https://openalex.org/W1909110254","https://openalex.org/W1910686388","https://openalex.org/W1980793860","https://openalex.org/W1982304603","https://openalex.org/W1983599999","https://openalex.org/W1988741337","https://openalex.org/W1988918299","https://openalex.org/W2002547931","https://openalex.org/W2012037220","https://openalex.org/W2012095206","https://openalex.org/W2032247543","https://openalex.org/W2052372681","https://openalex.org/W2061455058","https://openalex.org/W2100307718","https://openalex.org/W2100734403","https://openalex.org/W2102671922","https://openalex.org/W2103312864","https://openalex.org/W2104209065","https://openalex.org/W2106869861","https://openalex.org/W2107128574","https://openalex.org/W2107936788","https://openalex.org/W2109224931","https://openalex.org/W2113344319","https://openalex.org/W2114058242","https://openalex.org/W2114765320","https://openalex.org/W2115210560","https://openalex.org/W2117316063","https://openalex.org/W2118372007","https://openalex.org/W2119425658","https://openalex.org/W2120861013","https://openalex.org/W2122226347","https://openalex.org/W2124088278","https://openalex.org/W2129191249","https://openalex.org/W2130598205","https://openalex.org/W2131172673","https://openalex.org/W2134442976","https://openalex.org/W2144618313","https://openalex.org/W2145791740","https://openalex.org/W2145959654","https://openalex.org/W2148275477","https://openalex.org/W2148647281","https://openalex.org/W2152955531","https://openalex.org/W2156640967","https://openalex.org/W2157153057","https://openalex.org/W2157578436","https://openalex.org/W2157880546","https://openalex.org/W2158733823","https://openalex.org/W2159926124","https://openalex.org/W2163019575","https://openalex.org/W2163034159","https://openalex.org/W2163857553","https://openalex.org/W2164210932","https://openalex.org/W2165184405","https://openalex.org/W2170655593","https://openalex.org/W2171770082","https://openalex.org/W2173803529","https://openalex.org/W2697411956","https://openalex.org/W2799002609","https://openalex.org/W2900607324","https://openalex.org/W3146425672","https://openalex.org/W3216394964"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W2382290278","https://openalex.org/W4395014643"],"abstract_inverted_index":{"The":[0],"substantial":[1],"proliferation":[2],"of":[3,24,30,50,103,142,396,409,453],"the":[4,9,40,119,133,140,165,169,174,194,207,212,226,232,236,253,282,311,340,380,397,407,414,418,422,441,451],"Internet":[5],"has":[6],"made":[7],"it":[8,17],"most":[10,293],"critical":[11],"infrastructure":[12],"in":[13,39,60,70,89,122,240,285,299,327,434,447],"today's":[14],"world.":[15],"However,":[16],"is":[18,45,132,188,276,289],"still":[19],"vulnerable":[20],"to":[21,55,115,129,163,168,338,416,443],"various":[22],"kinds":[23],"attacks/malwares":[25,51],"and":[26,73,75,79,94,117,149,181,191,216,246,278,297,321,354,374,391,394,427,431],"poses":[27],"a":[28,47,67,99,178,183,244,264,332,345,350,372,386],"number":[29],"great":[31,80],"security":[32,64],"challenges.":[33],"Furthermore,":[34],"we":[35,84,176,242,262,309,412],"have":[36],"also":[37,153,290,440],"witnessed":[38],"past":[41],"decade":[42],"that":[43,138,187],"there":[44],"always":[46],"fast":[48,245,373,430],"self-evolution":[49],"(e.g.":[52],"from":[53,98,211,318,404],"worms":[54],"botnets)":[56],"against":[57],"every":[58],"success":[59],"network":[61,90,109],"security.":[62],"Network":[63],"thereby":[65],"remains":[66],"hot":[68],"topic":[69],"both":[71,77],"research":[72,121,131,329],"industry":[74],"requires":[76],"continuous":[78],"attention.\\nIn":[81],"this":[82,328],"research,":[83],"consider":[85,421],"two":[86,124,362],"fundamental":[87],"areas":[88],"security,":[91],"malware":[92,201],"detection":[93,202,249,254,364,377],"background":[95,303],"traffic":[96,266,286,388,448],"modeling,":[97],"new":[100,184,333,351,387],"view":[101],"point":[102],"node":[104,134,213,283,334,342,368,454],"behavior":[105,135,214,270,335,369],"profiling":[106,136,336],"under":[107,379,400],"enterprise":[108,319,405],"environments.":[110],"Our":[111,325],"main":[112],"objectives":[113],"are":[114,161,413,439],"extend":[116],"enhance":[118],"current":[120,195,294],"these":[123],"areas.":[125],"In":[126,260],"particular,":[127],"central":[128],"our":[130,410],"approach":[137,250,337,378],"groups":[139],"behaviors":[141],"different":[143],"nodes":[144],"by":[145,224,251],"jointly":[146],"considering":[147,225],"time":[148],"spatial":[150],"correlations.":[151],"We":[152,197,438],"present":[154],"an":[155,257],"extensive":[156],"study":[157,215,339],"on":[158,206,219,367],"botnets,":[159],"which":[160],"believed":[162],"be":[164],"largest":[166],"threat":[167],"Internet.":[170],"To":[171],"better":[172,301],"understand":[173],"botnet,":[175],"propose":[177,199,243,263,417,428,444],"botnet":[179,186,221,353,419,435],"framework":[180,346],"predict":[182],"P2P":[185,220,352,359],"much":[189],"stronger":[190],"stealthier":[192],"than":[193],"ones.":[196],"then":[198],"anomaly":[200,248,363,376],"approaches":[203,313,365,399],"based":[204,366],"directly":[205],"insights":[208],"(statistical":[209],"characteristics)":[210],"apply":[217],"them":[218],"detection.":[222],"Further,":[223],"worst":[227,381,423],"case":[228,382,424],"attack":[229,383,425],"model":[230,426],"where":[231],"botmaster":[233],"knows":[234],"all":[235],"parameter":[237],"values":[238],"used":[239],"detection,":[241],"optimized":[247,375,432],"formulating":[252],"problem":[255],"as":[256],"optimization":[258],"problem.":[259],"addition,":[261],"novel":[265],"modeling":[267,295,389,449],"structure":[268,390],"using":[269,314],"profiles":[271],"for":[272,347],"NIDS":[273],"evaluations.":[274],"It":[275,288],"efficient":[277,445],"takes":[279],"into":[280],"account":[281],"heterogeneity":[284],"modeling.":[287],"compatible":[291],"with":[292,357],"schemes":[296],"helpful":[298],"generating":[300],"realistic":[302],"traffic.":[304],"Last":[305],"but":[306],"not":[307],"least,":[308],"evaluate":[310],"proposed":[312],"real":[315,401],"user":[316,402],"trace":[317],"networks":[320],"achieve":[322],"encouraging":[323],"results.":[324],"contributions":[326],"include:":[330],"1)":[331],"normal":[341],"behavior;":[343],"2)":[344],"botnets;":[348,360],"3)":[349],"performance":[355],"comparisons":[356],"other":[358],"4)":[361,371],"profiles;":[370],"model;":[384],"5)":[385],"6)":[392],"simulations":[393],"evaluations":[395],"above":[398],"data":[403],"networks.\\nTo":[406],"best":[408],"knowledge,":[411],"first":[415,442],"framework,":[420],"corresponding":[429],"solution":[433],"related":[436],"research.":[437],"solutions":[446],"without":[450],"assumption":[452],"homogeneity.":[455]},"counts_by_year":[],"updated_date":"2026-05-19T21:40:30.786675","created_date":"2025-10-10T00:00:00"}