{"id":"https://openalex.org/W4361273609","doi":"https://doi.org/10.3390/bdcc7020065","title":"Threat Hunting Architecture Using a Machine Learning Approach for Critical Infrastructures Protection","display_name":"Threat Hunting Architecture Using a Machine Learning Approach for Critical Infrastructures Protection","publication_year":2023,"publication_date":"2023-03-30","ids":{"openalex":"https://openalex.org/W4361273609","doi":"https://doi.org/10.3390/bdcc7020065"},"language":"en","primary_location":{"id":"doi:10.3390/bdcc7020065","is_oa":true,"landing_page_url":"https://doi.org/10.3390/bdcc7020065","pdf_url":"https://www.mdpi.com/2504-2289/7/2/65/pdf?version=1680170098","source":{"id":"https://openalex.org/S4210238752","display_name":"Big Data and Cognitive Computing","issn_l":"2504-2289","issn":["2504-2289"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Big Data and Cognitive Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2504-2289/7/2/65/pdf?version=1680170098","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012810713","display_name":"Mario Aragon\u00e9s Lozano","orcid":"https://orcid.org/0000-0002-8278-3947"},"institutions":[{"id":"https://openalex.org/I60053951","display_name":"Universitat Polit\u00e8cnica de Val\u00e8ncia","ror":"https://ror.org/01460j859","country_code":"ES","type":"education","lineage":["https://openalex.org/I60053951"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Mario Aragon\u00e9s Lozano","raw_affiliation_strings":["Communications Department, Universitat Polit\u00e8cnica de Val\u00e8ncia, 46022 Valencia, Spain"],"raw_orcid":"https://orcid.org/0000-0002-8278-3947","affiliations":[{"raw_affiliation_string":"Communications Department, Universitat Polit\u00e8cnica de Val\u00e8ncia, 46022 Valencia, Spain","institution_ids":["https://openalex.org/I60053951"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084979118","display_name":"Israel P\u00e9rez Llopis","orcid":null},"institutions":[{"id":"https://openalex.org/I60053951","display_name":"Universitat Polit\u00e8cnica de Val\u00e8ncia","ror":"https://ror.org/01460j859","country_code":"ES","type":"education","lineage":["https://openalex.org/I60053951"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Israel P\u00e9rez Llopis","raw_affiliation_strings":["Communications Department, Universitat Polit\u00e8cnica de Val\u00e8ncia, 46022 Valencia, Spain"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Communications Department, Universitat Polit\u00e8cnica de Val\u00e8ncia, 46022 Valencia, Spain","institution_ids":["https://openalex.org/I60053951"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103715340","display_name":"Manuel Esteve Domingo","orcid":null},"institutions":[{"id":"https://openalex.org/I60053951","display_name":"Universitat Polit\u00e8cnica de Val\u00e8ncia","ror":"https://ror.org/01460j859","country_code":"ES","type":"education","lineage":["https://openalex.org/I60053951"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Manuel Esteve Domingo","raw_affiliation_strings":["Communications Department, Universitat Polit\u00e8cnica de Val\u00e8ncia, 46022 Valencia, Spain"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Communications Department, Universitat Polit\u00e8cnica de Val\u00e8ncia, 46022 Valencia, Spain","institution_ids":["https://openalex.org/I60053951"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5012810713"],"corresponding_institution_ids":["https://openalex.org/I60053951"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":3.2654,"has_fulltext":true,"cited_by_count":17,"citation_normalized_percentile":{"value":0.92319021,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"7","issue":"2","first_page":"65","last_page":"65"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/situation-awareness","display_name":"Situation awareness","score":0.711307168006897},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6657849550247192},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6281211972236633},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5498209595680237},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.47796106338500977},{"id":"https://openalex.org/keywords/situational-ethics","display_name":"Situational ethics","score":0.42909127473831177},{"id":"https://openalex.org/keywords/enterprise-information-security-architecture","display_name":"Enterprise information security architecture","score":0.4126545190811157},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3763408362865448},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3043115735054016},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.19712862372398376},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.17633184790611267},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.11908000707626343},{"id":"https://openalex.org/keywords/geography","display_name":"Geography","score":0.1033346951007843}],"concepts":[{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.711307168006897},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6657849550247192},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6281211972236633},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5498209595680237},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.47796106338500977},{"id":"https://openalex.org/C9114305","wikidata":"https://www.wikidata.org/wiki/Q1428317","display_name":"Situational ethics","level":2,"score":0.42909127473831177},{"id":"https://openalex.org/C31139447","wikidata":"https://www.wikidata.org/wiki/Q5380386","display_name":"Enterprise information security architecture","level":2,"score":0.4126545190811157},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3763408362865448},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3043115735054016},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.19712862372398376},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.17633184790611267},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.11908000707626343},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.1033346951007843},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/bdcc7020065","is_oa":true,"landing_page_url":"https://doi.org/10.3390/bdcc7020065","pdf_url":"https://www.mdpi.com/2504-2289/7/2/65/pdf?version=1680170098","source":{"id":"https://openalex.org/S4210238752","display_name":"Big Data and Cognitive Computing","issn_l":"2504-2289","issn":["2504-2289"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Big Data and Cognitive Computing","raw_type":"journal-article"},{"id":"pmh:oai:riunet.upv.es:10251/205656","is_oa":true,"landing_page_url":"http://hdl.handle.net/10251/205656","pdf_url":"https://riunet.upv.es/bitstream/10251/205656/1/AragonesPerezEsteve%20-%20Threat%20Hunting%20Architecture%20Using%20a%20Machine%20Learning%20Approach%20for%20Critical%20....pdf","source":{"id":"https://openalex.org/S4306401500","display_name":"RiuNet (Politechnical University of Valencia)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I60053951","host_organization_name":"Universitat Polit\u00e8cnica de Val\u00e8ncia","host_organization_lineage":["https://openalex.org/I60053951"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:doaj.org/article:8d5a31e53621445fafce3f67341c55af","is_oa":true,"landing_page_url":"https://doaj.org/article/8d5a31e53621445fafce3f67341c55af","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Big Data and Cognitive Computing, Vol 7, Iss 2, p 65 (2023)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/2504-2289/7/2/65/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/bdcc7020065","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Big Data and Cognitive Computing; Volume 7; Issue 2; Pages: 65","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/bdcc7020065","is_oa":true,"landing_page_url":"https://doi.org/10.3390/bdcc7020065","pdf_url":"https://www.mdpi.com/2504-2289/7/2/65/pdf?version=1680170098","source":{"id":"https://openalex.org/S4210238752","display_name":"Big Data and Cognitive Computing","issn_l":"2504-2289","issn":["2504-2289"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Big Data and Cognitive Computing","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7597132188","display_name":null,"funder_award_id":"101021274","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4361273609.pdf"},"referenced_works_count":102,"referenced_works":["https://openalex.org/W133619669","https://openalex.org/W1479797105","https://openalex.org/W1510889137","https://openalex.org/W1537194305","https://openalex.org/W1539928967","https://openalex.org/W1624245830","https://openalex.org/W1939512652","https://openalex.org/W1955609355","https://openalex.org/W1969357014","https://openalex.org/W1970978220","https://openalex.org/W1975132127","https://openalex.org/W1976383685","https://openalex.org/W1982802813","https://openalex.org/W1982998274","https://openalex.org/W2000002100","https://openalex.org/W2005058514","https://openalex.org/W2018902742","https://openalex.org/W2041858766","https://openalex.org/W2042807879","https://openalex.org/W2050131929","https://openalex.org/W2055631879","https://openalex.org/W2065890363","https://openalex.org/W2069757512","https://openalex.org/W2072607341","https://openalex.org/W2075893278","https://openalex.org/W2085258442","https://openalex.org/W2087336585","https://openalex.org/W2096179302","https://openalex.org/W2096575147","https://openalex.org/W2110040004","https://openalex.org/W2110390205","https://openalex.org/W2113188272","https://openalex.org/W2115730242","https://openalex.org/W2134490011","https://openalex.org/W2141245797","https://openalex.org/W2151245645","https://openalex.org/W2161573379","https://openalex.org/W2166602595","https://openalex.org/W2296719434","https://openalex.org/W2309113855","https://openalex.org/W2334791991","https://openalex.org/W2342768769","https://openalex.org/W2347157794","https://openalex.org/W2464815958","https://openalex.org/W2482623328","https://openalex.org/W2533698187","https://openalex.org/W2538706977","https://openalex.org/W2555426036","https://openalex.org/W2564649569","https://openalex.org/W2566899386","https://openalex.org/W2751495347","https://openalex.org/W2756675797","https://openalex.org/W2767039516","https://openalex.org/W2776400087","https://openalex.org/W2780015049","https://openalex.org/W2783443797","https://openalex.org/W2791879367","https://openalex.org/W2794202219","https://openalex.org/W2794501214","https://openalex.org/W2810979057","https://openalex.org/W2894279555","https://openalex.org/W2902330413","https://openalex.org/W2902370892","https://openalex.org/W2908954810","https://openalex.org/W2915626801","https://openalex.org/W2922110906","https://openalex.org/W2937937495","https://openalex.org/W2938555005","https://openalex.org/W2944304051","https://openalex.org/W2947243964","https://openalex.org/W2951539267","https://openalex.org/W2958992432","https://openalex.org/W2982379052","https://openalex.org/W2983462835","https://openalex.org/W2995590922","https://openalex.org/W3009683167","https://openalex.org/W3020873385","https://openalex.org/W3036491774","https://openalex.org/W3048012689","https://openalex.org/W3081591876","https://openalex.org/W3107757457","https://openalex.org/W3131542938","https://openalex.org/W3133377806","https://openalex.org/W3139008799","https://openalex.org/W3139164743","https://openalex.org/W3165211934","https://openalex.org/W3174621618","https://openalex.org/W3183276505","https://openalex.org/W3185102761","https://openalex.org/W3186276894","https://openalex.org/W4214829033","https://openalex.org/W4231029117","https://openalex.org/W4232387886","https://openalex.org/W4236137412","https://openalex.org/W4286356316","https://openalex.org/W4293024991","https://openalex.org/W4299101042","https://openalex.org/W6756693045","https://openalex.org/W6798681010","https://openalex.org/W6903471275","https://openalex.org/W6930791116","https://openalex.org/W6959681395"],"related_works":["https://openalex.org/W2012350746","https://openalex.org/W3024912289","https://openalex.org/W2415747217","https://openalex.org/W2143767096","https://openalex.org/W4389264631","https://openalex.org/W2561023719","https://openalex.org/W4382644910","https://openalex.org/W4386286863","https://openalex.org/W2094708502","https://openalex.org/W4381733965"],"abstract_inverted_index":{"The":[0,148],"number":[1],"and":[2,17,53,88,117,130,132,201,210,237,253],"the":[3,13,26,62,144,161,172,180,185,207],"diversity":[4],"in":[5,12,25,61,136,242],"nature":[6],"of":[7,48,114,126,150,164,184,192,257],"daily":[8],"cyber-attacks":[9],"have":[10,44,103],"increased":[11],"last":[14],"few":[15],"years,":[16],"trends":[18],"show":[19],"that":[20,110,187,228],"both":[21],"will":[22],"grow":[23],"exponentially":[24],"near":[27],"future.":[28],"Critical":[29,246],"Infrastructures":[30,247],"(CI)":[31],"operators":[32],"are":[33,69,189],"not":[34],"excluded":[35],"from":[36,206],"these":[37,193],"issues;":[38],"therefore,":[39],"CIs\u2019":[40],"Security":[41],"Departments":[42],"must":[43,102,111,122],"their":[45,79,86,107,215],"own":[46],"group":[47],"IT":[49],"specialists":[50,173],"to":[51,55,139,196,213,223,244],"prevent":[52],"respond":[54],"cyber-attacks.":[56],"To":[57,90],"introduce":[58],"more":[59],"challenges":[60],"existing":[63],"cyber":[64],"security":[65,108],"landscape,":[66],"many":[67],"attacks":[68],"unknown":[70],"until":[71],"they":[72,188],"spawn,":[73],"even":[74],"a":[75,225,233,250],"long":[76],"time":[77],"after":[78],"initial":[80],"actions,":[81],"posing":[82],"increasing":[83],"difficulties":[84],"on":[85,249],"detection":[87],"remediation.":[89],"be":[91,112],"reactive":[92],"against":[93],"those":[94,165],"cyber-attacks,":[95],"usually":[96],"defined":[97],"as":[98],"zero-day":[99],"attacks,":[100],"organizations":[101],"Threat":[104,120,181,230],"Hunters":[105,121],"at":[106],"departments":[109],"aware":[113],"unusual":[115],"behaviors":[116],"Modus":[118],"Operandi.":[119],"face":[123],"vast":[124],"amounts":[125],"data":[127,200],"(mainly":[128],"benign":[129],"repetitive,":[131],"following":[133],"predictable":[134],"patterns)":[135],"short":[137],"periods":[138],"detect":[140],"any":[141],"anomaly,":[142],"with":[143,174],"associated":[145],"cognitive":[146],"overwhelming.":[147],"application":[149],"Artificial":[151],"Intelligence,":[152],"specifically":[153],"Machine":[154,234],"Learning":[155,235],"(ML)":[156],"techniques,":[157],"can":[158,177,194],"remarkably":[159],"impact":[160],"real-time":[162],"analysis":[163],"data.":[166],"Not":[167],"only":[168],"that,":[169],"but":[170],"providing":[171,211],"useful":[175],"visualizations":[176],"significantly":[178],"increase":[179],"Hunters\u2019":[182],"understanding":[183],"issues":[186],"facing.":[190],"Both":[191],"help":[195],"discriminate":[197],"between":[198],"harmless":[199],"malicious":[202],"data,":[203],"alleviating":[204],"analysts":[205],"above-mentioned":[208],"overload":[209],"means":[212],"enhance":[214],"Cyber":[216],"Situational":[217],"Awareness":[218],"(CSA).":[219],"This":[220],"work":[221],"aims":[222],"design":[224],"system":[226],"architecture":[227],"helps":[229],"Hunters,":[231],"using":[232],"approach":[236],"applying":[238],"state-of-the-art":[239],"visualization":[240],"techniques":[241],"order":[243],"protect":[245],"based":[248],"distributed,":[251],"scalable":[252],"online":[254],"configurable":[255],"framework":[256],"interconnected":[258],"modular":[259],"components.":[260]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":3}],"updated_date":"2026-05-23T08:51:43.019350","created_date":"2025-10-10T00:00:00"}