{"id":"https://openalex.org/W4401074814","doi":"https://doi.org/10.3390/s24154888","title":"Proactive Threat Hunting in Critical Infrastructure Protection through Hybrid Machine Learning Algorithm Application","display_name":"Proactive Threat Hunting in Critical Infrastructure Protection through Hybrid Machine Learning Algorithm Application","publication_year":2024,"publication_date":"2024-07-27","ids":{"openalex":"https://openalex.org/W4401074814","doi":"https://doi.org/10.3390/s24154888","pmid":"https://pubmed.ncbi.nlm.nih.gov/39123935"},"language":"en","primary_location":{"id":"doi:10.3390/s24154888","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s24154888","pdf_url":"https://www.mdpi.com/1424-8220/24/15/4888/pdf?version=1722088572","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj","pubmed"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1424-8220/24/15/4888/pdf?version=1722088572","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5025949890","display_name":"Shan Ali","orcid":null},"institutions":[{"id":"https://openalex.org/I191879574","display_name":"Inha University","ror":"https://ror.org/01easw929","country_code":"KR","type":"education","lineage":["https://openalex.org/I191879574"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Ali Shan","raw_affiliation_strings":["Center of Security Convergence & eGovernance, Inha University, Incheon 22212, Republic of Korea"],"raw_orcid":"https://orcid.org/0009-0003-6830-2777","affiliations":[{"raw_affiliation_string":"Center of Security Convergence & eGovernance, Inha University, Incheon 22212, Republic of Korea","institution_ids":["https://openalex.org/I191879574"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075847342","display_name":"Seunghwan Myeong","orcid":"https://orcid.org/0000-0002-6730-2770"},"institutions":[{"id":"https://openalex.org/I191879574","display_name":"Inha University","ror":"https://ror.org/01easw929","country_code":"KR","type":"education","lineage":["https://openalex.org/I191879574"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Seunghwan Myeong","raw_affiliation_strings":["Department of Public Administration, Inha University, Incheon 22212, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-6730-2770","affiliations":[{"raw_affiliation_string":"Department of Public Administration, Inha University, Incheon 22212, Republic of Korea","institution_ids":["https://openalex.org/I191879574"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5075847342"],"corresponding_institution_ids":["https://openalex.org/I191879574"],"apc_list":{"value":2400,"currency":"CHF","value_usd":2598},"apc_paid":{"value":2400,"currency":"CHF","value_usd":2598},"fwci":8.3768,"has_fulltext":true,"cited_by_count":26,"citation_normalized_percentile":{"value":0.98041926,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"24","issue":"15","first_page":"4888","last_page":"4888"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adaboost","display_name":"AdaBoost","score":0.7742751836776733},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.7165325284004211},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7026647329330444},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6839831471443176},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.6530869603157043},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.6477668881416321},{"id":"https://openalex.org/keywords/perceptron","display_name":"Perceptron","score":0.633198082447052},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5782170295715332},{"id":"https://openalex.org/keywords/receiver-operating-characteristic","display_name":"Receiver operating characteristic","score":0.4285274147987366},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.42041462659835815},{"id":"https://openalex.org/keywords/countermeasure","display_name":"Countermeasure","score":0.41489607095718384},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.38251620531082153},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3369928002357483},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3227071166038513},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.17140522599220276}],"concepts":[{"id":"https://openalex.org/C141404830","wikidata":"https://www.wikidata.org/wiki/Q2823869","display_name":"AdaBoost","level":3,"score":0.7742751836776733},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.7165325284004211},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7026647329330444},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6839831471443176},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.6530869603157043},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.6477668881416321},{"id":"https://openalex.org/C60908668","wikidata":"https://www.wikidata.org/wiki/Q690207","display_name":"Perceptron","level":3,"score":0.633198082447052},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5782170295715332},{"id":"https://openalex.org/C58471807","wikidata":"https://www.wikidata.org/wiki/Q327120","display_name":"Receiver operating characteristic","level":2,"score":0.4285274147987366},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.42041462659835815},{"id":"https://openalex.org/C21593369","wikidata":"https://www.wikidata.org/wiki/Q1032176","display_name":"Countermeasure","level":2,"score":0.41489607095718384},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.38251620531082153},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3369928002357483},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3227071166038513},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.17140522599220276},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.3390/s24154888","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s24154888","pdf_url":"https://www.mdpi.com/1424-8220/24/15/4888/pdf?version=1722088572","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},{"id":"pmid:39123935","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/39123935","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors (Basel, Switzerland)","raw_type":null},{"id":"pmh:oai:pubmedcentral.nih.gov:11314971","is_oa":true,"landing_page_url":"https://www.ncbi.nlm.nih.gov/pmc/articles/11314971","pdf_url":"https://pmc.ncbi.nlm.nih.gov/articles/PMC11314971/pdf/sensors-24-04888.pdf","source":{"id":"https://openalex.org/S2764455111","display_name":"PubMed Central","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors (Basel)","raw_type":"Text"},{"id":"pmh:oai:doaj.org/article:1e708caacc0741128ce9d8a6fc978a21","is_oa":true,"landing_page_url":"https://doaj.org/article/1e708caacc0741128ce9d8a6fc978a21","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors, Vol 24, Iss 15, p 4888 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/s24154888","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s24154888","pdf_url":"https://www.mdpi.com/1424-8220/24/15/4888/pdf?version=1722088572","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6000000238418579,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G1588506617","display_name":null,"funder_award_id":"NRF-2022S1A5C2A03093690","funder_id":"https://openalex.org/F4320322120","funder_display_name":"National Research Foundation of Korea"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320321408","display_name":"Ministry of Education","ror":"https://ror.org/01p262204"},{"id":"https://openalex.org/F4320322120","display_name":"National Research Foundation of Korea","ror":"https://ror.org/013aysd81"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4401074814.pdf"},"referenced_works_count":62,"referenced_works":["https://openalex.org/W1542822007","https://openalex.org/W1967333513","https://openalex.org/W1973697585","https://openalex.org/W1988921953","https://openalex.org/W1992867926","https://openalex.org/W2073390472","https://openalex.org/W2088853302","https://openalex.org/W2141608288","https://openalex.org/W2155784265","https://openalex.org/W2200302304","https://openalex.org/W2240738706","https://openalex.org/W2327106918","https://openalex.org/W2598515728","https://openalex.org/W2604394353","https://openalex.org/W2606805244","https://openalex.org/W2766725984","https://openalex.org/W2789628275","https://openalex.org/W2885421895","https://openalex.org/W2945460433","https://openalex.org/W2970054631","https://openalex.org/W2971170266","https://openalex.org/W2988249987","https://openalex.org/W3003663951","https://openalex.org/W3009061343","https://openalex.org/W3009433829","https://openalex.org/W3019001272","https://openalex.org/W3028728764","https://openalex.org/W3090078023","https://openalex.org/W3094113864","https://openalex.org/W3144955302","https://openalex.org/W3158959845","https://openalex.org/W3170330193","https://openalex.org/W3210329055","https://openalex.org/W4200618517","https://openalex.org/W4206645429","https://openalex.org/W4213007853","https://openalex.org/W4213451630","https://openalex.org/W4292506131","https://openalex.org/W4296991884","https://openalex.org/W4320486500","https://openalex.org/W4320919659","https://openalex.org/W4324093415","https://openalex.org/W4361275965","https://openalex.org/W4367627197","https://openalex.org/W4376958494","https://openalex.org/W4385423342","https://openalex.org/W4385819961","https://openalex.org/W4385873913","https://openalex.org/W4387770589","https://openalex.org/W4388221731","https://openalex.org/W4391060359","https://openalex.org/W4392121222","https://openalex.org/W4392674100","https://openalex.org/W4392782431","https://openalex.org/W4394829067","https://openalex.org/W6689871897","https://openalex.org/W6753341938","https://openalex.org/W6774129190","https://openalex.org/W6806992778","https://openalex.org/W6808715627","https://openalex.org/W6862651779","https://openalex.org/W6930017218"],"related_works":["https://openalex.org/W2378749186","https://openalex.org/W2364088131","https://openalex.org/W1557094818","https://openalex.org/W2362741838","https://openalex.org/W3011239835","https://openalex.org/W4312534362","https://openalex.org/W3213126983","https://openalex.org/W3185760728","https://openalex.org/W2915047625","https://openalex.org/W2050762184"],"abstract_inverted_index":{"Cyber-security":[0],"challenges":[1],"are":[2,6,14,66,90],"growing":[3],"globally":[4],"and":[5,35,55,72,104,127,136,152,187,190],"specifically":[7],"targeting":[8],"critical":[9,179],"infrastructure.":[10,180],"Conventional":[11],"countermeasure":[12],"practices":[13],"insufficient":[15],"to":[16,59,140,160,197],"provide":[17],"proactive":[18,41],"threat":[19,42,53,185],"hunting.":[20,43],"In":[21],"this":[22],"study,":[23],"random":[24,116],"forest":[25,117],"(RF),":[26],"support":[27],"vector":[28],"machine":[29,49,172],"(SVM),":[30],"multi-layer":[31],"perceptron":[32],"(MLP),":[33],"AdaBoost,":[34],"hybrid":[36,48,81,143],"models":[37,65],"were":[38],"applied":[39],"for":[40,178],"By":[44],"automating":[45],"detection,":[46],"the":[47,92,96,115,124,169],"learning-based":[50],"method":[51],"improves":[52],"hunting":[54],"frees":[56],"up":[57],"time":[58],"concentrate":[60],"on":[61,68],"high-risk":[62],"warnings.":[63],"These":[64],"implemented":[67],"approach":[69],"devices,":[70],"access,":[71],"principal":[73],"servers.":[74],"The":[75,85,142],"efficacy":[76],"of":[77,87,171],"several":[78],"models,":[79],"including":[80],"approaches,":[82],"is":[83],"assessed.":[84],"findings":[86],"these":[88],"studies":[89],"that":[91],"AdaBoost":[93],"model":[94,118,144],"provides":[95],"highest":[97],"efficiency,":[98],"with":[99,110,147],"a":[100,120,128,148],"0.98":[101,121],"ROC":[102,125,150],"area":[103,122,151],"95.7%":[105],"accuracy,":[106,131,154],"detecting":[107],"146":[108],"threats":[109,135],"29":[111],"false":[112,138,163],"positives.":[113],"Similarly,":[114],"achieved":[119],"under":[123],"curve":[126],"95%":[129],"overall":[130],"accurately":[132],"identifying":[133],"132":[134],"reducing":[137],"positives":[139],"31.":[141],"exhibited":[145],"promise":[146],"0.89":[149],"94.9%":[153],"though":[155],"it":[156],"requires":[157],"further":[158],"refinement":[159],"lower":[161],"its":[162],"positive":[164],"rate.":[165],"This":[166],"research":[167],"emphasizes":[168],"role":[170],"learning":[173,193],"in":[174],"improving":[175],"cyber-security,":[176],"particularly":[177],"Advanced":[181],"ML":[182],"techniques":[183],"enhance":[184],"detection":[186],"response":[188],"times,":[189],"their":[191],"continuous":[192],"ability":[194],"ensures":[195],"adaptability":[196],"new":[198],"threats.":[199]},"counts_by_year":[{"year":2026,"cited_by_count":7},{"year":2025,"cited_by_count":13},{"year":2024,"cited_by_count":6}],"updated_date":"2026-05-21T09:19:25.381259","created_date":"2025-10-10T00:00:00"}