{"id":"https://openalex.org/W4289825106","doi":"https://doi.org/10.1109/access.2022.3196362","title":"Discovering Coordinated Groups of IP Addresses Through Temporal Correlation of Alerts","display_name":"Discovering Coordinated Groups of IP Addresses Through Temporal Correlation of Alerts","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W4289825106","doi":"https://doi.org/10.1109/access.2022.3196362"},"language":"en","primary_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3196362","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09849653.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},"type":"article","type_crossref":"journal-article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09849653.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005548272","display_name":"Martin \u017d\u00e1dn\u00edk","orcid":"https://orcid.org/0000-0002-2099-2348"},"institutions":[{"id":"https://openalex.org/I54634078","display_name":"Czech Education and Scientific Network","ror":"https://ror.org/050dkka69","country_code":"CZ","type":"other","lineage":["https://openalex.org/I202391551","https://openalex.org/I54634078"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Martin Zadnik","raw_affiliation_strings":["CESNET Association of Legal Entities, Prague, Czech Republic"],"affiliations":[{"raw_affiliation_string":"CESNET Association of Legal Entities, Prague, Czech Republic","institution_ids":["https://openalex.org/I54634078"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084765860","display_name":"Jan Wrona","orcid":"https://orcid.org/0000-0001-9724-3807"},"institutions":[{"id":"https://openalex.org/I54634078","display_name":"Czech Education and Scientific Network","ror":"https://ror.org/050dkka69","country_code":"CZ","type":"other","lineage":["https://openalex.org/I202391551","https://openalex.org/I54634078"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Jan Wrona","raw_affiliation_strings":["CESNET Association of Legal Entities, Prague, Czech Republic"],"affiliations":[{"raw_affiliation_string":"CESNET Association of Legal Entities, Prague, Czech Republic","institution_ids":["https://openalex.org/I54634078"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088718699","display_name":"Karel Hynek","orcid":"https://orcid.org/0000-0002-8281-618X"},"institutions":[{"id":"https://openalex.org/I54634078","display_name":"Czech Education and Scientific Network","ror":"https://ror.org/050dkka69","country_code":"CZ","type":"other","lineage":["https://openalex.org/I202391551","https://openalex.org/I54634078"]},{"id":"https://openalex.org/I44504214","display_name":"Czech Technical University in Prague","ror":"https://ror.org/03kqpb082","country_code":"CZ","type":"education","lineage":["https://openalex.org/I44504214"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Karel Hynek","raw_affiliation_strings":["CESNET Association of Legal Entities, Prague, Czech Republic","Faculty of Information Technology, Czech Technical University in Prague, Czech Republic"],"affiliations":[{"raw_affiliation_string":"CESNET Association of Legal Entities, Prague, Czech Republic","institution_ids":["https://openalex.org/I54634078"]},{"raw_affiliation_string":"Faculty of Information Technology, Czech Technical University in Prague, Czech Republic","institution_ids":["https://openalex.org/I44504214"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062180857","display_name":"Tom\u00e1\u0161 \u010cejka","orcid":"https://orcid.org/0000-0001-7794-9511"},"institutions":[{"id":"https://openalex.org/I54634078","display_name":"Czech Education and Scientific Network","ror":"https://ror.org/050dkka69","country_code":"CZ","type":"other","lineage":["https://openalex.org/I202391551","https://openalex.org/I54634078"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Tomas Cejka","raw_affiliation_strings":["CESNET Association of Legal Entities, Prague, Czech Republic"],"affiliations":[{"raw_affiliation_string":"CESNET Association of Legal Entities, Prague, Czech Republic","institution_ids":["https://openalex.org/I54634078"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048751886","display_name":"Martin Hus\u00e1k","orcid":"https://orcid.org/0000-0001-7249-9881"},"institutions":[{"id":"https://openalex.org/I4210155092","display_name":"Czech Academy of Sciences, Institute of Computer Science","ror":"https://ror.org/0496n6574","country_code":"CZ","type":"facility","lineage":["https://openalex.org/I202391551","https://openalex.org/I4210155092"]},{"id":"https://openalex.org/I21449261","display_name":"Masaryk University","ror":"https://ror.org/02j46qs45","country_code":"CZ","type":"education","lineage":["https://openalex.org/I21449261"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Martin Husak","raw_affiliation_strings":["Institute of Computer Science, Masaryk University, Brno, Czech Republic"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Masaryk University, Brno, Czech Republic","institution_ids":["https://openalex.org/I4210155092","https://openalex.org/I21449261"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850,"provenance":"doaj"},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850,"provenance":"doaj"},"fwci":0.381,"has_fulltext":true,"fulltext_origin":"pdf","cited_by_count":2,"citation_normalized_percentile":{"value":0.690554,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":70,"max":76},"biblio":{"volume":"10","issue":null,"first_page":"82799","last_page":"82813"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9963,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9958,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/relevance","display_name":"Relevance","score":0.6493496},{"id":"https://openalex.org/keywords/situation-awareness","display_name":"Situation Awareness","score":0.62730616},{"id":"https://openalex.org/keywords/information-sharing","display_name":"Information Sharing","score":0.45009407}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.82425284},{"id":"https://openalex.org/C158154518","wikidata":"https://www.wikidata.org/wiki/Q7310970","display_name":"Relevance (law)","level":2,"score":0.6493496},{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.62730616},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6112274},{"id":"https://openalex.org/C2776854237","wikidata":"https://www.wikidata.org/wiki/Q6031064","display_name":"Information sharing","level":2,"score":0.45009407},{"id":"https://openalex.org/C2985371682","wikidata":"https://www.wikidata.org/wiki/Q11135","display_name":"Ip address","level":2,"score":0.43375754},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38449407},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.37182158},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.26756066},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.19051716},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3196362","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09849653.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},{"is_oa":false,"landing_page_url":"https://doaj.org/article/7842b19dae8f4f0e81599b13e079142b","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},{"is_oa":true,"landing_page_url":"https://is.muni.cz/publication/2210838","pdf_url":"https://is.muni.cz/publication/2210838/2022-Access-Discovering_Coordinated_Groups_of_IP_Addresses_Through_Temporal_Correlation_of_Alerts.pdf","source":{"id":"https://openalex.org/S4306400102","display_name":"Ve\u0159ejn\u00e9 slu\u017eby Informa\u010dn\u00edho syst\u00e9mu (Masarykiana Brunensis Universitas)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3196362","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09849653.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},"sustainable_development_goals":[{"score":0.76,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, justice, and strong institutions"}],"grants":[{"funder":"https://openalex.org/F4320321842","funder_display_name":"Ministry of Education, Youth and Science","award_id":"SGS20/210/OHK3/3T/18"}],"datasets":[],"versions":[],"referenced_works_count":49,"referenced_works":["https://openalex.org/W109441098","https://openalex.org/W1494614683","https://openalex.org/W1495304983","https://openalex.org/W1554596310","https://openalex.org/W1575376224","https://openalex.org/W1606180351","https://openalex.org/W177085243","https://openalex.org/W1772700132","https://openalex.org/W178280372","https://openalex.org/W184968340","https://openalex.org/W1976326990","https://openalex.org/W1991237739","https://openalex.org/W2013627100","https://openalex.org/W2048125321","https://openalex.org/W2053550965","https://openalex.org/W2055634358","https://openalex.org/W2061686014","https://openalex.org/W2105648335","https://openalex.org/W2111142701","https://openalex.org/W2111723807","https://openalex.org/W2128064123","https://openalex.org/W2129879631","https://openalex.org/W2130673717","https://openalex.org/W2136488484","https://openalex.org/W2136561182","https://openalex.org/W2136708625","https://openalex.org/W2152449272","https://openalex.org/W2163277533","https://openalex.org/W2180566385","https://openalex.org/W2246402135","https://openalex.org/W2256845964","https://openalex.org/W2308071406","https://openalex.org/W2318191508","https://openalex.org/W2343978497","https://openalex.org/W2481715940","https://openalex.org/W2594016977","https://openalex.org/W2725791879","https://openalex.org/W2743894634","https://openalex.org/W2751947116","https://openalex.org/W2921941248","https://openalex.org/W2968354735","https://openalex.org/W2979704987","https://openalex.org/W2981181114","https://openalex.org/W2997317042","https://openalex.org/W3012425390","https://openalex.org/W3094197163","https://openalex.org/W351141490","https://openalex.org/W4247105055","https://openalex.org/W4253269957"],"related_works":["https://openalex.org/W4382644910","https://openalex.org/W3024912289","https://openalex.org/W2561023719","https://openalex.org/W2415747217","https://openalex.org/W2143767096","https://openalex.org/W2094708502","https://openalex.org/W2088166309","https://openalex.org/W2085384747","https://openalex.org/W187169919","https://openalex.org/W1542973883"],"abstract_inverted_index":{"Network-based":[0],"monitoring":[1],"and":[2,67],"intrusion":[3],"detection":[4],"systems":[5],"generate":[6],"a":[7,99,112,125],"high":[8,37],"number":[9,38],"of":[10,17,22,39,55,59,71,106,115,146],"alerts":[11,23,40,46,133],"reporting":[12,129],"on":[13,122],"the":[14,36,53,60,69,104],"suspicious":[15],"activity":[16],"IP":[18,56,62,108,149],"addresses.":[19,57,150],"The":[20,136],"majority":[21],"are":[24],"dropped":[25],"due":[26,34],"to":[27,35,80,88,102],"their":[28,116],"low":[29,31],"relevance,":[30],"priority":[32],"or":[33],"itself.":[41],"We":[42,118],"assume":[43],"that":[44,110,139],"these":[45],"still":[47],"contain":[48],"valuable":[49],"information,":[50],"namely,":[51],"about":[52],"coordination":[54],"Knowledge":[58],"coordinated":[61,107,148],"addresses":[63,109],"improves":[64],"situational":[65],"awareness":[66],"reflects":[68],"requirement":[70],"security":[72],"analysts":[73],"as":[74,76,82,86],"well":[75],"automated":[77],"reasoning":[78],"tools":[79],"have":[81],"much":[83],"contextual":[84],"information":[85],"possible":[87],"make":[89],"an":[90],"informed":[91],"decision.":[92],"To":[93],"validate":[94],"our":[95,120,140],"assumption,":[96],"we":[97],"introduce":[98],"novel":[100],"method":[101,121,141],"discover":[103,144],"groups":[105,145],"exhibit":[111],"temporal":[113],"correlation":[114],"alerts.":[117],"evaluate":[119],"data":[123],"from":[124],"real":[126],"sharing":[127],"platform":[128],"approximately":[130],"1.5":[131],"million":[132],"per":[134],"day.":[135],"results":[137],"show":[138],"can":[142],"indeed":[143],"truly":[147]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4289825106","counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2025-01-05T02:20:41.104240","created_date":"2022-08-05"}
  <script>parent.window.postMessage('ixistenz.url:https://api.openalex.org/works/doi:10.1109%2FACCESS.2022.3196362', '*'); </script> <div id='browserdiffcontainer' style='position: fixed; right: 10px; top: 10vh; min-width: 60px;  border: 1px solid white; background: rgb(251, 189, 0);; opacity: 0.9; font-family: helvetica, arial, sans serif;  font-size: 12px; z-index: 20001; padding-bottom: 20px;'><div onclick="toggle('browserdiffcontainerlist'); return false;" style='background: rgb(151, 89, 0);; color: white; '><strong>&nbsp; <span class='glyphicon glyphicon-minus'></span> NODES</strong></div><div id='browserdiffcontainerlist' style='padding-left: 10px; padding-right: 5px; max-height: 50vh; overflow: auto; '><div><a href='#diffid883' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:883', '*');; return false;" style='text-decoration: none; '>Association </a> <a style='color: white;' href='#diffid883'><sup>8</sup></a></div><div><a href='#diffid123' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:123', '*');; return false;" style='text-decoration: none; '>INTERN </a> <a style='color: white;' href='#diffid123'><sup>1</sup></a></div></div></div>
<script>
function toggle( divname ) {
  var x = document.getElementById( divname );
  if (x.style.display === 'none') {
    x.style.display = 'block';
  } else {
    x.style.display = 'none';
  }
} </script>