{"id":"https://openalex.org/W1904947913","doi":"https://doi.org/10.1109/ares.2015.42","title":"Security Monitoring of HTTP Traffic Using Extended Flows","display_name":"Security Monitoring of HTTP Traffic Using Extended Flows","publication_year":2015,"publication_date":"2015-08-01","ids":{"openalex":"https://openalex.org/W1904947913","doi":"https://doi.org/10.1109/ares.2015.42","mag":"1904947913"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/ares.2015.42","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://is.muni.cz/publication/1300438/http_security_monitoring-paper.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048751886","display_name":"Martin Hus\u00e1k","orcid":"https://orcid.org/0000-0001-7249-9881"},"institutions":[{"id":"https://openalex.org/I21449261","display_name":"Masaryk University","ror":"https://ror.org/02j46qs45","country_code":"CZ","type":"education","lineage":["https://openalex.org/I21449261"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Martin Husak","raw_affiliation_strings":["Institute of Computer Science, Masaryk University, Brno, Czech Republic#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Masaryk University, Brno, Czech Republic#TAB#","institution_ids":["https://openalex.org/I21449261"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044735319","display_name":"Petr Velan","orcid":"https://orcid.org/0000-0002-2824-4299"},"institutions":[{"id":"https://openalex.org/I21449261","display_name":"Masaryk University","ror":"https://ror.org/02j46qs45","country_code":"CZ","type":"education","lineage":["https://openalex.org/I21449261"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Petr Velan","raw_affiliation_strings":["Institute of Computer Science, Masaryk University, Brno, Czech Republic#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Masaryk University, Brno, Czech Republic#TAB#","institution_ids":["https://openalex.org/I21449261"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5009052713","display_name":"Jan Vykopal","orcid":"https://orcid.org/0000-0002-3425-0951"},"institutions":[{"id":"https://openalex.org/I21449261","display_name":"Masaryk University","ror":"https://ror.org/02j46qs45","country_code":"CZ","type":"education","lineage":["https://openalex.org/I21449261"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Jan Vykopal","raw_affiliation_strings":["Institute of Computer Science, Masaryk University, Brno, Czech Republic#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Masaryk University, Brno, Czech Republic#TAB#","institution_ids":["https://openalex.org/I21449261"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.573,"has_fulltext":true,"fulltext_origin":"ngrams","cited_by_count":20,"citation_normalized_percentile":{"value":0.909928,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":91},"biblio":{"volume":null,"issue":null,"first_page":"258","last_page":"265"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/network-monitoring","display_name":"Network monitoring","score":0.5428571},{"id":"https://openalex.org/keywords/netflow","display_name":"NetFlow","score":0.46813402}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7548971},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.62744236},{"id":"https://openalex.org/C186644900","wikidata":"https://www.wikidata.org/wiki/Q194152","display_name":"Parsing","level":2,"score":0.597081},{"id":"https://openalex.org/C81877898","wikidata":"https://www.wikidata.org/wiki/Q1965787","display_name":"Network monitoring","level":2,"score":0.5428571},{"id":"https://openalex.org/C188067584","wikidata":"https://www.wikidata.org/wiki/Q219363","display_name":"NetFlow","level":2,"score":0.46813402},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.46662033},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.4295448},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.42602587},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3453948},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.32618988},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.27878302},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2473369},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.18581012},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.1436913}],"mesh":[],"locations_count":2,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/ares.2015.42","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},{"is_oa":true,"landing_page_url":"https://is.muni.cz/repo/1300438","pdf_url":"https://is.muni.cz/publication/1300438/http_security_monitoring-paper.pdf","source":{"id":"https://openalex.org/S4306400102","display_name":"Ve\u0159ejn\u00e9 slu\u017eby Informa\u010dn\u00edho syst\u00e9mu (Masarykiana Brunensis Universitas)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://is.muni.cz/repo/1300438","pdf_url":"https://is.muni.cz/publication/1300438/http_security_monitoring-paper.pdf","source":{"id":"https://openalex.org/S4306400102","display_name":"Ve\u0159ejn\u00e9 slu\u017eby Informa\u010dn\u00edho syst\u00e9mu (Masarykiana Brunensis Universitas)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.43,"display_name":"Peace, justice, and strong institutions"}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":22,"referenced_works":["https://openalex.org/W1493883477","https://openalex.org/W1553734441","https://openalex.org/W1573594453","https://openalex.org/W1827212170","https://openalex.org/W18813670","https://openalex.org/W1916906602","https://openalex.org/W1973341111","https://openalex.org/W1976151252","https://openalex.org/W1988122011","https://openalex.org/W2036225462","https://openalex.org/W2050219906","https://openalex.org/W2053550965","https://openalex.org/W2069978326","https://openalex.org/W2092469638","https://openalex.org/W2132462183","https://openalex.org/W2140094598","https://openalex.org/W2170196582","https://openalex.org/W2171331105","https://openalex.org/W2255206882","https://openalex.org/W4253269957","https://openalex.org/W75357322","https://openalex.org/W93284394"],"related_works":["https://openalex.org/W986282359","https://openalex.org/W96211446","https://openalex.org/W4321192572","https://openalex.org/W3206999685","https://openalex.org/W3118525156","https://openalex.org/W2977574252","https://openalex.org/W2382865804","https://openalex.org/W2010788183","https://openalex.org/W1742155081","https://openalex.org/W1564072004"],"abstract_inverted_index":{"In":[0,24],"this":[1],"paper,":[2],"we":[3,30,69],"present":[4],"an":[5],"analysis":[6,122],"of":[7,37,50,94,104,123,135],"HTTP":[8,22,38,51,61,84,124],"traffic":[9,39,52],"in":[10,88,139],"a":[11],"large-scale":[12],"environment":[13],"which":[14,40,53],"uses":[15],"network":[16,44],"flow":[17,116,137],"monitoring":[18,138],"extended":[19,136],"by":[20,110],"parsing":[21],"requests.":[23],"contrast":[25],"to":[26,34,43,59,72,75,141],"previously":[27,77],"published":[28],"analyses,":[29],"were":[31,70],"the":[32,67,121,132,142],"first":[33],"classify":[35],"patterns":[36],"are":[41],"relevant":[42],"security.":[45],"We":[46],"described":[47],"three":[48],"classes":[49],"contain":[54],"brute-force":[55,79],"password":[56,80],"attacks,":[57],"connections":[58],"proxies,":[60],"scanners,":[62],"and":[63,82,97],"web":[64,98],"crawlers.":[65],"Using":[66],"classification,":[68],"able":[71],"detect":[73],"up":[74],"16":[76],"undetectable":[78],"attacks":[81,106],"19":[83],"scans":[85],"per":[86],"day":[87],"our":[89],"campus":[90],"network.":[91],"The":[92],"activity":[93],"proxy":[95],"servers":[96],"crawlers":[99],"was":[100],"also":[101],"observed.":[102],"Symptoms":[103],"these":[105],"may":[107],"be":[108],"detected":[109],"other":[111],"methods":[112],"based":[113],"on":[114],"traditional":[115,143],"monitoring,":[117],"but":[118],"detection":[119],"using":[120],"requests":[125],"is":[126],"more":[127],"straightforward.":[128],"We,":[129],"thus,":[130],"confirm":[131],"added":[133],"value":[134],"comparison":[140],"method.":[144]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W1904947913","counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":2}],"updated_date":"2024-12-14T08:28:27.538593","created_date":"2016-06-24"}
  <script>parent.window.postMessage('ixistenz.url:https://api.openalex.org/works/doi:10.1109%2FARES.2015.42', '*'); </script> <div id='browserdiffcontainer' style='position: fixed; right: 10px; top: 10vh; min-width: 60px;  border: 1px solid white; background: rgb(251, 189, 0);; opacity: 0.9; font-family: helvetica, arial, sans serif;  font-size: 12px; z-index: 20001; padding-bottom: 20px;'><div onclick="toggle('browserdiffcontainerlist'); return false;" style='background: rgb(151, 89, 0);; color: white; '><strong>&nbsp; <span class='glyphicon glyphicon-minus'></span> NODES</strong></div><div id='browserdiffcontainerlist' style='padding-left: 10px; padding-right: 5px; max-height: 50vh; overflow: auto; '><div><a href='#diffid123' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:123', '*');; return false;" style='text-decoration: none; '>INTERN </a> <a style='color: white;' href='#diffid123'><sup>2</sup></a></div></div></div>
<script>
function toggle( divname ) {
  var x = document.getElementById( divname );
  if (x.style.display === 'none') {
    x.style.display = 'block';
  } else {
    x.style.display = 'none';
  }
} </script>