{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T15:34:51Z","timestamp":1758814491990},"reference-count":27,"publisher":"Oxford University Press (OUP)","issue":"6","license":[{"start":{"date-parts":[[2022,2,17]],"date-time":"2022-02-17T00:00:00Z","timestamp":1645056000000},"content-version":"vor","delay-in-days":1,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,11,23]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Detecting intrusions in large networks is a highly demanding task. In order to reduce the computation demand of analysing every single packet travelling along one of such networks, some years ago flows were proposed as a way of summarizing traffic information. Very few research works have addressed intrusion detection in flows from a visualizations perspective. In order to bridge this gap, the present paper proposes the application of a novel projection method (Beta Hebbian Learning) under this framework. With the aim to validate this method, 8 traffic segments, containing many flows, have been analysed by means of this projection method. The promising results obtained for these segments, extracted from the University of Twente dataset, validate the proposed application.<\/jats:p>","DOI":"10.1093\/jigpal\/jzac013","type":"journal-article","created":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T12:14:14Z","timestamp":1643285654000},"page":"1056-1073","source":"Crossref","is-referenced-by-count":4,"title":["Advanced Visualization of Intrusions in Flows by Means of Beta-Hebbian Learning"],"prefix":"10.1093","volume":"30","author":[{"given":"H\u00e9ctor","family":"Quinti\u00e1n","sequence":"first","affiliation":[{"name":"Department of Industrial Engineering, University of A Coru\u00f1a , CTC, CITIC Avda. 19 de febrero s\/n, 15405, Ferrol, A Coru\u00f1a, Spain"}]},{"given":"Esteban","family":"Jove","sequence":"additional","affiliation":[{"name":"Department of Industrial Engineering, University of A Coru\u00f1a , CTC, CITIC Avda. 19 de febrero s\/n, 15405, Ferrol, A Coru\u00f1a, Spain"}]},{"given":"Jos\u00e9-Luis","family":"Casteleiro-Roca","sequence":"additional","affiliation":[{"name":"Department of Industrial Engineering, University of A Coru\u00f1a , CTC, CITIC Avda. 19 de febrero s\/n, 15405, Ferrol, A Coru\u00f1a, Spain"}]},{"given":"Daniel","family":"Urda","sequence":"additional","affiliation":[{"name":"Grupo de Inteligencia Computacional Aplicada (GICAP) , Departamento de Ingenier\u00eda Inform\u00e1tica, Escuela Polit\u00e9cnica Superior, Universidad de Burgos, Av. Cantabria s\/n, 09006, Burgos, Spain"}]},{"given":"\u00c1ngel","family":"Arroyo","sequence":"additional","affiliation":[{"name":"Grupo de Inteligencia Computacional Aplicada (GICAP) , Departamento de Ingenier\u00eda Inform\u00e1tica, Escuela Polit\u00e9cnica Superior, Universidad de Burgos, Av. Cantabria s\/n, 09006, Burgos, Spain"}]},{"given":"Jos\u00e9","family":"Luis Calvo-Rolle","sequence":"additional","affiliation":[{"name":"Department of Industrial Engineering, University of A Coru\u00f1a , CTC, CITIC Avda. 19 de febrero s\/n, 15405, Ferrol, A Coru\u00f1a, Spain"}]},{"given":"\u00c1lvaro","family":"Herrero","sequence":"additional","affiliation":[{"name":"Grupo de Inteligencia Computacional Aplicada (GICAP) , Departamento de Ingenier\u00eda Inform\u00e1tica, Escuela Polit\u00e9cnica Superior, Universidad de Burgos, Av. Cantabria s\/n, 09006, Burgos, Spain"}]},{"given":"Emilio","family":"Corchado","sequence":"additional","affiliation":[{"name":"Edificio Departamental, University of Salamanca , Campus Unamuno, 37007 Salamanca, Spain"}]}],"member":"286","published-online":{"date-parts":[[2022,2,16]]},"reference":[{"key":"2022112012285306900_ref1","doi-asserted-by":"crossref","DOI":"10.3390\/su12187262","article-title":"Fiviz: forensics investigation through visualization for malware in internet of things","volume":"12","author":"Ahmad","year":"2020","journal-title":"Sustainability"},{"key":"2022112012285306900_ref2","first-page":"7","article-title":"Malware visualization techniques","volume":"8","author":"Ahmet","year":"2020","journal-title":"International Journal of Applied Mathematics Electronics and Computers"},{"key":"2022112012285306900_ref3","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1007\/978-3-319-19713-5_18","article-title":"Neural analysis of http traffic for web attack detection","volume-title":"International Joint Conference","author":"Atienza","year":"2015"},{"key":"2022112012285306900_ref4","doi-asserted-by":"crossref","first-page":"153","DOI":"10.1007\/s10472-010-9211-0","article-title":"Genetic algorithms and particle swarm optimization for exploratory projection pursuit","volume":"60","author":"Berro","year":"10 2010","journal-title":"Annals of Mathematics and Artificial Intelligence"},{"key":"2022112012285306900_ref5","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/ITMS.2018.8552977","article-title":"Investigation of network intrusion detection using data visualization methods","volume-title":"2018 59th International Scientific Conference on Information Technology and Management Science of Riga Technical University (ITMS)","author":"Bulavas","year":"2018"},{"key":"2022112012285306900_ref6","first-page":"1447","article-title":"Connectionist techniques for the identification and suppression of interfering underlying factors","volume":"17","author":"Corchado","year":"2003","journal-title":"IJPRAI"},{"key":"2022112012285306900_ref7","doi-asserted-by":"crossref","first-page":"2042","DOI":"10.1016\/j.asoc.2010.07.002","article-title":"Neural visualization of network traffic data for intrusion detection","volume":"11","author":"Corchado","year":"2011","journal-title":"Applied Soft Computing"},{"key":"2022112012285306900_ref8","doi-asserted-by":"crossref","DOI":"10.1016\/j.jisa.2019.102419","article-title":"Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study","volume":"50","author":"Ferrag","year":"2020","journal-title":"Journal of Information Security and Applications"},{"key":"2022112012285306900_ref9","doi-asserted-by":"crossref","first-page":"169","DOI":"10.1080\/01969722.2020.1826659","article-title":"Improving spoofed website detection using machine learning","volume":"52","author":"Gandotra","year":"2021","journal-title":"Cybernetics and Systems"},{"key":"2022112012285306900_ref10","first-page":"574","article-title":"Neural visualization of android malware families","volume-title":"Proceedings of the International Joint Conference SOCO\u201916-CISIS\u201916-ICEUTE\u201916","author":"Gonz\u00e1lez","year":"2016"},{"key":"2022112012285306900_ref11","doi-asserted-by":"crossref","DOI":"10.1002\/ett.4240","article-title":"Anomaly-based intrusion detection systems: the requirements, methods, measurements, and datasets","volume":"32","author":"Hajj","year":"2021","journal-title":"Transactions on Emerging Telecommunications Technologies"},{"key":"2022112012285306900_ref12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s11704-020-0013-1","article-title":"inet: visual analysis of irregular transition in multivariate dynamic networks","volume":"16","author":"Han","year":"2022","journal-title":"Frontiers of Computer Science"},{"key":"2022112012285306900_ref13","doi-asserted-by":"crossref","first-page":"1424","DOI":"10.1007\/11875581_169","article-title":"Movicab-ids: visual analysis of network traffic data streams for intrusion detection","volume-title":"Intelligent Data Engineering and Automated Learning\u2014IDEAL 2006","author":"Herrero","year":"2006"},{"key":"2022112012285306900_ref14","doi-asserted-by":"crossref","DOI":"10.1142\/S0129065712500050","article-title":"A neural-visualization IDS for honeynet data","volume":"22","author":"Herrero","year":"2012","journal-title":"International Journal of Neural Systems"},{"key":"2022112012285306900_ref15","first-page":"415","article-title":"A new approach for system malfunctioning over an industrial system control loop based on unsupervised techniques","volume-title":"International Joint Conference SOCO\u201918-CISIS\u201918-ICEUTE\u201918\u2014San Sebasti\u00e1n","author":"Jove","year":"2018"},{"key":"2022112012285306900_ref16","doi-asserted-by":"crossref","DOI":"10.1111\/exsy.12395","article-title":"A fault detection system based on unsupervised techniques for industrial control loops","volume":"36","author":"Jove","year":"2019","journal-title":"Expert Systems"},{"key":"2022112012285306900_ref17","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1016\/j.eswa.2018.04.038","article-title":"An anomaly-based intrusion detection system in presence of benign outliers with visualization capabilities","volume":"108","author":"Karami","year":"2018","journal-title":"Expert Systems with Applications"},{"key":"2022112012285306900_ref18","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1007\/978-3-030-62230-5_7","article-title":"Groddviewer: dynamic dual view of android malware","volume-title":"Graphical Models for Security","author":"Lalande","year":"2020"},{"key":"2022112012285306900_ref19","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1142\/S0129065717500241","article-title":"Beta hebbian learning as a new method for exploratory projection pursuit","volume":"27","author":"Quinti\u00e1n","year":"2017","journal-title":"International Journal of Neural Systems"},{"key":"2022112012285306900_ref20","doi-asserted-by":"crossref","first-page":"446","DOI":"10.1007\/978-3-030-57805-3_42","article-title":"Beta-hebbian learning for visualizing intrusions in flows","volume-title":"13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020)","author":"Quinti\u00e1n","year":"2021"},{"key":"2022112012285306900_ref21","doi-asserted-by":"crossref","first-page":"505","DOI":"10.1080\/01969722.2013.803903","article-title":"Visualization and clustering for snmp intrusion detection","volume":"44","author":"S\u00e1nchez","year":"2013","journal-title":"Cybernetics and Systems"},{"key":"2022112012285306900_ref22","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1093\/jigpal\/jzw047","article-title":"Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data","volume":"25","author":"S\u00e1nchez","year":"2016","journal-title":"Logic Journal of the IGPL"},{"key":"2022112012285306900_ref23","doi-asserted-by":"crossref","DOI":"10.1155\/2016\/8034967","article-title":"Detection and visualization of android malware behavior","volume":"2016","author":"Somarriba","year":"2016","journal-title":"Journal of Electrical and Computer Engineering"},{"key":"2022112012285306900_ref24","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1007\/978-3-642-04968-2_4","article-title":"A labeled data set for flow-based intrusion detection","volume-title":"International Workshop on IP Operations and Management","author":"Sperotto","year":"2009"},{"key":"2022112012285306900_ref25","doi-asserted-by":"crossref","first-page":"2276","DOI":"10.3390\/app10072276","article-title":"Intrusion detection with unsupervised techniques for network management protocols over smart grids","volume":"10","author":"Vega","year":"2020","journal-title":"Applied Sciences"},{"key":"2022112012285306900_ref26","first-page":"6101697:1","article-title":"Delving into android malware families with a novel neural projection method","volume":"2019","author":"Vega","year":"2019","journal-title":"Complexity"},{"key":"2022112012285306900_ref27","doi-asserted-by":"crossref","first-page":"160","DOI":"10.1093\/jigpal\/jzy030","article-title":"Gaining deep knowledge of Android malware families through dimensionality reduction techniques","volume":"27","author":"Vega","year":"09 2018","journal-title":"Logic Journal of the IGPL"}],"container-title":["Logic Journal of the IGPL"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/jigpal\/article-pdf\/30\/6\/1056\/47152882\/jzac013.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/jigpal\/article-pdf\/30\/6\/1056\/47152882\/jzac013.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,20]],"date-time":"2022-11-20T12:29:13Z","timestamp":1668947353000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/jigpal\/article\/30\/6\/1056\/6528589"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,2,16]]},"references-count":27,"journal-issue":{"issue":"6","published-online":{"date-parts":[[2022,2,16]]},"published-print":{"date-parts":[[2022,11,23]]}},"URL":"https:\/\/doi.org\/10.1093\/jigpal\/jzac013","relation":{},"ISSN":["1367-0751","1368-9894"],"issn-type":[{"value":"1367-0751","type":"print"},{"value":"1368-9894","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2022,12]]},"published":{"date-parts":[[2022,2,16]]}}}