{"id":"https://openalex.org/W4406914778","doi":"https://doi.org/10.1007/s10207-025-00987-4","title":"An exploratory study on domain knowledge infusion in deep learning for automated threat defense","display_name":"An exploratory study on domain knowledge infusion in deep learning for automated threat defense","publication_year":2025,"publication_date":"2025-01-28","ids":{"openalex":"https://openalex.org/W4406914778","doi":"https://doi.org/10.1007/s10207-025-00987-4"},"language":"en","primary_location":{"id":"doi:10.1007/s10207-025-00987-4","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-00987-4","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-00987-4.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-00987-4.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091952767","display_name":"Sourena Khanzadeh","orcid":null},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]},{"id":"https://openalex.org/I4210098097","display_name":"Research and Productivity Council","ror":"https://ror.org/00yeap462","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210098097"]},{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]},{"id":"https://openalex.org/I530967","display_name":"Toronto Metropolitan University","ror":"https://ror.org/05g13zd79","country_code":"CA","type":"education","lineage":["https://openalex.org/I530967"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Sourena Khanzadeh","raw_affiliation_strings":["Department of Computer Science, Toronto Metropolitan University (TMU), Toronto, ON, Canada","National Research Council Canada, Fredericton, NB, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Toronto Metropolitan University (TMU), Toronto, ON, Canada","institution_ids":["https://openalex.org/I185261750","https://openalex.org/I530967"]},{"raw_affiliation_string":"National Research Council Canada, Fredericton, NB, Canada","institution_ids":["https://openalex.org/I4210098097","https://openalex.org/I4210159778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049169545","display_name":"Euclides Carlos Pinto Neto","orcid":"https://orcid.org/0000-0002-1241-6391"},"institutions":[{"id":"https://openalex.org/I4210098097","display_name":"Research and Productivity Council","ror":"https://ror.org/00yeap462","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210098097"]},{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Euclides Carlos Pinto Neto","raw_affiliation_strings":["National Research Council Canada, Fredericton, NB, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Research Council Canada, Fredericton, NB, Canada","institution_ids":["https://openalex.org/I4210098097","https://openalex.org/I4210159778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075654187","display_name":"Shahrear Iqbal","orcid":"https://orcid.org/0000-0001-7819-5715"},"institutions":[{"id":"https://openalex.org/I4210098097","display_name":"Research and Productivity Council","ror":"https://ror.org/00yeap462","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210098097"]},{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Shahrear Iqbal","raw_affiliation_strings":["National Research Council Canada, Fredericton, NB, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Research Council Canada, Fredericton, NB, Canada","institution_ids":["https://openalex.org/I4210098097","https://openalex.org/I4210159778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035833427","display_name":"Manar H. Alalfi","orcid":"https://orcid.org/0000-0003-4968-4127"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]},{"id":"https://openalex.org/I530967","display_name":"Toronto Metropolitan University","ror":"https://ror.org/05g13zd79","country_code":"CA","type":"education","lineage":["https://openalex.org/I530967"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Manar Alalfi","raw_affiliation_strings":["Department of Computer Science, Toronto Metropolitan University (TMU), Toronto, ON, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Toronto Metropolitan University (TMU), Toronto, ON, Canada","institution_ids":["https://openalex.org/I185261750","https://openalex.org/I530967"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020247375","display_name":"Scott Buffett","orcid":null},"institutions":[{"id":"https://openalex.org/I4210098097","display_name":"Research and Productivity Council","ror":"https://ror.org/00yeap462","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210098097"]},{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Scott Buffett","raw_affiliation_strings":["National Research Council Canada, Fredericton, NB, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Research Council Canada, Fredericton, NB, Canada","institution_ids":["https://openalex.org/I4210098097","https://openalex.org/I4210159778"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5091952767"],"corresponding_institution_ids":["https://openalex.org/I185261750","https://openalex.org/I4210098097","https://openalex.org/I4210159778","https://openalex.org/I530967"],"apc_list":{"value":2590,"currency":"EUR","value_usd":3190},"apc_paid":{"value":2590,"currency":"EUR","value_usd":3190},"fwci":4.7881,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.94194728,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":"24","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9854999780654907,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7060271501541138},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.5200992822647095},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4952520430088043},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.35174718499183655},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.06843805313110352}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7060271501541138},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.5200992822647095},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4952520430088043},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.35174718499183655},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.06843805313110352},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s10207-025-00987-4","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-00987-4","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-00987-4.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},{"id":"pmh:oai:cisti-icist.nrc-cnrc.ca:cistinparc:2f0c54c5-9f3a-42aa-ba58-3c03a1c4873a","is_oa":true,"landing_page_url":"https://nrc-publications.canada.ca/eng/view/object/?id=2f0c54c5-9f3a-42aa-ba58-3c03a1c4873a","pdf_url":"https://nrc-publications.canada.ca/eng/view/ft/?id=2f0c54c5-9f3a-42aa-ba58-3c03a1c4873a","source":{"id":"https://openalex.org/S7407055245","display_name":"NPARC","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1007/s10207-025-00987-4","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-025-00987-4","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-025-00987-4.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320334601","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4406914778.pdf"},"referenced_works_count":48,"referenced_works":["https://openalex.org/W1988907978","https://openalex.org/W2065776696","https://openalex.org/W2616247523","https://openalex.org/W2744999500","https://openalex.org/W2767129667","https://openalex.org/W2808538957","https://openalex.org/W2908954810","https://openalex.org/W2913522865","https://openalex.org/W2963940579","https://openalex.org/W2966740848","https://openalex.org/W2989945650","https://openalex.org/W3003973800","https://openalex.org/W3008128620","https://openalex.org/W3008343234","https://openalex.org/W3008389987","https://openalex.org/W3012362720","https://openalex.org/W3034833075","https://openalex.org/W3038667240","https://openalex.org/W3093528669","https://openalex.org/W3100802376","https://openalex.org/W3102564565","https://openalex.org/W3106759803","https://openalex.org/W3112557529","https://openalex.org/W3112693483","https://openalex.org/W3115597439","https://openalex.org/W3130984490","https://openalex.org/W3136841107","https://openalex.org/W3143911195","https://openalex.org/W3202894952","https://openalex.org/W3211109367","https://openalex.org/W3211540990","https://openalex.org/W4205511145","https://openalex.org/W4212805689","https://openalex.org/W4250961344","https://openalex.org/W4288046244","https://openalex.org/W4291474832","https://openalex.org/W4293732311","https://openalex.org/W4297098541","https://openalex.org/W4301693540","https://openalex.org/W4312673899","https://openalex.org/W4317382446","https://openalex.org/W4322627146","https://openalex.org/W4384434383","https://openalex.org/W4386596944","https://openalex.org/W4388820004","https://openalex.org/W4403313129","https://openalex.org/W6600175266","https://openalex.org/W6814003322"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Abstract":[0],"The":[1],"wide":[2],"adoption":[3],"of":[4,11,51,59,67,90,100,107,151,170],"interconnected":[5],"services":[6],"leads":[7],"to":[8,27,44,74,94,137,166],"the":[9,49,57,65,72,87,98,105,127,149,163,168],"creation":[10],"supportive":[12],"solutions":[13],"and":[14,32,78,96,123,130,143,147,157],"business":[15],"opportunities.":[16],"Conversely,":[17],"this":[18,91],"new":[19],"paradigm":[20],"is":[21,93],"targeted":[22],"by":[23],"malicious":[24],"activities,":[25],"aiming":[26],"compromise":[28],"systems\u2019":[29],"confidentiality,":[30],"integrity,":[31],"availability.":[33],"However,":[34],"advanced":[35],"methods":[36],"lack":[37],"contextual":[38],"awareness,":[39],"which":[40],"prevents":[41],"their":[42,63],"deployment":[43],"real-world":[45],"systems.":[46],"Considering":[47],"that":[48],"process":[50],"making":[52],"informed":[53],"decisions":[54],"stems":[55],"from":[56],"expertise":[58],"analysts":[60],"based":[61],"on":[62],"experience,":[64],"use":[66,99],"cybersecurity":[68,114],"domain":[69,115,139],"knowledge":[70,116,140],"has":[71],"potential":[73],"improve":[75],"Deep":[76,79,121],"Learning":[77,81,103,122,154],"Reinforcement":[80,124],"operations":[82],"in":[83,104,155],"real":[84],"scenarios.":[85],"Therefore,":[86],"main":[88,128],"goal":[89],"research":[92],"study":[95],"evaluate":[97],"Knowledge":[101,152],"Infused":[102,153],"context":[106],"automated":[108],"threat":[109],"defense.":[110],"We":[111],"define":[112],"how":[113],"can":[117],"be":[118],"infused":[119],"into":[120],"Learning,":[125],"highlighting":[126],"challenges":[129,165],"benefits.":[131],"Besides,":[132],"we":[133,161],"present":[134],"a":[135],"roadmap":[136],"apply":[138],"for":[141],"red":[142],"blue":[144],"teaming":[145],"activities":[146],"discuss":[148],"implications":[150],"explainability,":[156],"actionable":[158],"reporting.":[159],"Finally,":[160],"list":[162],"open":[164],"guide":[167],"development":[169],"next-generation":[171],"security":[172],"solutions.":[173]},"counts_by_year":[{"year":2025,"cited_by_count":4}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}