{"id":"https://openalex.org/W4400491462","doi":"https://doi.org/10.1109/aiiot61789.2024.10578957","title":"Enhancing IoT Botnet Attack Detection in SOCs with an Explainable Active Learning Framework","display_name":"Enhancing IoT Botnet Attack Detection in SOCs with an Explainable Active Learning Framework","publication_year":2024,"publication_date":"2024-05-29","ids":{"openalex":"https://openalex.org/W4400491462","doi":"https://doi.org/10.1109/aiiot61789.2024.10578957"},"language":"en","primary_location":{"id":"doi:10.1109/aiiot61789.2024.10578957","is_oa":false,"landing_page_url":"https://doi.org/10.1109/aiiot61789.2024.10578957","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE World AI IoT Congress (AIIoT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101916839","display_name":"Rajesh Kalakoti","orcid":"https://orcid.org/0000-0001-7390-8034"},"institutions":[{"id":"https://openalex.org/I111112146","display_name":"Tallinn University of Technology","ror":"https://ror.org/0443cwa12","country_code":"EE","type":"education","lineage":["https://openalex.org/I111112146"]}],"countries":["EE"],"is_corresponding":false,"raw_author_name":"Rajesh Kalakoti","raw_affiliation_strings":["TalTech,Department of Software Science School of Information Technology,Tallinn,Estonia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TalTech,Department of Software Science School of Information Technology,Tallinn,Estonia","institution_ids":["https://openalex.org/I111112146"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081748391","display_name":"Sven N\u00f5mm","orcid":"https://orcid.org/0000-0001-5571-1692"},"institutions":[{"id":"https://openalex.org/I111112146","display_name":"Tallinn University of Technology","ror":"https://ror.org/0443cwa12","country_code":"EE","type":"education","lineage":["https://openalex.org/I111112146"]}],"countries":["EE"],"is_corresponding":false,"raw_author_name":"Sven N\u00f5mm","raw_affiliation_strings":["TalTech,Department of Software Science School of Information Technology,Tallinn,Estonia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TalTech,Department of Software Science School of Information Technology,Tallinn,Estonia","institution_ids":["https://openalex.org/I111112146"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075157158","display_name":"Hayretdin Bah\u015fi","orcid":"https://orcid.org/0000-0001-8882-4095"},"institutions":[{"id":"https://openalex.org/I203172682","display_name":"Northern Arizona University","ror":"https://ror.org/0272j5188","country_code":"US","type":"education","lineage":["https://openalex.org/I203172682"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hayretdin Bahsi","raw_affiliation_strings":["Computing and Cyber Systems Northern Arizona University,TalTech, Estonia &#x0026; School of Informatics,Department of Software Science School of Information Technology,United States"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Computing and Cyber Systems Northern Arizona University,TalTech, Estonia &#x0026; School of Informatics,Department of Software Science School of Information Technology,United States","institution_ids":["https://openalex.org/I203172682"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.561,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.83813876,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"265","last_page":"272"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9883000254631042,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.932105541229248},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.7068455219268799},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6879603266716003},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6283016204833984},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.1876811981201172},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.1159660816192627}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.932105541229248},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.7068455219268799},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6879603266716003},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6283016204833984},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.1876811981201172},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.1159660816192627}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/aiiot61789.2024.10578957","is_oa":false,"landing_page_url":"https://doi.org/10.1109/aiiot61789.2024.10578957","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE World AI IoT Congress (AIIoT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W3159690896","https://openalex.org/W2945572725","https://openalex.org/W1989286518","https://openalex.org/W4230824443","https://openalex.org/W2921012173","https://openalex.org/W2758517546","https://openalex.org/W3134680667","https://openalex.org/W2804396347","https://openalex.org/W2185943007"],"abstract_inverted_index":{"The":[0],"widespread":[1],"use":[2],"of":[3,5,13,44,57,130],"Internet":[4],"Things":[6],"(IoT)":[7],"devices":[8],"has":[9],"raised":[10],"the":[11,42,48,54,76,100,106,119,128,131,152,157,161],"threat":[12],"botnet":[14,83],"attacks,":[15,35],"presenting":[16],"significant":[17],"challenges":[18],"for":[19,50,80,123],"security":[20],"operations":[21],"centres":[22],"(SOCs).":[23],"While":[24],"machine":[25],"learning":[26,64,78,144,162],"techniques":[27],"have":[28],"shown":[29],"promising":[30],"results":[31,138],"in":[32,53,85],"detecting":[33,81],"these":[34],"their":[36],"effectiveness":[37],"is":[38],"often":[39],"limited":[40],"by":[41],"lack":[43],"labeled":[45],"data":[46],"and":[47,73,114,125,154,160],"need":[49],"greater":[51],"transparency":[52,155],"decision-making":[55,108],"process":[56,79],"labeling.":[58],"We":[59,110],"propose":[60],"an":[61],"explainable":[62,142],"active":[63,77,143],"framework":[65,91,145],"incorporating":[66],"post-hoc":[67],"explainability":[68,101],"methods,":[69],"such":[70],"as":[71],"LIME":[72],"SHAP,":[74],"into":[75,105],"IoT":[82],"attacks":[84],"a":[86],"multi-class":[87],"classification":[88],"setting.":[89],"Our":[90],"enables":[92],"SOC":[93,158],"analysts":[94,159],"to":[95,117],"provide":[96],"informed":[97],"annotations,":[98],"while":[99,150],"methods":[102],"offer":[103],"insights":[104],"model\u2019s":[107],"process.":[109],"employ":[111],"uncertainty":[112],"sampling":[113],"query-by-committee":[115],"strategies":[116],"select":[118],"most":[120],"informative":[121],"instances":[122],"labeling,":[124],"we":[126],"evaluate":[127],"quality":[129],"explanations":[132],"using":[133],"various":[134],"quantitative":[135],"metrics.":[136],"Experimental":[137],"demonstrate":[139],"that":[140],"our":[141],"achieves":[146],"high":[147],"detection":[148],"performance":[149],"enhancing":[151],"trust":[153],"between":[156],"model.":[163]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}