{"id":"https://openalex.org/W4406460801","doi":"https://doi.org/10.1109/bigdata62323.2024.10825640","title":"No Time to Choose: Leveraging Internet Scans to Determine IoC Lifetimes","display_name":"No Time to Choose: Leveraging Internet Scans to Determine IoC Lifetimes","publication_year":2024,"publication_date":"2024-12-15","ids":{"openalex":"https://openalex.org/W4406460801","doi":"https://doi.org/10.1109/bigdata62323.2024.10825640"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata62323.2024.10825640","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata62323.2024.10825640","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015349363","display_name":"H.L.J. Bijmans","orcid":null},"institutions":[{"id":"https://openalex.org/I148297040","display_name":"Netherlands Organisation for Applied Scientific Research","ror":"https://ror.org/01bnjb948","country_code":"NL","type":"funder","lineage":["https://openalex.org/I148297040"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"H.L.J. Bijmans","raw_affiliation_strings":["Netherlands Organisation for Applied Scientific Research (TNO),Den Haag,The Netherlands"],"affiliations":[{"raw_affiliation_string":"Netherlands Organisation for Applied Scientific Research (TNO),Den Haag,The Netherlands","institution_ids":["https://openalex.org/I148297040"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5115905061","display_name":"M.S.C. van Leuken","orcid":null},"institutions":[{"id":"https://openalex.org/I148297040","display_name":"Netherlands Organisation for Applied Scientific Research","ror":"https://ror.org/01bnjb948","country_code":"NL","type":"funder","lineage":["https://openalex.org/I148297040"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"M.S.C. van Leuken","raw_affiliation_strings":["Netherlands Organisation for Applied Scientific Research (TNO),Den Haag,The Netherlands"],"affiliations":[{"raw_affiliation_string":"Netherlands Organisation for Applied Scientific Research (TNO),Den Haag,The Netherlands","institution_ids":["https://openalex.org/I148297040"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5015349363"],"corresponding_institution_ids":["https://openalex.org/I148297040"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.30088201,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"2586","last_page":"2595"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11478","display_name":"Caching and Content Delivery","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10742","display_name":"Peer-to-Peer Network Technologies","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.63763827085495},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.6034595370292664},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.21388646960258484}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.63763827085495},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.6034595370292664},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.21388646960258484}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata62323.2024.10825640","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata62323.2024.10825640","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W22566950","https://openalex.org/W1629180231","https://openalex.org/W2001637908","https://openalex.org/W2538865281","https://openalex.org/W2614419969","https://openalex.org/W2771963642","https://openalex.org/W2837911466","https://openalex.org/W2914982603","https://openalex.org/W2978269707","https://openalex.org/W3082048389","https://openalex.org/W4256669726","https://openalex.org/W4308348821","https://openalex.org/W4311463577","https://openalex.org/W4386214327","https://openalex.org/W4396758700","https://openalex.org/W6631402485","https://openalex.org/W6684212199","https://openalex.org/W6743493502","https://openalex.org/W6750301278","https://openalex.org/W6766930077","https://openalex.org/W6781614840","https://openalex.org/W6799539189"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Sharing":[0],"Indicators":[1],"of":[2,40,60,91,111,131,139,152,175,181],"Compromise":[3],"(IoCs)":[4],"containing":[5],"IP":[6,30,44,79,118,143],"addresses":[7],"used":[8],"by":[9],"attackers":[10],"for":[11,57,67,116,145,211],"command-and-control":[12],"(C2)":[13],"through":[14,155],"threat":[15,132],"intelligence":[16,133],"feeds":[17],"is":[18,32],"an":[19],"everyday":[20],"practice":[21],"within":[22],"the":[23,37,48,52,73,89,99,109,129,179,195],"cyber":[24],"security":[25,135,197],"industry.":[26],"Once":[27],"a":[28,35,58,112,161,171,182],"new":[29],"address":[31,45,119],"added":[33],"to":[34,122,170,199,204],"feed,":[36],"question":[38],"arises":[39],"when":[41],"exactly":[42],"this":[43,64,78,84],"was":[46],"under":[47],"attacker\u2019s":[49],"control.":[50],"Has":[51],"attacker":[53,74],"been":[54],"utilizing":[55],"it":[56,206],"matter":[59],"hours,":[61],"or":[62],"has":[63],"usage":[65],"persisted":[66],"days?":[68],"And":[69],"how":[70],"long":[71],"will":[72],"maintain":[75],"control":[76],"over":[77],"after":[80],"being":[81],"blocklisted?":[82],"In":[83],"work,":[85],"we":[86],"delve":[87],"into":[88],"issue":[90],"IoC":[92],"lifetime":[93,120],"estimation.":[94],"We":[95,189],"demonstrate":[96],"and":[97,193,209],"quantify":[98],"problems":[100],"that":[101],"arise":[102],"from":[103],"static":[104,172],"retention":[105,125,173],"times,":[106,126],"which":[107],"prompted":[108],"introduction":[110],"novel,":[113],"data-driven":[114],"technique":[115,192],"C2":[117],"estimation":[121],"optimize":[123],"their":[124],"thereby":[127],"improving":[128],"use":[130],"in":[134,165],"operations.":[136],"A":[137],"combination":[138],"datasets":[140],"conferred":[141],"historic":[142],"profiles":[144],"1,968":[146],"infections":[147],"associated":[148],"with":[149],"four":[150],"types":[151],"malware.":[153],"Validation":[154],"ground":[156],"truth":[157],"data":[158],"labeling":[159],"revealed":[160],"14":[162],"times":[163,184],"improvement":[164],"false":[166,186],"discovery":[167],"rates":[168],"compared":[169],"time":[174],"40":[176],"days":[177],"at":[178],"expense":[180],"2.5":[183],"higher":[185],"negative":[187],"rate.":[188],"publish":[190],"our":[191,202],"encourage":[194],"(scientific)":[196],"community":[198],"build":[200],"upon":[201],"work":[203],"make":[205],"more":[207],"accurate":[208],"applicable":[210],"real-world":[212],"use.":[213]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}