{"id":"https://openalex.org/W4392910488","doi":"https://doi.org/10.1109/ccnc51664.2024.10454779","title":"Malicious Log Detection Using Machine Learning to Maximize the Partial AUC","display_name":"Malicious Log Detection Using Machine Learning to Maximize the Partial AUC","publication_year":2024,"publication_date":"2024-01-06","ids":{"openalex":"https://openalex.org/W4392910488","doi":"https://doi.org/10.1109/ccnc51664.2024.10454779"},"language":"en","primary_location":{"id":"doi:10.1109/ccnc51664.2024.10454779","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/ccnc51664.2024.10454779","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 21st Consumer Communications &amp; Networking Conference (CCNC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084250200","display_name":"Taishi Nishiyama","orcid":null},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Taishi Nishiyama","raw_affiliation_strings":["NTT Security Japan,Tokyo,Japan","NTT Security Japan, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Security Japan,Tokyo,Japan","institution_ids":["https://openalex.org/I2251713219"]},{"raw_affiliation_string":"NTT Security Japan, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030880294","display_name":"Atsutoshi Kumagai","orcid":"https://orcid.org/0000-0002-2915-4615"},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Atsutoshi Kumagai","raw_affiliation_strings":["NTT Laboratories,Tokyo,Japan","NTT Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Laboratories,Tokyo,Japan","institution_ids":["https://openalex.org/I2251713219"]},{"raw_affiliation_string":"NTT Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043865083","display_name":"Akinori Fujino","orcid":"https://orcid.org/0000-0003-3377-3539"},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Akinori Fujino","raw_affiliation_strings":["NTT Laboratories,Tokyo,Japan","NTT Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Laboratories,Tokyo,Japan","institution_ids":["https://openalex.org/I2251713219"]},{"raw_affiliation_string":"NTT Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5006262323","display_name":"Kazunori Kamiya","orcid":null},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kazunori Kamiya","raw_affiliation_strings":["NTT Security Japan,Tokyo,Japan","NTT Security Japan, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Security Japan,Tokyo,Japan","institution_ids":["https://openalex.org/I2251713219"]},{"raw_affiliation_string":"NTT Security Japan, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5084250200"],"corresponding_institution_ids":["https://openalex.org/I2251713219"],"apc_list":null,"apc_paid":null,"fwci":0.7326,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.68936197,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":"28","issue":null,"first_page":"339","last_page":"344"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7296432256698608},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.45557042956352234},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.44709154963493347}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7296432256698608},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.45557042956352234},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.44709154963493347}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ccnc51664.2024.10454779","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/ccnc51664.2024.10454779","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE 21st Consumer Communications &amp; Networking Conference (CCNC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities","score":0.41999998688697815}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W1994642659","https://openalex.org/W2005126631","https://openalex.org/W2028034626","https://openalex.org/W2083905053","https://openalex.org/W2099940443","https://openalex.org/W2105979081","https://openalex.org/W2165880761","https://openalex.org/W2560674852","https://openalex.org/W2580641941","https://openalex.org/W2742334953","https://openalex.org/W2762390651","https://openalex.org/W2797678261","https://openalex.org/W2902792499","https://openalex.org/W2914982603","https://openalex.org/W2963197901","https://openalex.org/W2968580482","https://openalex.org/W4205253740","https://openalex.org/W4212863985","https://openalex.org/W6600359219","https://openalex.org/W6602816918","https://openalex.org/W6723978441","https://openalex.org/W6732691979"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W3046775127","https://openalex.org/W3107602296","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"A":[0],"recent":[1],"trend":[2],"in":[3,48,91,251,277],"security":[4],"log":[5,41],"analysis":[6],"is":[7,56,122,173,275],"to":[8,13,65,100,109,154,294],"utilize":[9],"machine":[10,18],"learning":[11,84,152,187,213,218,249,298],"methods":[12,85,209,219],"detect":[14,66,283],"malware.":[15,33],"By":[16],"using":[17,183,221],"learning,":[19],"we":[20],"can":[21,179,282],"save":[22],"on":[23,160,210],"labor":[24],"and":[25,158,195,226,262],"achieve":[26],"an":[27],"advanced":[28],"counter-measure":[29],"against":[30],"constantly":[31],"evolving":[32],"When":[34],"evaluating":[35],"the":[36,43,74,81,89,111,115,123,131,137,145,149,156,161,164,170,202,206,240,242,246,259,272,290,295],"classification":[37,191],"performance":[38,255],"of":[39,77,130,148,163,169,230,253],"malicious":[40],"detection,":[42],"true":[44],"positive":[45,52],"rate":[46,53],"(TPR)":[47],"a":[49,92,107,127,142,193,222,227,234,265],"low":[50,93,266],"false":[51,75],"(FPR)":[54],"interval":[55,95,129],"widely":[57],"recognized":[58],"as":[59,67,70,141,192,258],"important":[60],"since":[61,96,177,280],"network":[62],"operators":[63],"want":[64],"much":[68],"malware":[69],"possible":[71],"while":[72],"reducing":[73],"positives":[76],"benign":[78],"logs.":[79],"However,":[80],"conventional":[82,138,185,296],"supervised":[83,139,151,186,212,217,248,297],"cannot":[86],"directly":[87],"maximize":[88,101,110,155],"TPR":[90,125,263],"FPR":[94,292],"they":[97],"are":[98],"trained":[99],"accuracy.":[102],"Therefore,":[103],"this":[104],"paper":[105],"proposes":[106],"method":[108,135,140,153,172,188,244,250,274],"partial":[112],"area":[113],"under":[114],"receiver":[116],"operating":[117,288],"characteristic":[118],"curve":[119],"(pAUC),":[120],"which":[121],"mean":[124],"with":[126,215,289],"specific":[128],"FPR.":[132,267],"The":[133,167,268],"proposed":[134,165,171,203,243,273],"uses":[136],"baseline,":[143],"changes":[144],"objective":[146,198],"function":[147],"baseline":[150,194,216,247],"pAUC,":[157,260],"learns":[159],"basis":[162],"algorithm.":[166],"advantage":[168],"its":[174,197],"high":[175],"applicability":[176],"it":[178,281],"be":[180],"implemented":[181],"by":[182,220],"any":[184],"for":[189],"binary":[190],"modifying":[196],"function.":[199],"We":[200],"compared":[201,293],"methods,":[204],"i.e.,":[205],"pAUC":[207],"maximization":[208],"various":[211],"models,":[214],"public":[223],"dataset":[224,228],"(NSL-KDD)":[225],"consisting":[229],"proxy":[231],"logs":[232],"from":[233],"real-world":[235],"large":[236],"enterprise":[237],"network.":[238],"From":[239],"results,":[241],"outperforms":[245],"terms":[252],"several":[254],"measures":[256],"such":[257],"AUC,":[261],"at":[264],"results":[269],"suggest":[270],"that":[271],"beneficial":[276],"actual":[278],"operation":[279],"more":[284],"mal":[285],"ware":[286],"when":[287],"same":[291],"methods.":[299]},"counts_by_year":[{"year":2024,"cited_by_count":2}],"updated_date":"2025-12-22T23:10:17.713674","created_date":"2025-10-10T00:00:00"}