{"id":"https://openalex.org/W3038708552","doi":"https://doi.org/10.1109/iscc50000.2020.9219571","title":"SILU: Strategy Involving Large-scale Unlabeled Logs for Improving Malware Detector","display_name":"SILU: Strategy Involving Large-scale Unlabeled Logs for Improving Malware Detector","publication_year":2020,"publication_date":"2020-07-01","ids":{"openalex":"https://openalex.org/W3038708552","doi":"https://doi.org/10.1109/iscc50000.2020.9219571","mag":"3038708552"},"language":"en","primary_location":{"id":"doi:10.1109/iscc50000.2020.9219571","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc50000.2020.9219571","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084250200","display_name":"Taishi Nishiyama","orcid":null},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Taishi Nishiyama","raw_affiliation_strings":["NTT Secure Platform Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Secure Platform Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030880294","display_name":"Atsutoshi Kumagai","orcid":"https://orcid.org/0000-0002-2915-4615"},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Atsutoshi Kumagai","raw_affiliation_strings":["NTT Secure Platform Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Secure Platform Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006262323","display_name":"Kazunori Kamiya","orcid":null},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kazunori Kamiya","raw_affiliation_strings":["NTT Secure Platform Laboratories, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"NTT Secure Platform Laboratories, Tokyo, Japan","institution_ids":["https://openalex.org/I2251713219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076169995","display_name":"Kenji Takahashi","orcid":"https://orcid.org/0000-0002-6775-9850"},"institutions":[{"id":"https://openalex.org/I2251713219","display_name":"NTT (Japan)","ror":"https://ror.org/00berct97","country_code":"JP","type":"company","lineage":["https://openalex.org/I2251713219"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kenji Takahashi","raw_affiliation_strings":["NTT Ltd, PaloAlto, U.S"],"affiliations":[{"raw_affiliation_string":"NTT Ltd, PaloAlto, U.S","institution_ids":["https://openalex.org/I2251713219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5084250200"],"corresponding_institution_ids":["https://openalex.org/I2251713219"],"apc_list":null,"apc_paid":null,"fwci":0.6174,"has_fulltext":false,"cited_by_count":22,"citation_normalized_percentile":{"value":0.70596026,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8368391394615173},{"id":"https://openalex.org/keywords/labeled-data","display_name":"Labeled data","score":0.6891419887542725},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6684198379516602},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.661530077457428},{"id":"https://openalex.org/keywords/retraining","display_name":"Retraining","score":0.638252854347229},{"id":"https://openalex.org/keywords/semi-supervised-learning","display_name":"Semi-supervised learning","score":0.5873154401779175},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5276828408241272},{"id":"https://openalex.org/keywords/test-data","display_name":"Test data","score":0.4781509339809418},{"id":"https://openalex.org/keywords/supervised-learning","display_name":"Supervised learning","score":0.4626736342906952},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.36231014132499695},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.22900456190109253}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8368391394615173},{"id":"https://openalex.org/C2776145971","wikidata":"https://www.wikidata.org/wiki/Q30673951","display_name":"Labeled data","level":2,"score":0.6891419887542725},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6684198379516602},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.661530077457428},{"id":"https://openalex.org/C2778712577","wikidata":"https://www.wikidata.org/wiki/Q3505966","display_name":"Retraining","level":2,"score":0.638252854347229},{"id":"https://openalex.org/C58973888","wikidata":"https://www.wikidata.org/wiki/Q1041418","display_name":"Semi-supervised learning","level":2,"score":0.5873154401779175},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5276828408241272},{"id":"https://openalex.org/C16910744","wikidata":"https://www.wikidata.org/wiki/Q7705759","display_name":"Test data","level":2,"score":0.4781509339809418},{"id":"https://openalex.org/C136389625","wikidata":"https://www.wikidata.org/wiki/Q334384","display_name":"Supervised learning","level":3,"score":0.4626736342906952},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36231014132499695},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.22900456190109253},{"id":"https://openalex.org/C155202549","wikidata":"https://www.wikidata.org/wiki/Q178803","display_name":"International trade","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iscc50000.2020.9219571","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc50000.2020.9219571","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W40890042","https://openalex.org/W70584117","https://openalex.org/W1561983441","https://openalex.org/W1586252162","https://openalex.org/W1975909792","https://openalex.org/W2018175892","https://openalex.org/W2105979081","https://openalex.org/W2154455818","https://openalex.org/W2285914498","https://openalex.org/W2498359591","https://openalex.org/W2580641941","https://openalex.org/W2623682848","https://openalex.org/W2742334953","https://openalex.org/W2774688517","https://openalex.org/W2963197901","https://openalex.org/W4302369416","https://openalex.org/W6602816918","https://openalex.org/W6633578641","https://openalex.org/W6682494755","https://openalex.org/W6723978441","https://openalex.org/W6732691979","https://openalex.org/W6748171980"],"related_works":["https://openalex.org/W3162567751","https://openalex.org/W4312414840","https://openalex.org/W2531570999","https://openalex.org/W1756896031","https://openalex.org/W4294974824","https://openalex.org/W2538661024","https://openalex.org/W1988412055","https://openalex.org/W2151561819","https://openalex.org/W3038708552","https://openalex.org/W2514090203"],"abstract_inverted_index":{"Machine":[0],"learning":[1,24,84,127,180,189,205,261,280,291],"is":[2,35],"becoming":[3],"a":[4,17,27,81,118,178,186,203,235,241,270],"key":[5],"component":[6],"to":[7,37,109,197,277],"automatically":[8,110],"detect":[9],"malware-infected":[10],"hosts":[11],"by":[12,44,247],"analyzing":[13],"network":[14],"logs":[15,54,233,313],"in":[16,58,130,314],"security":[18,46],"operations":[19],"center":[20],"(SOC).":[21],"However,":[22],"machine":[23],"usually":[25],"requires":[26],"large":[28,236,242],"amount":[29],"of":[30,72,200,202,213,229,252],"labeled":[31,74,98,104,112,311],"training":[32,75,107,113,139,159,304],"data,":[33,140],"which":[34,86,133],"difficult":[36],"acquire":[38],"since":[39,151],"labels":[40],"are":[41,55],"manually":[42,97],"set":[43],"professional":[45],"analysts.":[47],"On":[48],"the":[49,70,121,211,220,315],"other":[50],"hand,":[51],"abundant":[52],"unanalyzed":[53],"kept":[56],"stored":[57],"daily":[59],"operation":[60,166],"and":[61,91,105,115,160,238,285,333,336],"stay":[62],"unlabeled":[63,89,106,138,158,303,338],"even":[64],"though":[65,174],"they":[66],"could":[67],"compensate":[68],"for":[69,157,167,216,259],"lack":[71],"existing":[73,278],"data.":[76,99,162,339],"This":[77,163],"paper":[78],"proposes":[79],"SILU,":[80],"novel":[82],"semi-supervised":[83,126,267],"method,":[85,181],"fully":[87],"leverages":[88],"data":[90,108,114,136,149,218,305],"enhances":[92],"detection":[93,257,325],"capability":[94,258,326],"without":[95],"increasing":[96],"SILU":[100,141,175,192,208,225,254,263,272,322],"learns":[101],"from":[102,234,240,300],"combined":[103],"augment":[111],"then":[116],"generates":[117],"classifier":[119,201],"through":[120,219],"screening":[122,221],"process.":[123,222],"Unlike":[124],"most":[125],"methods":[128,281],"used":[129],"cyber":[131],"security,":[132],"use":[134,154],"test":[135,148,161,217],"as":[137,274,302],"does":[142,183],"not":[143,184],"require":[144,185],"retraining":[145],"every":[146],"time":[147],"change":[150],"it":[152,182],"can":[153,193,209,323],"different":[155,250,329],"datasets":[156],"helps":[164],"SOC":[165],"practically":[168],"suppressing":[169],"detecting":[170],"time.":[171],"In":[172],"addition,":[173],"partially":[176],"includes":[177],"supervised":[179,188,204,260,279,290],"specific":[187],"method.":[190,206],"Therefore,":[191],"be":[194],"added":[195],"on":[196],"any":[198],"type":[199],"Moreover,":[207],"suppress":[210],"deterioration":[212],"classification":[214],"performance":[215],"We":[223,244],"evaluated":[224],"using":[226,298,309],"two":[227],"types":[228,251],"real-world":[230],"logs:":[231],"proxy":[232,312],"enterprise":[237],"NetFlow":[239,299],"ISP.":[243],"demonstrated":[245],"that":[246,297,321],"evaluating":[248],"with":[249,282],"classifiers,":[253],"always":[255],"improves":[256],"methods.":[262,268,292],"also":[264,295],"outperforms":[265],"current":[266],"As":[269],"whole,":[271],"works":[273,306],"an":[275],"add-on":[276],"little":[283],"overhead":[284],"performs":[286],"better":[287,307],"than":[288,308],"conventional":[289],"Our":[293],"evaluation":[294],"shows":[296],"ISP":[301],"only":[310],"same":[316],"enterprise.":[317],"These":[318],"results":[319],"suggest":[320],"extend":[324],"more":[327],"when":[328],"organizations,":[330],"e.g.,":[331],"SOCs":[332],"ISPs,":[334],"collaborate":[335],"share":[337]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":11},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2}],"updated_date":"2026-03-01T08:55:55.761014","created_date":"2025-10-10T00:00:00"}