{"id":"https://openalex.org/W2898883186","doi":"https://doi.org/10.1109/isi.2018.8587334","title":"DARKMENTION: A Deployed System to Predict Enterprise-Targeted External Cyberattacks","display_name":"DARKMENTION: A Deployed System to Predict Enterprise-Targeted External Cyberattacks","publication_year":2018,"publication_date":"2018-11-01","ids":{"openalex":"https://openalex.org/W2898883186","doi":"https://doi.org/10.1109/isi.2018.8587334","mag":"2898883186"},"language":"en","primary_location":{"id":"doi:10.1109/isi.2018.8587334","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isi.2018.8587334","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 IEEE International Conference on Intelligence and Security Informatics (ISI)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076796267","display_name":"Mohammed Almukaynizi","orcid":"https://orcid.org/0000-0001-9553-0896"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Mohammed Almukaynizi","raw_affiliation_strings":["Arizona State University"],"affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053172504","display_name":"Ericsson Marin","orcid":"https://orcid.org/0000-0003-3344-3476"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ericsson Marin","raw_affiliation_strings":["Arizona State University"],"affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072579371","display_name":"Eric Nunes","orcid":null},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Eric Nunes","raw_affiliation_strings":["Arizona State University"],"affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081115472","display_name":"Paulo Shakarian","orcid":"https://orcid.org/0000-0002-3159-4660"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Paulo Shakarian","raw_affiliation_strings":["Arizona State University"],"affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079109547","display_name":"Gerardo I. Simari","orcid":"https://orcid.org/0000-0003-3185-4992"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gerardo I. Simari","raw_affiliation_strings":["Arizona State University"],"affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006380153","display_name":"Dipsy Kapoor","orcid":null},"institutions":[{"id":"https://openalex.org/I1174212","display_name":"University of Southern California","ror":"https://ror.org/03taz7m60","country_code":"US","type":"education","lineage":["https://openalex.org/I1174212"]},{"id":"https://openalex.org/I2800817003","display_name":"California Southern University","ror":"https://ror.org/058zz0t50","country_code":"US","type":"education","lineage":["https://openalex.org/I2800817003"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dipsy Kapoor","raw_affiliation_strings":["University of Southern California"],"affiliations":[{"raw_affiliation_string":"University of Southern California","institution_ids":["https://openalex.org/I2800817003","https://openalex.org/I1174212"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021877151","display_name":"Timothy Siedlecki","orcid":null},"institutions":[{"id":"https://openalex.org/I1287521167","display_name":"Lockheed Martin (United States)","ror":"https://ror.org/026er9r08","country_code":"US","type":"company","lineage":["https://openalex.org/I1287521167"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Timothy Siedlecki","raw_affiliation_strings":["Lockheed Martin Advanced Technology Laboratories"],"affiliations":[{"raw_affiliation_string":"Lockheed Martin Advanced Technology Laboratories","institution_ids":["https://openalex.org/I1287521167"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5076796267"],"corresponding_institution_ids":["https://openalex.org/I55732556"],"apc_list":null,"apc_paid":null,"fwci":4.9129,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.95798676,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"31","last_page":"36"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5710523724555969},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5267139077186584},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3667294979095459}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5710523724555969},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5267139077186584},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3667294979095459}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isi.2018.8587334","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isi.2018.8587334","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 IEEE International Conference on Intelligence and Security Informatics (ISI)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6600000262260437,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320323402","display_name":"Universidad Nacional del Sur","ror":"https://ror.org/028crwz56"},{"id":"https://openalex.org/F4320333051","display_name":"Intelligence Advanced Research Projects Activity","ror":"https://ror.org/01v3fsc55"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W163035634","https://openalex.org/W1962245749","https://openalex.org/W2045914854","https://openalex.org/W2067558574","https://openalex.org/W2084829134","https://openalex.org/W2122551442","https://openalex.org/W2141461755","https://openalex.org/W2142814561","https://openalex.org/W2293594884","https://openalex.org/W2319803923","https://openalex.org/W2553533857","https://openalex.org/W2766615649","https://openalex.org/W2774398706","https://openalex.org/W2807143630","https://openalex.org/W2963980822","https://openalex.org/W4285719527","https://openalex.org/W6606628400","https://openalex.org/W6641291219","https://openalex.org/W6729713845","https://openalex.org/W6752568125"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W2478288626","https://openalex.org/W2350741829","https://openalex.org/W2530322880","https://openalex.org/W1596801655"],"abstract_inverted_index":{"Recent":[0],"incidents":[1],"of":[2,72,138,152,163,194],"data":[3],"breaches":[4],"call":[5],"for":[6,50],"organizations":[7],"to":[8,33,48,53,76,89,96,101,135,142],"proactively":[9],"identify":[10],"cyber":[11,55,78,139],"attacks":[12,73,140,190],"on":[13],"their":[14],"systems.":[15],"Darkweb/Deepweb":[16],"(D2web)":[17],"forums":[18],"and":[19,29,86,115,155],"marketplaces":[20],"provide":[21],"environments":[22],"where":[23],"hackers":[24],"anonymously":[25],"discuss":[26],"existing":[27],"vulnerabilities":[28],"commercialize":[30],"malicious":[31],"software":[32],"exploit":[34],"those":[35],"vulnerabilities.":[36],"These":[37],"platforms":[38],"offer":[39],"security":[40],"practitioners":[41],"a":[42,62,90,103,164,171],"threat":[43],"intelligence":[44],"environment":[45],"that":[46,66,105,110,119,128,133,167,188],"allows":[47],"mine":[49],"patterns":[51],"related":[52,141],"organization-targeted":[54],"attacks.":[56,97],"In":[57,124],"this":[58],"paper,":[59],"we":[60,126],"describe":[61],"system":[63,104,166],"(called":[64],"DARKMENTION)":[65],"learns":[67],"association":[68],"rules":[69],"correlating":[70],"indicators":[71],"from":[74],"D2web":[75],"real-world":[77],"incidents.":[79],"Using":[80],"the":[81,174],"learned":[82],"rules,":[83],"DARKMENTION":[84,120,158],"generates":[85,107],"submits":[87],"warnings":[88,109,137,187],"Security":[91],"Operations":[92],"Center":[93],"(SOC)":[94],"prior":[95],"Our":[98],"goal":[99],"was":[100,159],"design":[102],"automatically":[106],"enterprise-targeted":[108],"are":[111],"timely,":[112],"actionable,":[113],"accurate,":[114],"transparent.":[116],"We":[117],"show":[118,127],"meets":[121],"our":[122],"goal.":[123],"particular,":[125],"it":[129],"outperforms":[130],"baseline":[131],"systems":[132],"attempt":[134],"generate":[136],"two":[143],"enterprises":[144],"with":[145,173],"an":[146,192],"average":[147,193],"increase":[148],"in":[149],"F1":[150],"score":[151],"about":[153],"45%":[154],"57%.":[156],"Additionally,":[157],"deployed":[160],"as":[161],"part":[162],"larger":[165],"is":[168,184],"built":[169],"under":[170],"contract":[172],"IARPA":[175],"Cyber-attack":[176],"Automated":[177],"Unconventional":[178],"Sensor":[179],"Environment":[180],"(CAUSE)":[181],"program.":[182],"It":[183],"actively":[185],"producing":[186],"precede":[189],"by":[191],"3":[195],"days.":[196]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":3}],"updated_date":"2026-03-05T07:30:30.508283","created_date":"2025-10-10T00:00:00"}