{"id":"https://openalex.org/W4416514055","doi":"https://doi.org/10.1109/isncc66965.2025.11250444","title":"Integrating Auxiliary Knowledge into Machine Learning to Improve the Detection of Cyberattacks","display_name":"Integrating Auxiliary Knowledge into Machine Learning to Improve the Detection of Cyberattacks","publication_year":2025,"publication_date":"2025-10-27","ids":{"openalex":"https://openalex.org/W4416514055","doi":"https://doi.org/10.1109/isncc66965.2025.11250444"},"language":"en","primary_location":{"id":"doi:10.1109/isncc66965.2025.11250444","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isncc66965.2025.11250444","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Symposium on Networks, Computers and Communications (ISNCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075654187","display_name":"Shahrear Iqbal","orcid":"https://orcid.org/0000-0001-7819-5715"},"institutions":[{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Shahrear Iqbal","raw_affiliation_strings":["National Research Council,Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Research Council,Canada","institution_ids":["https://openalex.org/I4210159778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091952767","display_name":"Sourena Khanzadeh","orcid":null},"institutions":[{"id":"https://openalex.org/I4210163566","display_name":"Universiteti Metropolitan Tirana","ror":"https://ror.org/05k2yek35","country_code":"AL","type":"education","lineage":["https://openalex.org/I4210163566"]}],"countries":["AL"],"is_corresponding":false,"raw_author_name":"Sourena Khanzadeh","raw_affiliation_strings":["Toronto Metropolitan University (TMU),Department of Computer Science"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Toronto Metropolitan University (TMU),Department of Computer Science","institution_ids":["https://openalex.org/I4210163566"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049169545","display_name":"Euclides Carlos Pinto Neto","orcid":"https://orcid.org/0000-0002-1241-6391"},"institutions":[{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Euclides Carlos Pinto Neto","raw_affiliation_strings":["National Research Council,Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Research Council,Canada","institution_ids":["https://openalex.org/I4210159778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020247375","display_name":"Scott Buffett","orcid":null},"institutions":[{"id":"https://openalex.org/I4210159778","display_name":"National Research Council Canada","ror":"https://ror.org/04mte1k06","country_code":"CA","type":"government","lineage":["https://openalex.org/I4210159778"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Scott Buffett","raw_affiliation_strings":["National Research Council,Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Research Council,Canada","institution_ids":["https://openalex.org/I4210159778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037744076","display_name":"Madeena Sultana","orcid":"https://orcid.org/0000-0002-9272-4326"},"institutions":[{"id":"https://openalex.org/I1297460800","display_name":"Defence Research and Development Canada","ror":"https://ror.org/00hgy8d33","country_code":"CA","type":"funder","lineage":["https://openalex.org/I1297460800","https://openalex.org/I1336338359","https://openalex.org/I2802286613"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Madeena Sultana","raw_affiliation_strings":["Defence Research and Development,Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Defence Research and Development,Canada","institution_ids":["https://openalex.org/I1297460800"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033634735","display_name":"Adrian Taylor","orcid":"https://orcid.org/0000-0003-2701-9468"},"institutions":[{"id":"https://openalex.org/I4210163566","display_name":"Universiteti Metropolitan Tirana","ror":"https://ror.org/05k2yek35","country_code":"AL","type":"education","lineage":["https://openalex.org/I4210163566"]}],"countries":["AL"],"is_corresponding":false,"raw_author_name":"Adrian Taylor","raw_affiliation_strings":["Toronto Metropolitan University (TMU),Department of Computer Science"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Toronto Metropolitan University (TMU),Department of Computer Science","institution_ids":["https://openalex.org/I4210163566"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5075654187"],"corresponding_institution_ids":["https://openalex.org/I4210159778"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.37950554,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.2054000049829483,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.2054000049829483,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.19169999659061432,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.08110000193119049,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interpretability","display_name":"Interpretability","score":0.8343999981880188},{"id":"https://openalex.org/keywords/domain-knowledge","display_name":"Domain knowledge","score":0.6078000068664551},{"id":"https://openalex.org/keywords/raw-data","display_name":"Raw data","score":0.5644000172615051},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5626000165939331},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.5569000244140625},{"id":"https://openalex.org/keywords/security-domain","display_name":"Security domain","score":0.39089998602867126},{"id":"https://openalex.org/keywords/training-set","display_name":"Training set","score":0.38420000672340393}],"concepts":[{"id":"https://openalex.org/C2781067378","wikidata":"https://www.wikidata.org/wiki/Q17027399","display_name":"Interpretability","level":2,"score":0.8343999981880188},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7167999744415283},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6384999752044678},{"id":"https://openalex.org/C207685749","wikidata":"https://www.wikidata.org/wiki/Q2088941","display_name":"Domain knowledge","level":2,"score":0.6078000068664551},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.565500020980835},{"id":"https://openalex.org/C132964779","wikidata":"https://www.wikidata.org/wiki/Q2110223","display_name":"Raw data","level":2,"score":0.5644000172615051},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5626000165939331},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.5569000244140625},{"id":"https://openalex.org/C2780264999","wikidata":"https://www.wikidata.org/wiki/Q7445032","display_name":"Security domain","level":2,"score":0.39089998602867126},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.38420000672340393},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.34279999136924744},{"id":"https://openalex.org/C84685590","wikidata":"https://www.wikidata.org/wiki/Q1540472","display_name":"Knowledge engineering","level":2,"score":0.3366999924182892},{"id":"https://openalex.org/C115925183","wikidata":"https://www.wikidata.org/wiki/Q1412694","display_name":"Knowledge-based systems","level":2,"score":0.3176000118255615},{"id":"https://openalex.org/C120567893","wikidata":"https://www.wikidata.org/wiki/Q1582085","display_name":"Knowledge extraction","level":2,"score":0.298799991607666},{"id":"https://openalex.org/C2776145971","wikidata":"https://www.wikidata.org/wiki/Q30673951","display_name":"Labeled data","level":2,"score":0.2874999940395355},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.27390000224113464},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.2524999976158142}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/isncc66965.2025.11250444","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isncc66965.2025.11250444","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Symposium on Networks, Computers and Communications (ISNCC)","raw_type":"proceedings-article"},{"id":"pmh:oai:cisti-icist.nrc-cnrc.ca:cistinparc:0461465c-14ac-4fc1-8c71-d8866f7e98db","is_oa":false,"landing_page_url":"https://nrc-publications.canada.ca/eng/view/object/?id=0461465c-14ac-4fc1-8c71-d8866f7e98db","pdf_url":null,"source":{"id":"https://openalex.org/S7407055245","display_name":"NPARC","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W2765151622","https://openalex.org/W2808716128","https://openalex.org/W2998859407","https://openalex.org/W3024918457","https://openalex.org/W3110184528","https://openalex.org/W3194708910","https://openalex.org/W4283750810","https://openalex.org/W4288046244","https://openalex.org/W4293093536","https://openalex.org/W4382281941","https://openalex.org/W4387880556","https://openalex.org/W4406914778"],"related_works":[],"abstract_inverted_index":{"Malicious":[0],"activities":[1],"are":[2,45,158],"becoming":[3],"more":[4],"complex":[5],"and":[6,27,38,61,96,105,115,119,193],"difficult":[7,159],"to":[8,11,72,94,129,138,150,164],"detect,":[9],"leading":[10],"a":[12,131],"need":[13],"for":[14,160,183,205],"advanced":[15],"solutions.":[16],"Machine":[17],"Learning":[18,67],"(ML)":[19],"presents":[20],"several":[21],"success":[22],"cases":[23],"across":[24],"multiple":[25],"industries":[26],"in":[28,35,54,101,142],"cybersecurity,":[29],"ML":[30,140,162,185],"has":[31,69],"demonstrated":[32,194],"promising":[33],"performance":[34,141],"the":[36,70,84,102,111,154,170,190,199,203],"detection":[37,200],"classification":[39],"of":[40,59,86,125,175,208],"malicious":[41,120],"activities.":[42],"However,":[43],"there":[44],"still":[46],"critical":[47],"limitations":[48,75],"that":[49,109,133,157,180,195],"prevent":[50],"their":[51],"wide":[52],"adoption":[53,85],"cybersecurity":[55],"operations":[56],"(e.g.,":[57],"lack":[58],"interpretability":[60],"too":[62],"many":[63],"false":[64],"positives).":[65],"KnowledgeInfused":[66],"(KIL)":[68],"potential":[71],"address":[73],"current":[74],"through":[76],"different":[77],"techniques.":[78],"One":[79],"possible":[80],"approach":[81,167],"relies":[82],"on":[83,172],"Auxiliary":[87,135],"Knowledge":[88,136],"(AK),":[89],"which":[90],"uses":[91,134],"domain":[92,148],"knowledge":[93,149,197,210],"extract":[95],"engineer":[97],"new":[98],"features":[99,152],"present":[100],"raw":[103,155],"data":[104,156,177],"provides":[106],"additional":[107],"context":[108],"helps":[110],"model":[112,163],"better":[113,184],"understand":[114],"differentiate":[116],"between":[117],"legitimate":[118],"data.":[121],"The":[122,187],"main":[123],"goal":[124],"this":[126],"research":[127],"is":[128,181],"propose":[130],"method":[132],"(AK)":[137],"improve":[139],"detecting":[143],"cyberattacks.":[144],"We":[145],"leveraged":[146],"relevant":[147],"generate":[151],"from":[153],"an":[161],"discover.":[165],"This":[166],"also":[168],"reduces":[169],"dependence":[171],"large":[173],"amount":[174],"training":[176],"(big":[178],"data)":[179],"necessary":[182],"predictions.":[186],"experiments":[188],"used":[189],"CICIoT2023":[191],"dataset":[192],"auxiliary":[196],"improves":[198],"performance,":[201],"paving":[202],"way":[204],"future":[206],"integration":[207],"automated":[209],"management":[211],"approaches.":[212]},"counts_by_year":[],"updated_date":"2026-05-15T08:27:34.491423","created_date":"2025-11-23T00:00:00"}