{"id":"https://openalex.org/W2153197059","doi":"https://doi.org/10.1145/2103380.2103435","title":"An efficient visitation algorithm to improve the detection speed of high-interaction client honeypots","display_name":"An efficient visitation algorithm to improve the detection speed of high-interaction client honeypots","publication_year":2011,"publication_date":"2011-11-02","ids":{"openalex":"https://openalex.org/W2153197059","doi":"https://doi.org/10.1145/2103380.2103435","mag":"2153197059"},"language":"en","primary_location":{"id":"doi:10.1145/2103380.2103435","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2103380.2103435","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2011 ACM Symposium on Research in Applied Computation","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003070726","display_name":"Honggeun Kim","orcid":"https://orcid.org/0000-0001-5421-8927"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Hong-Geun Kim","raw_affiliation_strings":["KISA, Seoul, Korea"],"affiliations":[{"raw_affiliation_string":"KISA, Seoul, Korea","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100393157","display_name":"Dong-Jin Kim","orcid":"https://orcid.org/0000-0001-7231-7494"},"institutions":[{"id":"https://openalex.org/I89015989","display_name":"Dankook University","ror":"https://ror.org/058pdbn81","country_code":"KR","type":"education","lineage":["https://openalex.org/I89015989"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Dong-Jin Kim","raw_affiliation_strings":["Dankook University, Gyeonggi, Korea"],"affiliations":[{"raw_affiliation_string":"Dankook University, Gyeonggi, Korea","institution_ids":["https://openalex.org/I89015989"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064210973","display_name":"Seong-je Cho","orcid":"https://orcid.org/0000-0001-9917-0429"},"institutions":[{"id":"https://openalex.org/I89015989","display_name":"Dankook University","ror":"https://ror.org/058pdbn81","country_code":"KR","type":"education","lineage":["https://openalex.org/I89015989"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Seong-Je Cho","raw_affiliation_strings":["Dankook University, Gyeonggi, Korea"],"affiliations":[{"raw_affiliation_string":"Dankook University, Gyeonggi, Korea","institution_ids":["https://openalex.org/I89015989"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078419927","display_name":"Moonju Park","orcid":"https://orcid.org/0000-0001-7731-6781"},"institutions":[{"id":"https://openalex.org/I146429904","display_name":"Incheon National University","ror":"https://ror.org/02xf7p935","country_code":"KR","type":"education","lineage":["https://openalex.org/I146429904"]},{"id":"https://openalex.org/I24062138","display_name":"Konkuk University","ror":"https://ror.org/025h1m602","country_code":"KR","type":"education","lineage":["https://openalex.org/I24062138"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Moonju Park","raw_affiliation_strings":["Konkuk University, Chungbuk, Korea","University of Incheon, Incheon, Korea"],"affiliations":[{"raw_affiliation_string":"Konkuk University, Chungbuk, Korea","institution_ids":["https://openalex.org/I24062138"]},{"raw_affiliation_string":"University of Incheon, Incheon, Korea","institution_ids":["https://openalex.org/I146429904"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101428286","display_name":"Minkyu Park","orcid":"https://orcid.org/0000-0002-6148-8244"},"institutions":[{"id":"https://openalex.org/I24062138","display_name":"Konkuk University","ror":"https://ror.org/025h1m602","country_code":"KR","type":"education","lineage":["https://openalex.org/I24062138"]},{"id":"https://openalex.org/I146429904","display_name":"Incheon National University","ror":"https://ror.org/02xf7p935","country_code":"KR","type":"education","lineage":["https://openalex.org/I146429904"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Minkyu Park","raw_affiliation_strings":["Konkuk University, Chungbuk, Korea","University of Incheon, Incheon, Korea"],"affiliations":[{"raw_affiliation_string":"Konkuk University, Chungbuk, Korea","institution_ids":["https://openalex.org/I24062138"]},{"raw_affiliation_string":"University of Incheon, Incheon, Korea","institution_ids":["https://openalex.org/I146429904"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5003070726"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.0502,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.79904663,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"266","last_page":"271"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.777521014213562},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.6602129936218262},{"id":"https://openalex.org/keywords/web-server","display_name":"Web server","score":0.5078619122505188},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.468411386013031},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4387474060058594},{"id":"https://openalex.org/keywords/download","display_name":"Download","score":0.43866050243377686},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.37384968996047974},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3622729182243347},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.30518364906311035},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.16757753491401672}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.777521014213562},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.6602129936218262},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.5078619122505188},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.468411386013031},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4387474060058594},{"id":"https://openalex.org/C2780154274","wikidata":"https://www.wikidata.org/wiki/Q7126717","display_name":"Download","level":2,"score":0.43866050243377686},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.37384968996047974},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3622729182243347},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.30518364906311035},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.16757753491401672}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2103380.2103435","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2103380.2103435","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2011 ACM Symposium on Research in Applied Computation","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W1491237615","https://openalex.org/W1534090575","https://openalex.org/W1575663745","https://openalex.org/W1606108603","https://openalex.org/W1761672165","https://openalex.org/W1970867218","https://openalex.org/W1985930801","https://openalex.org/W2111165162","https://openalex.org/W2154668747","https://openalex.org/W2155334314","https://openalex.org/W4225685470","https://openalex.org/W6629287744"],"related_works":["https://openalex.org/W2164525836","https://openalex.org/W2626999804","https://openalex.org/W4250004941","https://openalex.org/W2137014442","https://openalex.org/W2049015391","https://openalex.org/W1533158771","https://openalex.org/W122082928","https://openalex.org/W2521397622","https://openalex.org/W4294067941","https://openalex.org/W2104288289"],"abstract_inverted_index":{"Drive-by-download":[0],"attacks":[1,4,36],"are":[2,11,20,42,176],"client-side":[3],"that":[5,10,33,190],"originate":[6],"from":[7],"web":[8,14,18,31,49,58,99,122,150],"servers":[9],"visited":[12,147],"by":[13],"browsers.":[15],"While":[16],"many":[17],"browsers":[19],"vulnerable":[21],"to":[22,75,200,204],"the":[23,26,92,103,106,132,157,168,171,179,182,191,197,205],"drive-by-download":[24,35],"attacks,":[25],"cost":[27],"of":[28,46,84,91,105,131,159,196],"detecting":[29,47],"malicious":[30,48,121,172],"pages":[32,151,161,175],"launch":[34],"is":[37,127,142],"expensive.":[38],"High-interaction":[39],"client":[40,69,108],"honeypots":[41,70],"security":[43],"devices":[44],"capable":[45],"pages;":[50],"however,":[51],"their":[52],"slow":[53],"and":[54,165],"expensive":[55],"operations":[56],"in":[57],"page":[59,78,173],"visiting":[60,97],"have":[61],"been":[62],"considered":[63],"as":[64],"a":[65,72,112],"problem.":[66],"The":[67,124],"high-interaction":[68,107],"employ":[71],"visitation":[73,114],"algorithm":[74,126,155],"pinpoint":[76],"which":[77],"has":[79,193],"made":[80],"an":[81,128],"unauthorized":[82,89],"change":[83,90],"system":[85,93,140,198],"state":[86,94,141],"when":[87],"any":[88,139],"occurred":[95],"after":[96,145],"suspicious":[98,149],"pages.":[100,123],"To":[101],"improve":[102],"performance":[104,195],"honeypots,":[109],"we":[110],"propose":[111],"new":[113],"algorithm,":[115],"logarithmic":[116],"divide-and-conquer":[117,135],"(LDAC),":[118],"for":[119],"identifying":[120],"LDAC":[125,154,192],"enhanced":[129],"version":[130],"existing":[133],"binary":[134],"(BDAC)":[136],"algorithm.":[137,207],"If":[138],"abnormally":[143],"changed":[144],"having":[146],"k":[148,160],"concurrently,":[152],"our":[153],"divides":[156],"buffer":[158,183],"into":[162,184],"[log2k]":[163],"pieces":[164,169],"recursively":[166],"visits":[167],"until":[170],"or":[174],"identified,":[177],"while":[178],"BDAC":[180,206],"splits":[181],"k/2":[185],"portions.":[186],"Experimental":[187],"results":[188],"show":[189],"improved":[194],"up":[199],"15":[201],"percent":[202],"compared":[203]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2014,"cited_by_count":2},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}