{"id":"https://openalex.org/W2991407119","doi":"https://doi.org/10.1145/3359789.3359822","title":"Improving intrusion detectors by crook-sourcing","display_name":"Improving intrusion detectors by crook-sourcing","publication_year":2019,"publication_date":"2019-11-22","ids":{"openalex":"https://openalex.org/W2991407119","doi":"https://doi.org/10.1145/3359789.3359822","mag":"2991407119"},"language":"en","primary_location":{"id":"doi:10.1145/3359789.3359822","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3359789.3359822","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3359789.3359822","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3359789.3359822","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015875907","display_name":"Frederico Araujo","orcid":"https://orcid.org/0000-0001-5143-8318"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Frederico Araujo","raw_affiliation_strings":["IBM Research"],"affiliations":[{"raw_affiliation_string":"IBM Research","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059062666","display_name":"Gbadebo Ayoade","orcid":"https://orcid.org/0000-0002-7567-876X"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gbadebo Ayoade","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051934139","display_name":"Khaled Al-Naami","orcid":null},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Khaled Al-Naami","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013420855","display_name":"Yang Gao","orcid":"https://orcid.org/0000-0001-9328-1611"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yang Gao","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051312448","display_name":"Kevin W. Hamlen","orcid":"https://orcid.org/0000-0003-0479-6280"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kevin W. Hamlen","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5005002693","display_name":"Latifur Khan","orcid":"https://orcid.org/0000-0002-9300-1576"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Latifur Khan","raw_affiliation_strings":["The University of Texas at Dallas"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Dallas","institution_ids":["https://openalex.org/I162577319"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5015875907"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.2999,"has_fulltext":true,"cited_by_count":13,"citation_normalized_percentile":{"value":0.83029267,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"245","last_page":"256"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.7850243449211121},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7552565932273865},{"id":"https://openalex.org/keywords/blacklisting","display_name":"Blacklisting","score":0.6744750142097473},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6391641497612},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6150526404380798},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5654662847518921},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5147624015808105},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.48050248622894287},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.47324520349502563},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.43602418899536133},{"id":"https://openalex.org/keywords/blacklist","display_name":"Blacklist","score":0.4115297496318817},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.15130823850631714}],"concepts":[{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.7850243449211121},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7552565932273865},{"id":"https://openalex.org/C2779797433","wikidata":"https://www.wikidata.org/wiki/Q632959","display_name":"Blacklisting","level":2,"score":0.6744750142097473},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6391641497612},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6150526404380798},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5654662847518921},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5147624015808105},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.48050248622894287},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.47324520349502563},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.43602418899536133},{"id":"https://openalex.org/C2781345505","wikidata":"https://www.wikidata.org/wiki/Q2535979","display_name":"Blacklist","level":2,"score":0.4115297496318817},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15130823850631714}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3359789.3359822","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3359789.3359822","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3359789.3359822","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3359789.3359822","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3359789.3359822","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3359789.3359822","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6299999952316284}],"awards":[{"id":"https://openalex.org/G1191231006","display_name":null,"funder_award_id":"1737978","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G1523888516","display_name":null,"funder_award_id":"FA9550-","funder_id":"https://openalex.org/F4320338279","funder_display_name":"Air Force Office of Scientific Research"},{"id":"https://openalex.org/G2401480377","display_name":null,"funder_award_id":"OAC-1828467","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3314294675","display_name":"MRI: Development of An Instrument for Secure Cyber Physical Systems Analytics","funder_award_id":"1828467","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4103650468","display_name":"Secure and Privacy Preserving Big Data Analytics Curriculum Development","funder_award_id":"1723602","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4504108201","display_name":null,"funder_award_id":"N00014-17-1","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G4751570384","display_name":null,"funder_award_id":"4-17-1-","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G519725923","display_name":null,"funder_award_id":"FA9550-14-1-017","funder_id":"https://openalex.org/F4320338279","funder_display_name":"Air Force Office of Scientific Research"},{"id":"https://openalex.org/G5486092921","display_name":null,"funder_award_id":"N00014-17-1-2995","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G5641167023","display_name":null,"funder_award_id":"DMS-1737978","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5809100787","display_name":null,"funder_award_id":"FA9550","funder_id":"https://openalex.org/F4320338279","funder_display_name":"Air Force Office of Scientific Research"},{"id":"https://openalex.org/G5825349957","display_name":null,"funder_award_id":"MRI-1828467","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6098521345","display_name":null,"funder_award_id":"FA9550","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8013074107","display_name":null,"funder_award_id":"N00014-17-1-2995","funder_id":"https://openalex.org/F4320338298","funder_display_name":"Office of Naval Research Global"},{"id":"https://openalex.org/G8143603332","display_name":null,"funder_award_id":"H98230-15-1-0271","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"},{"id":"https://openalex.org/G8310377308","display_name":null,"funder_award_id":"DGE-1931800","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848743131","display_name":"SATC: EDU: Curriculum Development for Secure Blockchain Technologies","funder_award_id":"1931800","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8876996369","display_name":null,"funder_award_id":"N00014","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8985203359","display_name":null,"funder_award_id":"FA9550-14-1-0173","funder_id":"https://openalex.org/F4320338279","funder_display_name":"Air Force Office of Scientific Research"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"},{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"},{"id":"https://openalex.org/F4320338298","display_name":"Office of Naval Research Global","ror":"https://ror.org/00rk2pe57"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2991407119.pdf","grobid_xml":"https://content.openalex.org/works/W2991407119.grobid-xml"},"referenced_works_count":75,"referenced_works":["https://openalex.org/W148963669","https://openalex.org/W151695039","https://openalex.org/W171465728","https://openalex.org/W1517527854","https://openalex.org/W1519699895","https://openalex.org/W1521014365","https://openalex.org/W1545302662","https://openalex.org/W1549656520","https://openalex.org/W1554085250","https://openalex.org/W1567557924","https://openalex.org/W1583975142","https://openalex.org/W1618905105","https://openalex.org/W1670263352","https://openalex.org/W1772700132","https://openalex.org/W1941427975","https://openalex.org/W1966809779","https://openalex.org/W1967425545","https://openalex.org/W1969898537","https://openalex.org/W1985987493","https://openalex.org/W1993426957","https://openalex.org/W2002380285","https://openalex.org/W2007087405","https://openalex.org/W2008704879","https://openalex.org/W2021949962","https://openalex.org/W2040884411","https://openalex.org/W2048465382","https://openalex.org/W2062112832","https://openalex.org/W2070535792","https://openalex.org/W2072610876","https://openalex.org/W2084543849","https://openalex.org/W2096847629","https://openalex.org/W2099505562","https://openalex.org/W2101109743","https://openalex.org/W2103378897","https://openalex.org/W2104593144","https://openalex.org/W2110523863","https://openalex.org/W2112612641","https://openalex.org/W2116731705","https://openalex.org/W2118978333","https://openalex.org/W2118979615","https://openalex.org/W2119821739","https://openalex.org/W2120702739","https://openalex.org/W2122646361","https://openalex.org/W2126996952","https://openalex.org/W2129250947","https://openalex.org/W2129860818","https://openalex.org/W2133990480","https://openalex.org/W2135579486","https://openalex.org/W2142889610","https://openalex.org/W2149280729","https://openalex.org/W2150847526","https://openalex.org/W2153635508","https://openalex.org/W2160289821","https://openalex.org/W2164408337","https://openalex.org/W2199584834","https://openalex.org/W2212216914","https://openalex.org/W2243993013","https://openalex.org/W2278186031","https://openalex.org/W2405823364","https://openalex.org/W2470412537","https://openalex.org/W2498359591","https://openalex.org/W2522332186","https://openalex.org/W2525990188","https://openalex.org/W2589887588","https://openalex.org/W2766542353","https://openalex.org/W2913505554","https://openalex.org/W2914982603","https://openalex.org/W2919115771","https://openalex.org/W3004529781","https://openalex.org/W3005264141","https://openalex.org/W3008672977","https://openalex.org/W3120421331","https://openalex.org/W3124662447","https://openalex.org/W4239510810","https://openalex.org/W4288840809"],"related_works":["https://openalex.org/W2001521020","https://openalex.org/W2980552833","https://openalex.org/W3037736695","https://openalex.org/W2407525029","https://openalex.org/W2155719111","https://openalex.org/W4316658607","https://openalex.org/W2300894830","https://openalex.org/W2572772209","https://openalex.org/W2399654538","https://openalex.org/W2991407119"],"abstract_inverted_index":{"Conventional":[0],"cyber":[1,31],"defenses":[2],"typically":[3],"respond":[4],"to":[5,63,83,154],"detected":[6],"attacks":[7,19,32,54,123],"by":[8],"rejecting":[9],"them":[10],"as":[11,15,33,134,142],"quickly":[12],"and":[13,49,87,118,124,146,158],"decisively":[14],"possible;":[16],"but":[17],"aborted":[18],"are":[20,60],"missed":[21],"learning":[22],"opportunities":[23],"for":[24,40,90,97,113],"intrusion":[25,43],"detection.":[26],"A":[27],"method":[28],"of":[29,36,68,106,150,161],"reimagining":[30],"free":[34,143],"sources":[35],"live":[37,162],"training":[38,107],"data":[39,164],"machine":[41,98],"learning-based":[42,99],"detection":[44],"systems":[45],"(IDSes)":[46],"is":[47,81],"proposed":[48],"evaluated.":[50],"Rather":[51],"than":[52],"aborting":[53],"against":[55,126],"legitimate":[56],"services,":[57],"adversarial":[58],"interactions":[59],"selectively":[61],"prolonged":[62],"maximize":[64],"the":[65,102,109,138,151],"defender's":[66],"harvest":[67],"useful":[69],"threat":[70],"intelligence.":[71],"Enhancing":[72],"web":[73,163],"services":[74],"with":[75],"deceptive":[76],"attack-responses":[77],"in":[78,101],"this":[79],"way":[80],"shown":[82],"be":[84],"a":[85],"powerful":[86],"practical":[88],"strategy":[89],"improved":[91],"detection,":[92],"addressing":[93],"several":[94],"perennial":[95],"challenges":[96],"IDS":[100],"literature,":[103],"including":[104],"scarcity":[105],"data,":[108],"high":[110],"labeling":[111,160],"burden":[112],"(semi-)supervised":[114],"learning,":[115],"encryption":[116],"opacity,":[117],"concept":[119],"differences":[120],"between":[121],"honeypot":[122],"those":[125],"genuine":[127],"services.":[128],"By":[129],"reconceptualizing":[130],"software":[131,152],"security":[132],"patches":[133],"feature":[135],"extraction":[136],"engines,":[137],"approach":[139],"conscripts":[140],"attackers":[141],"penetration":[144],"testers,":[145],"coordinates":[147],"multiple":[148],"levels":[149],"stack":[153],"achieve":[155],"fast,":[156],"automatic,":[157],"accurate":[159],"streams.":[165]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":3}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}