{"id":"https://openalex.org/W2800346278","doi":"https://doi.org/10.23919/icitst.2017.8356416","title":"Using analysis of temporal variances within a honeypot dataset to better predict attack type probability","display_name":"Using analysis of temporal variances within a honeypot dataset to better predict attack type probability","publication_year":2017,"publication_date":"2017-12-01","ids":{"openalex":"https://openalex.org/W2800346278","doi":"https://doi.org/10.23919/icitst.2017.8356416","mag":"2800346278"},"language":"en","primary_location":{"id":"doi:10.23919/icitst.2017.8356416","is_oa":false,"landing_page_url":"https://doi.org/10.23919/icitst.2017.8356416","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050873103","display_name":"Seamus Dowling","orcid":"https://orcid.org/0000-0001-8722-2009"},"institutions":[{"id":"https://openalex.org/I63871047","display_name":"Galway-Mayo Institute of Technology","ror":"https://ror.org/024j9sx72","country_code":"IE","type":"education","lineage":["https://openalex.org/I63871047"]}],"countries":["IE"],"is_corresponding":true,"raw_author_name":"Seamus Dowling","raw_affiliation_strings":["Department of Business, Humanities and Technology, GMIT, Mayo Campus, Mayo, Ireland"],"affiliations":[{"raw_affiliation_string":"Department of Business, Humanities and Technology, GMIT, Mayo Campus, Mayo, Ireland","institution_ids":["https://openalex.org/I63871047"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030551722","display_name":"Michael Schukat","orcid":"https://orcid.org/0000-0002-6908-6100"},"institutions":[{"id":"https://openalex.org/I188760350","display_name":"Ollscoil na Gaillimhe \u2013 University of Galway","ror":"https://ror.org/03bea9k73","country_code":"IE","type":"education","lineage":["https://openalex.org/I188760350"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Michael Schukat","raw_affiliation_strings":["Discipline of IT, College of Engineering & Informatics, NUI Galway, Galway, Ireland"],"affiliations":[{"raw_affiliation_string":"Discipline of IT, College of Engineering & Informatics, NUI Galway, Galway, Ireland","institution_ids":["https://openalex.org/I188760350"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020463310","display_name":"Hugh Melvin","orcid":"https://orcid.org/0000-0002-6731-2792"},"institutions":[{"id":"https://openalex.org/I188760350","display_name":"Ollscoil na Gaillimhe \u2013 University of Galway","ror":"https://ror.org/03bea9k73","country_code":"IE","type":"education","lineage":["https://openalex.org/I188760350"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Hugh Melvin","raw_affiliation_strings":["Discipline of IT, College of Engineering & Informatics, NUI Galway, Galway, Ireland"],"affiliations":[{"raw_affiliation_string":"Discipline of IT, College of Engineering & Informatics, NUI Galway, Galway, Ireland","institution_ids":["https://openalex.org/I188760350"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5050873103"],"corresponding_institution_ids":["https://openalex.org/I63871047"],"apc_list":null,"apc_paid":null,"fwci":1.0963,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.82323515,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"349","last_page":"354"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.9905012249946594},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7447903156280518},{"id":"https://openalex.org/keywords/attack-patterns","display_name":"Attack patterns","score":0.615075409412384},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5045255422592163},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48899877071380615},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.40741053223609924},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.2602745294570923}],"concepts":[{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.9905012249946594},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7447903156280518},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.615075409412384},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5045255422592163},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48899877071380615},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.40741053223609924},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.2602745294570923},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.23919/icitst.2017.8356416","is_oa":false,"landing_page_url":"https://doi.org/10.23919/icitst.2017.8356416","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W1655456","https://openalex.org/W90052793","https://openalex.org/W146660932","https://openalex.org/W1483848637","https://openalex.org/W1514368868","https://openalex.org/W1538412636","https://openalex.org/W1586396059","https://openalex.org/W1630225947","https://openalex.org/W1669806660","https://openalex.org/W1854214752","https://openalex.org/W1873122431","https://openalex.org/W1903377156","https://openalex.org/W1947393375","https://openalex.org/W1978373320","https://openalex.org/W2003967425","https://openalex.org/W2019397380","https://openalex.org/W2024902563","https://openalex.org/W2032437438","https://openalex.org/W2042744856","https://openalex.org/W2050547830","https://openalex.org/W2082135129","https://openalex.org/W2110675786","https://openalex.org/W2112675663","https://openalex.org/W2117152987","https://openalex.org/W2126887125","https://openalex.org/W2129258932","https://openalex.org/W2148725298","https://openalex.org/W2150142104","https://openalex.org/W2152955531","https://openalex.org/W2159909072","https://openalex.org/W2467266439","https://openalex.org/W4244461107","https://openalex.org/W6600068801","https://openalex.org/W6629047206","https://openalex.org/W6630780968","https://openalex.org/W6637397297","https://openalex.org/W6679420498","https://openalex.org/W6719370679"],"related_works":["https://openalex.org/W178168142","https://openalex.org/W4232715385","https://openalex.org/W2254955413","https://openalex.org/W2182300180","https://openalex.org/W4316658914","https://openalex.org/W2956011222","https://openalex.org/W2352475565","https://openalex.org/W4313484479","https://openalex.org/W2742579858","https://openalex.org/W4385187164"],"abstract_inverted_index":{"Honeypots":[0],"are":[1,70],"deployed":[2],"to":[3,19,74,100,133,170],"capture":[4],"cyber":[5,172],"attack":[6,21,33,83,106,116,151],"data":[7,162],"for":[8,164],"analysis":[9,165],"of":[10,31,40,78,104,112,121,156],"attacker":[11],"behavior.":[12],"This":[13,159],"paper":[14,127],"analyses":[15],"a":[16,37,47,87],"honeypot":[17,52,88,141],"dataset":[18],"establish":[20],"types":[22,84,107],"and":[23,42,59,81,136],"corresponding":[24],"temporal":[25],"patterns.":[26,93],"It":[27],"calculates":[28],"the":[29,51,75,102,113,119,150,157],"probability":[30,103],"each":[32],"type":[34],"occurring":[35,108],"at":[36,109,153],"particular":[38],"time":[39],"day":[41],"tests":[43],"these":[44,92],"probabilities":[45],"with":[46],"random":[48],"sample":[49],"from":[50,62],"dataset.":[53],"Attacks":[54],"can":[55,60,143,148],"take":[56],"many":[57],"forms":[58],"come":[61],"different":[63,154],"geographical":[64],"sources.":[65],"Temporal":[66],"patterns":[67],"in":[68],"attacks":[69],"often":[71],"observed":[72],"due":[73],"diurnal":[76],"nature":[77],"computer":[79],"usage":[80],"thus":[82],"captured":[85],"on":[86],"will":[89,160,168],"also":[90,128],"reflect":[91],"We":[94],"propose":[95],"that":[96,142,166],"it":[97],"is":[98],"possible":[99],"determine":[101],"differing":[105],"certain":[110],"times":[111,155],"day.":[114,158],"Understanding":[115],"behavior":[117],"informs":[118],"implementation":[120],"more":[122],"robust":[123],"security":[124,146],"measures.":[125],"The":[126],"proposes":[129],"automating":[130],"this":[131],"process":[132],"create":[134],"dynamic":[135],"adaptive":[137,140],"honeypots.":[138],"An":[139],"modify":[144],"its":[145],"levels,":[147],"increase":[149],"vector":[152],"improve":[161],"collection":[163],"ultimately":[167],"lead":[169],"better":[171],"defenses.":[173]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1}],"updated_date":"2026-04-07T14:57:38.498316","created_date":"2025-10-10T00:00:00"}