{"id":"https://openalex.org/W3133555681","doi":"https://doi.org/10.3390/jcp1010008","title":"Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence","display_name":"Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence","publication_year":2021,"publication_date":"2021-02-26","ids":{"openalex":"https://openalex.org/W3133555681","doi":"https://doi.org/10.3390/jcp1010008","mag":"3133555681"},"language":"en","primary_location":{"id":"doi:10.3390/jcp1010008","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp1010008","pdf_url":"https://www.mdpi.com/2624-800X/1/1/8/pdf?version=1616163701","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2624-800X/1/1/8/pdf?version=1616163701","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5069939159","display_name":"Davy Preuveneers","orcid":"https://orcid.org/0000-0001-6279-4430"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":true,"raw_author_name":"Davy Preuveneers","raw_affiliation_strings":["imec\u2014DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Heverlee, Belgium"],"raw_orcid":"https://orcid.org/0000-0001-6279-4430","affiliations":[{"raw_affiliation_string":"imec\u2014DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Heverlee, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5054031138","display_name":"Wouter Joosen","orcid":"https://orcid.org/0000-0002-7710-5092"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Wouter Joosen","raw_affiliation_strings":["imec\u2014DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Heverlee, Belgium"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"imec\u2014DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Heverlee, Belgium","institution_ids":["https://openalex.org/I99464096"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5069939159"],"corresponding_institution_ids":["https://openalex.org/I99464096"],"apc_list":{"value":1000,"currency":"CHF","value_usd":1082},"apc_paid":{"value":1000,"currency":"CHF","value_usd":1082},"fwci":12.8135,"has_fulltext":true,"cited_by_count":69,"citation_normalized_percentile":{"value":0.98669053,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":"1","issue":"1","first_page":"140","last_page":"163"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.8980913162231445},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7584751844406128},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7000623941421509},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.6979990601539612},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.625598669052124},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.5113229155540466},{"id":"https://openalex.org/keywords/cyber-threats","display_name":"Cyber threats","score":0.5094912648200989},{"id":"https://openalex.org/keywords/false-positives-and-false-negatives","display_name":"False positives and false negatives","score":0.4758731424808502},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.449567973613739},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.259517103433609},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.25451117753982544}],"concepts":[{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.8980913162231445},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7584751844406128},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7000623941421509},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.6979990601539612},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.625598669052124},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.5113229155540466},{"id":"https://openalex.org/C3018725008","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber threats","level":2,"score":0.5094912648200989},{"id":"https://openalex.org/C112789634","wikidata":"https://www.wikidata.org/wiki/Q18207010","display_name":"False positives and false negatives","level":3,"score":0.4758731424808502},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.449567973613739},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.259517103433609},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.25451117753982544},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/jcp1010008","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp1010008","pdf_url":"https://www.mdpi.com/2624-800X/1/1/8/pdf?version=1616163701","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},{"id":"pmh:oai:lirias2repo.kuleuven.be:123456789/671463","is_oa":true,"landing_page_url":"https://lirias.kuleuven.be/handle/123456789/671463","pdf_url":null,"source":{"id":"https://openalex.org/S4306401954","display_name":"Lirias (KU Leuven)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I99464096","host_organization_name":"KU Leuven","host_organization_lineage":["https://openalex.org/I99464096"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"Journal of Cybersecurity and Privacy, vol. 1 (1), (140-163)","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.3390/jcp1010008","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp1010008","pdf_url":"https://www.mdpi.com/2624-800X/1/1/8/pdf?version=1616163701","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.699999988079071,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G2110831114","display_name":null,"funder_award_id":"SU-ICT-03-2018","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"},{"id":"https://openalex.org/G6384328479","display_name":null,"funder_award_id":"830929","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320309480","display_name":"Nvidia","ror":"https://ror.org/03jdj4y14"},{"id":"https://openalex.org/F4320322308","display_name":"KU Leuven","ror":"https://ror.org/05f950310"},{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3133555681.pdf","grobid_xml":"https://content.openalex.org/works/W3133555681.grobid-xml"},"referenced_works_count":55,"referenced_works":["https://openalex.org/W1674877186","https://openalex.org/W1977366836","https://openalex.org/W1978779053","https://openalex.org/W2001107211","https://openalex.org/W2007562169","https://openalex.org/W2051267297","https://openalex.org/W2108072891","https://openalex.org/W2112507308","https://openalex.org/W2125908420","https://openalex.org/W2191006491","https://openalex.org/W2254491121","https://openalex.org/W2342408547","https://openalex.org/W2461943168","https://openalex.org/W2533698187","https://openalex.org/W2535690855","https://openalex.org/W2552767274","https://openalex.org/W2617416222","https://openalex.org/W2620038827","https://openalex.org/W2625013748","https://openalex.org/W2743138268","https://openalex.org/W2760313715","https://openalex.org/W2762776925","https://openalex.org/W2787708942","https://openalex.org/W2789828921","https://openalex.org/W2792716682","https://openalex.org/W2794865550","https://openalex.org/W2806206692","https://openalex.org/W2884943453","https://openalex.org/W2887127196","https://openalex.org/W2891503716","https://openalex.org/W2903872466","https://openalex.org/W2926663698","https://openalex.org/W2931858311","https://openalex.org/W2947745012","https://openalex.org/W2949492662","https://openalex.org/W2949506549","https://openalex.org/W2963461515","https://openalex.org/W2963465081","https://openalex.org/W2965837624","https://openalex.org/W2969695741","https://openalex.org/W2980576170","https://openalex.org/W2986232939","https://openalex.org/W2996806689","https://openalex.org/W2998835636","https://openalex.org/W2999125237","https://openalex.org/W3005097670","https://openalex.org/W3017194657","https://openalex.org/W3024317787","https://openalex.org/W3038955483","https://openalex.org/W3045686863","https://openalex.org/W3046351330","https://openalex.org/W3047132966","https://openalex.org/W3099258169","https://openalex.org/W3102091066","https://openalex.org/W3140406248"],"related_works":["https://openalex.org/W1557094818","https://openalex.org/W2183246718","https://openalex.org/W1973412793","https://openalex.org/W2099261052","https://openalex.org/W4292605373","https://openalex.org/W2951146195","https://openalex.org/W4226316650","https://openalex.org/W3123215897","https://openalex.org/W2153600354","https://openalex.org/W4243739114"],"abstract_inverted_index":{"Cyber":[0],"threat":[1,60,106,188,222],"intelligence":[2,223],"(CTI)":[3],"sharing":[4,10,94,123],"is":[5,39],"the":[6,40,52,89,130,138,151,160,177,186,214,218,226],"collaborative":[7,105],"effort":[8],"of":[9,22,45,56,95,97,114,132,153,217,228,232],"information":[11],"about":[12],"cyber":[13,32,58],"attacks":[14],"to":[15,66,172,180,195,199,208],"help":[16],"organizations":[17],"gain":[18],"a":[19,57,84],"better":[20],"understanding":[21],"threats":[23],"and":[24,29,70,82,91,117,124,141,179,183,205],"proactively":[25],"defend":[26],"their":[27],"systems":[28],"networks":[30],"from":[31],"attacks.":[33,158],"The":[34],"challenge":[35],"that":[36,42,87,170],"we":[37,80,190],"address":[38],"fact":[41],"traditional":[43],"indicators":[44,96,231],"compromise":[46,98],"(IoC)":[47],"may":[48],"not":[49],"always":[50],"capture":[51],"breath":[53],"or":[54,61],"essence":[55],"security":[59,74],"attack":[62],"campaign,":[63],"possibly":[64],"leading":[65],"false":[67,139,142],"alert":[68],"fatigue":[69],"missed":[71],"detections":[72],"with":[73,99,144],"analysts.":[75],"To":[76,175],"tackle":[77],"this":[78],"concern,":[79],"designed":[81],"evaluated":[83],"CTI":[85,122],"solution":[86,111],"complements":[88],"attribute":[90],"tagging":[92],"based":[93,221],"machine":[100,202],"learning":[101,203],"(ML)":[102],"models":[103,155,162,178,204],"for":[104,230],"detection.":[107,174],"We":[108],"implemented":[109],"our":[110,192],"on":[112],"top":[113],"MISP,":[115],"TheHive,":[116],"Cortex\u2014three":[118],"state-of-practice":[119],"open":[120],"source":[121],"incident":[125],"response":[126],"platforms\u2014to":[127],"incrementally":[128],"improve":[129],"accuracy":[131],"these":[133,154],"ML":[134,157,161,219,234],"models,":[135],"i.e.,":[136],"reduce":[137],"positives":[140],"negatives":[143],"shared":[145,187],"counter-evidence,":[146],"as":[147,149,166],"well":[148,167],"ascertain":[150],"robustness":[152],"against":[156],"However,":[159],"can":[163],"be":[164],"attacked":[165],"by":[168],"adversaries":[169],"aim":[171],"evade":[173],"protect":[176],"maintain":[181],"confidentiality":[182],"trust":[184],"in":[185],"intelligence,":[189],"extend":[191],"previous":[193],"research":[194],"offer":[196],"fine-grained":[197],"access":[198],"CP-ABE":[200],"encrypted":[201],"related":[206],"artifacts":[207],"authorized":[209],"parties.":[210],"Our":[211],"evaluation":[212],"demonstrates":[213],"practical":[215],"feasibility":[216],"model":[220],"sharing,":[224],"including":[225],"ability":[227],"accounting":[229],"adversarial":[233],"threats.":[235]},"counts_by_year":[{"year":2026,"cited_by_count":6},{"year":2025,"cited_by_count":18},{"year":2024,"cited_by_count":19},{"year":2023,"cited_by_count":13},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}