{"id":"https://openalex.org/W1513549866","doi":"https://doi.org/10.1007/978-0-387-73742-3_5","title":"An Integrated System for Insider Threat Detection","display_name":"An Integrated System for Insider Threat Detection","publication_year":2007,"publication_date":"2007-11-13","ids":{"openalex":"https://openalex.org/W1513549866","doi":"https://doi.org/10.1007/978-0-387-73742-3_5","mag":"1513549866"},"language":"en","primary_location":{"id":"doi:10.1007/978-0-387-73742-3_5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-73742-3_5","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-73742-3_5.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP \u2014 The International Federation for Information Processing","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-73742-3_5.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039450650","display_name":"Daniel A. Ray","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Daniel Ray","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5108386669","display_name":"Phillip G. Bradford","orcid":null},"institutions":[{"id":"https://openalex.org/I17301866","display_name":"University of Alabama","ror":"https://ror.org/03xrrjk67","country_code":"US","type":"education","lineage":["https://openalex.org/I17301866"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Phillip Bradford","raw_affiliation_strings":["Assistant Professor,\n        University of Alabama, Tuscaloosa, Alabama","(University of Alabama)"],"affiliations":[{"raw_affiliation_string":"Assistant Professor,\n        University of Alabama, Tuscaloosa, Alabama","institution_ids":["https://openalex.org/I17301866"]},{"raw_affiliation_string":"(University of Alabama)","institution_ids":["https://openalex.org/I17301866"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5039450650"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.10484424,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"75","last_page":"86"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9901000261306763,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.9208669066429138},{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.8126236200332642},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6659998893737793},{"id":"https://openalex.org/keywords/mode","display_name":"Mode (computer interface)","score":0.5123971104621887},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4763127565383911},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.45548880100250244},{"id":"https://openalex.org/keywords/instrumentation","display_name":"Instrumentation (computer programming)","score":0.44616761803627014},{"id":"https://openalex.org/keywords/system-administrator","display_name":"System administrator","score":0.4457840025424957},{"id":"https://openalex.org/keywords/user-interface","display_name":"User interface","score":0.43220239877700806},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.4194630980491638},{"id":"https://openalex.org/keywords/microsoft-windows","display_name":"Microsoft Windows","score":0.416240394115448},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3177472949028015},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.07339036464691162}],"concepts":[{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.9208669066429138},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.8126236200332642},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6659998893737793},{"id":"https://openalex.org/C48677424","wikidata":"https://www.wikidata.org/wiki/Q6888088","display_name":"Mode (computer interface)","level":2,"score":0.5123971104621887},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4763127565383911},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.45548880100250244},{"id":"https://openalex.org/C118530786","wikidata":"https://www.wikidata.org/wiki/Q1134732","display_name":"Instrumentation (computer programming)","level":2,"score":0.44616761803627014},{"id":"https://openalex.org/C2780814629","wikidata":"https://www.wikidata.org/wiki/Q327353","display_name":"System administrator","level":2,"score":0.4457840025424957},{"id":"https://openalex.org/C89505385","wikidata":"https://www.wikidata.org/wiki/Q47146","display_name":"User interface","level":2,"score":0.43220239877700806},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.4194630980491638},{"id":"https://openalex.org/C508378895","wikidata":"https://www.wikidata.org/wiki/Q1406","display_name":"Microsoft Windows","level":3,"score":0.416240394115448},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3177472949028015},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.07339036464691162},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C157915830","wikidata":"https://www.wikidata.org/wiki/Q2928001","display_name":"Bubble","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C129307140","wikidata":"https://www.wikidata.org/wiki/Q6795880","display_name":"Maximum bubble pressure method","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-0-387-73742-3_5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-73742-3_5","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-73742-3_5.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP \u2014 The International Federation for Information Processing","raw_type":"book-chapter"}],"best_oa_location":{"id":"doi:10.1007/978-0-387-73742-3_5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-0-387-73742-3_5","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-0-387-73742-3_5.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP \u2014 The International Federation for Information Processing","raw_type":"book-chapter"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7200000286102295,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W1513549866.pdf","grobid_xml":"https://content.openalex.org/works/W1513549866.grobid-xml"},"referenced_works_count":15,"referenced_works":["https://openalex.org/W74115608","https://openalex.org/W428860410","https://openalex.org/W606562744","https://openalex.org/W1551688454","https://openalex.org/W1577117059","https://openalex.org/W1884606608","https://openalex.org/W1964549039","https://openalex.org/W2104125350","https://openalex.org/W2150847526","https://openalex.org/W2201842861","https://openalex.org/W2361317469","https://openalex.org/W2520077611","https://openalex.org/W2905874934","https://openalex.org/W4285719527","https://openalex.org/W6600005074"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W4387194049","https://openalex.org/W2018332730","https://openalex.org/W223792481"],"abstract_inverted_index":{"This":[0],"paper":[1],"describes":[2],"a":[3,17],"proof-of-concept":[4],"system":[5,11,35],"for":[6],"detecting":[7],"insider":[8,13],"threats.":[9],"The":[10,34],"measures":[12],"behavior":[14,67],"by":[15],"observing":[16],"user\u2019s":[18],"processes":[19],"and":[20,26,57],"threads,":[21],"information":[22],"about":[23],"user":[24,66],"mode":[25,28],"kernel":[27],"time,":[29],"network":[30],"interface":[31],"statistics,":[32],"etc.":[33],"is":[36],"built":[37],"using":[38],"Microsoft\u2019s":[39],"Windows":[40],"Management":[41,50],"Instrumentation":[42],"(WMI)":[43],"implementation":[44],"of":[45,59],"the":[46,55],"Web":[47],"Based":[48],"Enterprise":[49],"(WBEM)":[51],"standards.":[52],"It":[53],"facilitates":[54],"selection":[56],"storage":[58],"potential":[60],"digital":[61],"evidence":[62],"based":[63],"on":[64],"anomalous":[65],"with":[68],"minimal":[69],"administrative":[70],"input.":[71]},"counts_by_year":[{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}