{"id":"https://openalex.org/W3129101061","doi":"https://doi.org/10.1007/978-3-030-88418-5_12","title":"Peeler: Profiling Kernel-Level Events to Detect Ransomware","display_name":"Peeler: Profiling Kernel-Level Events to Detect Ransomware","publication_year":2021,"publication_date":"2021-01-01","ids":{"openalex":"https://openalex.org/W3129101061","doi":"https://doi.org/10.1007/978-3-030-88418-5_12","mag":"3129101061"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-030-88418-5_12","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-030-88418-5_12","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2101.12434","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042828824","display_name":"Muhammad Ejaz Ahmed","orcid":"https://orcid.org/0000-0001-8033-0998"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Muhammad Ejaz Ahmed","raw_affiliation_strings":["Data61 CSIRO, Marsfield, Australia","[DATA61, CSIRO, Marsfield, Australia]"],"affiliations":[{"raw_affiliation_string":"Data61 CSIRO, Marsfield, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]},{"raw_affiliation_string":"[DATA61, CSIRO, Marsfield, Australia]","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016563574","display_name":"Hyoungshick Kim","orcid":"https://orcid.org/0000-0002-1605-3866"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Hyoungshick Kim","raw_affiliation_strings":["Sungkyunkwan University, Suwon, South Korea","Sungkyunkwan University Suwon, South Korea#TAB#"],"affiliations":[{"raw_affiliation_string":"Sungkyunkwan University, Suwon, South Korea","institution_ids":["https://openalex.org/I848706"]},{"raw_affiliation_string":"Sungkyunkwan University Suwon, South Korea#TAB#","institution_ids":["https://openalex.org/I848706"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084022157","display_name":"Seyit Camtepe","orcid":"https://orcid.org/0000-0001-6353-8359"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Seyit Camtepe","raw_affiliation_strings":["Data61 CSIRO, Marsfield, Australia","[DATA61, CSIRO, Marsfield, Australia]"],"affiliations":[{"raw_affiliation_string":"Data61 CSIRO, Marsfield, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]},{"raw_affiliation_string":"[DATA61, CSIRO, Marsfield, Australia]","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082256444","display_name":"\u202aSurya Nepal\u202c","orcid":"https://orcid.org/0000-0002-3289-6599"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Surya Nepal","raw_affiliation_strings":["Data61 CSIRO, Marsfield, Australia","[DATA61, CSIRO, Marsfield, Australia]"],"affiliations":[{"raw_affiliation_string":"Data61 CSIRO, Marsfield, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]},{"raw_affiliation_string":"[DATA61, CSIRO, Marsfield, Australia]","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5042828824"],"corresponding_institution_ids":["https://openalex.org/I1292875679","https://openalex.org/I42894916"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":null,"fwci":0.9168,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.65575397,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"240","last_page":"260"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9761857986450195},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7302126288414001},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6336190700531006},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.559123158454895},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49102306365966797},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.48230481147766113},{"id":"https://openalex.org/keywords/ransom","display_name":"Ransom","score":0.4530285894870758},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.4406490921974182},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3333076238632202},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2188577950000763},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.0686061680316925}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9761857986450195},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7302126288414001},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6336190700531006},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.559123158454895},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49102306365966797},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.48230481147766113},{"id":"https://openalex.org/C2781426709","wikidata":"https://www.wikidata.org/wiki/Q1414572","display_name":"Ransom","level":2,"score":0.4530285894870758},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.4406490921974182},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3333076238632202},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2188577950000763},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0686061680316925},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1007/978-3-030-88418-5_12","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-030-88418-5_12","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},{"id":"pmh:oai:arXiv.org:2101.12434","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2101.12434","pdf_url":"https://arxiv.org/pdf/2101.12434","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},{"id":"mag:3129101061","is_oa":true,"landing_page_url":"http://export.arxiv.org/pdf/2101.12434","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"doi:10.48550/arxiv.2101.12434","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2101.12434","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2101.12434","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2101.12434","pdf_url":"https://arxiv.org/pdf/2101.12434","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.8100000023841858}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W2119359024","https://openalex.org/W2168872572","https://openalex.org/W2461373307","https://openalex.org/W2513529237","https://openalex.org/W2550109527","https://openalex.org/W2559964890","https://openalex.org/W2601591992","https://openalex.org/W2618809693","https://openalex.org/W2712617220","https://openalex.org/W2764249719","https://openalex.org/W2765713146","https://openalex.org/W2775582065","https://openalex.org/W2784113120","https://openalex.org/W2785743295","https://openalex.org/W2797678261","https://openalex.org/W2890196927","https://openalex.org/W2893176864","https://openalex.org/W2944900776","https://openalex.org/W2947499652","https://openalex.org/W2968580482","https://openalex.org/W2978956219","https://openalex.org/W2998708406","https://openalex.org/W3006711782","https://openalex.org/W3091934055","https://openalex.org/W3099203541","https://openalex.org/W3122507336","https://openalex.org/W3158397672","https://openalex.org/W4200012858","https://openalex.org/W4229912053","https://openalex.org/W6702248584"],"related_works":["https://openalex.org/W3202594349","https://openalex.org/W2550109527","https://openalex.org/W3127601194","https://openalex.org/W2663860788","https://openalex.org/W3172578675","https://openalex.org/W2785743295","https://openalex.org/W2802988977","https://openalex.org/W3126403418","https://openalex.org/W3120537061","https://openalex.org/W2738263528","https://openalex.org/W3035775076","https://openalex.org/W2758492464","https://openalex.org/W3124942996","https://openalex.org/W3111390391","https://openalex.org/W2980426574","https://openalex.org/W1981984793","https://openalex.org/W2341197468","https://openalex.org/W192227941","https://openalex.org/W2531260576","https://openalex.org/W3000918648"],"abstract_inverted_index":null,"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}