{"id":"https://openalex.org/W1777157359","doi":"https://doi.org/10.1007/978-3-642-35515-8_10","title":"Finding Anomalous and Suspicious Files from Directory Metadata on a Large Corpus","display_name":"Finding Anomalous and Suspicious Files from Directory Metadata on a Large Corpus","publication_year":2012,"publication_date":"2012-01-01","ids":{"openalex":"https://openalex.org/W1777157359","doi":"https://doi.org/10.1007/978-3-642-35515-8_10","mag":"1777157359"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-642-35515-8_10","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-642-35515-8_10","pdf_url":null,"source":{"id":"https://openalex.org/S4393917809","display_name":"Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","issn_l":"1867-8211","issn":["1867-8211","1867-822X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019584512","display_name":"Neil C. Rowe","orcid":"https://orcid.org/0000-0003-2612-0062"},"institutions":[{"id":"https://openalex.org/I35364215","display_name":"Naval Postgraduate School","ror":"https://ror.org/033yfkj90","country_code":"US","type":"education","lineage":["https://openalex.org/I1330347796","https://openalex.org/I3130687028","https://openalex.org/I35364215"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Neil C. Rowe","raw_affiliation_strings":["U.S. Naval Postgraduate School, Code CS/Rp, 1411 Cunningham Road, Monterey, CA, 93943, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"U.S. Naval Postgraduate School, Code CS/Rp, 1411 Cunningham Road, Monterey, CA, 93943, USA","institution_ids":["https://openalex.org/I35364215"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077305737","display_name":"Simson Garfinkel","orcid":"https://orcid.org/0000-0003-1294-2831"},"institutions":[{"id":"https://openalex.org/I35364215","display_name":"Naval Postgraduate School","ror":"https://ror.org/033yfkj90","country_code":"US","type":"education","lineage":["https://openalex.org/I1330347796","https://openalex.org/I3130687028","https://openalex.org/I35364215"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Simson L. Garfinkel","raw_affiliation_strings":["U.S. Naval Postgraduate School, Code CS/Rp, 1411 Cunningham Road, Monterey, CA, 93943, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"U.S. Naval Postgraduate School, Code CS/Rp, 1411 Cunningham Road, Monterey, CA, 93943, USA","institution_ids":["https://openalex.org/I35364215"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":6.1005,"has_fulltext":false,"cited_by_count":23,"citation_normalized_percentile":{"value":0.96508548,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"115","last_page":"130"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12357","display_name":"Digital Media Forensic Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/directory","display_name":"Directory","score":0.8783026933670044},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7260069251060486},{"id":"https://openalex.org/keywords/metadata","display_name":"Metadata","score":0.7191632986068726},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.6468245387077332},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.5946400165557861},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.5481881499290466},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.511405885219574},{"id":"https://openalex.org/keywords/natural-language-processing","display_name":"Natural language processing","score":0.35676151514053345},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3270452618598938},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.22487673163414001},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.07562398910522461},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.06336426734924316}],"concepts":[{"id":"https://openalex.org/C2777683733","wikidata":"https://www.wikidata.org/wiki/Q201456","display_name":"Directory","level":2,"score":0.8783026933670044},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7260069251060486},{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.7191632986068726},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.6468245387077332},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.5946400165557861},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.5481881499290466},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.511405885219574},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.35676151514053345},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3270452618598938},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.22487673163414001},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.07562398910522461},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.06336426734924316},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-3-642-35515-8_10","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-642-35515-8_10","pdf_url":null,"source":{"id":"https://openalex.org/S4393917809","display_name":"Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","issn_l":"1867-8211","issn":["1867-8211","1867-822X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","raw_type":"book-chapter"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7300000190734863}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W13960567","https://openalex.org/W1590782122","https://openalex.org/W1982659489","https://openalex.org/W1986288430","https://openalex.org/W1986454686","https://openalex.org/W2019239374","https://openalex.org/W2076342816","https://openalex.org/W2094030202","https://openalex.org/W2125767749","https://openalex.org/W2144678296","https://openalex.org/W2152247885","https://openalex.org/W2160127232","https://openalex.org/W2892140408","https://openalex.org/W4239048948"],"related_works":["https://openalex.org/W3115906952","https://openalex.org/W3134811395","https://openalex.org/W3155196058","https://openalex.org/W1529821365","https://openalex.org/W2135486207","https://openalex.org/W1499611046","https://openalex.org/W3024420453","https://openalex.org/W2388608119","https://openalex.org/W2915494741","https://openalex.org/W9569021"],"abstract_inverted_index":null,"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":4},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":3}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}