{"id":"https://openalex.org/W3139057174","doi":"https://doi.org/10.1109/bigdata50022.2020.9378294","title":"Towards an Open Format for Scalable System Telemetry","display_name":"Towards an Open Format for Scalable System Telemetry","publication_year":2020,"publication_date":"2020-12-10","ids":{"openalex":"https://openalex.org/W3139057174","doi":"https://doi.org/10.1109/bigdata50022.2020.9378294","mag":"3139057174"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata50022.2020.9378294","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata50022.2020.9378294","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111373813","display_name":"Teryl Taylor","orcid":"https://orcid.org/0000-0002-4915-1286"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Teryl Taylor","raw_affiliation_strings":["IBM Research"],"affiliations":[{"raw_affiliation_string":"IBM Research","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015875907","display_name":"Frederico Araujo","orcid":"https://orcid.org/0000-0001-5143-8318"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Frederico Araujo","raw_affiliation_strings":["IBM Research"],"affiliations":[{"raw_affiliation_string":"IBM Research","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5046558241","display_name":"Xiaokui Shu","orcid":"https://orcid.org/0000-0002-7381-7041"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xiaokui Shu","raw_affiliation_strings":["IBM Research"],"affiliations":[{"raw_affiliation_string":"IBM Research","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5111373813"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.7709,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.75638659,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1031","last_page":"1040"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8173073530197144},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.7460273504257202},{"id":"https://openalex.org/keywords/file-system","display_name":"File system","score":0.5499463081359863},{"id":"https://openalex.org/keywords/telemetry","display_name":"Telemetry","score":0.54721999168396},{"id":"https://openalex.org/keywords/analytics","display_name":"Analytics","score":0.5013320446014404},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.44558465480804443},{"id":"https://openalex.org/keywords/abstraction","display_name":"Abstraction","score":0.4322606921195984},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3822155296802521},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3138205111026764}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8173073530197144},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.7460273504257202},{"id":"https://openalex.org/C2780940931","wikidata":"https://www.wikidata.org/wiki/Q174989","display_name":"File system","level":2,"score":0.5499463081359863},{"id":"https://openalex.org/C183121708","wikidata":"https://www.wikidata.org/wiki/Q209867","display_name":"Telemetry","level":2,"score":0.54721999168396},{"id":"https://openalex.org/C79158427","wikidata":"https://www.wikidata.org/wiki/Q485396","display_name":"Analytics","level":2,"score":0.5013320446014404},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.44558465480804443},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.4322606921195984},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3822155296802521},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3138205111026764},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata50022.2020.9378294","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata50022.2020.9378294","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6200000047683716}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":37,"referenced_works":["https://openalex.org/W168132470","https://openalex.org/W1516506771","https://openalex.org/W1562945126","https://openalex.org/W1574648570","https://openalex.org/W1613865581","https://openalex.org/W1905089778","https://openalex.org/W2096347345","https://openalex.org/W2119026482","https://openalex.org/W2137410883","https://openalex.org/W2169636627","https://openalex.org/W2305788608","https://openalex.org/W2397699236","https://openalex.org/W2532844970","https://openalex.org/W2568036147","https://openalex.org/W2579106964","https://openalex.org/W2701195988","https://openalex.org/W2751114427","https://openalex.org/W2751844787","https://openalex.org/W2766852928","https://openalex.org/W2773846695","https://openalex.org/W2886539179","https://openalex.org/W2889727957","https://openalex.org/W2890262614","https://openalex.org/W2899141105","https://openalex.org/W2962703433","https://openalex.org/W2962785074","https://openalex.org/W4237793107","https://openalex.org/W6633760361","https://openalex.org/W6634496787","https://openalex.org/W6636676249","https://openalex.org/W6698379459","https://openalex.org/W6712595259","https://openalex.org/W6740255781","https://openalex.org/W6743841043","https://openalex.org/W6743866659","https://openalex.org/W6753967410","https://openalex.org/W6755539112"],"related_works":["https://openalex.org/W2070863773","https://openalex.org/W4212896802","https://openalex.org/W2503337970","https://openalex.org/W2056771637","https://openalex.org/W748047311","https://openalex.org/W2359918844","https://openalex.org/W4298110012","https://openalex.org/W2519661158","https://openalex.org/W2409236379","https://openalex.org/W1597381735"],"abstract_inverted_index":{"A":[0],"data":[1,10,36,126],"representation":[2,41],"for":[3,7,128],"system":[4,43,110,119],"behavior":[5],"telemetry":[6,16,69,111],"scalable":[8],"big":[9],"security":[11],"analytics":[12],"is":[13,32],"presented,":[14],"affording":[15],"consumers":[17],"comprehensive":[18],"visibility":[19],"into":[20,45,96],"workloads":[21],"at":[22],"reduced":[23],"storage":[24,114],"and":[25,65,73,83,116,124,132],"processing":[26],"overheads.":[27],"The":[28,68],"new":[29],"abstraction,":[30],"SysFlow,":[31],"a":[33,46],"compact":[34],"open":[35],"format":[37,70],"that":[38,50,91],"lifts":[39],"the":[40],"of":[42,77,104],"activities":[44],"flow-centric,":[47],"object-relational":[48],"mapping":[49],"records":[51],"how":[52],"applications":[53],"interact":[54],"with":[55],"their":[56],"environment,":[57],"relating":[58],"processes":[59],"to":[60],"file":[61,81],"accesses,":[62],"network":[63,84],"activities,":[64],"runtime":[66],"information.":[67],"supports":[71],"single-event":[72],"volumetric":[74],"flow":[75],"representations":[76],"process":[78],"control":[79],"flows,":[80],"interactions,":[82],"communications.":[85],"Evaluation":[86],"on":[87,135],"enterprise-grade":[88],"benchmarks":[89],"shows":[90],"SysFlow":[92],"facilitates":[93],"deeper":[94],"introspection":[95],"attack":[97],"kill":[98],"chains":[99],"while":[100],"yielding":[101],"traces":[102],"orders":[103],"magnitude":[105],"smaller":[106],"than":[107],"current":[108],"state-of-the-art":[109],"approaches-drastically":[112],"reducing":[113],"requirements":[115],"enabling":[117],"feature-filled":[118],"analytics,":[120],"process-level":[121],"provenance":[122],"tracking,":[123],"long-term":[125],"archival":[127],"cyber":[129],"threat":[130],"discovery":[131],"forensic":[133],"analysis":[134],"historical":[136],"data.":[137]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}