{"id":"https://openalex.org/W2736657272","doi":"https://doi.org/10.1109/cybconf.2017.7985783","title":"Identification of Scanning and Attacks against Web Applications with Graph-Based Modeling of Users' Behavior","display_name":"Identification of Scanning and Attacks against Web Applications with Graph-Based Modeling of Users' Behavior","publication_year":2017,"publication_date":"2017-06-01","ids":{"openalex":"https://openalex.org/W2736657272","doi":"https://doi.org/10.1109/cybconf.2017.7985783","mag":"2736657272"},"language":"en","primary_location":{"id":"doi:10.1109/cybconf.2017.7985783","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cybconf.2017.7985783","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 3rd IEEE International Conference on Cybernetics (CYBCONF)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039768935","display_name":"Marek Zachara","orcid":"https://orcid.org/0000-0002-8560-9696"},"institutions":[{"id":"https://openalex.org/I91045830","display_name":"Texas A&M University","ror":"https://ror.org/01f5ytq51","country_code":"US","type":"education","lineage":["https://openalex.org/I91045830"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Marek Zachara","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Texas A&M University, College Station, Texas, USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Texas A&M University, College Station, Texas, USA","institution_ids":["https://openalex.org/I91045830"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5039768935"],"corresponding_institution_ids":["https://openalex.org/I91045830"],"apc_list":null,"apc_paid":null,"fwci":0.2063,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.55434133,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"3","issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8198221921920776},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7998047471046448},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.6885890960693359},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.564693808555603},{"id":"https://openalex.org/keywords/web-server","display_name":"Web server","score":0.5174594521522522},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.482019305229187},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.45163920521736145},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.37425655126571655},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3735932409763336},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3259369730949402},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3231368660926819},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.22747433185577393}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8198221921920776},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7998047471046448},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.6885890960693359},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.564693808555603},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.5174594521522522},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.482019305229187},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.45163920521736145},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.37425655126571655},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3735932409763336},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3259369730949402},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3231368660926819},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.22747433185577393},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cybconf.2017.7985783","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cybconf.2017.7985783","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 3rd IEEE International Conference on Cybernetics (CYBCONF)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.75,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W167530960","https://openalex.org/W181628467","https://openalex.org/W1483941173","https://openalex.org/W1601674470","https://openalex.org/W2034424221","https://openalex.org/W2070386561","https://openalex.org/W2075451638","https://openalex.org/W2086437504","https://openalex.org/W2102292522","https://openalex.org/W2110523863","https://openalex.org/W2142889610","https://openalex.org/W2145357146","https://openalex.org/W2169528473","https://openalex.org/W2506555736","https://openalex.org/W2541427793","https://openalex.org/W2563478954","https://openalex.org/W2926341103","https://openalex.org/W6606832826","https://openalex.org/W6667967700"],"related_works":["https://openalex.org/W1485337887","https://openalex.org/W2906845177","https://openalex.org/W4200107511","https://openalex.org/W2891427086","https://openalex.org/W1968625315","https://openalex.org/W2626999804","https://openalex.org/W4250004941","https://openalex.org/W2736202444","https://openalex.org/W2049015391","https://openalex.org/W2137014442"],"abstract_inverted_index":{"In":[0],"this":[1],"paper,":[2],"a":[3,24,78],"method":[4,55],"for":[5],"identifying":[6],"malicious":[7],"requests":[8],"is":[9,26],"presented,":[10],"based":[11],"on":[12],"an":[13],"automatically":[14],"constructed":[15],"graph,":[16],"representing":[17],"users'":[18,52],"transitions":[19],"between":[20],"the":[21,40,47,85],"pages.":[22],"Such":[23],"graph":[25],"built":[27],"in":[28],"real":[29],"time,":[30],"utilizing":[31],"incoming":[32],"requests,":[33],"and":[34,74],"-":[35,49],"assuming":[36],"that":[37],"most":[38],"of":[39,61,81],"users":[41],"do":[42],"not":[43],"try":[44],"to":[45,76],"exploit":[46],"application":[48],"represents":[50],"typical":[51],"behaviors.":[53],"The":[54,88],"was":[56],"tested":[57],"against":[58,84,92],"six":[59],"sets":[60],"log":[62,72],"files":[63],"collected":[64],"from":[65],"different":[66],"servers,":[67],"totaling":[68],"over":[69],"4.5":[70],"million":[71],"entries":[73],"proved":[75],"identify":[77],"large":[79],"number":[80],"vulnerability":[82],"scans":[83],"web":[86],"sites.":[87],"results":[89],"were":[90],"compared":[91],"LORG.":[93]},"counts_by_year":[{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}