{"id":"https://openalex.org/W3094451310","doi":"https://doi.org/10.1109/iscc50000.2020.9219678","title":"Attesting L-3 General Program Anomaly Detection Efficiency with SPADA","display_name":"Attesting L-3 General Program Anomaly Detection Efficiency with SPADA","publication_year":2020,"publication_date":"2020-07-01","ids":{"openalex":"https://openalex.org/W3094451310","doi":"https://doi.org/10.1109/iscc50000.2020.9219678","mag":"3094451310"},"language":"en","primary_location":{"id":"doi:10.1109/iscc50000.2020.9219678","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc50000.2020.9219678","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043896061","display_name":"Francis B. Moreira","orcid":"https://orcid.org/0000-0002-0926-3865"},"institutions":[{"id":"https://openalex.org/I130442723","display_name":"Universidade Federal do Rio Grande do Sul","ror":"https://ror.org/041yk2d64","country_code":"BR","type":"education","lineage":["https://openalex.org/I130442723"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Francis Moreira","raw_affiliation_strings":["Informatics Institute, Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil"],"affiliations":[{"raw_affiliation_string":"Informatics Institute, Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil","institution_ids":["https://openalex.org/I130442723"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5057698319","display_name":"Danilo Carastan\u2010Santos","orcid":"https://orcid.org/0000-0002-1878-8137"},"institutions":[{"id":"https://openalex.org/I130442723","display_name":"Universidade Federal do Rio Grande do Sul","ror":"https://ror.org/041yk2d64","country_code":"BR","type":"education","lineage":["https://openalex.org/I130442723"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Danilo Carastan-Santos","raw_affiliation_strings":["Informatics Institute, Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil"],"affiliations":[{"raw_affiliation_string":"Informatics Institute, Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil","institution_ids":["https://openalex.org/I130442723"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091234084","display_name":"Philippe O. A. Navaux","orcid":"https://orcid.org/0000-0002-9957-5861"},"institutions":[{"id":"https://openalex.org/I130442723","display_name":"Universidade Federal do Rio Grande do Sul","ror":"https://ror.org/041yk2d64","country_code":"BR","type":"education","lineage":["https://openalex.org/I130442723"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Philippe Navaux","raw_affiliation_strings":["Informatics Institute, Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil"],"affiliations":[{"raw_affiliation_string":"Informatics Institute, Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil","institution_ids":["https://openalex.org/I130442723"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5043896061"],"corresponding_institution_ids":["https://openalex.org/I130442723"],"apc_list":null,"apc_paid":null,"fwci":0.1326,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.55516278,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"7","issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10054","display_name":"Parallel Computing and Optimization Techniques","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.611170768737793},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5564125180244446},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.4717215895652771},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.22226348519325256},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.0921514630317688}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.611170768737793},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5564125180244446},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.4717215895652771},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.22226348519325256},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0921514630317688},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iscc50000.2020.9219678","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc50000.2020.9219678","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6200000047683716}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W123548525","https://openalex.org/W233021882","https://openalex.org/W654785806","https://openalex.org/W1603920809","https://openalex.org/W1947347140","https://openalex.org/W1968002620","https://openalex.org/W1994584977","https://openalex.org/W2008626182","https://openalex.org/W2022292029","https://openalex.org/W2076014973","https://openalex.org/W2097418232","https://openalex.org/W2098809490","https://openalex.org/W2099848066","https://openalex.org/W2107493680","https://openalex.org/W2109219878","https://openalex.org/W2112736324","https://openalex.org/W2118811116","https://openalex.org/W2128171167","https://openalex.org/W2129735804","https://openalex.org/W2134633067","https://openalex.org/W2160892968","https://openalex.org/W2167332015","https://openalex.org/W2167432494","https://openalex.org/W2168264487","https://openalex.org/W2228513862","https://openalex.org/W2295709271","https://openalex.org/W2755572540","https://openalex.org/W2944464096","https://openalex.org/W4239813889","https://openalex.org/W4250129486","https://openalex.org/W4253029824","https://openalex.org/W6604982192","https://openalex.org/W6677677767","https://openalex.org/W6684051939"],"related_works":["https://openalex.org/W2806741695","https://openalex.org/W4290647774","https://openalex.org/W3189286258","https://openalex.org/W3207797160","https://openalex.org/W3210364259","https://openalex.org/W4300558037","https://openalex.org/W2912112202","https://openalex.org/W2667207928","https://openalex.org/W4377864969","https://openalex.org/W2972971679"],"abstract_inverted_index":{"One":[0],"of":[1,11,26,151],"the":[2,9,17,24,35,45,149],"main":[3],"challenges":[4],"for":[5,156],"security":[6],"systems":[7],"is":[8,44,78,95],"detection":[10,25,127,154],"general":[12,72],"vulnerability":[13],"exploitation,":[14],"especially":[15],"when":[16],"exploit":[18],"uses":[19,87],"valid":[20],"control":[21],"flow.":[22],"Thus,":[23],"anomalous":[27,53],"behavior":[28,55],"provides":[29],"an":[30,79],"exciting":[31],"research":[32,36],"direction,":[33],"as":[34,52],"in":[37],"this":[38,62],"field":[39],"tries":[40],"to":[41,49,70,91,112,139],"describe":[42],"what":[43],"standard":[46],"program":[47],"execution,":[48],"then":[50],"detect":[51,71,92,113],"any":[54],"that":[56,60,68,83,101,125,146],"does":[57],"not":[58],"fit":[59],"description.In":[61],"work,":[63],"we":[64,123],"compare":[65],"two":[66],"mechanisms":[67,155],"aim":[69],"anomalies:":[73],"SPADA":[74,77],"and":[75,86,105,137],"LAD.":[76],"L-3":[80,152],"language":[81,99],"mechanism":[82,100,128],"partitions":[84],"phases":[85],"simple":[88],"phase":[89],"features":[90],"anomalies.":[93,114],"LAD":[94,132],"a":[96],"constrained":[97],"L-1":[98],"applies":[102],"complex":[103],"clustering":[104],"machine":[106],"learning":[107],"models":[108],"on":[109],"specific":[110],"functions":[111],"In":[115],"our":[116],"experimental":[117,144],"campaign":[118],"with":[119],"several":[120],"real-world":[121],"exploits,":[122],"show":[124,143],"SPADA\u2019s":[126],"performs":[129],"better":[130],"than":[131],"while":[133],"being":[134],"much":[135],"simpler":[136],"easier":[138],"implement.":[140],"We":[141],"therefore":[142],"evidence":[145],"further":[147],"attests":[148],"efficiency":[150],"attack":[153],"real":[157],"attacks.":[158]},"counts_by_year":[{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}