{"id":"https://openalex.org/W4200120081","doi":"https://doi.org/10.1109/iscc53001.2021.9631251","title":"Taking a Peek: An Evaluation of Anomaly Detection Using System calls for Containers","display_name":"Taking a Peek: An Evaluation of Anomaly Detection Using System calls for Containers","publication_year":2021,"publication_date":"2021-09-05","ids":{"openalex":"https://openalex.org/W4200120081","doi":"https://doi.org/10.1109/iscc53001.2021.9631251"},"language":"en","primary_location":{"id":"doi:10.1109/iscc53001.2021.9631251","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc53001.2021.9631251","pdf_url":null,"source":{"id":"https://openalex.org/S4363605778","display_name":"2021 IEEE Symposium on Computers and Communications (ISCC)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5034458973","display_name":"Gabriel Ruschel Castanhel","orcid":null},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Gabriel R. Castanhel","raw_affiliation_strings":["Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil"],"affiliations":[{"raw_affiliation_string":"Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil","institution_ids":["https://openalex.org/I52418104"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053942798","display_name":"Tiago Heinrich","orcid":"https://orcid.org/0000-0002-8017-1293"},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Tiago Heinrich","raw_affiliation_strings":["Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil"],"affiliations":[{"raw_affiliation_string":"Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil","institution_ids":["https://openalex.org/I52418104"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030227042","display_name":"Fabr\u00edcio Ceschin","orcid":"https://orcid.org/0000-0001-6853-8083"},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Fabricio Ceschin","raw_affiliation_strings":["Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil"],"affiliations":[{"raw_affiliation_string":"Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil","institution_ids":["https://openalex.org/I52418104"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5049431434","display_name":"Carlos Maziero","orcid":"https://orcid.org/0000-0003-2592-3664"},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Carlos Maziero","raw_affiliation_strings":["Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil"],"affiliations":[{"raw_affiliation_string":"Computer Science Graduate Program, Federal University of Paran\u00e1 State, Curitiba, Brazil","institution_ids":["https://openalex.org/I52418104"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5034458973"],"corresponding_institution_ids":["https://openalex.org/I52418104"],"apc_list":null,"apc_paid":null,"fwci":2.772,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.91863648,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.7767962217330933},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7414695024490356},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.7193863391876221},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6033182740211487},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.48726215958595276},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4818890690803528},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.4704802334308624},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.43587175011634827},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.43046531081199646},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.229654461145401},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.22244417667388916},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.1856042742729187},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12292349338531494}],"concepts":[{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.7767962217330933},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7414695024490356},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.7193863391876221},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6033182740211487},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.48726215958595276},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4818890690803528},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.4704802334308624},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.43587175011634827},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.43046531081199646},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.229654461145401},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.22244417667388916},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.1856042742729187},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12292349338531494},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C26873012","wikidata":"https://www.wikidata.org/wiki/Q214781","display_name":"Condensed matter physics","level":1,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iscc53001.2021.9631251","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc53001.2021.9631251","pdf_url":null,"source":{"id":"https://openalex.org/S4363605778","display_name":"2021 IEEE Symposium on Computers and Communications (ISCC)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320321091","display_name":"Coordena\u00e7\u00e3o de Aperfei\u00e7oamento de Pessoal de N\u00edvel Superior","ror":"https://ror.org/00x0ma614"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W1539745582","https://openalex.org/W1540031102","https://openalex.org/W1975177131","https://openalex.org/W1979717085","https://openalex.org/W2100533862","https://openalex.org/W2101234009","https://openalex.org/W2103746676","https://openalex.org/W2111306891","https://openalex.org/W2115348994","https://openalex.org/W2166855330","https://openalex.org/W2239647876","https://openalex.org/W2281706614","https://openalex.org/W2291034565","https://openalex.org/W2296335794","https://openalex.org/W2540282505","https://openalex.org/W2554427106","https://openalex.org/W2912247739","https://openalex.org/W2936268283","https://openalex.org/W2987194787","https://openalex.org/W2988790801","https://openalex.org/W3136767761","https://openalex.org/W4240388113","https://openalex.org/W4247095189","https://openalex.org/W6632363105","https://openalex.org/W6645063808","https://openalex.org/W6675354045","https://openalex.org/W6695719683","https://openalex.org/W6697144307","https://openalex.org/W6729130510","https://openalex.org/W6758502876","https://openalex.org/W6769981482","https://openalex.org/W7074150349"],"related_works":["https://openalex.org/W2806741695","https://openalex.org/W4290647774","https://openalex.org/W3189286258","https://openalex.org/W3207797160","https://openalex.org/W11100131","https://openalex.org/W3210364259","https://openalex.org/W4300558037","https://openalex.org/W2912112202","https://openalex.org/W2667207928","https://openalex.org/W4377864969"],"abstract_inverted_index":{"The":[0,20],"growth":[1],"in":[2,7],"the":[3,8,15,34,40],"use":[4,48,63],"of":[5,17,22,28,36],"virtualization":[6],"last":[9],"ten":[10],"years":[11],"has":[12],"contributed":[13],"to":[14,43,53,62,66,78],"improvement":[16],"this":[18,26],"technology.":[19],"practice":[21],"implementing":[23],"and":[24,55,82],"managing":[25],"type":[27],"isolated":[29],"environment":[30],"raises":[31],"doubts":[32],"about":[33],"security":[35],"such":[37],"systems.":[38],"Considering":[39],"host's":[41],"proximity":[42],"a":[44,70],"container,":[45],"approaches":[46],"that":[47],"anomaly":[49],"detection":[50],"systems":[51],"attempt":[52],"monitor":[54],"detect":[56],"unexpected":[57,83],"behavior.":[58],"Our":[59],"work":[60],"aims":[61],"system":[64],"calls":[65],"identify":[67],"threats":[68],"within":[69],"container":[71],"environment,":[72],"using":[73],"machine":[74],"learning":[75],"based":[76],"strategies":[77],"distinguish":[79],"between":[80],"expected":[81],"behaviors":[84],"(possible":[85],"threats).":[86]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":1}],"updated_date":"2026-02-25T08:12:03.925757","created_date":"2025-10-10T00:00:00"}