{"id":"https://openalex.org/W2539343541","doi":"https://doi.org/10.1109/malware.2014.6999404","title":"Agent-based trace learning in a recommendation-verification system for cybersecurity","display_name":"Agent-based trace learning in a recommendation-verification system for cybersecurity","publication_year":2014,"publication_date":"2014-10-01","ids":{"openalex":"https://openalex.org/W2539343541","doi":"https://doi.org/10.1109/malware.2014.6999404","mag":"2539343541"},"language":"en","primary_location":{"id":"doi:10.1109/malware.2014.6999404","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2014.6999404","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063254632","display_name":"William Casey","orcid":"https://orcid.org/0000-0001-7718-7385"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]},{"id":"https://openalex.org/I114772536","display_name":"Software Engineering Institute","ror":"https://ror.org/01xqjjn94","country_code":"US","type":"facility","lineage":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"William Casey","raw_affiliation_strings":["Software Engineering Institute, Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Software Engineering Institute, Carnegie Mellon University","institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058575798","display_name":"Evan Wright","orcid":null},"institutions":[{"id":"https://openalex.org/I114772536","display_name":"Software Engineering Institute","ror":"https://ror.org/01xqjjn94","country_code":"US","type":"facility","lineage":["https://openalex.org/I114772536","https://openalex.org/I74973139"]},{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Evan Wright","raw_affiliation_strings":["Software Engineering Institute, Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Software Engineering Institute, Carnegie Mellon University","institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048340882","display_name":"Jose Andre Morales","orcid":"https://orcid.org/0000-0001-7177-8192"},"institutions":[{"id":"https://openalex.org/I114772536","display_name":"Software Engineering Institute","ror":"https://ror.org/01xqjjn94","country_code":"US","type":"facility","lineage":["https://openalex.org/I114772536","https://openalex.org/I74973139"]},{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jose Andre Morales","raw_affiliation_strings":["Software Engineering Institute, Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Software Engineering Institute, Carnegie Mellon University","institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010529394","display_name":"Michael Appel","orcid":"https://orcid.org/0000-0003-4983-0622"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]},{"id":"https://openalex.org/I114772536","display_name":"Software Engineering Institute","ror":"https://ror.org/01xqjjn94","country_code":"US","type":"facility","lineage":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michael Appel","raw_affiliation_strings":["Software Engineering Institute, Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Software Engineering Institute, Carnegie Mellon University","institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006210965","display_name":"Jeff Gennari","orcid":null},"institutions":[{"id":"https://openalex.org/I114772536","display_name":"Software Engineering Institute","ror":"https://ror.org/01xqjjn94","country_code":"US","type":"facility","lineage":["https://openalex.org/I114772536","https://openalex.org/I74973139"]},{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jeff Gennari","raw_affiliation_strings":["Software Engineering Institute, Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Software Engineering Institute, Carnegie Mellon University","institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053379558","display_name":"Bud Mishra","orcid":null},"institutions":[{"id":"https://openalex.org/I36672615","display_name":"Courant Institute of Mathematical Sciences","ror":"https://ror.org/037tm7f56","country_code":"US","type":"education","lineage":["https://openalex.org/I36672615","https://openalex.org/I57206974"]},{"id":"https://openalex.org/I57206974","display_name":"New York University","ror":"https://ror.org/0190ak572","country_code":"US","type":"education","lineage":["https://openalex.org/I57206974"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bud Mishra","raw_affiliation_strings":["Courant Institute, New York University"],"affiliations":[{"raw_affiliation_string":"Courant Institute, New York University","institution_ids":["https://openalex.org/I36672615","https://openalex.org/I57206974"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5063254632"],"corresponding_institution_ids":["https://openalex.org/I114772536","https://openalex.org/I74973139"],"apc_list":null,"apc_paid":null,"fwci":1.3792,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.85113062,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"1","issue":null,"first_page":"135","last_page":"143"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8632031679153442},{"id":"https://openalex.org/keywords/liveness","display_name":"Liveness","score":0.7258955240249634},{"id":"https://openalex.org/keywords/trace","display_name":"TRACE (psycholinguistics)","score":0.685258150100708},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.556580126285553},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.481425017118454},{"id":"https://openalex.org/keywords/deception","display_name":"Deception","score":0.47686585783958435},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.44855743646621704},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.4291943311691284},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.42808374762535095},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4128211736679077},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.32904529571533203},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.32115867733955383}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8632031679153442},{"id":"https://openalex.org/C15569618","wikidata":"https://www.wikidata.org/wiki/Q3561421","display_name":"Liveness","level":2,"score":0.7258955240249634},{"id":"https://openalex.org/C75291252","wikidata":"https://www.wikidata.org/wiki/Q1315756","display_name":"TRACE (psycholinguistics)","level":2,"score":0.685258150100708},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.556580126285553},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.481425017118454},{"id":"https://openalex.org/C2779267917","wikidata":"https://www.wikidata.org/wiki/Q170028","display_name":"Deception","level":2,"score":0.47686585783958435},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.44855743646621704},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.4291943311691284},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.42808374762535095},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4128211736679077},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.32904529571533203},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.32115867733955383},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/malware.2014.6999404","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2014.6999404","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6499999761581421,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W97809322","https://openalex.org/W1487037064","https://openalex.org/W1554944419","https://openalex.org/W1587106557","https://openalex.org/W1886402853","https://openalex.org/W1977415353","https://openalex.org/W2036575863","https://openalex.org/W2057787526","https://openalex.org/W2125055259","https://openalex.org/W2133990480","https://openalex.org/W2134633067","https://openalex.org/W2149706766","https://openalex.org/W2163888186","https://openalex.org/W2164463255","https://openalex.org/W2762258958","https://openalex.org/W2911964244","https://openalex.org/W4236137412","https://openalex.org/W4239813889","https://openalex.org/W4250728693","https://openalex.org/W6745097691"],"related_works":["https://openalex.org/W1565271071","https://openalex.org/W2081199208","https://openalex.org/W3349016","https://openalex.org/W3160870209","https://openalex.org/W2494011163","https://openalex.org/W2053262709","https://openalex.org/W2139648957","https://openalex.org/W1481041875","https://openalex.org/W2391970076","https://openalex.org/W10278191"],"abstract_inverted_index":{"Agents":[0,134],"in":[1,47,60,135,201,230,252,256],"a":[2,75,137,178,183,197,204,213,243,248,253],"social-technological":[3,254],"network":[4,255],"can":[5,32,209],"be":[6,210,217],"thought":[7],"of":[8,55,63,77,114,123,167,173,181,227,259],"as":[9,41,212],"strategically":[10],"interacting":[11],"with":[12,111,160,222,232],"each":[13],"other":[14],"by":[15,151],"continually":[16],"observing":[17],"their":[18,130],"own":[19],"local":[20],"or":[21],"hyperlocal":[22],"information":[23],"and":[24,45,72,83,108,116,132,143,146,157,193,215,239],"communicating":[25],"suitable":[26],"signals":[27],"to":[28,51,70,103,128,246],"the":[29,53,112,124,164,168,171,237,257],"receivers":[30],"who":[31],"take":[33],"appropriate":[34],"actions.":[35],"Such":[36],"interactions":[37],"have":[38,67],"been":[39,68],"modeled":[40],"information-asymmetric":[42],"signaling":[43,126],"games":[44,127],"studied":[46],"our":[48,233],"earlier":[49,234],"work":[50],"understand":[52,129],"role":[54],"deception,":[56],"which":[57],"often":[58],"results":[59,226],"general":[61],"loss":[62],"cybersecurity.":[64],"While":[65],"there":[66],"attempts":[69],"model":[71,158],"check":[73,105],"such":[74,136,196],"body":[76],"agents":[78],"for":[79,149,206,242],"various":[80,90,106],"global":[81],"properties":[82],"hyperproperties,":[84],"it":[85],"has":[86],"become":[87],"clear":[88],"that":[89],"theoretical":[91],"obstacles":[92],"against":[93],"this":[94,202,228],"approach":[95,102],"are":[96],"unsurmountable.":[97],"We":[98],"instead":[99],"advocate":[100],"an":[101],"dynamically":[104],"liveness":[107],"safety":[109],"hyperproperties":[110],"help":[113],"recommenders":[115],"verifiers;":[117],"we":[118,175],"focus":[119,176],"on":[120,177,190,219],"empirical":[121],"studies":[122],"resulting":[125],"equilibria":[131],"stability.":[133],"proposed":[138],"system":[139,245],"may":[140],"mutate,":[141],"publish,":[142],"recommend":[144],"strategies":[145],"verify":[147],"properties,":[148],"instance,":[150],"using":[152,187],"statistical":[153,188],"inference,":[154],"machine":[155,198],"learning,":[156],"checking":[159],"models":[161],"derived":[162],"from":[163],"past":[165],"behavior":[166],"system.":[169],"For":[170],"sake":[172],"concreteness,":[174],"well-studied":[179],"problem":[180],"detecting":[182],"malicious":[184],"code":[185],"family":[186],"learning":[189],"trace":[191,223],"features":[192],"show":[194],"how":[195],"learner":[199],"-":[200,208],"study":[203],"classifier":[205],"Zeus/Zbot":[207],"rendered":[211],"property,":[214],"then":[216],"deployed":[218],"endpoint":[220],"devices":[221],"monitors.":[224],"The":[225],"paper,":[229],"combination":[231],"work,":[235],"indicate":[236],"feasibility":[238],"way":[240],"forward":[241],"recommendation-verification":[244],"achieve":[247],"novel":[249],"defense":[250],"mechanism":[251],"era":[258],"ubiquitous":[260],"computing.":[261]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}