{"id":"https://openalex.org/W4282038082","doi":"https://doi.org/10.1109/noms54207.2022.9789790","title":"Policy-based and Behavioral Framework to Detect Ransomware Affecting Resource-constrained Sensors","display_name":"Policy-based and Behavioral Framework to Detect Ransomware Affecting Resource-constrained Sensors","publication_year":2022,"publication_date":"2022-04-25","ids":{"openalex":"https://openalex.org/W4282038082","doi":"https://doi.org/10.1109/noms54207.2022.9789790"},"language":"en","primary_location":{"id":"doi:10.1109/noms54207.2022.9789790","is_oa":false,"landing_page_url":"https://doi.org/10.1109/noms54207.2022.9789790","pdf_url":null,"source":{"id":"https://openalex.org/S4363605650","display_name":"NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063531116","display_name":"Alberto Huertas Celdr\u00e1n","orcid":"https://orcid.org/0000-0001-7125-1710"},"institutions":[{"id":"https://openalex.org/I202697423","display_name":"University of Zurich","ror":"https://ror.org/02crff812","country_code":"CH","type":"education","lineage":["https://openalex.org/I202697423"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"Alberto Huertas Celdran","raw_affiliation_strings":["University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050","institution_ids":["https://openalex.org/I202697423"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068451806","display_name":"Pedro Miguel S\u00e1nchez S\u00e1nchez","orcid":"https://orcid.org/0000-0002-6444-2102"},"institutions":[{"id":"https://openalex.org/I80180929","display_name":"Universidad de Murcia","ror":"https://ror.org/03p3aeb86","country_code":"ES","type":"education","lineage":["https://openalex.org/I80180929"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Pedro M. Sanchez Sanchez","raw_affiliation_strings":["University of Murcia,Department of Information and Communications Engineering,Murcia,Spain,30100"],"affiliations":[{"raw_affiliation_string":"University of Murcia,Department of Information and Communications Engineering,Murcia,Spain,30100","institution_ids":["https://openalex.org/I80180929"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063749335","display_name":"Eder J. Scheid","orcid":"https://orcid.org/0000-0002-7989-5286"},"institutions":[{"id":"https://openalex.org/I202697423","display_name":"University of Zurich","ror":"https://ror.org/02crff812","country_code":"CH","type":"education","lineage":["https://openalex.org/I202697423"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Eder J. Scheid","raw_affiliation_strings":["University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050","institution_ids":["https://openalex.org/I202697423"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077508754","display_name":"Timucin Besken","orcid":null},"institutions":[{"id":"https://openalex.org/I202697423","display_name":"University of Zurich","ror":"https://ror.org/02crff812","country_code":"CH","type":"education","lineage":["https://openalex.org/I202697423"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Timucin Besken","raw_affiliation_strings":["University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050","institution_ids":["https://openalex.org/I202697423"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070889566","display_name":"G\u00e9r\u00f4me Bovet","orcid":"https://orcid.org/0000-0002-4534-3483"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gerome Bovet","raw_affiliation_strings":["Armasuisse Science & Technology,Cyber-Defence Campus,Thun,Switzerland,CH-3602"],"affiliations":[{"raw_affiliation_string":"Armasuisse Science & Technology,Cyber-Defence Campus,Thun,Switzerland,CH-3602","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059796926","display_name":"Gregorio Mart\u00ednez P\u00e9rez","orcid":"https://orcid.org/0000-0001-5532-6604"},"institutions":[{"id":"https://openalex.org/I80180929","display_name":"Universidad de Murcia","ror":"https://ror.org/03p3aeb86","country_code":"ES","type":"education","lineage":["https://openalex.org/I80180929"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Gregorio Martinez Perez","raw_affiliation_strings":["University of Murcia,Department of Information and Communications Engineering,Murcia,Spain,30100"],"affiliations":[{"raw_affiliation_string":"University of Murcia,Department of Information and Communications Engineering,Murcia,Spain,30100","institution_ids":["https://openalex.org/I80180929"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033030418","display_name":"Burkhard Stiller","orcid":"https://orcid.org/0000-0002-7461-7463"},"institutions":[{"id":"https://openalex.org/I202697423","display_name":"University of Zurich","ror":"https://ror.org/02crff812","country_code":"CH","type":"education","lineage":["https://openalex.org/I202697423"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Burkhard Stiller","raw_affiliation_strings":["University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050"],"affiliations":[{"raw_affiliation_string":"University of Zurich UZH,Communication Systems Group CSG,Department of Informatics,Zürich,Switzerland,CH-8050","institution_ids":["https://openalex.org/I202697423"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5063531116"],"corresponding_institution_ids":["https://openalex.org/I202697423"],"apc_list":null,"apc_paid":null,"fwci":0.6139,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.64483627,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9243482351303101},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7993308305740356},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.760475218296051},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.5629514455795288},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.45747140049934387},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3958318829536438},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.35723745822906494},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.35001254081726074},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3246335983276367},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.1644836664199829}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9243482351303101},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7993308305740356},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.760475218296051},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.5629514455795288},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.45747140049934387},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3958318829536438},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.35723745822906494},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.35001254081726074},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3246335983276367},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.1644836664199829}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/noms54207.2022.9789790","is_oa":false,"landing_page_url":"https://doi.org/10.1109/noms54207.2022.9789790","pdf_url":null,"source":{"id":"https://openalex.org/S4363605650","display_name":"NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.550000011920929,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W2119359024","https://openalex.org/W2276327163","https://openalex.org/W2461373307","https://openalex.org/W2513529237","https://openalex.org/W2605049359","https://openalex.org/W2773511604","https://openalex.org/W2784113120","https://openalex.org/W2787931603","https://openalex.org/W2793829161","https://openalex.org/W2799908179","https://openalex.org/W2800509541","https://openalex.org/W2807312247","https://openalex.org/W2807931621","https://openalex.org/W2893176864","https://openalex.org/W2928980918","https://openalex.org/W3000953536","https://openalex.org/W3016150959","https://openalex.org/W3048094199","https://openalex.org/W3138207087","https://openalex.org/W4293742266","https://openalex.org/W4297689184","https://openalex.org/W6729193369","https://openalex.org/W6748061875","https://openalex.org/W6748263364"],"related_works":["https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W4253977752","https://openalex.org/W3120595989","https://openalex.org/W2964829536","https://openalex.org/W2904586340","https://openalex.org/W2942879794","https://openalex.org/W3214090987"],"abstract_inverted_index":{"Traditionally,":[0],"data":[1,21],"centers":[2],"have":[3,57,94],"been":[4,58,95],"the":[5,12,24,38,42],"preferred":[6],"target":[7],"for":[8],"ransomware":[9,29,84,135],"attacks.":[10],"However,":[11,51],"increasing":[13],"number":[14],"of":[15,26,40,44,53,123],"IoT":[16],"(Internet-of-Things)":[17],"devices":[18,45],"managing":[19],"valuable":[20],"is":[22],"attracting":[23],"attention":[25],"cybercriminals":[27],"and":[28,60,82,87,126],"towards":[30],"resource-constrained":[31,86,99],"devices.":[32],"So":[33],"far,":[34],"literature":[35],"has":[36],"demonstrated":[37],"suitability":[39],"monitoring":[41],"behavior":[43],"to":[46,79,103],"detect":[47,80],"some":[48],"malware":[49],"infections.":[50],"most":[52],"these":[54],"existing":[55],"solutions":[56],"designed":[59],"validated":[61,96],"in":[62,97,118,121],"Windows-based":[63],"systems":[64],"without":[65],"computational":[66],"restrictions.Thus,":[67],"this":[68],"work":[69],"presents":[70],"a":[71,98,105,115,138],"lightweight":[72],"policy-based":[73],"framework":[74,91],"that":[75],"uses":[76],"behavioral":[77],"fingerprinting":[78],"anomalies":[81,130],"classify":[83],"affecting":[85,137],"Linux-based":[88],"sensors.":[89],"The":[90],"detection":[92,124],"capabilities":[93],"spectrum":[100],"sensor":[101],"belonging":[102],"ElectroSense,":[104],"real":[106],"crowdsensing":[107],"platform.":[108],"In":[109],"particular,":[110],"three":[111],"policies,":[112],"created":[113],"as":[114,142],"proof-of-concept,":[116],"resulted":[117],"promising":[119],"findings":[120],"terms":[122],"performance":[125],"time,":[127],"when":[128],"identifying":[129],"by":[131],"classifying":[132],"two":[133],"recent":[134],"samples":[136],"Raspberry":[139],"Pi":[140],"acting":[141],"sensor.":[143]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":3}],"updated_date":"2026-03-02T06:13:33.250793","created_date":"2025-10-10T00:00:00"}