{"id":"https://openalex.org/W2130356754","doi":"https://doi.org/10.1109/pccc.2008.4745108","title":"Detection of Worm Propagation Engines in the System Call Domain using Colored Petri Nets","display_name":"Detection of Worm Propagation Engines in the System Call Domain using Colored Petri Nets","publication_year":2008,"publication_date":"2008-12-01","ids":{"openalex":"https://openalex.org/W2130356754","doi":"https://doi.org/10.1109/pccc.2008.4745108","mag":"2130356754"},"language":"en","primary_location":{"id":"doi:10.1109/pccc.2008.4745108","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pccc.2008.4745108","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2008 IEEE International Performance, Computing and Communications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008144065","display_name":"Arnur G. Tokhtabayev","orcid":null},"institutions":[{"id":"https://openalex.org/I123946342","display_name":"Binghamton University","ror":"https://ror.org/008rmbt77","country_code":"US","type":"education","lineage":["https://openalex.org/I123946342"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Arnur G. Tokhtabayev","raw_affiliation_strings":["Center for Advanced Information Technologies, Binghamton University, USA","Center for Adv. Inf. Technol., Binghamton Univ., Binghamton, NY"],"affiliations":[{"raw_affiliation_string":"Center for Advanced Information Technologies, Binghamton University, USA","institution_ids":["https://openalex.org/I123946342"]},{"raw_affiliation_string":"Center for Adv. Inf. Technol., Binghamton Univ., Binghamton, NY","institution_ids":["https://openalex.org/I123946342"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067920680","display_name":"Victor A. Skormin","orcid":null},"institutions":[{"id":"https://openalex.org/I123946342","display_name":"Binghamton University","ror":"https://ror.org/008rmbt77","country_code":"US","type":"education","lineage":["https://openalex.org/I123946342"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Victor A. Skormin","raw_affiliation_strings":["Center for Advanced Information Technologies, Binghamton University, USA","Center for Adv. Inf. Technol., Binghamton Univ., Binghamton, NY"],"affiliations":[{"raw_affiliation_string":"Center for Advanced Information Technologies, Binghamton University, USA","institution_ids":["https://openalex.org/I123946342"]},{"raw_affiliation_string":"Center for Adv. Inf. Technol., Binghamton Univ., Binghamton, NY","institution_ids":["https://openalex.org/I123946342"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113676704","display_name":"Andrey M. Dolgikh","orcid":null},"institutions":[{"id":"https://openalex.org/I123946342","display_name":"Binghamton University","ror":"https://ror.org/008rmbt77","country_code":"US","type":"education","lineage":["https://openalex.org/I123946342"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andrey M. Dolgikh","raw_affiliation_strings":["Center for Advanced Information Technologies, Binghamton University, USA","Center for Adv. Inf. Technol., Binghamton Univ., Binghamton, NY"],"affiliations":[{"raw_affiliation_string":"Center for Advanced Information Technologies, Binghamton University, USA","institution_ids":["https://openalex.org/I123946342"]},{"raw_affiliation_string":"Center for Adv. Inf. Technol., Binghamton Univ., Binghamton, NY","institution_ids":["https://openalex.org/I123946342"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5008144065"],"corresponding_institution_ids":["https://openalex.org/I123946342"],"apc_list":null,"apc_paid":null,"fwci":1.0998,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.8147171,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"1","issue":null,"first_page":"59","last_page":"68"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7876731157302856},{"id":"https://openalex.org/keywords/petri-net","display_name":"Petri net","score":0.6956163644790649},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6246399283409119},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6057279706001282},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.5839720964431763},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.5550984740257263},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5533553957939148},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.44102048873901367},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.4349021017551422},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.20838287472724915},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.18261390924453735}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7876731157302856},{"id":"https://openalex.org/C38677869","wikidata":"https://www.wikidata.org/wiki/Q724168","display_name":"Petri net","level":2,"score":0.6956163644790649},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6246399283409119},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6057279706001282},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.5839720964431763},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.5550984740257263},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5533553957939148},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.44102048873901367},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.4349021017551422},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.20838287472724915},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.18261390924453735},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pccc.2008.4745108","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pccc.2008.4745108","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2008 IEEE International Performance, Computing and Communications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"},{"id":"https://openalex.org/F4320338294","display_name":"Air Force Research Laboratory","ror":"https://ror.org/02e2egq70"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W1539027","https://openalex.org/W28799011","https://openalex.org/W123548525","https://openalex.org/W1534850333","https://openalex.org/W1589724738","https://openalex.org/W1832277845","https://openalex.org/W1876735072","https://openalex.org/W1941427975","https://openalex.org/W1947347140","https://openalex.org/W1967115330","https://openalex.org/W2091820864","https://openalex.org/W2101916222","https://openalex.org/W2109853917","https://openalex.org/W2111644751","https://openalex.org/W2132835642","https://openalex.org/W2138209477","https://openalex.org/W2163030488","https://openalex.org/W2933861370","https://openalex.org/W6638441982","https://openalex.org/W6673378547"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W1590307681","https://openalex.org/W2536018345","https://openalex.org/W4312814274","https://openalex.org/W4285370786","https://openalex.org/W2296488620","https://openalex.org/W2358353312","https://openalex.org/W2353836703"],"abstract_inverted_index":{"While":[0],"network":[1,39,56],"worms":[2,40,57],"carry":[3],"various":[4],"payloads":[5],"and":[6,127],"may":[7],"utilize":[8],"any":[9,81],"available":[10],"exploits,":[11],"they":[12],"all":[13],"have":[14],"one":[15,67],"common":[16],"component":[17],"-":[18],"the":[19,29,69,85,103,112,117,121,139,156,163],"propagation":[20,34,72,104,130,159],"engine.":[21],"Moreover,":[22,150],"it":[23],"is":[24,41,152],"important":[25],"to":[26,79,154],"note":[27],"that":[28,135],"number":[30],"of":[31,61,68,102,111,120,138,158],"conceptually":[32],"distinct":[33],"engines":[35],"employed":[36,161],"by":[37,55,66,144,162],"existing":[38],"quite":[42],"limited.":[43],"This":[44],"paper":[45],"presents":[46],"a":[47,59,62,76,129,145],"novel":[48,77],"signature-based":[49],"approach":[50],"for":[51],"detecting":[52],"attacks":[53],"perpetrated":[54],"as":[58],"manifestation":[60],"semantic":[63,82],"functionality":[64,83],"performed":[65],"few":[70],"known":[71],"engines.":[73],"We":[74,124],"propose":[75],"methodology":[78],"recognize":[80,155],"in":[84,116],"system":[86,134],"call":[87],"domain":[88],"through":[89],"utilizing":[90],"colored":[91],"Petri":[92,97],"Nets.":[93],"In":[94],"this":[95],"application,":[96],"Nets":[98],"embody":[99],"behavior-based":[100],"signatures":[101,108],"engine":[105,131,160],"functionalities.":[106],"These":[107],"are":[109],"indicative":[110],"shell":[113,141],"code":[114,142],"activity":[115,137],"first":[118],"stage":[119],"worm":[122,140],"proliferation.":[123],"developed,":[125],"tested":[126],"evaluated":[128],"detector":[132],"(PED)":[133],"detects":[136],"executed":[143],"process":[146],"during":[147],"an":[148],"attack.":[149],"PED":[151],"able":[153],"type":[157],"attacking":[164],"worm.":[165]},"counts_by_year":[{"year":2017,"cited_by_count":2},{"year":2014,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}