{"id":"https://openalex.org/W4226285889","doi":"https://doi.org/10.1109/sds54264.2021.9732164","title":"Can the User Help? Leveraging User Actions for Network Profiling","display_name":"Can the User Help? Leveraging User Actions for Network Profiling","publication_year":2021,"publication_date":"2021-12-06","ids":{"openalex":"https://openalex.org/W4226285889","doi":"https://doi.org/10.1109/sds54264.2021.9732164"},"language":"en","primary_location":{"id":"doi:10.1109/sds54264.2021.9732164","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sds54264.2021.9732164","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 Eighth International Conference on Software Defined Systems (SDS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5053956926","display_name":"Zorigtbaatar Chuluundorj","orcid":null},"institutions":[{"id":"https://openalex.org/I107077323","display_name":"Worcester Polytechnic Institute","ror":"https://ror.org/05ejpqr48","country_code":"US","type":"education","lineage":["https://openalex.org/I107077323"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zorigtbaatar Chuluundorj","raw_affiliation_strings":["Worcester Polytechnic Institute,Computer Science Department,Worcester,MA,USA","Computer Science Department, Worcester Polytechnic Institute, Worcester, MA, USA"],"affiliations":[{"raw_affiliation_string":"Worcester Polytechnic Institute,Computer Science Department,Worcester,MA,USA","institution_ids":["https://openalex.org/I107077323"]},{"raw_affiliation_string":"Computer Science Department, Worcester Polytechnic Institute, Worcester, MA, USA","institution_ids":["https://openalex.org/I107077323"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045100985","display_name":"Curtis R. Taylor","orcid":"https://orcid.org/0000-0002-2270-3538"},"institutions":[{"id":"https://openalex.org/I1289243028","display_name":"Oak Ridge National Laboratory","ror":"https://ror.org/01qz5mb56","country_code":"US","type":"facility","lineage":["https://openalex.org/I1289243028","https://openalex.org/I1330989302","https://openalex.org/I39565521","https://openalex.org/I4210159294"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Curtis R. Taylor","raw_affiliation_strings":["Oak Ridge National Laboratory,Oak Ridge,TN,USA","Oak Ridge National Laboratory, Oak Ridge, TN, USA"],"affiliations":[{"raw_affiliation_string":"Oak Ridge National Laboratory,Oak Ridge,TN,USA","institution_ids":["https://openalex.org/I1289243028"]},{"raw_affiliation_string":"Oak Ridge National Laboratory, Oak Ridge, TN, USA","institution_ids":["https://openalex.org/I1289243028"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076667950","display_name":"Robert J. Walls","orcid":"https://orcid.org/0000-0002-1338-6403"},"institutions":[{"id":"https://openalex.org/I107077323","display_name":"Worcester Polytechnic Institute","ror":"https://ror.org/05ejpqr48","country_code":"US","type":"education","lineage":["https://openalex.org/I107077323"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Robert J. Walls","raw_affiliation_strings":["Worcester Polytechnic Institute,Computer Science Department,Worcester,MA,USA","Computer Science Department, Worcester Polytechnic Institute, Worcester, MA, USA"],"affiliations":[{"raw_affiliation_string":"Worcester Polytechnic Institute,Computer Science Department,Worcester,MA,USA","institution_ids":["https://openalex.org/I107077323"]},{"raw_affiliation_string":"Computer Science Department, Worcester Polytechnic Institute, Worcester, MA, USA","institution_ids":["https://openalex.org/I107077323"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081796472","display_name":"Craig A. Shue","orcid":"https://orcid.org/0000-0003-1012-3576"},"institutions":[{"id":"https://openalex.org/I107077323","display_name":"Worcester Polytechnic Institute","ror":"https://ror.org/05ejpqr48","country_code":"US","type":"education","lineage":["https://openalex.org/I107077323"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Craig A. Shue","raw_affiliation_strings":["Worcester Polytechnic Institute,Computer Science Department,Worcester,MA,USA","Computer Science Department, Worcester Polytechnic Institute, Worcester, MA, USA"],"affiliations":[{"raw_affiliation_string":"Worcester Polytechnic Institute,Computer Science Department,Worcester,MA,USA","institution_ids":["https://openalex.org/I107077323"]},{"raw_affiliation_string":"Computer Science Department, Worcester Polytechnic Institute, Worcester, MA, USA","institution_ids":["https://openalex.org/I107077323"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5053956926"],"corresponding_institution_ids":["https://openalex.org/I107077323"],"apc_list":null,"apc_paid":null,"fwci":0.3056,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.62371342,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8231555223464966},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.7389191389083862},{"id":"https://openalex.org/keywords/user-interface","display_name":"User interface","score":0.4860392212867737},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.48368367552757263},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4359690546989441},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3322409987449646},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2099490761756897}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8231555223464966},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.7389191389083862},{"id":"https://openalex.org/C89505385","wikidata":"https://www.wikidata.org/wiki/Q47146","display_name":"User interface","level":2,"score":0.4860392212867737},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.48368367552757263},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4359690546989441},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3322409987449646},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2099490761756897},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sds54264.2021.9732164","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sds54264.2021.9732164","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 Eighth International Conference on Software Defined Systems (SDS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.44999998807907104,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W1408671314","https://openalex.org/W1516211918","https://openalex.org/W1605877857","https://openalex.org/W1606975245","https://openalex.org/W1633185320","https://openalex.org/W1932621476","https://openalex.org/W1941427975","https://openalex.org/W2017802026","https://openalex.org/W2089562790","https://openalex.org/W2107881300","https://openalex.org/W2125743503","https://openalex.org/W2126529005","https://openalex.org/W2135143063","https://openalex.org/W2137974280","https://openalex.org/W2141125339","https://openalex.org/W2141549207","https://openalex.org/W2767094836","https://openalex.org/W4239205245","https://openalex.org/W6628268946","https://openalex.org/W6630877225","https://openalex.org/W6636086868","https://openalex.org/W6636814054","https://openalex.org/W6680797700"],"related_works":["https://openalex.org/W2161444195","https://openalex.org/W2589019771","https://openalex.org/W2985540061","https://openalex.org/W2185012154","https://openalex.org/W4252521128","https://openalex.org/W4287867321","https://openalex.org/W2911183501","https://openalex.org/W2104014222","https://openalex.org/W2153465672","https://openalex.org/W2150718212"],"abstract_inverted_index":{"Enterprises":[0,104],"have":[1,135],"difficulty":[2],"gaining":[3],"insight":[4,24],"into":[5],"the":[6,69,78,93,107,157,171],"steps":[7],"preceding":[8],"anomalous":[9],"activity":[10,100],"in":[11,173,186],"end-user":[12],"machines.":[13],"En-terprises":[14],"may":[15,44],"log":[16,64],"events":[17],"to":[18,22,46,49,52,77,111,150],"later":[19],"reconstruct":[20],"anomalies":[21],"gain":[23],"and":[25,34,63,74,85,123],"determine":[26],"their":[27],"causes.":[28],"Unfortunately,":[29],"most":[30],"logs":[31],"are":[32],"low-level":[33],"lack":[35],"contextual":[36],"information,":[37],"making":[38],"manual":[39],"inspection":[40],"arduous.":[41],"Accordingly,":[42],"enterprises":[43],"fail":[45],"promptly":[47],"respond":[48],"anomalies,":[50],"leading":[51],"outages":[53],"or":[54,129],"security":[55],"breaches.":[56],"To":[57],"help":[58,120,158],"these":[59],"enterprises,":[60],"we":[61,109,163],"monitor":[62],"each":[65],"user's":[66],"interactions":[67],"with":[68,156],"machine's":[70],"user":[71,99,160],"interface":[72],"(UI)":[73],"link":[75],"them":[76],"resulting":[79],"network":[80,125,167,190],"flows.":[81,103,191],"We":[82,115,152],"design,":[83],"implement,":[84],"evaluate":[86],"an":[87],"SDN":[88],"system,":[89],"called":[90],"Harbinger,":[91],"for":[92,102,141],"Microsoft":[94],"Windows":[95],"OS":[96],"that":[97,155],"provides":[98],"context":[101,108],"can":[105,119,134,146,164],"use":[106],"gather":[110],"complement":[112],"traditional":[113],"analysis.":[114],"explore":[116],"how":[117],"Harbinger":[118],"differentiate":[121],"normal":[122],"abnormal":[124],"traffic.":[126],"While":[127],"IP":[128],"DNS":[130],"host":[131],"name":[132],"profiling":[133],"error":[136],"rates":[137],"between":[138],"29%-38":[139],"%":[140],"URL-based":[142],"traffic,":[143],"UI-aware":[144],"sensors":[145],"reduce":[147],"such":[148],"errors":[149],"0.2%.":[151],"further":[153],"find":[154],"of":[159,170,184,188],"action":[161],"tracking,":[162],"detect":[165],"errant":[166],"traffic":[168],"99.1%":[169],"time":[172],"our":[174],"tests.":[175],"HARBINGERhas":[176],"good":[177],"performance,":[178],"introducing":[179],"less":[180],"than":[181],"6":[182],"milliseconds":[183],"delay":[185],"95%":[187],"new":[189]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}