{"id":"https://openalex.org/W4413259116","doi":"https://doi.org/10.1109/tcc.2025.3598060","title":"Observability and Incident Response in Managed Serverless Environments Using Ontology-Based Log Monitoring","display_name":"Observability and Incident Response in Managed Serverless Environments Using Ontology-Based Log Monitoring","publication_year":2025,"publication_date":"2025-08-12","ids":{"openalex":"https://openalex.org/W4413259116","doi":"https://doi.org/10.1109/tcc.2025.3598060"},"language":"en","primary_location":{"id":"doi:10.1109/tcc.2025.3598060","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcc.2025.3598060","pdf_url":null,"source":{"id":"https://openalex.org/S2492498579","display_name":"IEEE Transactions on Cloud Computing","issn_l":"2168-7161","issn":["2168-7161","2372-0018"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Cloud Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5098402907","display_name":"Lavi Ben-Shimol","orcid":"https://orcid.org/0009-0003-8948-3386"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Lavi Ben-Shimol","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055199255","display_name":"Edita Grolman","orcid":"https://orcid.org/0000-0002-8502-2035"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Edita Grolman","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-8502-2035","affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075299708","display_name":"Aviad Elyashar","orcid":"https://orcid.org/0000-0002-0918-0146"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Aviad Elyashar","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-0918-0146","affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5094161422","display_name":"Inbar Maimon","orcid":"https://orcid.org/0009-0005-5027-8988"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Inbar Maimon","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":"https://orcid.org/0009-0005-5027-8988","affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063793319","display_name":"Dudu Mimran","orcid":"https://orcid.org/0009-0004-9610-6156"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Dudu Mimran","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052344590","display_name":"Oleg Brodt","orcid":"https://orcid.org/0000-0002-2909-8676"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Oleg Brodt","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-2909-8676","affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5098579365","display_name":"Martin Strassmann","orcid":null},"institutions":[{"id":"https://openalex.org/I4210093367","display_name":"Deutsche Telekom (Germany)","ror":"https://ror.org/00m8prc86","country_code":"DE","type":"company","lineage":["https://openalex.org/I4210093367"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Martin Strassmann","raw_affiliation_strings":["Deutsche Telekom AG, Bonn, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Deutsche Telekom AG, Bonn, Germany","institution_ids":["https://openalex.org/I4210093367"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003405392","display_name":"Heiko Lehmann","orcid":null},"institutions":[{"id":"https://openalex.org/I4210093367","display_name":"Deutsche Telekom (Germany)","ror":"https://ror.org/00m8prc86","country_code":"DE","type":"company","lineage":["https://openalex.org/I4210093367"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Heiko Lehmann","raw_affiliation_strings":["Deutsche Telekom AG, Bonn, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Deutsche Telekom AG, Bonn, Germany","institution_ids":["https://openalex.org/I4210093367"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072913672","display_name":"Yuval Elovici","orcid":"https://orcid.org/0000-0002-9641-128X"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Yuval Elovici","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0002-9641-128X","affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002391103","display_name":"Asaf Shabtai","orcid":"https://orcid.org/0000-0003-0630-4059"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Asaf Shabtai","raw_affiliation_strings":["Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel"],"raw_orcid":"https://orcid.org/0000-0003-0630-4059","affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel","institution_ids":["https://openalex.org/I124227911"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":10,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.2161,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.89683441,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":98},"biblio":{"volume":"13","issue":"4","first_page":"1161","last_page":"1176"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9916999936103821,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/observability","display_name":"Observability","score":0.8945037126541138},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.731711745262146},{"id":"https://openalex.org/keywords/ontology","display_name":"Ontology","score":0.6951231956481934},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5008909702301025},{"id":"https://openalex.org/keywords/response-time","display_name":"Response time","score":0.4179137349128723},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.41623762249946594},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3895370066165924},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3638060390949249},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.14798980951309204},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.09638336300849915}],"concepts":[{"id":"https://openalex.org/C36299963","wikidata":"https://www.wikidata.org/wiki/Q1369844","display_name":"Observability","level":2,"score":0.8945037126541138},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.731711745262146},{"id":"https://openalex.org/C25810664","wikidata":"https://www.wikidata.org/wiki/Q44325","display_name":"Ontology","level":2,"score":0.6951231956481934},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5008909702301025},{"id":"https://openalex.org/C19012869","wikidata":"https://www.wikidata.org/wiki/Q578372","display_name":"Response time","level":2,"score":0.4179137349128723},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.41623762249946594},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3895370066165924},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3638060390949249},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.14798980951309204},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.09638336300849915},{"id":"https://openalex.org/C28826006","wikidata":"https://www.wikidata.org/wiki/Q33521","display_name":"Applied mathematics","level":1,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tcc.2025.3598060","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tcc.2025.3598060","pdf_url":null,"source":{"id":"https://openalex.org/S2492498579","display_name":"IEEE Transactions on Cloud Computing","issn_l":"2168-7161","issn":["2168-7161","2372-0018"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Cloud Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Climate action","score":0.5899999737739563,"id":"https://metadata.un.org/sdg/13"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":45,"referenced_works":["https://openalex.org/W132347231","https://openalex.org/W1184354083","https://openalex.org/W1487371587","https://openalex.org/W1658096163","https://openalex.org/W2034960640","https://openalex.org/W2124379907","https://openalex.org/W2734903536","https://openalex.org/W2749087070","https://openalex.org/W2810874430","https://openalex.org/W2887739100","https://openalex.org/W2957570572","https://openalex.org/W2962955124","https://openalex.org/W2976189582","https://openalex.org/W2978950152","https://openalex.org/W2980932398","https://openalex.org/W2991141347","https://openalex.org/W2996705685","https://openalex.org/W2997561286","https://openalex.org/W3011994245","https://openalex.org/W3012914409","https://openalex.org/W3043700398","https://openalex.org/W3089585046","https://openalex.org/W3099837301","https://openalex.org/W3111862628","https://openalex.org/W3164877299","https://openalex.org/W3166416521","https://openalex.org/W3169710019","https://openalex.org/W3170980000","https://openalex.org/W3179934812","https://openalex.org/W3200761580","https://openalex.org/W3202547399","https://openalex.org/W3204444692","https://openalex.org/W3212106901","https://openalex.org/W4200058614","https://openalex.org/W4200347904","https://openalex.org/W4205743427","https://openalex.org/W4235093120","https://openalex.org/W4308642220","https://openalex.org/W4313148063","https://openalex.org/W4322502352","https://openalex.org/W4385163739","https://openalex.org/W4386245196","https://openalex.org/W4388201345","https://openalex.org/W4403210968","https://openalex.org/W4405237797"],"related_works":["https://openalex.org/W2046459260","https://openalex.org/W2967463586","https://openalex.org/W2074679142","https://openalex.org/W2765830098","https://openalex.org/W1971989957","https://openalex.org/W2517338020","https://openalex.org/W3157641275","https://openalex.org/W4312300846","https://openalex.org/W2104042711","https://openalex.org/W4206221578"],"abstract_inverted_index":{"In":[0,61,94],"fully":[1,71],"managed":[2,72],"serverless":[3,50,73,85],"environments,":[4],"cloud":[5],"service":[6],"providers":[7],"handle":[8],"the":[9,23,95,98,107,117,126,138,148,173],"underlying":[10],"infrastructure,":[11],"reducing":[12],"application":[13,86,112,144],"developers\u2019":[14],"operational":[15],"and":[16,29,33,57,88,115,142,167,177],"maintenance":[17],"efforts.":[18],"However,":[19],"these":[20],"environments":[21],"limit":[22],"use":[24],"of":[25,150,181,205],"traditional":[26],"cybersecurity":[27,151,193],"frameworks":[28,48],"tools,":[30],"compromising":[31],"observability":[32],"situational":[34,121],"awareness":[35,122],"capabilities":[36],"for":[37,49,70],"security":[38,47,68],"tasks":[39],"(e.g.,":[40],"risk":[41,184],"assessment,":[42],"incident":[43,133],"response).":[44],"Additionally,":[45],"existing":[46],"applications":[51],"often":[52],"lack":[53],"generalizability":[54],"across":[55],"architectures":[56],"require":[58],"specialized":[59],"expertise.":[60],"this":[62,158],"paper,":[63],"we":[64],"propose":[65],"a":[66,79,110,179,202],"three-layer":[67],"stack":[69],"applications.":[74],"The":[75],"first":[76],"layer":[77],"establishes":[78],"foundational":[80],"generic":[81],"ontology":[82,99,139],"that":[83,124,136,157,187],"models":[84],"resources":[87],"their":[89],"interactions":[90],"using":[91],"API":[92],"logs.":[93],"second":[96],"layer,":[97,119],"is":[100],"leveraged":[101],"via":[102],"perimeterless":[103],"pipeline,":[104],"to":[105,140,162],"map":[106],"logs":[108,146],"into":[109],"unified":[111],"activity":[113,145],"KG,":[114],"in":[116,147,192],"third":[118],"two":[120],"tools":[123],"utilize":[125],"graph-based":[127],"representation":[128],"are":[129],"implemented:":[130],"(1)":[131],"an":[132],"response":[134],"dashboard":[135,159],"leverages":[137],"visualize":[141],"examine":[143],"context":[149],"alerts;":[152],"our":[153,195],"user":[154],"study":[155],"showed":[156],"enabled":[160],"participants":[161],"respond":[163],"10%":[164],"more":[165],"accurately":[166],"almost":[168],"twice":[169],"as":[170],"fast":[171],"than":[172],"examined":[174],"baseline":[175],"tool,":[176],"(2)":[178],"criticality":[180],"asset":[182],"(CoA)":[183],"assessment":[185],"framework":[186],"enables":[188],"efficient":[189],"expert-based":[190,196],"prioritization":[191],"contexts;":[194],"questionnaire":[197],"demonstrated":[198],"strong":[199],"agreement,":[200],"achieving":[201],"Kendall-W":[203],"score":[204],"0.7179.":[206]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}