{"id":"https://openalex.org/W4402389591","doi":"https://doi.org/10.1109/tifs.2024.3456960","title":"A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations","display_name":"A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4402389591","doi":"https://doi.org/10.1109/tifs.2024.3456960"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2024.3456960","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2024.3456960","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1109/tifs.2024.3456960","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107100104","display_name":"Marcello Meschini","orcid":"https://orcid.org/0009-0006-2966-5112"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Marcello Meschini","raw_affiliation_strings":["University of Trento, Trento, Italy","University of Trento, Italy"],"raw_orcid":"https://orcid.org/0009-0006-2966-5112","affiliations":[{"raw_affiliation_string":"University of Trento, Trento, Italy","institution_ids":["https://openalex.org/I193223587"]},{"raw_affiliation_string":"University of Trento, Italy","institution_ids":["https://openalex.org/I193223587"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091123033","display_name":"Giorgio Di Tizio","orcid":"https://orcid.org/0000-0002-8713-8197"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Giorgio Di Tizio","raw_affiliation_strings":["University of Trento, Trento, Italy","University of Trento, Italy"],"raw_orcid":"https://orcid.org/0000-0002-8713-8197","affiliations":[{"raw_affiliation_string":"University of Trento, Trento, Italy","institution_ids":["https://openalex.org/I193223587"]},{"raw_affiliation_string":"University of Trento, Italy","institution_ids":["https://openalex.org/I193223587"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048021434","display_name":"Marco Balduzzi","orcid":null},"institutions":[{"id":"https://openalex.org/I4210091047","display_name":"Milano Metropoli Development Agency","ror":"https://ror.org/00c68pc60","country_code":"IT","type":"government","lineage":["https://openalex.org/I4210091047"]},{"id":"https://openalex.org/I58790123","display_name":"Child Trends","ror":"https://ror.org/00xh1ah97","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I58790123"]}],"countries":["IT","US"],"is_corresponding":false,"raw_author_name":"Marco Balduzzi","raw_affiliation_strings":["TRL, Trend Micro, Sesto San Giovanni, Italy","Trend Micro, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"TRL, Trend Micro, Sesto San Giovanni, Italy","institution_ids":["https://openalex.org/I4210091047"]},{"raw_affiliation_string":"Trend Micro, USA","institution_ids":["https://openalex.org/I58790123"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5085639552","display_name":"Fabio Massacci","orcid":"https://orcid.org/0000-0002-1091-8486"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Fabio Massacci","raw_affiliation_strings":["University of Trento, Trento, Italy","University of Trento, Italy"],"raw_orcid":"https://orcid.org/0000-0002-1091-8486","affiliations":[{"raw_affiliation_string":"University of Trento, Trento, Italy","institution_ids":["https://openalex.org/I193223587"]},{"raw_affiliation_string":"University of Trento, Italy","institution_ids":["https://openalex.org/I193223587"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5107100104"],"corresponding_institution_ids":["https://openalex.org/I193223587"],"apc_list":null,"apc_paid":null,"fwci":1.492,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.8681439,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":"19","issue":null,"first_page":"9419","last_page":"9432"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9800000190734863,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9713000059127808,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7764874696731567},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7432992458343506},{"id":"https://openalex.org/keywords/measure","display_name":"Measure (data warehouse)","score":0.6984397172927856},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.583474338054657},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4945661723613739},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3380361795425415},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.2455216348171234},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2244262397289276}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7764874696731567},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7432992458343506},{"id":"https://openalex.org/C2780009758","wikidata":"https://www.wikidata.org/wiki/Q6804172","display_name":"Measure (data warehouse)","level":2,"score":0.6984397172927856},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.583474338054657},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4945661723613739},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3380361795425415},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2455216348171234},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2244262397289276}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tifs.2024.3456960","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2024.3456960","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:research.vu.nl:openaire_cris_publications/100c9d62-20ac-4c18-a9fd-c89fef999cfc","is_oa":true,"landing_page_url":"https://research.vu.nl/en/publications/100c9d62-20ac-4c18-a9fd-c89fef999cfc","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Meschini, M, Tizio, G D, Balduzzi, M & Massacci, F 2024, 'A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations', IEEE Transactions on Information Forensics and Security, vol. 19, pp. 9419-9432. https://doi.org/10.1109/TIFS.2024.3456960","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:iris.unitn.it:11572/445494","is_oa":true,"landing_page_url":"https://hdl.handle.net/11572/445494","pdf_url":null,"source":{"id":"https://openalex.org/S4306401913","display_name":"Institutional Research Information System (Universit\u00e0 degli Studi di Trento)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I193223587","host_organization_name":"University of Trento","host_organization_lineage":["https://openalex.org/I193223587"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:research.vu.nl:openaire/100c9d62-20ac-4c18-a9fd-c89fef999cfc","is_oa":true,"landing_page_url":"https://hdl.handle.net/1871.1/100c9d62-20ac-4c18-a9fd-c89fef999cfc","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Meschini, M, Tizio, G D, Balduzzi, M & Massacci, F 2024, 'A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations', IEEE Transactions on Information Forensics and Security, vol. 19, pp. 9419-9432. https://doi.org/10.1109/TIFS.2024.3456960","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1109/tifs.2024.3456960","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2024.3456960","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4244047808","display_name":null,"funder_award_id":"KICH1.VE01.20.004 (HEWSTI)","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G440923564","display_name":null,"funder_award_id":"n.NWA-1215.18.006 (Theseus)","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G4898838400","display_name":null,"funder_award_id":"n.952647 (AssureMOSS)","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G6386844042","display_name":null,"funder_award_id":"NWA-1215.18.006 (Theseus)","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G6396055390","display_name":null,"funder_award_id":"101120393 (Sec4AI4Sec)","funder_id":"https://openalex.org/F4320338442","funder_display_name":"HORIZON EUROPE Civil security for society"},{"id":"https://openalex.org/G7046040472","display_name":null,"funder_award_id":"n.101120393 (Sec4AI4Sec)","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8053796804","display_name":null,"funder_award_id":"n.KICH1.VE01.20.004 (HEWSTI)","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G8969478090","display_name":null,"funder_award_id":"952647 (AssureMOSS)","funder_id":"https://openalex.org/F4320338475","funder_display_name":"H2020 LEIT Information and Communication Technologies"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320338442","display_name":"HORIZON EUROPE Civil security for society","ror":null},{"id":"https://openalex.org/F4320338475","display_name":"H2020 LEIT Information and Communication Technologies","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W150078352","https://openalex.org/W1490011260","https://openalex.org/W1541898988","https://openalex.org/W1977586926","https://openalex.org/W1989335842","https://openalex.org/W1998637589","https://openalex.org/W2003371939","https://openalex.org/W2014171012","https://openalex.org/W2023429893","https://openalex.org/W2065890363","https://openalex.org/W2081840305","https://openalex.org/W2104209065","https://openalex.org/W2104923322","https://openalex.org/W2127062979","https://openalex.org/W2135930857","https://openalex.org/W2228853307","https://openalex.org/W2281397941","https://openalex.org/W2535603283","https://openalex.org/W2602218799","https://openalex.org/W2748245824","https://openalex.org/W2765667105","https://openalex.org/W2767011015","https://openalex.org/W2792805829","https://openalex.org/W2794801050","https://openalex.org/W2883457276","https://openalex.org/W2889044571","https://openalex.org/W2891316582","https://openalex.org/W2904027722","https://openalex.org/W2912095101","https://openalex.org/W2947608454","https://openalex.org/W2970545278","https://openalex.org/W3008949272","https://openalex.org/W3012755363","https://openalex.org/W3015342250","https://openalex.org/W3093609112","https://openalex.org/W3113371616","https://openalex.org/W3118716900","https://openalex.org/W3122267592","https://openalex.org/W3125868980","https://openalex.org/W3138173041","https://openalex.org/W3156588337","https://openalex.org/W4280511617","https://openalex.org/W4283643001","https://openalex.org/W4300865450","https://openalex.org/W6714965741","https://openalex.org/W6744593529","https://openalex.org/W6782534320","https://openalex.org/W6799851084","https://openalex.org/W6849322672","https://openalex.org/W7000447106"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819","https://openalex.org/W2249809453","https://openalex.org/W3152891574","https://openalex.org/W4316881845"],"abstract_inverted_index":{"The":[0,78],"behavior":[1,99],"of":[2,22,68,76,81,95,105,110,129,145,182,185],"enterprise":[3],"users":[4],"(e.g.":[5,25,100,147],"browsing":[6,124],"at":[7,125],"night":[8],"or":[9],"visiting":[10],"gambling":[11,111,148],"sites)":[12],"is":[13,90,116,168],"a":[14,34,44,93,154,178,194],"potential":[15,212],"factor":[16],"that":[17,53,65],"might":[18],"increase":[19,136],"the":[20,30,138,183,208],"chances":[21],"malware":[23,83,130,161],"encounters":[24],"coinminers":[26,133],"vs":[27],"ransomware)":[28],"on":[29,37,189],"field.":[31],"We":[32,151],"report":[33],"case-control":[35,196],"study":[36,197],"telemetry":[38],"data":[39],"collected":[40],"by":[41,170],"Trend":[42],"Micro,":[43],"global":[45],"cybersecurity":[46,59],"vendor,":[47],"to":[48,57,73,206,215],"identify":[49],"users\u2019":[50],"behavioral":[51],"characteristics":[52],"can":[54],"be":[55,204],"used":[56],"differentiate":[58],"risks":[60],"profiles.":[61],"Our":[62],"results":[63,209],"show":[64],"different":[66,74,201],"types":[67,75],"\u2018patients":[69],"zero\u2019":[70],"are":[71],"vulnerable":[72],"epidemics.":[77],"odds":[79,139,184],"ratio":[80,140],"encountering":[82,186],"such":[84,122,131,162],"as":[85,123,132,163],"PUAs,":[86],"trojans,":[87],"and":[88,97,103,210],"hacktools":[89],"higher":[91],"for":[92,119,142,158],"variety":[94],"network":[96],"system":[98],"number,":[101],"types,":[102],"diversity":[104],"visited":[106],"web":[107,149],"sites,":[108,112],"visit":[109],"etc.)":[113],"but":[114],"it":[115],"not":[117],"significant":[118],"other":[120],"factors":[121,146],"night.":[126],"Other":[127],"type":[128,144],"have":[134],"an":[135],"in":[137,165,217],"only":[141],"few":[143],"sites).":[150],"also":[152],"present":[153],"specific":[155],"methodology":[156],"tailored":[157],"investigating":[159],"self-propagating":[160],"ransomware":[164,187],"which":[166],"one":[167],"infected":[169],"one\u2019s":[171],"neighbor.":[172],"With":[173],"this":[174],"approach,":[175],"we":[176],"observed":[177],"more":[179],"accurate":[180],"characterization":[181],"based":[188],"system-based":[190],"behaviors":[191],"than":[192],"with":[193,200],"standard":[195],"setup.":[198],"Experiments":[199],"vendors":[202],"may":[203],"needed":[205],"generalize":[207],"offset":[211],"bias":[213],"due":[214],"differences":[216],"market":[218],"share.":[219]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}