{"id":"https://openalex.org/W2014171012","doi":"https://doi.org/10.1145/2660267.2660330","title":"An Epidemiological Study of Malware Encounters in a Large Enterprise","display_name":"An Epidemiological Study of Malware Encounters in a Large Enterprise","publication_year":2014,"publication_date":"2014-11-03","ids":{"openalex":"https://openalex.org/W2014171012","doi":"https://doi.org/10.1145/2660267.2660330","mag":"2014171012"},"language":"en","primary_location":{"id":"doi:10.1145/2660267.2660330","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2660267.2660330","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2660330&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=2660330&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015173179","display_name":"Ting-Fang Yen","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Ting-Fang Yen","raw_affiliation_strings":["E8 Security, Palo Alto, CA, USA"],"affiliations":[{"raw_affiliation_string":"E8 Security, Palo Alto, CA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083678689","display_name":"Victor Heorhiadi","orcid":"https://orcid.org/0000-0001-8365-3717"},"institutions":[{"id":"https://openalex.org/I114027177","display_name":"University of North Carolina at Chapel Hill","ror":"https://ror.org/0130frc33","country_code":"US","type":"education","lineage":["https://openalex.org/I114027177"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Victor Heorhiadi","raw_affiliation_strings":["University of North Carolina at Chapel Hill, Chapel Hill, NC, USA","University of North Carolina at Chapel Hill , Chapel Hill, NC, USA"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Chapel Hill, Chapel Hill, NC, USA","institution_ids":["https://openalex.org/I114027177"]},{"raw_affiliation_string":"University of North Carolina at Chapel Hill , Chapel Hill, NC, USA","institution_ids":["https://openalex.org/I114027177"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035574749","display_name":"Alina Oprea","orcid":"https://orcid.org/0000-0002-4979-5292"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alina Oprea","raw_affiliation_strings":["RSA Laboratories, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"RSA Laboratories, Cambridge, MA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074117167","display_name":"Michael K. Reiter","orcid":"https://orcid.org/0000-0001-7007-8274"},"institutions":[{"id":"https://openalex.org/I114027177","display_name":"University of North Carolina at Chapel Hill","ror":"https://ror.org/0130frc33","country_code":"US","type":"education","lineage":["https://openalex.org/I114027177"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michael K. Reiter","raw_affiliation_strings":["University of North Carolina at Chapel Hill, Chapel Hill, NC, USA","University of North Carolina at Chapel Hill , Chapel Hill, NC, USA"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Chapel Hill, Chapel Hill, NC, USA","institution_ids":["https://openalex.org/I114027177"]},{"raw_affiliation_string":"University of North Carolina at Chapel Hill , Chapel Hill, NC, USA","institution_ids":["https://openalex.org/I114027177"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029249775","display_name":"Ari Juels","orcid":"https://orcid.org/0009-0002-1143-5504"},"institutions":[{"id":"https://openalex.org/I205783295","display_name":"Cornell University","ror":"https://ror.org/05bnh6r87","country_code":"US","type":"education","lineage":["https://openalex.org/I205783295"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ari Juels","raw_affiliation_strings":["Cornell Tech, New York, NY, USA","Cornell Tech, New York , NY, USA"],"affiliations":[{"raw_affiliation_string":"Cornell Tech, New York, NY, USA","institution_ids":["https://openalex.org/I205783295"]},{"raw_affiliation_string":"Cornell Tech, New York , NY, USA","institution_ids":["https://openalex.org/I205783295"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5015173179"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":18.8152,"has_fulltext":true,"cited_by_count":68,"citation_normalized_percentile":{"value":0.99039265,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1117","last_page":"1130"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9303419589996338},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6722022294998169},{"id":"https://openalex.org/keywords/hierarchy","display_name":"Hierarchy","score":0.6260243654251099},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.45000767707824707},{"id":"https://openalex.org/keywords/logistic-regression","display_name":"Logistic regression","score":0.4199891984462738},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.4172123670578003},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.20946696400642395}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9303419589996338},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6722022294998169},{"id":"https://openalex.org/C31170391","wikidata":"https://www.wikidata.org/wiki/Q188619","display_name":"Hierarchy","level":2,"score":0.6260243654251099},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.45000767707824707},{"id":"https://openalex.org/C151956035","wikidata":"https://www.wikidata.org/wiki/Q1132755","display_name":"Logistic regression","level":2,"score":0.4199891984462738},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.4172123670578003},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.20946696400642395},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C34447519","wikidata":"https://www.wikidata.org/wiki/Q179522","display_name":"Market economy","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2660267.2660330","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2660267.2660330","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2660330&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.704.4797","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.704.4797","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.unc.edu/%7Ereiter/papers/2014/CCS2.pdf","raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/2660267.2660330","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2660267.2660330","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2660330&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/3","score":0.7300000190734863,"display_name":"Good health and well-being"}],"awards":[{"id":"https://openalex.org/G1656403116","display_name":null,"funder_award_id":"0831245","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2014171012.pdf","grobid_xml":"https://content.openalex.org/works/W2014171012.grobid-xml"},"referenced_works_count":22,"referenced_works":["https://openalex.org/W244636267","https://openalex.org/W1497454200","https://openalex.org/W1650881334","https://openalex.org/W1929374880","https://openalex.org/W1980793860","https://openalex.org/W2023429893","https://openalex.org/W2027549176","https://openalex.org/W2045057497","https://openalex.org/W2048375003","https://openalex.org/W2112063328","https://openalex.org/W2112238177","https://openalex.org/W2113344319","https://openalex.org/W2127062979","https://openalex.org/W2152066760","https://openalex.org/W2162532690","https://openalex.org/W2186215253","https://openalex.org/W2752929869","https://openalex.org/W4233802931","https://openalex.org/W4237690029","https://openalex.org/W4243958534","https://openalex.org/W4302584559","https://openalex.org/W6629663446"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819","https://openalex.org/W3152891574","https://openalex.org/W4316881845","https://openalex.org/W2975527072"],"abstract_inverted_index":{"We":[0,104,140],"present":[1],"an":[2],"epidemiological":[3],"study":[4,145],"of":[5,36,98,118,133],"malware":[6,24,31,48,55,99,135],"encounters":[7,100],"in":[8,85],"a":[9,94,110,129],"large,":[10],"multi-national":[11],"enterprise.":[12,103],"Our":[13],"data":[14,67],"sets":[15],"allow":[16],"us":[17],"to":[18,62,92,108],"observe":[19],"or":[20,44,79,147],"infer":[21],"not":[22],"only":[23],"presence":[25],"on":[26],"enterprise":[27,42],"computers,":[28],"but":[29],"also":[30,141],"entry":[32],"points,":[33],"network":[34,43],"locations":[35],"the":[37,41,47,86,116,137],"computers":[38],"(i.e.,":[39],"inside":[40],"outside)":[45],"when":[46],"were":[49],"encountered,":[50],"and":[51,83,151],"for":[52,71,101,114],"some":[53],"web-based":[54],"encounters,":[56],"web":[57],"activities":[58],"that":[59,153],"gave":[60],"rise":[61],"them.":[63],"By":[64],"coupling":[65],"this":[66,102,106],"with":[68],"demographic":[69],"information":[70],"each":[72],"host's":[73],"primary":[74],"user,":[75],"such":[76],"as":[77],"his":[78],"her":[80],"job":[81],"title":[82],"level":[84],"management":[87],"hierarchy,":[88],"we":[89],"are":[90],"able":[91],"paint":[93],"reasonably":[95],"comprehensive":[96],"picture":[97],"use":[105],"analysis":[107],"build":[109],"logistic":[111],"regression":[112],"model":[113,127],"inferring":[115],"risk":[117],"hosts":[119],"encountering":[120,134],"malware;":[121],"those":[122],"ranked":[123],"highly":[124],"by":[125],"our":[126,144,154],"have":[128],">3x":[130],"higher":[131],"rate":[132],"than":[136],"base":[138],"rate.":[139],"discuss":[142],"where":[143],"confirms":[146],"refutes":[148],"other":[149],"studies":[150],"guidance":[152],"results":[155],"suggest.":[156]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":15},{"year":2018,"cited_by_count":6},{"year":2017,"cited_by_count":9},{"year":2016,"cited_by_count":9},{"year":2015,"cited_by_count":5}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}