{"id":"https://openalex.org/W2151136203","doi":"https://doi.org/10.1145/2665936.2668879","title":"Detecting Roles and Anomalies in Hospital Access Audit Logs","display_name":"Detecting Roles and Anomalies in Hospital Access Audit Logs","publication_year":2014,"publication_date":"2014-11-03","ids":{"openalex":"https://openalex.org/W2151136203","doi":"https://doi.org/10.1145/2665936.2668879","mag":"2151136203"},"language":"en","primary_location":{"id":"doi:10.1145/2665936.2668879","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2665936.2668879","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5031954035","display_name":"Carl A. Gunter","orcid":"https://orcid.org/0009-0006-6943-0684"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Carl Gunter","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5031954035"],"corresponding_institution_ids":["https://openalex.org/I157725225"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.16907118,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"1"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11719","display_name":"Data Quality and Management","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1803","display_name":"Management Science and Operations Research"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11719","display_name":"Data Quality and Management","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1803","display_name":"Management Science and Operations Research"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10350","display_name":"Electronic Health Records Systems","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/3605","display_name":"Health Information Management"},"field":{"id":"https://openalex.org/fields/36","display_name":"Health Professions"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9850000143051147,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.767133355140686},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.6922892332077026},{"id":"https://openalex.org/keywords/accountability","display_name":"Accountability","score":0.6821177005767822},{"id":"https://openalex.org/keywords/audit-trail","display_name":"Audit trail","score":0.573089599609375},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.5648506283760071},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.48260653018951416},{"id":"https://openalex.org/keywords/information-technology-audit","display_name":"Information technology audit","score":0.454443097114563},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.4114295244216919},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.330144464969635},{"id":"https://openalex.org/keywords/internal-audit","display_name":"Internal audit","score":0.32811617851257324},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2993311882019043},{"id":"https://openalex.org/keywords/joint-audit","display_name":"Joint audit","score":0.24305260181427002},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1666974127292633},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.1561930775642395},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.11375117301940918}],"concepts":[{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.767133355140686},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.6922892332077026},{"id":"https://openalex.org/C2776007630","wikidata":"https://www.wikidata.org/wiki/Q2798912","display_name":"Accountability","level":2,"score":0.6821177005767822},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.573089599609375},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.5648506283760071},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.48260653018951416},{"id":"https://openalex.org/C177309310","wikidata":"https://www.wikidata.org/wiki/Q758917","display_name":"Information technology audit","level":5,"score":0.454443097114563},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.4114295244216919},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.330144464969635},{"id":"https://openalex.org/C170856484","wikidata":"https://www.wikidata.org/wiki/Q6452684","display_name":"Internal audit","level":3,"score":0.32811617851257324},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2993311882019043},{"id":"https://openalex.org/C191602146","wikidata":"https://www.wikidata.org/wiki/Q6269489","display_name":"Joint audit","level":4,"score":0.24305260181427002},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1666974127292633},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.1561930775642395},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.11375117301940918},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2665936.2668879","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2665936.2668879","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 Workshop on Cyber Security Analytics, Intelligence and Automation","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":1,"referenced_works":["https://openalex.org/W2115345989"],"related_works":["https://openalex.org/W4312395088","https://openalex.org/W4392960785","https://openalex.org/W158136844","https://openalex.org/W2606362175","https://openalex.org/W2168345648","https://openalex.org/W1509920715","https://openalex.org/W1542388080","https://openalex.org/W1966891751","https://openalex.org/W1879895764","https://openalex.org/W2375888810"],"abstract_inverted_index":{"There":[0],"is":[1,120],"significant":[2],"risk":[3],"in":[4,32,87],"denying":[5],"access":[6,23,83,116,149],"to":[7,13,47,51,60,69,104,109],"a":[8,15],"healthcare":[9],"provider":[10],"who":[11],"seeks":[12],"examine":[14],"patient's":[16],"medical":[17,88],"record.":[18],"For":[19],"this":[20,73],"reason,":[21],"hospital":[22,135],"control":[24],"systems":[25,90],"are":[26,35,57,67],"generally":[27],"based":[28,121],"on":[29,81,122],"optimistic":[30],"security":[31],"which":[33],"providers":[34],"given":[36],"broad":[37],"permissions;":[38],"accountability":[39],"through":[40],"audit":[41,55,61,86,102],"then":[42],"becomes":[43],"the":[44,132,137],"primary":[45],"means":[46],"detect":[48],"and":[49,65,91,107,114,144,165],"react":[50],"policy":[52],"violations.":[53],"Hospital":[54],"logs":[56,103],"too":[58],"large":[59],"manually":[62],"so":[63],"models":[64,156,161,167],"automation":[66],"needed":[68],"support":[70],"accountability.":[71],"In":[72],"talk":[74],"I":[75],"will":[76],"present":[77],"results":[78],"of":[79,140,168],"research":[80],"balancing":[82],"controls":[84],"with":[85,124],"record":[89],"discuss":[92],"broader":[93],"implications":[94],"for":[95],"other":[96],"areas.":[97],"Key":[98],"goals":[99],"involve":[100],"using":[101],"understand":[105],"roles":[106],"workflows":[108],"develop":[110],"reliable":[111],"anomaly":[112],"detection":[113],"safe":[115],"controls.":[117],"This":[118],"work":[119],"collaboration":[123],"Northwestern":[125],"Memorial":[126],"Hospital,":[127],"Vanderbilt":[128],"University":[129],"Medical":[130],"Center,":[131],"Johns":[133],"Hopkins":[134],"system,":[136],"Illinois":[138],"Office":[139],"Health":[141],"Information":[142],"Technology,":[143],"others.":[145],"Topics":[146],"include":[147],"experience-based":[148],"management,":[150],"role":[151,153],"prediction,":[152],"evolution,":[154],"topic":[155],"from":[157,162],"machine":[158],"learning,":[159],"graph-based":[160],"operations":[163],"research,":[164],"formal":[166],"policy.":[169]},"counts_by_year":[{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}