{"id":"https://openalex.org/W2532844970","doi":"https://doi.org/10.1145/2976749.2978378","title":"High Fidelity Data Reduction for Big Data Security Dependency Analyses","display_name":"High Fidelity Data Reduction for Big Data Security Dependency Analyses","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2532844970","doi":"https://doi.org/10.1145/2976749.2978378","mag":"2532844970"},"language":"en","primary_location":{"id":"doi:10.1145/2976749.2978378","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2976749.2978378","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100692806","display_name":"Xu Zhang","orcid":"https://orcid.org/0000-0003-3391-4792"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Zhang Xu","raw_affiliation_strings":["NofutzNetworks Inc., Croton-on-hudson, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NofutzNetworks Inc., Croton-on-hudson, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076718675","display_name":"Zhenyu Wu","orcid":"https://orcid.org/0000-0001-9617-7094"},"institutions":[{"id":"https://openalex.org/I4210107353","display_name":"NEC (United States)","ror":"https://ror.org/01v791m31","country_code":"US","type":"company","lineage":["https://openalex.org/I118347220","https://openalex.org/I4210107353"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhenyu Wu","raw_affiliation_strings":["NEC Labs America, Inc., Princeton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NEC Labs America, Inc., Princeton, NJ, USA","institution_ids":["https://openalex.org/I4210107353"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091296600","display_name":"Zhichun Li","orcid":"https://orcid.org/0000-0002-1451-0904"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhichun Li","raw_affiliation_strings":["NEC Laboratories America Inc., Princeton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NEC Laboratories America Inc., Princeton, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024705395","display_name":"Kangkook Jee","orcid":"https://orcid.org/0000-0003-3797-4637"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kangkook Jee","raw_affiliation_strings":["NEC Laboratories America Inc., Princeton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NEC Laboratories America Inc., Princeton, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054561146","display_name":"Junghwan Rhee","orcid":"https://orcid.org/0000-0002-4043-9371"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Junghwan Rhee","raw_affiliation_strings":["NEC Laboratories America Inc., Princeton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NEC Laboratories America Inc., Princeton, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012621594","display_name":"Xusheng Xiao","orcid":"https://orcid.org/0000-0003-4797-4294"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xusheng Xiao","raw_affiliation_strings":["NEC Laboratories America Inc., Princeton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NEC Laboratories America Inc., Princeton, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114549816","display_name":"Fengyuan Xu","orcid":"https://orcid.org/0000-0003-3388-7544"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Fengyuan Xu","raw_affiliation_strings":["Nanjing University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Nanjing University, Nanjing, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100664241","display_name":"Haining Wang","orcid":"https://orcid.org/0000-0002-9665-7511"},"institutions":[{"id":"https://openalex.org/I86501945","display_name":"University of Delaware","ror":"https://ror.org/01sbq1a82","country_code":"US","type":"education","lineage":["https://openalex.org/I86501945"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haining Wang","raw_affiliation_strings":["University of Delaware, Newark, DE, USA"],"affiliations":[{"raw_affiliation_string":"University of Delaware, Newark, DE, USA","institution_ids":["https://openalex.org/I86501945"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5110097872","display_name":"Guofei Jiang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Guofei Jiang","raw_affiliation_strings":["NEC Laboratories America Inc., Princeton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"NEC Laboratories America Inc., Princeton, NJ, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5100692806"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":9.1546,"has_fulltext":false,"cited_by_count":151,"citation_normalized_percentile":{"value":0.98089188,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"504","last_page":"516"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8564206957817078},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.784968912601471},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.7734907865524292},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.7212453484535217},{"id":"https://openalex.org/keywords/reduction","display_name":"Reduction (mathematics)","score":0.608930230140686},{"id":"https://openalex.org/keywords/fidelity","display_name":"Fidelity","score":0.5758057832717896},{"id":"https://openalex.org/keywords/big-data","display_name":"Big data","score":0.5111225247383118},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5006344318389893},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.49084025621414185},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4682551324367523},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.453675240278244},{"id":"https://openalex.org/keywords/data-quality","display_name":"Data quality","score":0.43525487184524536},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.14616626501083374},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.14512386918067932},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10638031363487244},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.10248580574989319}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8564206957817078},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.784968912601471},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.7734907865524292},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.7212453484535217},{"id":"https://openalex.org/C111335779","wikidata":"https://www.wikidata.org/wiki/Q3454686","display_name":"Reduction (mathematics)","level":2,"score":0.608930230140686},{"id":"https://openalex.org/C2776459999","wikidata":"https://www.wikidata.org/wiki/Q2119376","display_name":"Fidelity","level":2,"score":0.5758057832717896},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.5111225247383118},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5006344318389893},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.49084025621414185},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4682551324367523},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.453675240278244},{"id":"https://openalex.org/C24756922","wikidata":"https://www.wikidata.org/wiki/Q1757694","display_name":"Data quality","level":3,"score":0.43525487184524536},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.14616626501083374},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.14512386918067932},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10638031363487244},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.10248580574989319},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2976749.2978378","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2976749.2978378","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W47175211","https://openalex.org/W63024763","https://openalex.org/W1486762028","https://openalex.org/W1521917342","https://openalex.org/W1975990814","https://openalex.org/W1990868986","https://openalex.org/W1993478093","https://openalex.org/W2009766178","https://openalex.org/W2021201118","https://openalex.org/W2021238570","https://openalex.org/W2093406244","https://openalex.org/W2094227925","https://openalex.org/W2094827065","https://openalex.org/W2096347345","https://openalex.org/W2102832611","https://openalex.org/W2112127916","https://openalex.org/W2112525062","https://openalex.org/W2124545752","https://openalex.org/W2133089788","https://openalex.org/W2137842875","https://openalex.org/W2144072407","https://openalex.org/W2159357881","https://openalex.org/W2168103835","https://openalex.org/W2213728018","https://openalex.org/W2295705535","https://openalex.org/W2397699236","https://openalex.org/W2486588411","https://openalex.org/W2579106964","https://openalex.org/W4245671428","https://openalex.org/W4255411440","https://openalex.org/W4255970238"],"related_works":["https://openalex.org/W1496222301","https://openalex.org/W3207760230","https://openalex.org/W1590307681","https://openalex.org/W4312814274","https://openalex.org/W4285370786","https://openalex.org/W2296488620","https://openalex.org/W2358353312","https://openalex.org/W2891888580","https://openalex.org/W2215544391","https://openalex.org/W4210350690"],"abstract_inverted_index":{"Intrusive":[0],"multi-step":[1],"attacks,":[2,9],"such":[3],"as":[4],"Advanced":[5],"Persistent":[6],"Threat":[7],"(APT)":[8],"have":[10],"plagued":[11],"enterprises":[12,23,51],"with":[13],"significant":[14],"financial":[15],"losses":[16],"and":[17,34,159,207],"are":[18,32,45,52],"the":[19,57,109,116,137,146,169,202,209],"top":[20],"reason":[21],"for":[22,40,68,163],"to":[24,55,90,114,144],"increase":[25],"their":[26],"security":[27],"budgets.":[28],"Since":[29],"these":[30],"attacks":[31],"sophisticated":[33],"stealthy,":[35],"they":[36],"can":[37,199],"remain":[38],"undetected":[39],"years":[41],"if":[42],"individual":[43],"steps":[44],"buried":[46],"in":[47,74],"background":[48],"\"noise.\"":[49],"Thus,":[50],"seeking":[53],"solutions":[54],"\"connect":[56],"suspicious":[58],"dots\"":[59],"across":[60],"multiple":[61],"activities.":[62],"This":[63,101],"requires":[64],"ubiquitous":[65],"system":[66,81,87,94,112,205],"auditing":[67,182],"long":[69],"periods":[70],"of":[71,80,118,139,149,171,187,204,211],"time,":[72],"which":[73],"turn":[75],"causes":[76],"overwhelmingly":[77],"large":[78],"amount":[79],"audit":[82,95],"events.":[83],"Given":[84],"a":[85,98,104,177],"limited":[86],"budget,":[88],"how":[89],"efficiently":[91],"handle":[92],"ever-increasing":[93],"logs":[96,206],"is":[97],"great":[99],"challenge.":[100],"paper":[102],"proposes":[103],"new":[105],"approach":[106,198],"that":[107,135,196],"exploits":[108],"dependency":[110,138],"among":[111],"events":[113,140],"reduce":[115,201],"number":[117],"log":[119,185],"entries":[120],"while":[121],"still":[122],"supporting":[123],"high-quality":[124],"forensic":[125,150,212],"analysis.":[126,151],"In":[127],"particular,":[128],"we":[129,153,175],"first":[130],"propose":[131,154],"an":[132,155],"aggregation":[133],"algorithm":[134,158],"preserves":[136],"during":[141],"data":[142,165],"reduction":[143,157],"ensure":[145],"high":[147],"quality":[148],"Then":[152],"aggressive":[156],"exploit":[160],"domain":[161],"knowledge":[162],"further":[164],"reduction.":[166],"To":[167],"validate":[168],"efficacy":[170],"our":[172,197],"proposed":[173],"approach,":[174],"conduct":[176],"comprehensive":[178],"evaluation":[179,193],"on":[180],"real-world":[181],"systems":[183],"using":[184],"traces":[186],"more":[188],"than":[189],"one":[190],"month.":[191],"Our":[192],"results":[194],"demonstrate":[195],"significantly":[200],"size":[203],"improve":[208],"efficiency":[210],"analysis":[213],"without":[214],"losing":[215],"accuracy.":[216]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":21},{"year":2024,"cited_by_count":29},{"year":2023,"cited_by_count":18},{"year":2022,"cited_by_count":16},{"year":2021,"cited_by_count":20},{"year":2020,"cited_by_count":15},{"year":2019,"cited_by_count":12},{"year":2018,"cited_by_count":15},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}