{"id":"https://openalex.org/W2559818752","doi":"https://doi.org/10.1145/3015135.3015138","title":"Detecting rootkits with the RAI runtime application inventory","display_name":"Detecting rootkits with the RAI runtime application inventory","publication_year":2016,"publication_date":"2016-12-05","ids":{"openalex":"https://openalex.org/W2559818752","doi":"https://doi.org/10.1145/3015135.3015138","mag":"2559818752"},"language":"en","primary_location":{"id":"doi:10.1145/3015135.3015138","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3015135.3015138","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3015138&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=3015138&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040194296","display_name":"Shabnam Aboughadareh","orcid":null},"institutions":[{"id":"https://openalex.org/I189196454","display_name":"The University of Texas at Arlington","ror":"https://ror.org/019kgqr73","country_code":"US","type":"education","lineage":["https://openalex.org/I189196454"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shabnam Aboughadareh","raw_affiliation_strings":["The University of Texas at Arlington"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Arlington","institution_ids":["https://openalex.org/I189196454"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079825775","display_name":"Christoph Csallner","orcid":"https://orcid.org/0000-0003-0896-6902"},"institutions":[{"id":"https://openalex.org/I189196454","display_name":"The University of Texas at Arlington","ror":"https://ror.org/019kgqr73","country_code":"US","type":"education","lineage":["https://openalex.org/I189196454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christoph Csallner","raw_affiliation_strings":["The University of Texas at Arlington"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Arlington","institution_ids":["https://openalex.org/I189196454"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5040194296"],"corresponding_institution_ids":["https://openalex.org/I189196454"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.08605443,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.9321814179420471},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9100599884986877},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8075030446052551},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6116850972175598},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.5980263352394104},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5396890640258789},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.4625989496707916},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.34666332602500916},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1366647183895111}],"concepts":[{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.9321814179420471},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9100599884986877},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8075030446052551},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6116850972175598},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.5980263352394104},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5396890640258789},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.4625989496707916},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.34666332602500916},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1366647183895111},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3015135.3015138","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3015135.3015138","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3015138&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3015135.3015138","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3015135.3015138","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3015138&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3693044891","display_name":"SHF: Small: Automating Improvement of Development Environments for Cyber-Physical Systems (AIDE-CPS)","funder_award_id":"1527398","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8688161512","display_name":null,"funder_award_id":"1117369,1527398","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G95798966","display_name":null,"funder_award_id":"1117369","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2559818752.pdf","grobid_xml":"https://content.openalex.org/works/W2559818752.grobid-xml"},"referenced_works_count":48,"referenced_works":["https://openalex.org/W22858107","https://openalex.org/W86730287","https://openalex.org/W97539848","https://openalex.org/W103986934","https://openalex.org/W142135623","https://openalex.org/W148956775","https://openalex.org/W161166442","https://openalex.org/W172558989","https://openalex.org/W173413620","https://openalex.org/W1492832459","https://openalex.org/W1504669610","https://openalex.org/W1519223283","https://openalex.org/W1543171621","https://openalex.org/W1549352151","https://openalex.org/W1550395583","https://openalex.org/W1853871913","https://openalex.org/W1959818661","https://openalex.org/W1965662749","https://openalex.org/W1982829328","https://openalex.org/W2008681983","https://openalex.org/W2011728129","https://openalex.org/W2024675214","https://openalex.org/W2029224396","https://openalex.org/W2051524756","https://openalex.org/W2064390286","https://openalex.org/W2065566278","https://openalex.org/W2075174112","https://openalex.org/W2076317514","https://openalex.org/W2085588453","https://openalex.org/W2088272026","https://openalex.org/W2089448621","https://openalex.org/W2093122758","https://openalex.org/W2104948281","https://openalex.org/W2121468041","https://openalex.org/W2122097147","https://openalex.org/W2140911579","https://openalex.org/W2146244799","https://openalex.org/W2154081981","https://openalex.org/W2154933195","https://openalex.org/W2167804035","https://openalex.org/W3033383276","https://openalex.org/W4250874986","https://openalex.org/W6603957951","https://openalex.org/W6605772708","https://openalex.org/W6606033369","https://openalex.org/W6629507766","https://openalex.org/W6632973290","https://openalex.org/W6922273519"],"related_works":["https://openalex.org/W1994712384","https://openalex.org/W4240186231","https://openalex.org/W2166844173","https://openalex.org/W3170525725","https://openalex.org/W1565457235","https://openalex.org/W3089468277","https://openalex.org/W4310805820","https://openalex.org/W2119580333","https://openalex.org/W3200236636","https://openalex.org/W2588479842"],"abstract_inverted_index":{"Remotely":[0],"determining":[1],"which":[2,8,58],"precise":[3],"code":[4],"is":[5,10,13,59],"running":[6],"on":[7],"machines":[9,19],"hard.":[11],"This":[12],"especially":[14],"true":[15],"if":[16],"the":[17,35],"monitored":[18],"lack":[20],"modern":[21],"security":[22],"features":[23],"and":[24,42,52,65],"may":[25,37],"be":[26],"under":[27],"malware":[28,36],"attack,":[29],"since":[30],"in":[31],"such":[32],"a":[33,54],"scenario":[34],"have":[38,53],"already":[39],"manipulated":[40],"applications":[41,64],"operating":[43],"systems.":[44],"Existing":[45],"approaches":[46],"to":[47],"this":[48],"problem":[49],"are":[50],"heavy-weight":[51],"large":[55],"attack":[56],"surface,":[57],"frequently":[60],"attacked":[61],"by":[62],"both":[63],"malware.":[66]},"counts_by_year":[{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}