{"id":"https://openalex.org/W2597991716","doi":"https://doi.org/10.1145/3029806.3029809","title":"Ghostbuster","display_name":"Ghostbuster","publication_year":2017,"publication_date":"2017-03-20","ids":{"openalex":"https://openalex.org/W2597991716","doi":"https://doi.org/10.1145/3029806.3029809","mag":"2597991716"},"language":"en","primary_location":{"id":"doi:10.1145/3029806.3029809","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3029806.3029809","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032020253","display_name":"Shagufta Mehnaz","orcid":"https://orcid.org/0000-0001-5850-4568"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shagufta Mehnaz","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5032020253"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":2.1928,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.89113164,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"3","last_page":"14"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8607441186904907},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6431496143341064},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.546410083770752},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5330991148948669},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.49060073494911194},{"id":"https://openalex.org/keywords/data-access","display_name":"Data access","score":0.45578259229660034},{"id":"https://openalex.org/keywords/block","display_name":"Block (permutation group theory)","score":0.43313175439834595},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.2280789017677307}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8607441186904907},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6431496143341064},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.546410083770752},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5330991148948669},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.49060073494911194},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.45578259229660034},{"id":"https://openalex.org/C2777210771","wikidata":"https://www.wikidata.org/wiki/Q4927124","display_name":"Block (permutation group theory)","level":2,"score":0.43313175439834595},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2280789017677307},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3029806.3029809","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3029806.3029809","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.8100000023841858}],"awards":[{"id":"https://openalex.org/G8789700035","display_name":null,"funder_award_id":"Faculty For The Future Award","funder_id":"https://openalex.org/F4320307065","funder_display_name":"Schlumberger Foundation"}],"funders":[{"id":"https://openalex.org/F4320307065","display_name":"Schlumberger Foundation","ror":"https://ror.org/03daw3m97"},{"id":"https://openalex.org/F4320309036","display_name":"Purdue University","ror":"https://ror.org/02dqehb95"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":43,"referenced_works":["https://openalex.org/W76547152","https://openalex.org/W319519186","https://openalex.org/W340653848","https://openalex.org/W348147891","https://openalex.org/W1481547447","https://openalex.org/W1504280683","https://openalex.org/W1506285740","https://openalex.org/W1536598138","https://openalex.org/W1561104275","https://openalex.org/W1653505105","https://openalex.org/W1840004984","https://openalex.org/W1932584275","https://openalex.org/W1973007193","https://openalex.org/W1974205438","https://openalex.org/W1995976200","https://openalex.org/W2016701760","https://openalex.org/W2062293785","https://openalex.org/W2088826400","https://openalex.org/W2089303860","https://openalex.org/W2095868244","https://openalex.org/W2108601876","https://openalex.org/W2123840312","https://openalex.org/W2128552491","https://openalex.org/W2131389289","https://openalex.org/W2134167896","https://openalex.org/W2135957476","https://openalex.org/W2142889610","https://openalex.org/W2143559571","https://openalex.org/W2147247575","https://openalex.org/W2148488647","https://openalex.org/W2153567088","https://openalex.org/W2156026066","https://openalex.org/W2159238794","https://openalex.org/W2163059776","https://openalex.org/W2163345053","https://openalex.org/W2166602595","https://openalex.org/W2204970668","https://openalex.org/W2609425150","https://openalex.org/W3004110370","https://openalex.org/W3088213554","https://openalex.org/W3174989191","https://openalex.org/W4212764898","https://openalex.org/W4249961056"],"related_works":["https://openalex.org/W1495119096","https://openalex.org/W2284242097","https://openalex.org/W2121067221","https://openalex.org/W2277948094","https://openalex.org/W2086058948","https://openalex.org/W2357522001","https://openalex.org/W2045901755","https://openalex.org/W2546066963","https://openalex.org/W1653371073","https://openalex.org/W2062599910"],"abstract_inverted_index":{"Protecting":[0],"sensitive":[1,27],"data":[2,28,88],"against":[3],"malicious":[4,49],"or":[5,25],"compromised":[6],"insiders":[7,30],"is":[8,111],"a":[9,95,120,124,129,161],"challenging":[10],"problem.":[11],"Access":[12],"control":[13,73],"mechanisms":[14,74],"are":[15,176],"not":[16],"always":[17],"able":[18],"to":[19,35,51,60,98,123,164],"prevent":[20],"authorized":[21],"users":[22,56],"from":[23,67],"misusing":[24],"stealing":[26],"as":[29,80],"often":[31],"have":[32,58],"access":[33,59,72,107,122,134,154,170],"permissions":[34],"the":[36,61,103,114,133,143,147,151,166,180],"data.":[37,62],"Also,":[38],"security":[39,77],"vulnerabilities":[40],"and":[41,75,159,206],"phishing":[42],"attacks":[43],"make":[44],"it":[45],"possible":[46],"for":[47,65,84,183],"external":[48],"parties":[50],"compromise":[52],"identity":[53],"credentials":[54],"of":[55,102,132,136,146,201,210],"who":[57],"Therefore,":[63],"solutions":[64],"protection":[66],"insider":[68],"threat":[69],"require":[70],"combining":[71],"other":[76],"techniques,":[78],"such":[79],"encryption,":[81],"with":[82],"techniques":[83],"detecting":[85,204],"anomalies":[86,205],"in":[87,179,203],"accesses.":[89,188],"In":[90],"this":[91],"paper,":[92],"we":[93,193],"propose":[94],"novel":[96],"approach":[97,110,197],"create":[99],"fine-grained":[100,130],"profiles":[101,175],"users'":[104,152,167],"normal":[105,168],"file":[106,125,153,169,186],"behaviors.":[108],"Our":[109],"based":[112],"on":[113],"key":[115],"observation":[116],"that":[117,195],"even":[118],"if":[119],"user's":[121],"seems":[126],"legitimate,":[127],"only":[128,211],"analysis":[131],"(size":[135],"access,":[137],"timestamp,":[138],"etc.)":[139],"can":[140],"help":[141],"understanding":[142],"original":[144],"intention":[145],"user.":[148],"We":[149],"exploit":[150],"information":[155],"at":[156],"block":[157],"level":[158],"develop":[160],"feature-extraction":[162],"method":[163],"model":[165],"patterns":[171],"(user":[172],"profiles).":[173],"Such":[174],"then":[177],"used":[178],"detection":[181],"phase":[182],"identifying":[184],"anomalous":[185],"system":[187],"Finally,":[189],"through":[190],"performance":[191],"evaluations":[192],"demonstrate":[194],"our":[196],"has":[198],"an":[199,208],"accuracy":[200],"98.64%":[202],"incurs":[207],"overhead":[209],"2%.":[212]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":3}],"updated_date":"2026-04-16T08:26:57.006410","created_date":"2017-04-07T00:00:00"}