{"id":"https://openalex.org/W2960507082","doi":"https://doi.org/10.1145/3321705.3329857","title":"E-Spion","display_name":"E-Spion","publication_year":2019,"publication_date":"2019-07-02","ids":{"openalex":"https://openalex.org/W2960507082","doi":"https://doi.org/10.1145/3321705.3329857","mag":"2960507082"},"language":"en","primary_location":{"id":"doi:10.1145/3321705.3329857","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3321705.3329857","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055895734","display_name":"Anand Mudgerikar","orcid":"https://orcid.org/0000-0002-7148-0000"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anand Mudgerikar","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080475090","display_name":"Puneet Sharma","orcid":"https://orcid.org/0000-0001-5937-5382"},"institutions":[{"id":"https://openalex.org/I4210122178","display_name":"Hewlett Packard Enterprise (United States)","ror":"https://ror.org/020x0c621","country_code":"US","type":"company","lineage":["https://openalex.org/I4210122178"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Puneet Sharma","raw_affiliation_strings":["HPE, Palo Alto, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"HPE, Palo Alto, CA, USA","institution_ids":["https://openalex.org/I4210122178"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":37,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"493","last_page":"500"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.7845146656036377},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7650023698806763},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.6248131990432739},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.603812038898468},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6016221046447754},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.6002789735794067},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5850949287414551},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5755472183227539},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.5473586916923523},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.41990092396736145},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3199751377105713},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.2834605276584625},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.20167455077171326},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1925581991672516},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.18396428227424622}],"concepts":[{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.7845146656036377},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7650023698806763},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.6248131990432739},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.603812038898468},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6016221046447754},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.6002789735794067},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5850949287414551},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5755472183227539},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.5473586916923523},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.41990092396736145},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3199751377105713},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2834605276584625},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.20167455077171326},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1925581991672516},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.18396428227424622}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3321705.3329857","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3321705.3329857","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W7469215","https://openalex.org/W168132470","https://openalex.org/W1444906800","https://openalex.org/W1559528097","https://openalex.org/W1569819710","https://openalex.org/W1669806660","https://openalex.org/W1939171670","https://openalex.org/W1941427975","https://openalex.org/W1983107693","https://openalex.org/W1990533299","https://openalex.org/W2000618265","https://openalex.org/W2009232481","https://openalex.org/W2106334604","https://openalex.org/W2107867209","https://openalex.org/W2130535036","https://openalex.org/W2154689418","https://openalex.org/W2167240430","https://openalex.org/W2331106415","https://openalex.org/W2579106964","https://openalex.org/W2612737649","https://openalex.org/W2613516056","https://openalex.org/W2614230424","https://openalex.org/W2736183220","https://openalex.org/W2766852928","https://openalex.org/W2794801050","https://openalex.org/W3142319779"],"related_works":["https://openalex.org/W2439951656","https://openalex.org/W1573526548","https://openalex.org/W11100131","https://openalex.org/W4360982091","https://openalex.org/W1969635302","https://openalex.org/W3176864451","https://openalex.org/W2183313954","https://openalex.org/W2053632570","https://openalex.org/W3211525895","https://openalex.org/W2187910102"],"abstract_inverted_index":{"As":[0],"the":[1,95,102,133,145,161,164],"Internet":[2],"of":[3,21,81,87,113,135,144,148,152,163,169],"Things":[4],"(IoT)":[5],"grows":[6],"at":[7,94,173],"a":[8,13,110,123],"rapid":[9],"pace,":[10],"there":[11],"is":[12],"need":[14],"for":[15,24,41],"an":[16,33,65,140],"effective":[17],"and":[18,60,68,142,155],"efficient":[19],"form":[20],"security":[22],"tailored":[23],"IoT":[25,42,46,115],"devices.":[26,43,103],"In":[27],"this":[28],"paper,":[29],"we":[30],"introduce":[31],"E-Spion,":[32],"anomaly-based":[34],"system":[35,53,62],"level":[36,54],"Intrusion":[37],"Detection":[38],"System":[39],"(IDS)":[40],"E-Spion":[44,83,108,149],"profiles":[45,72],"devices":[47],"according":[48],"to":[49,76,129],"their":[50,61],"'behavior'":[51],"using":[52,109],"information,":[55],"like":[56],"running":[57],"process":[58],"parameters":[59],"calls,":[63],"in":[64,118,150,167],"autonomous,":[66],"efficient,":[67],"scalable":[69],"manner.":[70],"These":[71],"are":[73],"then":[74],"used":[75],"detect":[77],"anomalous":[78],"behaviors":[79],"indicative":[80],"intrusions.":[82],"provides":[84],"three":[85],"layers":[86,134,147],"detection":[88,91,124,136,153],"with":[89],"increasing":[90],"efficiency":[92,125],"but":[93],"same":[96],"time":[97],"higher":[98],"overhead":[99,156],"costs":[100],"on":[101,132],"We":[104,121,138,158],"have":[105],"extensively":[106],"evaluated":[107],"comprehensive":[111],"dataset":[112],"3973":[114],"malware":[116,165],"samples":[117,166],"our":[119,170],"testbed.":[120],"observe":[122],"ranging":[126],"from":[127],"78%":[128],"100%":[130],"depending":[131],"employed.":[137],"provide":[139],"analysis":[141],"comparison":[143],"different":[146],"terms":[151,168],"accuracy":[154],"costs.":[157],"also":[159],"analyze":[160],"behavior":[162],"device":[171],"logs":[172],"each":[174],"layer.":[175]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":8},{"year":2019,"cited_by_count":2}],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2019-07-23T00:00:00"}
