{"id":"https://openalex.org/W4200091158","doi":"https://doi.org/10.1145/3485832.3485907","title":"DistAppGaurd: Distributed Application Behaviour Profiling in Cloud-Based Environment","display_name":"DistAppGaurd: Distributed Application Behaviour Profiling in Cloud-Based Environment","publication_year":2021,"publication_date":"2021-12-06","ids":{"openalex":"https://openalex.org/W4200091158","doi":"https://doi.org/10.1145/3485832.3485907"},"language":"en","primary_location":{"id":"doi:10.1145/3485832.3485907","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3485832.3485907","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014539084","display_name":"Mohammadmahdi Ghorbani","orcid":null},"institutions":[{"id":"https://openalex.org/I49663120","display_name":"Universit\u00e9 du Qu\u00e9bec","ror":"https://ror.org/010gxg263","country_code":"CA","type":"education","lineage":["https://openalex.org/I49663120"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Mohammadmahdi Ghorbani","raw_affiliation_strings":["University of Quebec, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Quebec, Canada","institution_ids":["https://openalex.org/I49663120"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044318022","display_name":"Fereydoun Farrahi Moghaddam","orcid":null},"institutions":[{"id":"https://openalex.org/I4210094041","display_name":"Ericsson (Canada)","ror":"https://ror.org/00nas2c56","country_code":"CA","type":"company","lineage":["https://openalex.org/I1306339040","https://openalex.org/I4210094041"]},{"id":"https://openalex.org/I4210099137","display_name":"Research Canada","ror":"https://ror.org/0103eqz62","country_code":"CA","type":"facility","lineage":["https://openalex.org/I4210099137"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Fereydoun Farrahi Moghaddam","raw_affiliation_strings":["Ericsson Security Research, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ericsson Security Research, Canada","institution_ids":["https://openalex.org/I4210094041","https://openalex.org/I4210099137"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023224430","display_name":"Mengyuan Zhang","orcid":"https://orcid.org/0000-0001-7457-5198"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Mengyuan Zhang","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hong Kong"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077892893","display_name":"Makan Pourzandi","orcid":"https://orcid.org/0000-0001-9775-6231"},"institutions":[{"id":"https://openalex.org/I4210094041","display_name":"Ericsson (Canada)","ror":"https://ror.org/00nas2c56","country_code":"CA","type":"company","lineage":["https://openalex.org/I1306339040","https://openalex.org/I4210094041"]},{"id":"https://openalex.org/I4210099137","display_name":"Research Canada","ror":"https://ror.org/0103eqz62","country_code":"CA","type":"facility","lineage":["https://openalex.org/I4210099137"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Makan Pourzandi","raw_affiliation_strings":["Ericsson Security Research, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ericsson Security Research, Canada","institution_ids":["https://openalex.org/I4210094041","https://openalex.org/I4210099137"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019659545","display_name":"Kim Khoa Nguyen","orcid":"https://orcid.org/0000-0002-9354-7544"},"institutions":[{"id":"https://openalex.org/I49663120","display_name":"Universit\u00e9 du Qu\u00e9bec","ror":"https://ror.org/010gxg263","country_code":"CA","type":"education","lineage":["https://openalex.org/I49663120"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Kim Khoa Nguyen","raw_affiliation_strings":["University of Quebec, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Quebec, Canada","institution_ids":["https://openalex.org/I49663120"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015410834","display_name":"Mohamed Cheriet","orcid":"https://orcid.org/0000-0002-5246-7265"},"institutions":[{"id":"https://openalex.org/I49663120","display_name":"Universit\u00e9 du Qu\u00e9bec","ror":"https://ror.org/010gxg263","country_code":"CA","type":"education","lineage":["https://openalex.org/I49663120"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Mohamed Cheriet","raw_affiliation_strings":["University of Quebec, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Quebec, Canada","institution_ids":["https://openalex.org/I49663120"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.3092,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.38811881,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"837","last_page":"848"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.8020354509353638},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7935459613800049},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.7633512020111084},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6778837442398071},{"id":"https://openalex.org/keywords/autoencoder","display_name":"Autoencoder","score":0.6709624528884888},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.6203756928443909},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.42002519965171814},{"id":"https://openalex.org/keywords/constant-false-alarm-rate","display_name":"Constant false alarm rate","score":0.41469791531562805},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3976055681705475},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.32009029388427734},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.22892728447914124},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.15251347422599792}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.8020354509353638},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7935459613800049},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.7633512020111084},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6778837442398071},{"id":"https://openalex.org/C101738243","wikidata":"https://www.wikidata.org/wiki/Q786435","display_name":"Autoencoder","level":3,"score":0.6709624528884888},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.6203756928443909},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.42002519965171814},{"id":"https://openalex.org/C77052588","wikidata":"https://www.wikidata.org/wiki/Q644307","display_name":"Constant false alarm rate","level":2,"score":0.41469791531562805},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3976055681705475},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.32009029388427734},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.22892728447914124},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15251347422599792}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3485832.3485907","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3485832.3485907","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:espace2.etsmtl.ca:24031","is_oa":false,"landing_page_url":"https://espace2.etsmtl.ca/id/eprint/24031/","pdf_url":null,"source":{"id":"https://openalex.org/S4306402392","display_name":"Espace \u00c9TS (ETS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1341030882","host_organization_name":"Educational Testing Service","host_organization_lineage":["https://openalex.org/I1341030882"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Compte rendu de conf\u00e9rence"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6100000143051147,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1489073918","https://openalex.org/W2127979711","https://openalex.org/W2142262896","https://openalex.org/W2531967557","https://openalex.org/W2550529331","https://openalex.org/W2747329762","https://openalex.org/W2797972299","https://openalex.org/W2799310732","https://openalex.org/W2808472075","https://openalex.org/W2809684781","https://openalex.org/W2888937476","https://openalex.org/W2927212155","https://openalex.org/W2963022916","https://openalex.org/W2987194787","https://openalex.org/W2997591727","https://openalex.org/W3033260057","https://openalex.org/W3093807685","https://openalex.org/W3110723107","https://openalex.org/W3118507196","https://openalex.org/W3157389449","https://openalex.org/W4299828299"],"related_works":["https://openalex.org/W3044458868","https://openalex.org/W4313590336","https://openalex.org/W4308724723","https://openalex.org/W2783384500","https://openalex.org/W3015348658","https://openalex.org/W2785391232","https://openalex.org/W3176919784","https://openalex.org/W3214485203","https://openalex.org/W4286906053","https://openalex.org/W3207949921"],"abstract_inverted_index":{"Today,":[0],"Machine":[1],"Learning":[2],"(ML)":[3],"techniques":[4],"are":[5,20,29,82],"increasingly":[6],"used":[7,133],"to":[8,22,39,107,140],"detect":[9,78],"abnormal":[10,36],"behaviours":[11,37],"of":[12,17,46,63,67,104,112,126,150],"industrial":[13],"applications.":[14],"Since":[15],"many":[16],"these":[18],"applications":[19],"moving":[21],"the":[23,40,47,61,72,96,102,124,127],"cloud":[24],"environments,":[25],"classical":[26],"ML":[27],"approaches":[28],"facing":[30],"new":[31],"challenges":[32],"in":[33,71],"accurately":[34],"identifying":[35],"due":[38],"highly":[41],"dynamic":[42],"and":[43,121,148],"heterogeneous":[44],"nature":[45],"cloud.":[48,73],"In":[49],"this":[50],"paper,":[51],"we":[52],"propose":[53],"a":[54,68,87,91,109],"novel":[55,136],"framework,":[56],"DistAppGaurd,":[57],"for":[58],"profiling":[59],"simultaneously":[60],"behaviour":[62,125],"all":[64,101],"microservice":[65],"components":[66],"distributed":[69],"application":[70,106,117],"The":[74,146],"framework":[75],"can":[76],"therefore,":[77],"complex":[79],"attacks":[80],"that":[81],"not":[83],"observable":[84],"by":[85,100,134,155],"monitoring":[86],"single":[88,92],"process":[89],"or":[90],"microservice.":[93],"DistAppGaurd":[94],"utilizes":[95],"system":[97],"calls":[98],"executed":[99],"processes":[103,120],"an":[105],"build":[108],"graph":[110],"consisting":[111],"data":[113],"exchanges":[114],"among":[115],"different":[116,158],"entities":[118],"(e.g.,":[119],"files)":[122],"representing":[123],"application.":[128],"This":[129],"representation":[130],"is":[131,153],"then":[132],"our":[135,151],"miroservice-aware":[137],"Autoencoder":[138],"model":[139],"perform":[141],"anomaly":[142],"detection":[143,164],"at":[144,167],"runtime.":[145],"efficiency":[147],"feasibility":[149],"approach":[152],"shown":[154],"implementing":[156],"several":[157],"real-world":[159],"attacks,":[160],"which":[161],"yields":[162],"high":[163],"rates":[165],"(94%-97%)":[166],"0.01%":[168],"false":[169],"alarm":[170],"rate.":[171]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}