{"id":"https://openalex.org/W3206048380","doi":"https://doi.org/10.1145/3491262","title":"Active and Passive Collection of SSH Key Material for Cyber Threat Intelligence","display_name":"Active and Passive Collection of SSH Key Material for Cyber Threat Intelligence","publication_year":2021,"publication_date":"2021-10-15","ids":{"openalex":"https://openalex.org/W3206048380","doi":"https://doi.org/10.1145/3491262","mag":"3206048380"},"language":"en","primary_location":{"id":"doi:10.1145/3491262","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3491262","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3491262","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3491262","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016095795","display_name":"Alexandre Dulaunoy","orcid":"https://orcid.org/0000-0002-5437-4652"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Alexandre Dulaunoy","raw_affiliation_strings":["CIRCL, Luxembourg, Luxembourg"],"raw_orcid":"https://orcid.org/0000-0002-5437-4652","affiliations":[{"raw_affiliation_string":"CIRCL, Luxembourg, Luxembourg","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046138472","display_name":"Jean-Louis Huynen","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jean-Louis Huynen","raw_affiliation_strings":["CIRCL, Luxembourg, Luxembourg"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CIRCL, Luxembourg, Luxembourg","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047124545","display_name":"Aurelien Thirion","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Aurelien Thirion","raw_affiliation_strings":["CIRCL, Luxembourg, Luxembourg"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CIRCL, Luxembourg, Luxembourg","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5016095795"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.8542,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.80068826,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"3","issue":"3","first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9914000034332275,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6936863660812378},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6741917133331299},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6574513912200928},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.6070088148117065},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6066520810127258},{"id":"https://openalex.org/keywords/rest","display_name":"Rest (music)","score":0.5164849758148193},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3485219478607178},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3341863751411438}],"concepts":[{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6936863660812378},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6741917133331299},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6574513912200928},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.6070088148117065},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6066520810127258},{"id":"https://openalex.org/C77265313","wikidata":"https://www.wikidata.org/wiki/Q879844","display_name":"Rest (music)","level":2,"score":0.5164849758148193},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3485219478607178},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3341863751411438},{"id":"https://openalex.org/C164705383","wikidata":"https://www.wikidata.org/wiki/Q10379","display_name":"Cardiology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3491262","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3491262","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3491262","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:2204.04922","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2204.04922","pdf_url":"https://arxiv.org/pdf/2204.04922","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3491262","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3491262","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3491262","source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.6399999856948853}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3206048380.pdf","grobid_xml":"https://content.openalex.org/works/W3206048380.grobid-xml"},"referenced_works_count":8,"referenced_works":["https://openalex.org/W1974390525","https://openalex.org/W2138779530","https://openalex.org/W2338858629","https://openalex.org/W2505896455","https://openalex.org/W2533698187","https://openalex.org/W2914717471","https://openalex.org/W3044043031","https://openalex.org/W4233819588"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W4388147713","https://openalex.org/W2753240997","https://openalex.org/W4205145096","https://openalex.org/W2977909229","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819"],"abstract_inverted_index":{"This":[0,14],"article":[1],"describes":[2],"a":[3,17,21],"system":[4,15],"for":[5],"storing":[6],"historical":[7],"forensic":[8],"artifacts":[9],"collected":[10],"from":[11],"SSH":[12],"connections.":[13],"exposes":[16],"REST":[18],"API":[19],"in":[20],"similar":[22],"fashion":[23],"as":[24],"passive":[25],"DNS":[26],"databases,":[27],"malware":[28],"hash":[29],"registries,":[30],"and":[31,41],"SSL":[32],"notaries":[33],"with":[34],"the":[35],"goal":[36],"of":[37,43],"supporting":[38],"incident":[39],"investigations":[40],"monitoring":[42],"infrastructure.":[44]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}