{"id":"https://openalex.org/W2898042553","doi":"https://doi.org/10.1145/3264437.3264486","title":"Towards Profiling Program Instances in Host-Based Intrusion Detection Systems by Recognizing Software Update Patterns","display_name":"Towards Profiling Program Instances in Host-Based Intrusion Detection Systems by Recognizing Software Update Patterns","publication_year":2018,"publication_date":"2018-09-10","ids":{"openalex":"https://openalex.org/W2898042553","doi":"https://doi.org/10.1145/3264437.3264486","mag":"2898042553"},"language":"en","primary_location":{"id":"doi:10.1145/3264437.3264486","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3264437.3264486","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th International Conference on Security of Information and Networks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079420812","display_name":"Lauri Koivunen","orcid":"https://orcid.org/0000-0001-7671-1317"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Lauri Koivunen","raw_affiliation_strings":["University of Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023392536","display_name":"Sampsa Rauti","orcid":"https://orcid.org/0000-0002-1891-2353"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Sampsa Rauti","raw_affiliation_strings":["University of Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029023235","display_name":"Ville Lepp\u00e4nen","orcid":"https://orcid.org/0000-0001-5296-677X"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Ville Lepp\u00e4nen","raw_affiliation_strings":["University of Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5079420812"],"corresponding_institution_ids":["https://openalex.org/I155660961"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.14136044,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.8014614582061768},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8010422587394714},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7417963743209839},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.6555651426315308},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5918393135070801},{"id":"https://openalex.org/keywords/behavioral-pattern","display_name":"Behavioral pattern","score":0.5504943132400513},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4761931002140045},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.4487874507904053},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.36497294902801514},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1681320071220398},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.15848088264465332}],"concepts":[{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.8014614582061768},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8010422587394714},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7417963743209839},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.6555651426315308},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5918393135070801},{"id":"https://openalex.org/C83804111","wikidata":"https://www.wikidata.org/wiki/Q1063558","display_name":"Behavioral pattern","level":2,"score":0.5504943132400513},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4761931002140045},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.4487874507904053},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.36497294902801514},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1681320071220398},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.15848088264465332},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3264437.3264486","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3264437.3264486","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th International Conference on Security of Information and Networks","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320330293","display_name":"CSC \u2013 IT Center for Science","ror":"https://ror.org/04m8m1253"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W1973297725","https://openalex.org/W2098123841","https://openalex.org/W2139731313","https://openalex.org/W2145722235"],"related_works":["https://openalex.org/W2161444195","https://openalex.org/W2357468538","https://openalex.org/W1577110157","https://openalex.org/W2589019771","https://openalex.org/W2355007334","https://openalex.org/W2985540061","https://openalex.org/W2906422846","https://openalex.org/W2185012154","https://openalex.org/W2390009783","https://openalex.org/W2133389611"],"abstract_inverted_index":{"Host":[0],"intrusion":[1],"detection":[2],"systems":[3],"are":[4,37],"used":[5,106],"to":[6,53,97],"analyze":[7],"internal":[8],"events":[9],"on":[10,79],"host":[11],"machines":[12,81],"and":[13,25,72],"detect":[14,98],"behavioral":[15],"patterns":[16,73,102],"that":[17,41,93,103],"differ":[18],"from":[19],"normal":[20],"operation":[21],"of":[22,35,46,74,77,86],"the":[23,33,38,44,58],"system":[24],"its":[26,62],"processes.":[27,109],"One":[28],"important":[29],"aspect":[30],"in":[31],"observing":[32,61],"behavior":[34,45],"processes":[36],"application":[39,48,59],"updates":[40],"may":[42],"change":[43],"an":[47,83],"but":[49],"also":[50],"potentially":[51],"help":[52],"build":[54],"a":[55,75],"profile":[56],"for":[57,107],"when":[60],"update":[63,70,101],"patterns.":[64],"In":[65],"this":[66],"study,":[67],"we":[68],"observe":[69],"frequencies":[71],"set":[76],"applications":[78],"100":[80,87],"during":[82],"analysis":[84],"period":[85],"days.":[88],"Our":[89],"preliminary":[90],"results":[91],"indicate":[92],"it":[94],"is":[95],"possible":[96],"clear":[99],"software":[100],"can":[104],"be":[105],"profiling":[108]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}