{"id":"https://openalex.org/W3175040784","doi":"https://doi.org/10.1145/3448016.3452766","title":"SRA: Smart Recovery Advisor for Cyber Attacks","display_name":"SRA: Smart Recovery Advisor for Cyber Attacks","publication_year":2021,"publication_date":"2021-06-09","ids":{"openalex":"https://openalex.org/W3175040784","doi":"https://doi.org/10.1145/3448016.3452766","mag":"3175040784"},"language":"en","primary_location":{"id":"doi:10.1145/3448016.3452766","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3448016.3452766","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3448016.3452766","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 International Conference on Management of Data","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3448016.3452766","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028240524","display_name":"Ka-Ho Chow","orcid":"https://orcid.org/0000-0001-5917-2577"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ka-Ho Chow","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103024478","display_name":"Umesh Deshpande","orcid":"https://orcid.org/0000-0002-4848-9381"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Umesh Deshpande","raw_affiliation_strings":["IBM Research - Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research - Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034689606","display_name":"S. Seshadri","orcid":"https://orcid.org/0009-0002-2117-5769"},"institutions":[{"id":"https://openalex.org/I4210085935","display_name":"IBM Research - Almaden","ror":"https://ror.org/005w8dd04","country_code":"US","type":"facility","lineage":["https://openalex.org/I1341412227","https://openalex.org/I4210085935","https://openalex.org/I4210114115"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sangeetha Seshadri","raw_affiliation_strings":["IBM Research - Almaden, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"IBM Research - Almaden, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210085935"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100343991","display_name":"Ling Liu","orcid":"https://orcid.org/0000-0002-4138-3082"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ling Liu","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5028240524"],"corresponding_institution_ids":["https://openalex.org/I130701444"],"apc_list":null,"apc_paid":null,"fwci":0.463,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.60799519,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"2691","last_page":"2695"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7723900079727173},{"id":"https://openalex.org/keywords/data-recovery","display_name":"Data recovery","score":0.7624059319496155},{"id":"https://openalex.org/keywords/data-loss","display_name":"Data loss","score":0.6819278597831726},{"id":"https://openalex.org/keywords/journaling-file-system","display_name":"Journaling file system","score":0.6603633761405945},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6010940074920654},{"id":"https://openalex.org/keywords/timestamp","display_name":"Timestamp","score":0.5842486619949341},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.5583627223968506},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.4628656804561615},{"id":"https://openalex.org/keywords/point","display_name":"Point (geometry)","score":0.4601462781429291},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.1581076979637146},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1549072265625},{"id":"https://openalex.org/keywords/computer-file","display_name":"Computer file","score":0.08110937476158142}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7723900079727173},{"id":"https://openalex.org/C529754248","wikidata":"https://www.wikidata.org/wiki/Q1054772","display_name":"Data recovery","level":2,"score":0.7624059319496155},{"id":"https://openalex.org/C193519340","wikidata":"https://www.wikidata.org/wiki/Q891179","display_name":"Data loss","level":2,"score":0.6819278597831726},{"id":"https://openalex.org/C2225880","wikidata":"https://www.wikidata.org/wiki/Q579047","display_name":"Journaling file system","level":3,"score":0.6603633761405945},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6010940074920654},{"id":"https://openalex.org/C113954288","wikidata":"https://www.wikidata.org/wiki/Q186885","display_name":"Timestamp","level":2,"score":0.5842486619949341},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.5583627223968506},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.4628656804561615},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.4601462781429291},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.1581076979637146},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1549072265625},{"id":"https://openalex.org/C95637964","wikidata":"https://www.wikidata.org/wiki/Q82753","display_name":"Computer file","level":2,"score":0.08110937476158142},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3448016.3452766","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3448016.3452766","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3448016.3452766","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 International Conference on Management of Data","raw_type":"proceedings-article"},{"id":"pmh:oai:hub.hku.hk:10722/343345","is_oa":false,"landing_page_url":"https://hub.hku.hk/handle/10722/343345","pdf_url":null,"source":{"id":"https://openalex.org/S4377196271","display_name":"The HKU Scholars Hub (University of Hong Kong)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I889458895","host_organization_name":"University of Hong Kong","host_organization_lineage":["https://openalex.org/I889458895"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference_Paper"}],"best_oa_location":{"id":"doi:10.1145/3448016.3452766","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3448016.3452766","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3448016.3452766","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 International Conference on Management of Data","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1662070074","display_name":null,"funder_award_id":"NSF 2038029","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5206010609","display_name":null,"funder_award_id":"1564097","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5242202498","display_name":null,"funder_award_id":"2026945","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5615387763","display_name":null,"funder_award_id":"NSF 2026945","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6374073843","display_name":null,"funder_award_id":"2038029","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7252472533","display_name":null,"funder_award_id":"1564097,2026945,2038029","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8600453951","display_name":null,"funder_award_id":"NSF 1564097","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320309321","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3175040784.pdf","grobid_xml":"https://content.openalex.org/works/W3175040784.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W139885420","https://openalex.org/W1487370894","https://openalex.org/W2017784778","https://openalex.org/W2119359024","https://openalex.org/W2140190241","https://openalex.org/W2163870717","https://openalex.org/W2350778671","https://openalex.org/W2461373307","https://openalex.org/W2534101229","https://openalex.org/W2559964890","https://openalex.org/W2784113120"],"related_works":["https://openalex.org/W2353442896","https://openalex.org/W2376610890","https://openalex.org/W2361313287","https://openalex.org/W1580664607","https://openalex.org/W1971723026","https://openalex.org/W2372252015","https://openalex.org/W1026011007","https://openalex.org/W2393974476","https://openalex.org/W2008800501","https://openalex.org/W2809277726"],"abstract_inverted_index":{"Continuous":[0],"Data":[1],"Protection":[2],"(CDP)":[3],"is":[4,66],"becoming":[5],"instrumental":[6],"in":[7,69,102],"recovering":[8],"applications":[9,21],"from":[10],"crypto-ransomware":[11],"attacks.":[12],"It":[13],"enables":[14],"fine-grained":[15],"recovery":[16,38,94,97,125,150],"through":[17],"journaling,":[18],"allowing":[19],"the":[20,41,44,49,54,62,83,105,123,147],"(its":[22],"volumes)":[23],"to":[24,26,53,57,60,80,104],"recover":[25],"any":[27],"previous":[28],"state.":[29],"While":[30],"zero":[31],"data":[32,115,154],"loss":[33],"can":[34,74],"be":[35,58],"achieved":[36],"during":[37],"with":[39,126],"CDP,":[40],"timestamp":[42],"of":[43,86,149],"desired":[45,87],"restore":[46,88,106,142],"point,":[47],"i.e.,":[48],"one":[50],"just":[51],"prior":[52],"attack,":[55],"needs":[56],"provided":[59],"reconstruct":[61],"volume.":[63],"Such":[64],"information":[65],"often":[67],"unavailable":[68],"practice,":[70],"and":[71,113,140],"system":[72],"administrators":[73],"only":[75],"adopt":[76],"a":[77,109],"trial-and-error":[78],"strategy":[79],"narrow":[81],"down":[82],"time":[84],"range":[85],"points":[89,107],"by":[90],"making":[91],"multiple":[92],"time-consuming":[93],"attempts.":[95],"The":[96],"systems":[98],"offer":[99],"little":[100],"guidance":[101],"pointing":[103],"containing":[108],"valid":[110],"application":[111],"state":[112],"reducing":[114],"loss.":[116,155],"To":[117],"address":[118],"this":[119],"problem,":[120],"we":[121],"equip":[122],"CDP-based":[124],"machine":[127],"intelligence.":[128],"This":[129],"demonstration":[130],"showcases":[131],"Smart":[132],"Recovery":[133],"Advisor":[134],"(SRA),":[135],"which":[136],"offers":[137],"interpretable,":[138],"data-driven,":[139],"feedback-aware":[141],"point":[143],"recommendations":[144],"that":[145],"reduce":[146],"number":[148],"attempts":[151],"while":[152],"minimizing":[153]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}