{"id":"https://openalex.org/W2149555530","doi":"https://doi.org/10.1177/0037549707080753","title":"Enhancing SWORD to Detect Zero-Day-Worm-Infected Hosts","display_name":"Enhancing SWORD to Detect Zero-Day-Worm-Infected Hosts","publication_year":2007,"publication_date":"2007-02-01","ids":{"openalex":"https://openalex.org/W2149555530","doi":"https://doi.org/10.1177/0037549707080753","mag":"2149555530"},"language":"en","primary_location":{"id":"doi:10.1177/0037549707080753","is_oa":false,"landing_page_url":"https://doi.org/10.1177/0037549707080753","pdf_url":null,"source":{"id":"https://openalex.org/S32573412","display_name":"SIMULATION","issn_l":"0037-5497","issn":["0037-5497","1741-3133"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320017","host_organization_name":"SAGE Publishing","host_organization_lineage":["https://openalex.org/P4310320017"],"host_organization_lineage_names":["SAGE Publishing"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"SIMULATION","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002864027","display_name":"Shad Stafford","orcid":null},"institutions":[{"id":"https://openalex.org/I181233156","display_name":"University of Oregon","ror":"https://ror.org/0293rh119","country_code":"US","type":"education","lineage":["https://openalex.org/I181233156"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shad Stafford","raw_affiliation_strings":["Department of Computer Science University of Oregon Eugene OR 97403-1202, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science University of Oregon Eugene OR 97403-1202, USA","institution_ids":["https://openalex.org/I181233156"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100696862","display_name":"Jun Li","orcid":"https://orcid.org/0000-0002-5272-9130"},"institutions":[{"id":"https://openalex.org/I181233156","display_name":"University of Oregon","ror":"https://ror.org/0293rh119","country_code":"US","type":"education","lineage":["https://openalex.org/I181233156"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jun Li","raw_affiliation_strings":["Department of Computer Science University of Oregon Eugene OR 97403-1202, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science University of Oregon Eugene OR 97403-1202, USA","institution_ids":["https://openalex.org/I181233156"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031052585","display_name":"Toby Ehrenkranz","orcid":null},"institutions":[{"id":"https://openalex.org/I181233156","display_name":"University of Oregon","ror":"https://ror.org/0293rh119","country_code":"US","type":"education","lineage":["https://openalex.org/I181233156"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Toby Ehrenkranz","raw_affiliation_strings":["Department of Computer Science University of Oregon Eugene OR 97403-1202, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science University of Oregon Eugene OR 97403-1202, USA","institution_ids":["https://openalex.org/I181233156"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.3474,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.84065543,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"83","issue":"2","first_page":"199","last_page":"212"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sword","display_name":"SWORD","score":0.9514447450637817},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.8180093765258789},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6748409271240234},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.6693074107170105},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5701925158500671},{"id":"https://openalex.org/keywords/byte","display_name":"Byte","score":0.4811033606529236},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.453047513961792},{"id":"https://openalex.org/keywords/default-gateway","display_name":"Default gateway","score":0.4174148142337799},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.36365264654159546},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13804858922958374},{"id":"https://openalex.org/keywords/biology","display_name":"Biology","score":0.13724613189697266},{"id":"https://openalex.org/keywords/ecology","display_name":"Ecology","score":0.07181459665298462}],"concepts":[{"id":"https://openalex.org/C2781424646","wikidata":"https://www.wikidata.org/wiki/Q7395200","display_name":"SWORD","level":2,"score":0.9514447450637817},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.8180093765258789},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6748409271240234},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.6693074107170105},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5701925158500671},{"id":"https://openalex.org/C43364308","wikidata":"https://www.wikidata.org/wiki/Q8799","display_name":"Byte","level":2,"score":0.4811033606529236},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.453047513961792},{"id":"https://openalex.org/C187713609","wikidata":"https://www.wikidata.org/wiki/Q2465461","display_name":"Default gateway","level":2,"score":0.4174148142337799},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.36365264654159546},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13804858922958374},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.13724613189697266},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.07181459665298462}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1177/0037549707080753","is_oa":false,"landing_page_url":"https://doi.org/10.1177/0037549707080753","pdf_url":null,"source":{"id":"https://openalex.org/S32573412","display_name":"SIMULATION","issn_l":"0037-5497","issn":["0037-5497","1741-3133"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320017","host_organization_name":"SAGE Publishing","host_organization_lineage":["https://openalex.org/P4310320017"],"host_organization_lineage_names":["SAGE Publishing"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"SIMULATION","raw_type":"journal-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.117.1738","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.117.1738","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.uoregon.edu/~lijun/pubs/papers/stafford07worm.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.85.6115","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.85.6115","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://sim.sagepub.com/cgi/reprint/83/2/199.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W67161194","https://openalex.org/W88694106","https://openalex.org/W105687728","https://openalex.org/W1480180012","https://openalex.org/W1498585374","https://openalex.org/W1540548505","https://openalex.org/W1597305440","https://openalex.org/W1674877186","https://openalex.org/W1781758015","https://openalex.org/W1994340575","https://openalex.org/W2031006315","https://openalex.org/W2033811087","https://openalex.org/W2083477206","https://openalex.org/W2095595785","https://openalex.org/W2103315222","https://openalex.org/W2107128574","https://openalex.org/W2123770058","https://openalex.org/W2134006599","https://openalex.org/W2137057595","https://openalex.org/W2137754263","https://openalex.org/W2171322701","https://openalex.org/W3105682467","https://openalex.org/W4230542187","https://openalex.org/W4255970238","https://openalex.org/W4285719527","https://openalex.org/W4299301436","https://openalex.org/W4300388644"],"related_works":["https://openalex.org/W2789663798","https://openalex.org/W2375896275","https://openalex.org/W2166943775","https://openalex.org/W4388437661","https://openalex.org/W1903420481","https://openalex.org/W2158007046","https://openalex.org/W2807752174","https://openalex.org/W2775236000","https://openalex.org/W2071426633","https://openalex.org/W2374617321"],"abstract_inverted_index":{"Once":[0],"a":[1,38,42,93,103,110,134,139],"host":[2,16,135],"is":[3,31,126,136,145],"infected":[4,41,58,137],"by":[5,138],"an":[6],"Internet":[7],"worm,":[8],"prompt":[9],"action":[10],"must":[11],"be":[12,148],"taken":[13],"before":[14],"that":[15,37,121],"does":[17,77],"more":[18],"harm":[19],"to":[20,34,52,84,95,116,128,147],"its":[21,62],"local":[22],"network":[23],"and":[24,60,113,130,155],"the":[25,28,55,70,73,143],"rest":[26],"of":[27,57,67,72,152],"Internet.":[29],"It":[30],"therefore":[32],"critical":[33],"quickly":[35,129],"detect":[36,132],"worm":[39,87,97],"has":[40],"host.":[43],"In":[44],"this":[45],"paper,":[46],"we":[47],"enhance":[48],"our":[49,122],"SWORD":[50,68,124],"system":[51,125],"allow":[53],"for":[54,86],"detection":[56,105,144],"hosts":[59],"evaluate":[61],"performance.":[63],"This":[64],"enhanced":[65,123],"version":[66],"inherits":[69],"advantages":[71],"original":[74],"SWORD:":[75],"it":[76,107],"not":[78],"rely":[79],"on":[80],"inspecting":[81],"traffic":[82],"payloads":[83],"search":[85],"byte":[88],"patterns":[89],"or":[90],"setting":[91],"up":[92],"honeypot":[94],"lure":[96],"traffic.":[98],"Furthermore,":[99,142],"while":[100],"acting":[101],"as":[102],"host-level":[104],"system,":[106],"runs":[108],"at":[109],"network's":[111],"gateway":[112],"stays":[114],"transparent":[115],"individual":[117],"hosts.":[118],"We":[119],"show":[120],"able":[127],"accurately":[131],"if":[133],"zero-day":[140],"worm.":[141],"shown":[146],"effective":[149],"against":[150],"worms":[151,159],"different":[153],"types":[154],"speeds,":[156],"including":[157],"polymorphic":[158]},"counts_by_year":[{"year":2018,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}