{"id":"https://openalex.org/W1982280963","doi":"https://doi.org/10.4018/jdcf.2011070103","title":"LUARM","display_name":"LUARM","publication_year":2011,"publication_date":"2011-07-01","ids":{"openalex":"https://openalex.org/W1982280963","doi":"https://doi.org/10.4018/jdcf.2011070103","mag":"1982280963"},"language":"en","primary_location":{"id":"doi:10.4018/jdcf.2011070103","is_oa":false,"landing_page_url":"https://doi.org/10.4018/jdcf.2011070103","pdf_url":null,"source":{"id":"https://openalex.org/S8943243","display_name":"International Journal of Digital Crime and Forensics","issn_l":"1941-6210","issn":["1941-6210","1941-6229"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Digital Crime and Forensics","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5060036697","display_name":"George Magklaras","orcid":"https://orcid.org/0000-0001-5836-8252"},"institutions":[{"id":"https://openalex.org/I897542642","display_name":"University of Plymouth","ror":"https://ror.org/008n7pv89","country_code":"GB","type":"education","lineage":["https://openalex.org/I897542642"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"G. Magklaras","raw_affiliation_strings":["University of Plymouth, UK"],"affiliations":[{"raw_affiliation_string":"University of Plymouth, UK","institution_ids":["https://openalex.org/I897542642"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033160778","display_name":"Steven Furnell","orcid":"https://orcid.org/0000-0003-0984-7542"},"institutions":[{"id":"https://openalex.org/I897542642","display_name":"University of Plymouth","ror":"https://ror.org/008n7pv89","country_code":"GB","type":"education","lineage":["https://openalex.org/I897542642"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"S. Furnell","raw_affiliation_strings":["University of Plymouth, UK"],"affiliations":[{"raw_affiliation_string":"University of Plymouth, UK","institution_ids":["https://openalex.org/I897542642"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021254494","display_name":"Maria Papadaki","orcid":"https://orcid.org/0000-0003-0817-2651"},"institutions":[{"id":"https://openalex.org/I897542642","display_name":"University of Plymouth","ror":"https://ror.org/008n7pv89","country_code":"GB","type":"education","lineage":["https://openalex.org/I897542642"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"M. Papadaki","raw_affiliation_strings":["University of Plymouth, UK"],"affiliations":[{"raw_affiliation_string":"University of Plymouth, UK","institution_ids":["https://openalex.org/I897542642"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5060036697"],"corresponding_institution_ids":["https://openalex.org/I897542642"],"apc_list":null,"apc_paid":null,"fwci":4.4337,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.94417035,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"3","issue":"3","first_page":"37","last_page":"49"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8457751274108887},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.7815861701965332},{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.6843791604042053},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6725952625274658},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.6281089186668396},{"id":"https://openalex.org/keywords/snapshot","display_name":"Snapshot (computer storage)","score":0.4835340976715088},{"id":"https://openalex.org/keywords/network-forensics","display_name":"Network forensics","score":0.4348128139972687},{"id":"https://openalex.org/keywords/audit-trail","display_name":"Audit trail","score":0.4331214427947998},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3263888359069824},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.26413753628730774},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.21359476447105408}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8457751274108887},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.7815861701965332},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.6843791604042053},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6725952625274658},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.6281089186668396},{"id":"https://openalex.org/C55282118","wikidata":"https://www.wikidata.org/wiki/Q252683","display_name":"Snapshot (computer storage)","level":2,"score":0.4835340976715088},{"id":"https://openalex.org/C50747538","wikidata":"https://www.wikidata.org/wiki/Q7001032","display_name":"Network forensics","level":3,"score":0.4348128139972687},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.4331214427947998},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3263888359069824},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.26413753628730774},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.21359476447105408},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.4018/jdcf.2011070103","is_oa":false,"landing_page_url":"https://doi.org/10.4018/jdcf.2011070103","pdf_url":null,"source":{"id":"https://openalex.org/S8943243","display_name":"International Journal of Digital Crime and Forensics","issn_l":"1941-6210","issn":["1941-6210","1941-6229"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Digital Crime and Forensics","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:igg:jdcf00:v:3:y:2011:i:3:p:37-49","is_oa":false,"landing_page_url":"http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/jdcf.2011070103","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7300000190734863}],"awards":[],"funders":[{"id":"https://openalex.org/F4320323260","display_name":"Universitetet i Oslo","ror":"https://ror.org/01xtthb56"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W32472612","https://openalex.org/W563911714","https://openalex.org/W591484172","https://openalex.org/W1619613999","https://openalex.org/W1677652203","https://openalex.org/W1707476012","https://openalex.org/W1979319057","https://openalex.org/W1996734614","https://openalex.org/W2045955905","https://openalex.org/W2048481461","https://openalex.org/W2111427271","https://openalex.org/W2288292231","https://openalex.org/W2288632536","https://openalex.org/W2397411235","https://openalex.org/W2615155959","https://openalex.org/W2916086000","https://openalex.org/W3018057083","https://openalex.org/W3145042860","https://openalex.org/W4213362721"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W2018332730","https://openalex.org/W4387194049","https://openalex.org/W1924436031"],"abstract_inverted_index":{"Logging":[0],"User":[1],"Actions":[2],"in":[3,41],"Relational":[4],"Mode":[5],"(LUARM)":[6],"is":[7],"an":[8,80,117],"open":[9],"source":[10],"audit":[11,128],"engine":[12,129],"for":[13],"Linux.":[14],"It":[15],"provides":[16],"a":[17,22,111,135,152],"near":[18],"real-time":[19],"snapshot":[20],"of":[21,24,53,64,116,158],"number":[23],"user":[25,37],"action":[26],"data":[27,68],"such":[28],"as":[29],"file":[30],"access,":[31],"program":[32],"execution":[33],"and":[34,110,149],"network":[35],"endpoint":[36],"activities,":[38],"all":[39],"organized":[40],"easily":[42],"searchable":[43],"relational":[44],"tables.":[45],"LUARM":[46],"attempts":[47],"to":[48,78,87,96,133,155],"solve":[49],"two":[50],"fundamental":[51],"problems":[52],"the":[54,62,126,139],"insider":[55,65,99,118,141],"IT":[56,119,142,147,159],"misuse":[57,66,120,143,160],"domain.":[58],"The":[59,83,122],"first":[60],"concerns":[61],"lack":[63],"case":[67,114],"repositories":[69],"that":[70,125],"could":[71],"be":[72,151],"used":[73],"by":[74],"post-case":[75],"forensic":[76,156],"examiners":[77],"aid":[79],"incident":[81],"investigation.":[82],"second":[84],"problem":[85],"relates":[86],"how":[88],"information":[89],"security":[90],"researchers":[91],"can":[92,150],"enhance":[93],"their":[94],"ability":[95],"specify":[97],"accurately":[98],"threats":[100],"at":[101],"system":[102],"level.":[103],"This":[104],"paper":[105],"presents":[106],"LUARM\u2019s":[107],"design":[108],"perspectives":[109],"\u2019post":[112],"mortem\u2019":[113],"study":[115],"incident.":[121],"results":[123],"show":[124],"prototype":[127],"has":[130],"good":[131],"potential":[132],"provide":[134],"valuable":[136,153],"insight":[137],"into":[138],"way":[140],"incidents":[144],"manifest":[145],"on":[146],"systems":[148],"complement":[154],"investigators":[157],"incidents.":[161]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}