{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T00:57:58Z","timestamp":1771981078389,"version":"3.50.1"},"reference-count":31,"publisher":"IEEE","license":[{"start":{"date-parts":[[2021,9,5]],"date-time":"2021-09-05T00:00:00Z","timestamp":1630800000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2021,9,5]],"date-time":"2021-09-05T00:00:00Z","timestamp":1630800000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2021,9,5]],"date-time":"2021-09-05T00:00:00Z","timestamp":1630800000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100002322","name":"Coordena\u00e7\u00e3o de Aperfei\u00e7oamento de Pessoal de Nivel Superior - Brasil (CAPES)","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002322","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,9,5]]},"DOI":"10.1109\/iscc53001.2021.9631251","type":"proceedings-article","created":{"date-parts":[[2021,12,15]],"date-time":"2021-12-15T20:46:50Z","timestamp":1639601210000},"page":"1-6","source":"Crossref","is-referenced-by-count":9,"title":["Taking a Peek: An Evaluation of Anomaly Detection Using System calls for Containers"],"prefix":"10.1109","author":[{"given":"Gabriel R.","family":"Castanhel","sequence":"first","affiliation":[]},{"given":"Tiago","family":"Heinrich","sequence":"additional","affiliation":[]},{"given":"Fabricio","family":"Ceschin","sequence":"additional","affiliation":[]},{"given":"Carlos","family":"Maziero","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/504909.504911"},{"key":"ref30","article-title":"Scikit-learn: Machine learning in Python","author":"pedregosa","year":"2011","journal-title":"Journal of Machine Learning Research"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/EDCC.2019.00033"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOMW.2015.7414047"},{"key":"ref12","author":"mitchell","year":"2001","journal-title":"Advanced Linux Programming"},{"key":"ref13","author":"cespedes","year":"2013","journal-title":"ltrace(l) linux manual page"},{"key":"ref14","year":"2018","journal-title":"perf-ftrace(l) - linux manual page"},{"key":"ref15","article-title":"User-level infrastructure for system call interposition: A platform for intrusion detection and confinement","author":"jain","year":"2000","journal-title":"NDSS"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2006.41"},{"key":"ref17","article-title":"Docker: lightweight linux containers for consistent development and deployment","author":"merkel","year":"2014","journal-title":"Linux Journal"},{"key":"ref18","author":"litty","year":"2005","journal-title":"Hypervisor-Based Intrusion Detection"},{"key":"ref19","author":"durairaju","year":"2018","journal-title":"Intrusion detection in containerized environments"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.45"},{"key":"ref28","article-title":"CVE-2020-25213","year":"2020","journal-title":"Available from National Vulnerability Database CVE-ID CVE-2020-25213"},{"key":"ref27","article-title":"CVE-2014-0160","year":"2019","journal-title":"Available from National Vulnerability Database CVE-ID CVE-2019-9978"},{"key":"ref3","article-title":"Anomaly-based intrusion detection through k-means clustering and naives bayes classification","author":"yassin","year":"2013","journal-title":"4th Int Conf Comput Informatics ICOCI"},{"key":"ref6","article-title":"A survey of intrusion detection systems leveraging host data","author":"bridges","year":"2019","journal-title":"ACM Computing Surveys (CSUR)"},{"key":"ref5","article-title":"Host-based intrusion detection system with system calls: Review and future trends","author":"liu","year":"2015","journal-title":"ACM Computing Surveys (CSUR)"},{"key":"ref29","article-title":"CVE-2020-12800","year":"2020","journal-title":"Available from Common Vulnerabilities and Exposures CVE-ID CVE-2020-12800"},{"key":"ref8","article-title":"Prob-abilistic real-time intrusion detection system for docker containers","author":"srinivasan","year":"2018","journal-title":"Int Symp on Sec in Computing and Communication"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"ref2","article-title":"New IPS to boost security, reliability and performance of the campus network","author":"lam","year":"2005","journal-title":"Newsletter of Computing Services Center"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2911732"},{"key":"ref9","author":"systems","year":"1995","journal-title":"Sequence-based intrusion detection"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2988336.2988337"},{"key":"ref22","article-title":"Detecting anomalies in IaaS environments through virtual machine host system call analysis","author":"alarifi","year":"2012","journal-title":"Int J Internet Technology and Secured Transactions"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24858-5_8"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.05.007"},{"key":"ref23","article-title":"Using text categorization techniques for intrusion detection","author":"liao","year":"2002","journal-title":"USENIX Security Symposium"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/EURMIC.2004.1333416"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2004.1378514"}],"event":{"name":"2021 IEEE Symposium on Computers and Communications (ISCC)","location":"Athens, Greece","start":{"date-parts":[[2021,9,5]]},"end":{"date-parts":[[2021,9,8]]}},"container-title":["2021 IEEE Symposium on Computers and Communications (ISCC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9631377\/9631248\/09631251.pdf?arnumber=9631251","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,10]],"date-time":"2022-05-10T16:54:26Z","timestamp":1652201666000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9631251\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,9,5]]},"references-count":31,"URL":"https:\/\/doi.org\/10.1109\/iscc53001.2021.9631251","relation":{},"subject":[],"published":{"date-parts":[[2021,9,5]]}}}