{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T14:29:45Z","timestamp":1774189785312,"version":"3.50.1"},"reference-count":40,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2006,5,1]],"date-time":"2006-05-01T00:00:00Z","timestamp":1146441600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Internet Technol."],"published-print":{"date-parts":[[2006,5]]},"abstract":"<jats:p>\n            The Email Mining Toolkit (EMT) is a data mining system that computes\n            <jats:italic>behavior profiles or models<\/jats:italic>\n            of user email accounts. These models may be used for a multitude of tasks including forensic analyses and detection tasks of value to law enforcement and intelligence agencies, as well for as other typical tasks such as virus and spam detection. To demonstrate the power of the methods, we focus on the application of these models to detect the early onset of a viral propagation without \u201ccontent-base \u201d (or signature-based) analysis in common use in virus scanners. We present several experiments using real email from 15 users with injected simulated viral emails and describe how the combination of different behavior models improves overall detection rates. The performance results vary depending upon parameter settings, approaching 99 % true positive (TP) (percentage of viral emails caught) in general cases and with 0.38 % false positive (FP) (percentage of emails with attachments that are mislabeled as viral). The models used for this study are based upon volume and velocity statistics of a user's email rate and an analysis of the user's (social)\n            <jats:italic>cliques<\/jats:italic>\n            revealed in the person's email behavior. We show by way of simulation that virus propagations are detectable since viruses may emit emails at rates different than human behavior suggests is normal, and email is directed to groups of recipients in ways that violate the users' typical communications with their social groups.\n          <\/jats:p>","DOI":"10.1145\/1149121.1149125","type":"journal-article","created":{"date-parts":[[2006,10,18]],"date-time":"2006-10-18T18:11:32Z","timestamp":1161195092000},"page":"187-221","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":57,"title":["Behavior-based modeling and its application to Email analysis"],"prefix":"10.1145","volume":"6","author":[{"given":"Salvatore J.","family":"Stolfo","sequence":"first","affiliation":[{"name":"Columbia University, New York, NY"}]},{"given":"Shlomo","family":"Hershkop","sequence":"additional","affiliation":[{"name":"Columbia University, New York, NY"}]},{"given":"Chia-Wei","family":"Hu","sequence":"additional","affiliation":[{"name":"Columbia University, New York, NY"}]},{"given":"Wei-Jen","family":"Li","sequence":"additional","affiliation":[{"name":"Columbia University, New York, NY"}]},{"given":"Olivier","family":"Nimeskern","sequence":"additional","affiliation":[{"name":"Columbia University, New York, NY"}]},{"given":"Ke","family":"Wang","sequence":"additional","affiliation":[{"name":"Columbia University, New York, NY"}]}],"member":"320","published-online":{"date-parts":[[2006,5]]},"reference":[{"key":"e_1_2_1_1_1","first-page":"207","volume-title":"Proceedings of the ACM SIGMOD International Conference on the Management of Data.","author":"Agrawal R.","unstructured":"Agrawal , R. , Imielinski , T. , and Swami , A . 1993. Mining association rules between sets of items in large databases . In Proceedings of the ACM SIGMOD International Conference on the Management of Data. pp. 207 -- 216 . 10.1145\/170035.170072 Agrawal, R., Imielinski, T., and Swami, A. 1993. Mining association rules between sets of items in large databases. In Proceedings of the ACM SIGMOD International Conference on the Management of Data. pp. 207--216. 10.1145\/170035.170072"},{"key":"e_1_2_1_2_1","volume-title":"Proceedings of the Fifth International Symposium on Recent Advances in Intrusion Detection (RAID-2002","author":"Apap F.","unstructured":"Apap , F. , Andrew Honig , A. , Shlomo Hershkop , S. , Eleazar Eskin , E. , and Stolfo , S. J . 2002. Detecting malicious software by monitoring anomalous windows registry accesses . In Proceedings of the Fifth International Symposium on Recent Advances in Intrusion Detection (RAID-2002 , Zurich, Switzerland, Oct.). 16--18. Apap, F., Andrew Honig, A., Shlomo Hershkop, S., Eleazar Eskin, E., and Stolfo, S. J. 2002. Detecting malicious software by monitoring anomalous windows registry accesses. In Proceedings of the Fifth International Symposium on Recent Advances in Intrusion Detection (RAID-2002, Zurich, Switzerland, Oct.). 16--18."},{"key":"e_1_2_1_3_1","volume-title":"Proceedings of the 2002 New Security Paradigms Workshop (NSPW-2002)","author":"Bhattacharyya M.","unstructured":"Bhattacharyya , M. , Hershkop , S. , Eskin , E. , and Stolfo , S. J . 2002. MET: An experimental system for malicious email tracking . In Proceedings of the 2002 New Security Paradigms Workshop (NSPW-2002) , Virginia Beach, VA, Sept.). 10.1145\/844102.844104 Bhattacharyya, M., Hershkop, S., Eskin, E., and Stolfo, S. J. 2002. MET: An experimental system for malicious email tracking. In Proceedings of the 2002 New Security Paradigms Workshop (NSPW-2002), Virginia Beach, VA, Sept.). 10.1145\/844102.844104"},{"key":"e_1_2_1_4_1","first-page":"17","volume-title":"Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.","author":"Bi Z.","unstructured":"Bi , Z. , Faloustos , C. , and Korn , F . 2001. The DGX distribution for mining massive, skewed data . In Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. pp. 17 -- 26 . 10.1145\/502512.502521 Bi, Z., Faloustos, C., and Korn, F. 2001. The DGX distribution for mining massive, skewed data. In Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. pp. 17--26. 10.1145\/502512.502521"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/362342.362367"},{"key":"e_1_2_1_6_1","doi-asserted-by":"crossref","first-page":"843","DOI":"10.1126\/science.267.5199.843","article-title":"Gauging similarity with n-grams: Language independent categorization of text","volume":"267","author":"Damashek M.","year":"1995","unstructured":"Damashek , M. 1995 . Gauging similarity with n-grams: Language independent categorization of text . In Science , 267 , 843 -- 848 . Damashek, M. 1995. Gauging similarity with n-grams: Language independent categorization of text. In Science, 267, 843--848.","journal-title":"Science"},{"key":"e_1_2_1_7_1","volume-title":"Computer Science Department","author":"Davis P. T.","unstructured":"Davis , P. T. 2003. Finding friends and enemies through the analysis of clique dynamics. Tech. rep ., Computer Science Department , Columbia University , New York, NY . Davis, P. T. 2003. Finding friends and enemies through the analysis of clique dynamics. Tech. rep., Computer Science Department, Columbia University, New York, NY."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the 17th International Conference on Machine Learning (ICML-2000)","author":"Eskin E.","year":"2000","unstructured":"Eskin , E. 2000 . Anomaly detection over noisy data using learned probability distributions . In Proceedings of the 17th International Conference on Machine Learning (ICML-2000) . Eskin, E. 2000. Anomaly detection over noisy data using learned probability distributions. In Proceedings of the 17th International Conference on Machine Learning (ICML-2000)."},{"key":"e_1_2_1_10_1","doi-asserted-by":"crossref","unstructured":"Eskin E. Arnold A. Prerau M. Portnoy L. and Stolfo S. J. 2002. A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data. Data Mining for Security Applications.(Jajodia Barbara Eds.) Kluwer Norwell MA.  Eskin E. Arnold A. Prerau M. Portnoy L. and Stolfo S. J. 2002. A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data. Data Mining for Security Applications.(Jajodia Barbara Eds.) Kluwer Norwell MA.","DOI":"10.1007\/978-1-4615-0953-0_4"},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the Workshop Intrusion Detection and Network Monitoring","author":"Ghosh A. K.","year":"1999","unstructured":"Ghosh , A. K. , Schwartzbard , A. , and Schatz , M . 1999. Learning Program Behavior Profiles for Intrusion Detection . In Proceedings of the Workshop Intrusion Detection and Network Monitoring 1999 . 51--62. Ghosh, A. K., Schwartzbard, A., and Schatz, M. 1999. Learning Program Behavior Profiles for Intrusion Detection. In Proceedings of the Workshop Intrusion Detection and Network Monitoring 1999. 51--62."},{"key":"e_1_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Hershkop S. Ferster R. Bui L. H. Wang K. and Stolfo S. J. 2003. Host-based anomaly detection by wrapping file system accesses. Tech. rep. Columbia University New York NY. Go online to http:\/\/www.cs.columbia.edu\/ids\/publications\/.  Hershkop S. Ferster R. Bui L. H. Wang K. and Stolfo S. J. 2003. Host-based anomaly detection by wrapping file system accesses. Tech. rep. Columbia University New York NY. Go online to http:\/\/www.cs.columbia.edu\/ids\/publications\/.","DOI":"10.21236\/ADA451576"},{"key":"e_1_2_1_13_1","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","article-title":"Intrusion detection using sequences of system calls","volume":"6","author":"Hofmeyr S. A.","year":"1998","unstructured":"Hofmeyr , S. A. , Forrest , S. , and Somayaji , A. 1998 . Intrusion detection using sequences of system calls . J. Comput. Secur. 6 , 151 -- 180 . Hofmeyr, S. A., Forrest, S., and Somayaji, A. 1998. Intrusion detection using sequences of system calls. J. Comput. Secur. 6, 151--180.","journal-title":"J. Comput. Secur."},{"key":"e_1_2_1_14_1","unstructured":"Hogg R. V. and Craig A. T. 1994. Introduction to Mathematical Statistics Prentice Hall Englewood Cliffs N.J. 293--301.  Hogg R. V. and Craig A. T. 1994. Introduction to Mathematical Statistics Prentice Hall Englewood Cliffs N.J. 293--301."},{"key":"e_1_2_1_15_1","unstructured":"Javitz H. S. and Valdes A. 1993. The NIDES Statistical Component: Description and Justification. Tech. rep. SRI International Menlo Park CA.  Javitz H. S. and Valdes A. 1993. The NIDES Statistical Component: Description and Justification. Tech. rep. SRI International Menlo Park CA."},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of the 11th Conference on Uncertainty in Artificial Intelligence. 338--345","author":"John G. H.","unstructured":"John , G. H. and Langley , P . 1995. Estimating continuous distributions in Bayesian classifiers . In Proceedings of the 11th Conference on Uncertainty in Artificial Intelligence. 338--345 . John, G. H. and Langley, P. 1995. Estimating continuous distributions in Bayesian classifiers. In Proceedings of the 11th Conference on Uncertainty in Artificial Intelligence. 338--345."},{"key":"e_1_2_1_17_1","volume-title":"Proceedings 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 91--101","author":"Kleinberg J.","year":"2002","unstructured":"Kleinberg , J. 2002 . Bursty and hierarchical structure in streams . In Proceedings 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 91--101 . 10.1145\/775047.775061 Kleinberg, J. 2002. Bursty and hierarchical structure in streams. In Proceedings 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 91--101. 10.1145\/775047.775061"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/322510.322526"},{"key":"e_1_2_1_19_1","volume-title":"Proceedings of the 1999 IEEE Symposium on Computer Security and Privacy and Proceedings of the 8th ACM SICKDD International Conference on Knowledge Discovery and Data Mining.","author":"Lee W.","unstructured":"Lee , W. and Stolfo , S . 1999. A framework for constructing features and models for intrusion detection systems . In Proceedings of the 1999 IEEE Symposium on Computer Security and Privacy and Proceedings of the 8th ACM SICKDD International Conference on Knowledge Discovery and Data Mining. Lee, W. and Stolfo, S. 1999. A framework for constructing features and models for intrusion detection systems. In Proceedings of the 1999 IEEE Symposium on Computer Security and Privacy and Proceedings of the 8th ACM SICKDD International Conference on Knowledge Discovery and Data Mining."},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of the AAAI Workshop: AI Approaches to Fraud Detection and Risk Management (July).","author":"Lee W.","unstructured":"Lee , W. , Stolfo , S. , and Chan , P . 1997. Learning patterns from Unix process execution traces for intrusion detection . In Proceedings of the AAAI Workshop: AI Approaches to Fraud Detection and Risk Management (July). Lee, W., Stolfo, S., and Chan, P. 1997. Learning patterns from Unix process execution traces for intrusion detection. In Proceedings of the AAAI Workshop: AI Approaches to Fraud Detection and Risk Management (July)."},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the 4th International Conference on Knowledge Discovery and Data Mining (KDD '98)","author":"Lee W.","unstructured":"Lee , W. , Stolfo , S. , and Mok , K . 1998. Mining audit data to build intrusion detection models . In Proceedings of the 4th International Conference on Knowledge Discovery and Data Mining (KDD '98) , New York, NY, Aug.) Lee, W., Stolfo, S., and Mok, K. 1998. Mining audit data to build intrusion detection models. In Proceedings of the 4th International Conference on Knowledge Discovery and Data Mining (KDD '98), New York, NY, Aug.)"},{"key":"e_1_2_1_22_1","volume-title":"Proceedings of the 1999 Conference on Knowledge Discovery and Data Mining (KDD--99)","author":"Lee W.","unstructured":"Lee , W. , Stolfo , S. J. , and Mok , K . 1999. Mining in a data-flow environments: Experiences in intrusion detection . In Proceedings of the 1999 Conference on Knowledge Discovery and Data Mining (KDD--99) . 10.1145\/312129.312212 Lee, W., Stolfo, S. J., and Mok, K. 1999. Mining in a data-flow environments: Experiences in intrusion detection. In Proceedings of the 1999 Conference on Knowledge Discovery and Data Mining (KDD--99). 10.1145\/312129.312212"},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the 2001 IEEE Symposium on Security and Privacy (May).","author":"Lee W.","unstructured":"Lee , W. and Xiang , D . 2001. Information-theoretic measures for anomaly detection . In Proceedings of the 2001 IEEE Symposium on Security and Privacy (May). Lee, W. and Xiang, D. 2001. Information-theoretic measures for anomaly detection. In Proceedings of the 2001 IEEE Symposium on Security and Privacy (May)."},{"key":"e_1_2_1_24_1","unstructured":"Mahoney M. V. and Chan P. K. 2001. Detecting novel attacks by identifying anomalous network packet headers. Tech. rep. Florida Institute of Technology Melbourne FL. CS-2001-2.  Mahoney M. V. and Chan P. K. 2001. Detecting novel attacks by identifying anomalous network packet headers. Tech. rep. Florida Institute of Technology Melbourne FL. CS-2001-2."},{"key":"e_1_2_1_25_1","volume-title":"Machine Learning","author":"Mitchell T. M.","unstructured":"Mitchell , T. M. 1997. Machine Learning , McGraw-Hill , New York, NY , 180--183. Mitchell, T. M. 1997. Machine Learning, McGraw-Hill, New York, NY, 180--183."},{"key":"e_1_2_1_26_1","unstructured":"Mysql. 2002. Go online to www.mysql.org.  Mysql. 2002. Go online to www.mysql.org."},{"key":"e_1_2_1_27_1","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1103\/PhysRevE.66.035101","article-title":"Email networks and the spread of computer viruses","volume":"66","author":"Newman M. E.","year":"2002","unstructured":"Newman , M. E. , Forrest , S. , and Balthrup , J. 2002 . Email networks and the spread of computer viruses . Phys. Rev. E 66 , 3 (Sept.). Newman, M. E., Forrest, S., and Balthrup, J. 2002. Email networks and the spread of computer viruses. Phys. Rev. E 66, 3 (Sept.).","journal-title":"Phys. Rev. E"},{"key":"e_1_2_1_28_1","volume-title":"Proceedings of the SPIE (Feb.).","author":"Niblack W.","year":"1993","unstructured":"Niblack , W. , 1993 . The QBIC project: Querying images by content using color, texture, and shape . In Proceedings of the SPIE (Feb.). Niblack, W., et al. 1993. The QBIC project: Querying images by content using color, texture, and shape. In Proceedings of the SPIE (Feb.)."},{"key":"e_1_2_1_29_1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1214\/ss\/998929472","article-title":"Computer intrusion detecting masquerades","volume":"16","author":"Schonlau M.","year":"2001","unstructured":"Schonlau , M. , Dumouchel , W. , Ju , W. , Karr , A. F. , Theus , M. , and Vardi , Y. 2001 . Computer intrusion detecting masquerades . Statist. Sci. 16 , 1, 1 -- 17 . Schonlau, M., Dumouchel, W., Ju, W., Karr, A. F., Theus, M., and Vardi, Y. 2001. Computer intrusion detecting masquerades. Statist. Sci. 16, 1, 1--17.","journal-title":"Statist. Sci."},{"key":"e_1_2_1_30_1","volume-title":"Proceedings of USENIX Annual Technical Conference---FREENIX Track","author":"Schultz M. G.","unstructured":"Schultz , M. G. , Eskin , E. , and Stolfo , S. J . 2001. Malicious email filter---A UNIX mail filter that detects malicious windows executables . In Proceedings of USENIX Annual Technical Conference---FREENIX Track ( Boston, MA). Schultz, M. G., Eskin, E., and Stolfo, S. J. 2001. Malicious email filter---A UNIX mail filter that detects malicious windows executables. In Proceedings of USENIX Annual Technical Conference---FREENIX Track (Boston, MA)."},{"key":"e_1_2_1_31_1","volume-title":"Integrated spatial and feature image systems: Retrieval, compression and analysis. Ph. D. deissertation","author":"Smith J. R.","unstructured":"Smith , J. R. 1997. Integrated spatial and feature image systems: Retrieval, compression and analysis. Ph. D. deissertation . Columbia University , New York, NY . Smith, J. R. 1997. Integrated spatial and feature image systems: Retrieval, compression and analysis. Ph. D. deissertation. Columbia University, New York, NY."},{"key":"e_1_2_1_32_1","volume-title":"Proceedings of the 1st NSF\/NIJ Symposium on Intelligence & Security Informatics (ISI","author":"Stolfo S. J.","year":"2003","unstructured":"Stolfo , S. J. , Hershkop , S. , Wang , K. , Nimeskern , D. , and Hu , C . -W. 2003. Behavior profiling of email . In Proceedings of the 1st NSF\/NIJ Symposium on Intelligence & Security Informatics (ISI 2003 , Tucson, AZ). Stolfo, S. J., Hershkop, S., Wang, K., Nimeskern, D., and Hu, C.-W. 2003. Behavior profiling of email. In Proceedings of the 1st NSF\/NIJ Symposium on Intelligence & Security Informatics (ISI 2003, Tucson, AZ)."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/5254.809570"},{"key":"e_1_2_1_34_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press","author":"Tan K. M. C.","unstructured":"Tan , K. M. C. and Maxion , R. A . 2002. Why 6? Defining the operational limits of stide, an anomaly-based intrusion detector . In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press , Los Alamitos, CA, 188--201. Tan, K. M. C. and Maxion, R. A. 2002. Why 6? Defining the operational limits of stide, an anomaly-based intrusion detector. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, 188--201."},{"key":"e_1_2_1_35_1","volume-title":"Proceedings of the New Security Paradigms Workshop. 89--96","author":"Taylor C.","unstructured":"Taylor , C. and Alves-Foss , J . 2001. NATE: Network analysis of anomalous traffic events, a low-cost approach . In Proceedings of the New Security Paradigms Workshop. 89--96 . 10.1145\/508171.508186 Taylor, C. and Alves-Foss, J. 2001. NATE: Network analysis of anomalous traffic events, a low-cost approach. In Proceedings of the New Security Paradigms Workshop. 89--96. 10.1145\/508171.508186"},{"key":"e_1_2_1_36_1","volume-title":"Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS","author":"Wagner D.","unstructured":"Wagner , D. and Soto , P . 2002. Mimicry attacks on host-based intrusion detection systems . In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS , Washington, DC). 255--264. 10.1145\/586110.586145 Wagner, D. and Soto, P. 2002. Mimicry attacks on host-based intrusion detection systems. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS, Washington, DC). 255--264. 10.1145\/586110.586145"},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the IEEE Symposium Security and Privacy.","author":"Warrender C.","unstructured":"Warrender , C. , Forrest , S. , and Pearlmutter , B . 1999. Detecting intrusions using system calls: Alternative data models . In Proceedings of the IEEE Symposium Security and Privacy. Warrender, C., Forrest, S., and Pearlmutter, B. 1999. Detecting intrusions using system calls: Alternative data models. In Proceedings of the IEEE Symposium Security and Privacy."},{"key":"e_1_2_1_38_1","volume-title":"Six Degrees: The Science of a Connected Age","author":"Watts D. J.","year":"2003","unstructured":"Watts , D. J. 2003 . Six Degrees: The Science of a Connected Age . W.W. Norton & Company , New York, NY . Watts, D. J. 2003. Six Degrees: The Science of a Connected Age. W.W. Norton & Company, New York, NY."},{"key":"e_1_2_1_39_1","volume-title":"Proceedings of the ACSAC Security Conference","author":"Williamson M. M.","year":"2002","unstructured":"Williamson , M. M. 2002 . Throttling viruses: Restricting propagation to defeat malicious mobile code . In Proceedings of the ACSAC Security Conference ( Las Vegas, NV). Williamson, M. M. 2002. Throttling viruses: Restricting propagation to defeat malicious mobile code. In Proceedings of the ACSAC Security Conference (Las Vegas, NV)."},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the 2000 IEEE Workshop on Information Assurance and Security (U. S. Military Academy","author":"Ye N.","year":"2000","unstructured":"Ye , N. 2000 . A markov chain model of temporal behavior for anomaly detection . In Proceedings of the 2000 IEEE Workshop on Information Assurance and Security (U. S. Military Academy , West Point, NY). Ye, N. 2000. A markov chain model of temporal behavior for anomaly detection. In Proceedings of the 2000 IEEE Workshop on Information Assurance and Security (U. S. Military Academy, West Point, NY)."}],"container-title":["ACM Transactions on Internet Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1149121.1149125","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1149121.1149125","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:31:13Z","timestamp":1750264273000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1149121.1149125"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,5]]},"references-count":40,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2006,5]]}},"alternative-id":["10.1145\/1149121.1149125"],"URL":"https:\/\/doi.org\/10.1145\/1149121.1149125","relation":{},"ISSN":["1533-5399","1557-6051"],"issn-type":[{"value":"1533-5399","type":"print"},{"value":"1557-6051","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006,5]]},"assertion":[{"value":"2006-05-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}