{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T15:36:49Z","timestamp":1756309009086,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,10,21]],"date-time":"2011-10-21T00:00:00Z","timestamp":1319155200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,10,21]]},"DOI":"10.1145\/2046684.2046700","type":"proceedings-article","created":{"date-parts":[[2011,10,25]],"date-time":"2011-10-25T12:23:06Z","timestamp":1319545386000},"page":"99-104","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Machine learning in computer forensics (and the lessons learned from machine learning in computer security)"],"prefix":"10.1145","author":[{"given":"Davide","family":"Ariu","sequence":"first","affiliation":[{"name":"University of Cagliari, Cagliari, Italy"}]},{"given":"Giorgio","family":"Giacinto","sequence":"additional","affiliation":[{"name":"University of Cagliari, Cagliari, Italy"}]},{"given":"Fabio","family":"Roli","sequence":"additional","affiliation":[{"name":"University of Cagliari, Cagliari, Italy"}]}],"member":"320","published-online":{"date-parts":[[2011,10,21]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_3_2_1_1_1","DOI":"10.1109\/MWSCAS.2009.5235900"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_2_1","DOI":"10.1016\/j.cose.2010.12.004"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_3_1","DOI":"10.1145\/1456377.1456382"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_4_1","DOI":"10.1145\/1128817.1128824"},{"key":"e_1_3_2_1_5_1","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1007\/978-3-642-04155-6_2","volume-title":"Advances in Digital Forensics V","author":"Beebe N.","year":"2009","unstructured":"N. Beebe . Digital forensic research: The good, the bad and the unaddressed . In G. Peterson and S. Shenoi, editors, Advances in Digital Forensics V , volume 306 of IFIP Advances in Information and Communication Technology , pages 17 -- 36 . Springer Boston , 2009 . N. Beebe. Digital forensic research: The good, the bad and the unaddressed. In G. Peterson and S. Shenoi, editors, Advances in Digital Forensics V, volume 306 of IFIP Advances in Information and Communication Technology, pages 17--36. Springer Boston, 2009."},{"key":"e_1_3_2_1_7_1","volume-title":"Integrity considerations for secure computer systems. Technical report a423930","author":"Biba K. J.","year":"1977","unstructured":"K. J. Biba . Integrity considerations for secure computer systems. Technical report a423930 , MITRE Corporation Bedford MA , April 1977 . K. J. Biba. Integrity considerations for secure computer systems. Technical report a423930, MITRE Corporation Bedford MA, April 1977."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_8_1","DOI":"10.1016\/j.diin.2008.05.008"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_9_1","DOI":"10.1016\/j.diin.2011.04.002"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_10_1","DOI":"10.1016\/j.diin.2004.03.002"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_11_1","DOI":"10.1145\/604264.604272"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_12_1","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_3_2_1_13_1","volume-title":"RCFL Program Annual Report for Fiscal Year","author":"FBI.","year":"2010","unstructured":"FBI. RCFL Program Annual Report for Fiscal Year 2010 . FBI. RCFL Program Annual Report for Fiscal Year 2010."},{"key":"e_1_3_2_1_14_1","series-title":"IFIP International Federation for Information Processing","first-page":"113","volume-title":"Advances in Digital Forensics","author":"Fei B.","year":"2005","unstructured":"B. Fei , J. Eloff , H. Venter , and M. Olivier . Exploring forensic data with self-organizing maps . In M. Pollitt and S. Shenoi, editors, Advances in Digital Forensics , volume 194 of IFIP International Federation for Information Processing , pages 113 -- 123 . Springer Boston , 2005 . B. Fei, J. Eloff, H. Venter, and M. Olivier. Exploring forensic data with self-organizing maps. In M. Pollitt and S. Shenoi, editors, Advances in Digital Forensics, volume 194 of IFIP International Federation for Information Processing, pages 113--123. Springer Boston, 2005."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_15_1","DOI":"10.1016\/j.diin.2009.06.016"},{"doi-asserted-by":"crossref","unstructured":"P.\n      Giura\n     and \n      N.\n      Memon\n  . \n  Netstore: An efficient storage infrastructure for network forensics and monitoring\n  . In S. Jha R. Sommer and C. Kreibich editors RAID volume \n  6307\n   of \n  Lecture Notes in Computer Science pages \n  277\n  --\n  296\n  . \n  Springer 2010\n  .   P. Giura and N. Memon. Netstore: An efficient storage infrastructure for network forensics and monitoring. In S. Jha R. Sommer and C. Kreibich editors RAID volume 6307 of Lecture Notes in Computer Science pages 277--296. Springer 2010.","key":"e_1_3_2_1_16_1","DOI":"10.1007\/978-3-642-15512-3_15"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_17_1","DOI":"10.1016\/j.diin.2010.03.003"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_18_1","DOI":"10.1016\/j.ins.2011.03.006"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1109\/IAW.2006.1652088"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_20_1","DOI":"10.1016\/j.diin.2007.11.001"},{"key":"e_1_3_2_1_21_1","first-page":"64","volume-title":"Information Assurance Workshop, 2005. IAW '05. Proceedings from the 6th Annual IEEE SMC","author":"Li W.-J.","year":"2005","unstructured":"W.-J. Li , K. Wang , S. Stolfo , and B. Herzog . Fileprints: identifying file types by n-gram analysis . In Information Assurance Workshop, 2005. IAW '05. Proceedings from the 6th Annual IEEE SMC , pages 64 -- 71 , June 2005 . W.-J. Li, K. Wang, S. Stolfo, and B. Herzog. Fileprints: identifying file types by n-gram analysis. In Information Assurance Workshop, 2005. IAW '05. Proceedings from the 6th Annual IEEE SMC, pages 64 -- 71, June 2005."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_22_1","DOI":"10.1016\/j.comcom.2009.07.013"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_23_1","DOI":"10.5555\/820756.821828"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.1145\/382912.382923"},{"key":"e_1_3_2_1_25_1","volume-title":"The discipline of machine learning","author":"Mitchell T. M.","year":"2006","unstructured":"T. M. Mitchell . The discipline of machine learning . Technical Report Carnegie Mellon University-ML-06-108, Machine Learning Department, School of Computer Science, Carnegie Mellon University , 2006 . T. M. Mitchell. The discipline of machine learning. Technical Report Carnegie Mellon University-ML-06-108, Machine Learning Department, School of Computer Science, Carnegie Mellon University, 2006."},{"key":"e_1_3_2_1_26_1","first-page":"391","volume-title":"NSDI","author":"Perdisci R.","year":"2010","unstructured":"R. Perdisci , W. Lee , and N. Feamster . Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces . In NSDI , pages 391 -- 404 . USENIX Association , 2010 . R. Perdisci, W. Lee, and N. Feamster. Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces. In NSDI, pages 391--404. USENIX Association, 2010."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_27_1","DOI":"10.1109\/SADFE.2009.21"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_28_1","DOI":"10.1145\/505282.505283"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_29_1","DOI":"10.1016\/j.diin.2008.05.012"},{"key":"e_1_3_2_1_30_1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1007\/3-540-45474-8_4","volume-title":"W. Lee","author":"Valdes A.","year":"2001","unstructured":"A. Valdes and K. Skinner . Probabilistic alert correlation . In W. Lee , L. M\u00e9, and A. Wespi, editors, Recent Advances in Intrusion Detection, volume 2212 of Lecture Notes in Computer Science , pages 54 -- 68 . Springer , 2001 . A. Valdes and K. Skinner. Probabilistic alert correlation. In W. Lee, L. M\u00e9, and A. Wespi, editors, Recent Advances in Intrusion Detection, volume 2212 of Lecture Notes in Computer Science, pages 54--68. Springer, 2001."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_31_1","DOI":"10.1145\/1410234.1410238"}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"CCS'11","name":"CCS'11: the ACM Conference on Computer and Communications Security","location":"Chicago Illinois USA"},"container-title":["Proceedings of the 4th ACM workshop on Security and artificial intelligence"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2046684.2046700","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2046684.2046700","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:48:42Z","timestamp":1750240122000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2046684.2046700"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,10,21]]},"references-count":30,"alternative-id":["10.1145\/2046684.2046700","10.1145\/2046684"],"URL":"https:\/\/doi.org\/10.1145\/2046684.2046700","relation":{},"subject":[],"published":{"date-parts":[[2011,10,21]]},"assertion":[{"value":"2011-10-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}