{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,21]],"date-time":"2026-05-21T10:42:50Z","timestamp":1779360170502,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":22,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,3,2]],"date-time":"2015-03-02T00:00:00Z","timestamp":1425254400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Department of Homeland Security (DHS)","award":["HSHQDC-13-C-B0012"],"award-info":[{"award-number":["HSHQDC-13-C-B0012"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,3,2]]},"DOI":"10.1145\/2699026.2699111","type":"proceedings-article","created":{"date-parts":[[2015,2,23]],"date-time":"2015-02-23T16:02:15Z","timestamp":1424707335000},"page":"25-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":35,"title":["DetAnom"],"prefix":"10.1145","author":[{"given":"Syed Rafiul","family":"Hussain","sequence":"first","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Asmaa M.","family":"Sallam","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, IN, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2015,3,2]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"How bad is the insider threat? Technical report","year":"2012","unstructured":"Cybersecurity watch survey : How bad is the insider threat? Technical report , Carnegie Mellon University , 2012 . http:\/\/resources.sei.cmu.edu\/asset_files\/ Presentation\/2013_017_101_57766.pdf. Cybersecurity watch survey: How bad is the insider threat? Technical report, Carnegie Mellon University, 2012. http:\/\/resources.sei.cmu.edu\/asset_files\/ Presentation\/2013_017_101_57766.pdf."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/2371174"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966916"},{"key":"e_1_3_2_1_4_1","first-page":"449","volume-title":"IPCCC 2007","author":"Bertino E.","year":"2007","unstructured":"E. Bertino , A. Kamra , and J. P. Early . Profiling database application to detect sql injection attacks. In IEEE International Performance, Computing, and Communications Conference , IPCCC 2007 , pages 449 -- 458 , April 2007 . E. Bertino, A. Kamra, and J. P. Early. Profiling database application to detect sql injection attacks. In IEEE International Performance, Computing, and Communications Conference, IPCCC 2007, pages 449--458, April 2007."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.14778\/2350229.2350262"},{"key":"e_1_3_2_1_6_1","volume-title":"Spotlight on: Programmers as malicious insiders (updated and revised). Technical report","author":"Collins M.","year":"2013","unstructured":"M. Collins , D. M. Cappelli , T. Caron , R. F. Trzeciak , and A. P. Moore . Spotlight on: Programmers as malicious insiders (updated and revised). Technical report , Carnegie Mellon University , 2013 . http:\/\/resources.sei.cmu.edu\/asset_files\/WhitePaper\/2013_019_001_85232.pdf. M. Collins, D. M. Cappelli, T. Caron, R. F. Trzeciak, and A. P. Moore. Spotlight on: Programmers as malicious insiders (updated and revised). Technical report, Carnegie Mellon University, 2013. http:\/\/resources.sei.cmu.edu\/asset_files\/WhitePaper\/2013_019_001_85232.pdf."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2009.98"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273484"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030126"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the 11th Annual Network and Distributed System Security Symposium NDSS","author":"Giffin J. T.","year":"2004","unstructured":"J. T. Giffin , S. Jha , and B. P. Miller . Efficient context-sensitive intrusion detection . In Proceedings of the 11th Annual Network and Distributed System Security Symposium NDSS , 2004 . J. T. Giffin, S. Jha, and B. P. Miller. Efficient context-sensitive intrusion detection. In Proceedings of the 11th Annual Network and Distributed System Security Symposium NDSS, 2004."},{"key":"e_1_3_2_1_11_1","volume-title":"Components and considerations in building an insider threat program. Technical report","author":"Huth C.","year":"2013","unstructured":"C. Huth and R. Rueffe . Components and considerations in building an insider threat program. Technical report , Carnegie Mellon University , 2013 . http:\/\/resources.sei.cmu.edu\/asset_files\/Webinar\/2013_018_101_69083.pdf. C. Huth and R. Rueffe. Components and considerations in building an insider threat program. Technical report, Carnegie Mellon University, 2013. http:\/\/resources.sei.cmu.edu\/asset_files\/Webinar\/2013_018_101_69083.pdf."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/646649.699488"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.41"},{"key":"e_1_3_2_1_14_1","unstructured":"PostgreSQL Global Development Group. PostgreSQL-9.1.8. http:\/\/www.postgresql.org\/docs\/9.1\/static\/release-9--1--8.html.  PostgreSQL Global Development Group. PostgreSQL-9.1.8. http:\/\/www.postgresql.org\/docs\/9.1\/static\/release-9--1--8.html."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2213836.2213852"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/267895.267925"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2662384"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/11817963_38"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081750"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/11506881_8"},{"key":"e_1_3_2_1_21_1","first-page":"13","volume-title":"Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research, CASCON'99","author":"Vallee-Rai R.","unstructured":"R. Vallee-Rai , P. Co , E. Gagnon , L. Hendren , P. Lam , and V. Sundaresan . Soot - a java bytecodeoptimization framework . In Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research, CASCON'99 , pages 13 --. IBM Press, 1999. R. Vallee-Rai, P. Co, E. Gagnon, L. Hendren, P. Lam, and V. Sundaresan. Soot - a java bytecodeoptimization framework. In Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research, CASCON'99, pages 13--. IBM Press, 1999."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884434"}],"event":{"name":"CODASPY'15: Fifth ACM Conference on Data and Application Security and Privacy","location":"San Antonio Texas USA","acronym":"CODASPY'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 5th ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2699026.2699111","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2699026.2699111","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:13:36Z","timestamp":1750227216000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2699026.2699111"}},"subtitle":["Detecting Anomalous Database Transactions by Insiders"],"short-title":[],"issued":{"date-parts":[[2015,3,2]]},"references-count":22,"alternative-id":["10.1145\/2699026.2699111","10.1145\/2699026"],"URL":"https:\/\/doi.org\/10.1145\/2699026.2699111","relation":{},"subject":[],"published":{"date-parts":[[2015,3,2]]},"assertion":[{"value":"2015-03-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}