{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T16:29:43Z","timestamp":1781022583295,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,4,24]],"date-time":"2023-04-24T00:00:00Z","timestamp":1682294400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"NSF","award":["1814190"],"award-info":[{"award-number":["1814190"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,4,24]]},"DOI":"10.1145\/3577923.3583639","type":"proceedings-article","created":{"date-parts":[[2023,4,20]],"date-time":"2023-04-20T10:57:59Z","timestamp":1681988279000},"page":"91-102","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["CloudShield: Real-time Anomaly Detection in the Cloud"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2639-2826","authenticated-orcid":false,"given":"Zecheng","family":"He","sequence":"first","affiliation":[{"name":"Princeton University, Princeton, NJ, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-9554-258X","authenticated-orcid":false,"given":"Guangyuan","family":"Hu","sequence":"additional","affiliation":[{"name":"Princeton University, Princeton, NJ, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9497-0777","authenticated-orcid":false,"given":"Ruby B.","family":"Lee","sequence":"additional","affiliation":[{"name":"Princeton University, Princeton, NJ, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2023,4,24]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/11894063_16"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/342009.335388"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSAA.2015.7344872"},{"key":"e_1_3_2_1_4_1","volume-title":"Caglar Gulcehre, Dzmitry Bahdanau, Fethi Bougares, Holger Schwenk, and Yoshua Bengio.","author":"Cho Kyunghyun","year":"2014","unstructured":"Kyunghyun Cho, Bart Van Merri\u00ebnboer, Caglar Gulcehre, Dzmitry Bahdanau, Fethi Bougares, Holger Schwenk, and Yoshua Bengio. 2014. Learning phrase representations using RNN encoder-decoder for statistical machine translation. arXiv preprint arXiv:1406.1078 (2014)."},{"key":"e_1_3_2_1_5_1","volume-title":"On the feasibility of online malware detection with performance counters. ACM SIGARCH Computer Architecture News","author":"Demme John","year":"2013","unstructured":"John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, and Salvatore Stolfo. 2013. On the feasibility of online malware detection with performance counters. ACM SIGARCH Computer Architecture News (2013)."},{"key":"e_1_3_2_1_6_1","volume-title":"Toutanova","author":"Devlin Jacob","year":"2018","unstructured":"Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina N. Toutanova. 2018. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. arXiv preprint arXiv:1810.04805 (2018)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363226"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-40667-1_14"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.22"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA51647.2021.00014"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3123939.3124546"},{"key":"e_1_3_2_1_12_1","volume-title":"Power-Grid Controller Anomaly Detection with Enhanced Temporal Deep Learning. In IEEE International Conference On Trust, Security And Privacy In Computing (TrustCom).","author":"He Zecheng","year":"2019","unstructured":"Zecheng He, Aswin Raghavan, Guangyuan Hu, Sek Chai, and Ruby Lee. 2019. Power-Grid Controller Anomaly Detection with Enhanced Temporal Deep Learning. In IEEE International Conference On Trust, Security And Privacy In Computing (TrustCom)."},{"key":"e_1_3_2_1_13_1","volume-title":"SPEC CPU2006 benchmark descriptions. ACM SIGARCH Computer Architecture News","author":"Henning John L","year":"2006","unstructured":"John L Henning. 2006. SPEC CPU2006 benchmark descriptions. ACM SIGARCH Computer Architecture News (2006)."},{"key":"e_1_3_2_1_14_1","volume-title":"Stochastic neighbor embedding. Advances in Neural Information Processing Systems (NeurIPS)","author":"Hinton Geoffrey E","year":"2002","unstructured":"Geoffrey E Hinton and Sam Roweis. 2002. Stochastic neighbor embedding. Advances in Neural Information Processing Systems (NeurIPS) (2002)."},{"key":"e_1_3_2_1_15_1","volume-title":"Analysis of a complex of statistical variables into principal components. Journal of educational psychology","author":"Hotelling Harold","year":"1933","unstructured":"Harold Hotelling. 1933. Analysis of a complex of statistical variables into principal components. Journal of educational psychology (1933)."},{"key":"e_1_3_2_1_16_1","volume-title":"Speculative buffer overflows: Attacks and defenses. arXiv preprint arXiv:1807.03757","author":"Kiriansky Vladimir","year":"2018","unstructured":"Vladimir Kiriansky and Carl Waldspurger. 2018. Speculative buffer overflows: Attacks and defenses. arXiv preprint arXiv:1807.03757 (2018)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"e_1_3_2_1_18_1","volume-title":"USENIX Security Symposium.","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, et al. 2018. Meltdown: Reading kernel memory from user space. In USENIX Security Symposium."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.43"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM.2008.17"},{"key":"e_1_3_2_1_21_1","volume-title":"European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning.","author":"Malhotra Pankaj","year":"2015","unstructured":"Pankaj Malhotra, Lovekesh Vig, Gautam Shroff, and Puneet Agarwal. 2015. Long short term memory networks for anomaly detection in time series. In European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Dag Arne Osvik Adi Shamir and Eran Tromer. 2006. Cache attacks and countermeasures: the case of AES. In Cryptographers' Track at the RSA conference.","DOI":"10.1007\/11605805_1"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2016.2540634"},{"key":"e_1_3_2_1_24_1","volume-title":"Adversarial Attacks against Network Intrusion Detection in IoT Systems","author":"Qiu Han","year":"2020","unstructured":"Han Qiu, Tian Dong, Tianwei Zhang, Jialiang Lu, Gerard Memmi, and Meikang Qiu. 2020. Adversarial Attacks against Network Intrusion Detection in IoT Systems. IEEE Internet of Things Journal (2020)."},{"key":"e_1_3_2_1_25_1","unstructured":"Bernhard Sch\u00f6lkopf Robert C Williamson Alex J Smola John Shawe-Taylor and John C Platt. 2000. Support vector method for novelty detection. In Advances in Neural Information Processing Systems (NeurIPS)."},{"key":"e_1_3_2_1_26_1","volume-title":"Tulika Mitra, and Abhik Roychoudhury.","author":"Wang Guanhua","year":"2020","unstructured":"Guanhua Wang, Sudipta Chattopadhyay, Arnab Kumar Biswas, Tulika Mitra, and Abhik Roychoudhury. 2020. Kleespectre: Detecting information leakage through speculative cache attacks via symbolic execution. ACM Transactions on Software Engineering and Methodology (2020)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"crossref","unstructured":"Xueyang Wang and Ramesh Karri. 2014. Detecting kernel control-flow modifying Rootkits. In Network Science and Cybersecurity.","DOI":"10.1007\/978-1-4614-7597-2_11"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCAD.2015.7372617"},{"key":"e_1_3_2_1_29_1","volume-title":"Sigfree: A signature-free buffer overflow attack blocker","author":"Wang Xinran","year":"2008","unstructured":"Xinran Wang, Chi-Chun Pan, Peng Liu, and Sencun Zhu. 2008. Sigfree: A signature-free buffer overflow attack blocker. IEEE Transactions on Dependable and Secure Computing (2008)."},{"key":"e_1_3_2_1_31_1","volume-title":"USENIX Security Symposium.","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner. 2014. FLUSHRELOAD: a high resolution, low noise, L3 cache side-channel attack. In USENIX Security Symposium."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_6"}],"event":{"name":"CODASPY '23: Thirteenth ACM Conference on Data and Application Security and Privacy","location":"Charlotte NC USA","acronym":"CODASPY '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3577923.3583639","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3577923.3583639","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3577923.3583639","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:41Z","timestamp":1750183721000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3577923.3583639"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,24]]},"references-count":31,"alternative-id":["10.1145\/3577923.3583639","10.1145\/3577923"],"URL":"https:\/\/doi.org\/10.1145\/3577923.3583639","relation":{},"subject":[],"published":{"date-parts":[[2023,4,24]]},"assertion":[{"value":"2023-04-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}