{"id":"https://openalex.org/W4415077363","doi":"https://doi.org/10.1007/978-3-032-07901-5_10","title":"GET-AID: Graph-Enhanced Transformer for\u00a0Provenance-Based Advanced Persistent Threats Investigation and\u00a0Detection","display_name":"GET-AID: Graph-Enhanced Transformer for\u00a0Provenance-Based Advanced Persistent Threats Investigation and\u00a0Detection","publication_year":2025,"publication_date":"2025-10-11","ids":{"openalex":"https://openalex.org/W4415077363","doi":"https://doi.org/10.1007/978-3-032-07901-5_10"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-032-07901-5_10","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-032-07901-5_10","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101481241","display_name":"Zhicheng Huang","orcid":"https://orcid.org/0009-0008-2665-9918"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zhicheng Huang","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114549816","display_name":"Fengyuan Xu","orcid":"https://orcid.org/0000-0003-3388-7544"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Fengyuan Xu","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101844853","display_name":"Jiahong Yang","orcid":"https://orcid.org/0009-0002-2029-044X"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiahong Yang","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100440860","display_name":"Wenting Li","orcid":"https://orcid.org/0000-0002-1074-0956"},"institutions":[{"id":"https://openalex.org/I4210135483","display_name":"Beijing Institute of Graphic Communication","ror":"https://ror.org/03yg3v757","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210135483"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wenting Li","raw_affiliation_strings":["Beijing Institute of Graphic Communication, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing Institute of Graphic Communication, Beijing, China","institution_ids":["https://openalex.org/I4210135483"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073982057","display_name":"Zonghua Zhang","orcid":"https://orcid.org/0000-0003-0379-7089"},"institutions":[{"id":"https://openalex.org/I4210126257","display_name":"CRRC (China)","ror":"https://ror.org/033g21894","country_code":"CN","type":"company","lineage":["https://openalex.org/I4210126257"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zonghua Zhang","raw_affiliation_strings":["CRSC R&D Institute, Beijing, China"],"affiliations":[{"raw_affiliation_string":"CRSC R&D Institute, Beijing, China","institution_ids":["https://openalex.org/I4210126257"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018109582","display_name":"Chenbin Zhang","orcid":"https://orcid.org/0000-0002-7879-9583"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chenbin Zhang","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100762318","display_name":"Meng Ma","orcid":"https://orcid.org/0000-0003-2637-2788"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Meng Ma","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100413044","display_name":"Ping Wang","orcid":"https://orcid.org/0000-0002-7773-469X"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ping Wang","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5101481241"],"corresponding_institution_ids":["https://openalex.org/I20231570"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.71156187,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"190","last_page":"210"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.5626999735832214},{"id":"https://openalex.org/keywords/transformer","display_name":"Transformer","score":0.5254999995231628},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.4717000126838684},{"id":"https://openalex.org/keywords/trace","display_name":"TRACE (psycholinguistics)","score":0.44760000705718994},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.4422000050544739},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4221999943256378},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.40619999170303345},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.36660000681877136}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.9000999927520752},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.5626999735832214},{"id":"https://openalex.org/C66322947","wikidata":"https://www.wikidata.org/wiki/Q11658","display_name":"Transformer","level":3,"score":0.5254999995231628},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.4717000126838684},{"id":"https://openalex.org/C75291252","wikidata":"https://www.wikidata.org/wiki/Q1315756","display_name":"TRACE (psycholinguistics)","level":2,"score":0.44760000705718994},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4472000002861023},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.4422000050544739},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4221999943256378},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.40619999170303345},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36899998784065247},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.36660000681877136},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.36309999227523804},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.359499990940094},{"id":"https://openalex.org/C118505674","wikidata":"https://www.wikidata.org/wiki/Q42586063","display_name":"Encoder","level":2,"score":0.34610000252723694},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.33970001339912415},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.3375999927520752},{"id":"https://openalex.org/C29825287","wikidata":"https://www.wikidata.org/wiki/Q1427940","display_name":"Warning system","level":2,"score":0.328000009059906},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.32749998569488525},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3212999999523163},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.30239999294281006},{"id":"https://openalex.org/C2779304628","wikidata":"https://www.wikidata.org/wiki/Q3503480","display_name":"Face (sociological concept)","level":2,"score":0.2825999855995178},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.28130000829696655},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.2515999972820282}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-3-032-07901-5_10","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-032-07901-5_10","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1770838219","https://openalex.org/W2560810941","https://openalex.org/W2910711617","https://openalex.org/W2947745012","https://openalex.org/W2962703433","https://openalex.org/W2978956219","https://openalex.org/W2998038410","https://openalex.org/W3004179294","https://openalex.org/W3006711782","https://openalex.org/W3016038045","https://openalex.org/W3099203541","https://openalex.org/W3158906645","https://openalex.org/W3211430557","https://openalex.org/W3212868562","https://openalex.org/W3214329506","https://openalex.org/W4210803071","https://openalex.org/W4306406279","https://openalex.org/W4392173855","https://openalex.org/W4402263650","https://openalex.org/W4402265033","https://openalex.org/W4402288718"],"related_works":[],"abstract_inverted_index":null,"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-12T00:00:00"}