{"id":"https://openalex.org/W2978604905","doi":"https://doi.org/10.1049/pbpc028e_ch7","title":"A layered security architecture based on cyber kill chain against advanced persistent threats","display_name":"A layered security architecture based on cyber kill chain against advanced persistent threats","publication_year":2019,"publication_date":"2019-08-16","ids":{"openalex":"https://openalex.org/W2978604905","doi":"https://doi.org/10.1049/pbpc028e_ch7","mag":"2978604905"},"language":"en","primary_location":{"id":"doi:10.1049/pbpc028e_ch7","is_oa":false,"landing_page_url":"https://doi.org/10.1049/pbpc028e_ch7","pdf_url":null,"source":{"id":"https://openalex.org/S4306463440","display_name":"Institution of Engineering and Technology eBooks","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https://openalex.org/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"ebook platform"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Privacy for Big Data, Cloud Computing and Applications","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022968887","display_name":"Pooneh Nikkhah Bahrami","orcid":null},"institutions":[{"id":"https://openalex.org/I23946033","display_name":"University of Tehran","ror":"https://ror.org/05vf56z40","country_code":"IR","type":"education","lineage":["https://openalex.org/I23946033"]}],"countries":["IR"],"is_corresponding":true,"raw_author_name":"Pooneh Nikkhah Bahrami","raw_affiliation_strings":["Department of Computer Science, University of Tehran, Tehran, Iran"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Tehran, Tehran, Iran","institution_ids":["https://openalex.org/I23946033"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038019914","display_name":"Ali Dehghantanha","orcid":"https://orcid.org/0000-0002-9294-7554"},"institutions":[{"id":"https://openalex.org/I79817857","display_name":"University of Guelph","ror":"https://ror.org/01r7awg59","country_code":"CA","type":"education","lineage":["https://openalex.org/I79817857"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ali Dehghantanha","raw_affiliation_strings":["School of Computer Science, University of Guelph, Guelph, ON, Canada"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, University of Guelph, Guelph, ON, Canada","institution_ids":["https://openalex.org/I79817857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041825756","display_name":"Tooska Dargahi","orcid":"https://orcid.org/0000-0002-0908-6483"},"institutions":[{"id":"https://openalex.org/I54459138","display_name":"University of Salford","ror":"https://ror.org/01tmqtf75","country_code":"GB","type":"education","lineage":["https://openalex.org/I54459138"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Tooska Dargahi","raw_affiliation_strings":["School of Computing, University of Salford, Manchester, UK"],"affiliations":[{"raw_affiliation_string":"School of Computing, University of Salford, Manchester, UK","institution_ids":["https://openalex.org/I54459138"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087589295","display_name":"Reza M. Parizi","orcid":"https://orcid.org/0000-0002-0049-4296"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Reza M. Parizi","raw_affiliation_strings":["College of Computing and Software Engineering, Kennesaw State University, Marietta, GA, USA"],"affiliations":[{"raw_affiliation_string":"College of Computing and Software Engineering, Kennesaw State University, Marietta, GA, USA","institution_ids":["https://openalex.org/I172980758"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001746807","display_name":"Kim\u2010Kwang Raymond Choo","orcid":"https://orcid.org/0000-0001-9208-5336"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kim-Kwang Raymond Choo","raw_affiliation_strings":["Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX, USA","University of Texas at San Antonio, San Antonio, TX, USA"],"affiliations":[{"raw_affiliation_string":"Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]},{"raw_affiliation_string":"University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078475385","display_name":"Hamid Haj Seyyed Javadi","orcid":"https://orcid.org/0000-0003-0082-036X"},"institutions":[{"id":"https://openalex.org/I119025939","display_name":"Shahed University","ror":"https://ror.org/01e8ff003","country_code":"IR","type":"education","lineage":["https://openalex.org/I119025939"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Hamid H. Javadi","raw_affiliation_strings":["Department of Computer Science, Shahed University, Tehran, Iran"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Shahed University, Tehran, Iran","institution_ids":["https://openalex.org/I119025939"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009116003","display_name":"Lizhe Wang","orcid":"https://orcid.org/0000-0003-2766-0845"},"institutions":[{"id":"https://openalex.org/I3124059619","display_name":"China University of Geosciences","ror":"https://ror.org/04gcegc37","country_code":"CN","type":"education","lineage":["https://openalex.org/I3124059619"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lizhe Wang","raw_affiliation_strings":["School of Computer Science, China University of Geosciences, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, China University of Geosciences, Wuhan, China","institution_ids":["https://openalex.org/I3124059619"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001746807","display_name":"Kim\u2010Kwang Raymond Choo","orcid":"https://orcid.org/0000-0001-9208-5336"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kim-Kwang Raymond Choo","raw_affiliation_strings":["Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX, USA","University of Texas at San Antonio, San Antonio, TX, USA"],"affiliations":[{"raw_affiliation_string":"Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]},{"raw_affiliation_string":"University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007964745","display_name":"Fatos Xhafa","orcid":"https://orcid.org/0000-0001-6569-5497"},"institutions":[{"id":"https://openalex.org/I9617848","display_name":"Universitat Polit\u00e8cnica de Catalunya","ror":"https://ror.org/03mb6wj31","country_code":"ES","type":"education","lineage":["https://openalex.org/I9617848"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Fatos Xhafa","raw_affiliation_strings":["Departament de Cincies de la Computacio, Universitat Politecnica de Catalunya, Barcelona, Spain"],"affiliations":[{"raw_affiliation_string":"Departament de Cincies de la Computacio, Universitat Politecnica de Catalunya, Barcelona, Spain","institution_ids":["https://openalex.org/I9617848"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5034031357","display_name":"Wei Ren","orcid":"https://orcid.org/0000-0001-8590-1737"},"institutions":[{"id":"https://openalex.org/I3124059619","display_name":"China University of Geosciences","ror":"https://ror.org/04gcegc37","country_code":"CN","type":"education","lineage":["https://openalex.org/I3124059619"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wei Ren","raw_affiliation_strings":["School of Computer Science, China University of Geosciences, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science, China University of Geosciences, Wuhan, China","institution_ids":["https://openalex.org/I3124059619"]}]}],"institutions":[],"countries_distinct_count":6,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5022968887"],"corresponding_institution_ids":["https://openalex.org/I23946033"],"apc_list":null,"apc_paid":null,"fwci":0.4274,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.60955168,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"135","last_page":"155"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.8311144113540649},{"id":"https://openalex.org/keywords/blacklisting","display_name":"Blacklisting","score":0.7058713436126709},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.6664478182792664},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.601099967956543},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.589887797832489},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.4840966463088989},{"id":"https://openalex.org/keywords/cyber-threats","display_name":"Cyber threats","score":0.4485453963279724},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.42633605003356934},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.42602914571762085},{"id":"https://openalex.org/keywords/blacklist","display_name":"Blacklist","score":0.42334628105163574},{"id":"https://openalex.org/keywords/cyberwarfare","display_name":"Cyberwarfare","score":0.4115403890609741}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.8311144113540649},{"id":"https://openalex.org/C2779797433","wikidata":"https://www.wikidata.org/wiki/Q632959","display_name":"Blacklisting","level":2,"score":0.7058713436126709},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.6664478182792664},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.601099967956543},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.589887797832489},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.4840966463088989},{"id":"https://openalex.org/C3018725008","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber threats","level":2,"score":0.4485453963279724},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.42633605003356934},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.42602914571762085},{"id":"https://openalex.org/C2781345505","wikidata":"https://www.wikidata.org/wiki/Q2535979","display_name":"Blacklist","level":2,"score":0.42334628105163574},{"id":"https://openalex.org/C171769113","wikidata":"https://www.wikidata.org/wiki/Q849340","display_name":"Cyberwarfare","level":2,"score":0.4115403890609741},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1049/pbpc028e_ch7","is_oa":false,"landing_page_url":"https://doi.org/10.1049/pbpc028e_ch7","pdf_url":null,"source":{"id":"https://openalex.org/S4306463440","display_name":"Institution of Engineering and Technology eBooks","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https://openalex.org/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"ebook platform"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Privacy for Big Data, Cloud Computing and Applications","raw_type":"book-chapter"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.550000011920929,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2181543702","https://openalex.org/W3172840274","https://openalex.org/W2769847412","https://openalex.org/W2146351192","https://openalex.org/W3037489623","https://openalex.org/W2991976289","https://openalex.org/W4379624358","https://openalex.org/W178883471","https://openalex.org/W3112398763","https://openalex.org/W2980552833"],"abstract_inverted_index":{"Inherently,":[0],"static":[1],"traditional":[2],"defense":[3,127,160],"mechanisms":[4],"which":[5,82],"mostly":[6],"act":[7],"successfully":[8],"in":[9,24,41,145],"detecting":[10],"known":[11],"attacks":[12,36],"using":[13],"techniques":[14,142],"such":[15],"as":[16],"blacklisting":[17],"and":[18,28,44,143,161],"malware":[19],"signature":[20],"detection":[21],"are":[22,37],"insufficient":[23],"defending":[25],"against":[26,164],"dynamic":[27],"sophisticated":[29],"advanced":[30],"persistent":[31],"threat":[32],"(APT)":[33],"cyberattacks.":[34],"These":[35],"usually":[38],"conducted":[39],"dynamically":[40],"several":[42],"stages":[43,65,101],"may":[45],"use":[46],"different":[47],"attack":[48,110],"paths":[49],"simultaneously":[50],"to":[51,72,132,137,157],"accomplish":[52],"their":[53],"commission.":[54],"Cyber":[55],"kill":[56],"chain":[57],"(CKC)":[58],"framework":[59],"provides":[60],"a":[61,134],"model":[62,128,151],"for":[63],"all":[64,100],"of":[66,108,148],"an":[67,96],"intrusion":[68,119],"from":[69],"early":[70],"reconnaissance":[71],"actions":[73],"on":[74],"objectives":[75],"when":[76],"the":[77,93,109,112,118],"attacker&apos;s":[78],"goal":[79],"is":[80],"met":[81],"could":[83],"be":[84,153],"stealing":[85],"data,":[86],"disrupting":[87],"operations":[88],"or":[89,116],"destroying":[90],"infrastructure.":[91],"Achieving":[92],"final":[94],"goal,":[95],"adversary":[97],"must":[98],"progress":[99],"successfully.":[102],"Any":[103],"disruption":[104],"at":[105],"any":[106],"stage":[107],"by":[111,155],"defender":[113],"would":[114],"mitigate":[115],"cease":[117],"campaign.":[120],"In":[121],"this":[122],"chapter,":[123],"we":[124],"align":[125],"7D":[126],"with":[129],"CKC":[130],"steps":[131],"develop":[133],"layered":[135],"architecture":[136],"detected":[138],"APT":[139,166],"actors":[140],"tactics,":[141],"procedures":[144],"each":[146],"step":[147],"CKC.":[149],"This":[150],"can":[152],"applied":[154],"defenders":[156],"plan":[158],"resilient":[159],"mitigation":[162],"strategies":[163],"prospective":[165],"actors.":[167]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}