{"id":"https://openalex.org/W3111818397","doi":"https://doi.org/10.1080/09540091.2020.1832960","title":"An adaptive defense mechanism to prevent advanced persistent threats","display_name":"An adaptive defense mechanism to prevent advanced persistent threats","publication_year":2020,"publication_date":"2020-10-16","ids":{"openalex":"https://openalex.org/W3111818397","doi":"https://doi.org/10.1080/09540091.2020.1832960","mag":"3111818397"},"language":"en","primary_location":{"id":"doi:10.1080/09540091.2020.1832960","is_oa":false,"landing_page_url":"https://doi.org/10.1080/09540091.2020.1832960","pdf_url":null,"source":{"id":"https://openalex.org/S4210188800","display_name":"Connection Science","issn_l":"0954-0091","issn":["0954-0091","1360-0494"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Connection Science","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doaj.org/article/e5b8d98159ee49b9bbd71b6422f95252","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002124013","display_name":"Yi-xi Xie","orcid":null},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yi-xi Xie","raw_affiliation_strings":["PLA Strategic Support Force Information Engineering University, Zhengzhou, People\u2019s Republic of China","PLA Strategic Support Force Information Engineering University, Zhengzhou, People's Republic of China"],"affiliations":[{"raw_affiliation_string":"PLA Strategic Support Force Information Engineering University, Zhengzhou, People\u2019s Republic of China","institution_ids":["https://openalex.org/I169689159"]},{"raw_affiliation_string":"PLA Strategic Support Force Information Engineering University, Zhengzhou, People's Republic of China","institution_ids":["https://openalex.org/I169689159"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061963513","display_name":"Lixin Ji","orcid":null},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Li-xin Ji","raw_affiliation_strings":["PLA Strategic Support Force Information Engineering University, Zhengzhou, People\u2019s Republic of China","PLA Strategic Support Force Information Engineering University, Zhengzhou, People's Republic of China"],"affiliations":[{"raw_affiliation_string":"PLA Strategic Support Force Information Engineering University, Zhengzhou, People\u2019s Republic of China","institution_ids":["https://openalex.org/I169689159"]},{"raw_affiliation_string":"PLA Strategic Support Force Information Engineering University, Zhengzhou, People's Republic of China","institution_ids":["https://openalex.org/I169689159"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004921829","display_name":"Ling-shu Li","orcid":null},"institutions":[{"id":"https://openalex.org/I169689159","display_name":"PLA Information Engineering University","ror":"https://ror.org/00mm1qk40","country_code":"CN","type":"education","lineage":["https://openalex.org/I169689159"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ling-shu Li","raw_affiliation_strings":["PLA Strategic Support Force Information Engineering University, Zhengzhou, People\u2019s Republic of China","PLA Strategic Support Force Information Engineering University, Zhengzhou, People's Republic of China"],"affiliations":[{"raw_affiliation_string":"PLA Strategic Support Force Information Engineering University, Zhengzhou, People\u2019s Republic of China","institution_ids":["https://openalex.org/I169689159"]},{"raw_affiliation_string":"PLA Strategic Support Force Information Engineering University, Zhengzhou, People's Republic of China","institution_ids":["https://openalex.org/I169689159"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026436576","display_name":"Zehua Guo","orcid":"https://orcid.org/0000-0001-7314-410X"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zehua Guo","raw_affiliation_strings":["Beijing Institute of Technology, Fort Collins, Beijing, People\u2019s Republic of China","Beijing Institute of Technology, Fort Collins, Beijing, People's Republic of China"],"affiliations":[{"raw_affiliation_string":"Beijing Institute of Technology, Fort Collins, Beijing, People\u2019s Republic of China","institution_ids":["https://openalex.org/I125839683"]},{"raw_affiliation_string":"Beijing Institute of Technology, Fort Collins, Beijing, People's Republic of China","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065487579","display_name":"Thar Baker","orcid":"https://orcid.org/0000-0002-5166-4873"},"institutions":[{"id":"https://openalex.org/I29891158","display_name":"University of Sharjah","ror":"https://ror.org/00engpz63","country_code":"AE","type":"education","lineage":["https://openalex.org/I29891158"]}],"countries":["AE"],"is_corresponding":false,"raw_author_name":"Thar Baker","raw_affiliation_strings":["Department of Computer Science, College of Computing and Informatics, University of Sharjah, Sharjah, United Arab Emirates"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, College of Computing and Informatics, University of Sharjah, Sharjah, United Arab Emirates","institution_ids":["https://openalex.org/I29891158"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5002124013"],"corresponding_institution_ids":["https://openalex.org/I169689159"],"apc_list":{"value":1270,"currency":"USD","value_usd":1270},"apc_paid":null,"fwci":3.2028,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.93490749,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"33","issue":"2","first_page":"359","last_page":"379"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8308049440383911},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.6453353762626648},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.5742760896682739},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5300740003585815},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4838827848434448},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.45104077458381653},{"id":"https://openalex.org/keywords/markov-decision-process","display_name":"Markov decision process","score":0.44249486923217773},{"id":"https://openalex.org/keywords/partially-observable-markov-decision-process","display_name":"Partially observable Markov decision process","score":0.4215922951698303},{"id":"https://openalex.org/keywords/markov-process","display_name":"Markov process","score":0.419445663690567},{"id":"https://openalex.org/keywords/markov-model","display_name":"Markov model","score":0.35839956998825073},{"id":"https://openalex.org/keywords/markov-chain","display_name":"Markov chain","score":0.3430119752883911},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.27559539675712585},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.25028595328330994}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8308049440383911},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.6453353762626648},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.5742760896682739},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5300740003585815},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4838827848434448},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.45104077458381653},{"id":"https://openalex.org/C106189395","wikidata":"https://www.wikidata.org/wiki/Q176789","display_name":"Markov decision process","level":3,"score":0.44249486923217773},{"id":"https://openalex.org/C17098449","wikidata":"https://www.wikidata.org/wiki/Q176814","display_name":"Partially observable Markov decision process","level":4,"score":0.4215922951698303},{"id":"https://openalex.org/C159886148","wikidata":"https://www.wikidata.org/wiki/Q176645","display_name":"Markov process","level":2,"score":0.419445663690567},{"id":"https://openalex.org/C163836022","wikidata":"https://www.wikidata.org/wiki/Q6771326","display_name":"Markov model","level":3,"score":0.35839956998825073},{"id":"https://openalex.org/C98763669","wikidata":"https://www.wikidata.org/wiki/Q176645","display_name":"Markov chain","level":2,"score":0.3430119752883911},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.27559539675712585},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.25028595328330994},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1080/09540091.2020.1832960","is_oa":false,"landing_page_url":"https://doi.org/10.1080/09540091.2020.1832960","pdf_url":null,"source":{"id":"https://openalex.org/S4210188800","display_name":"Connection Science","issn_l":"0954-0091","issn":["0954-0091","1360-0494"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Connection Science","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:e5b8d98159ee49b9bbd71b6422f95252","is_oa":true,"landing_page_url":"https://doaj.org/article/e5b8d98159ee49b9bbd71b6422f95252","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Connection Science, Vol 33, Iss 2, Pp 359-379 (2021)","raw_type":"article"},{"id":"pmh:oai:pure.atira.dk:publications/5253da67-1c98-43dc-a3d6-f679312bbe1e","is_oa":false,"landing_page_url":"http://www.scopus.com/inward/record.url?scp=85092718009&partnerID=8YFLogxK","pdf_url":null,"source":{"id":"https://openalex.org/S4306401758","display_name":"University of Brighton Repository (University of Brighton)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I71637028","host_organization_name":"University of Brighton","host_organization_lineage":["https://openalex.org/I71637028"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Xie, Y X, Ji, L X, Li, L S, Guo, Z & Baker, T 2020, 'An adaptive defense mechanism to prevent advanced persistent threats', Connection Science, vol. 33, no. 2, pp. 359-379. https://doi.org/10.1080/09540091.2020.1832960","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"pmh:oai:doaj.org/article:e5b8d98159ee49b9bbd71b6422f95252","is_oa":true,"landing_page_url":"https://doaj.org/article/e5b8d98159ee49b9bbd71b6422f95252","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Connection Science, Vol 33, Iss 2, Pp 359-379 (2021)","raw_type":"article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6200000047683716,"id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G6436051627","display_name":null,"funder_award_id":"61602509","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W151026171","https://openalex.org/W1605288538","https://openalex.org/W2015787697","https://openalex.org/W2031175798","https://openalex.org/W2131875370","https://openalex.org/W2240450792","https://openalex.org/W2765449849","https://openalex.org/W2766836609","https://openalex.org/W2790227466","https://openalex.org/W2793800929","https://openalex.org/W2808420510","https://openalex.org/W2892303285","https://openalex.org/W2910711617","https://openalex.org/W2913646271","https://openalex.org/W2954019779","https://openalex.org/W2964725750","https://openalex.org/W2981452619","https://openalex.org/W2981865224","https://openalex.org/W2982187794","https://openalex.org/W2999073610","https://openalex.org/W3008343234","https://openalex.org/W3100092374","https://openalex.org/W3106042141"],"related_works":["https://openalex.org/W2096013579","https://openalex.org/W1589140671","https://openalex.org/W1760611253","https://openalex.org/W52153049","https://openalex.org/W2951545791","https://openalex.org/W1515117609","https://openalex.org/W2294884454","https://openalex.org/W4323315247","https://openalex.org/W3169161914","https://openalex.org/W3208638985"],"abstract_inverted_index":{"The":[0,165],"expansion":[1],"of":[2,22,29],"information":[3],"technology":[4],"infrastructure":[5],"is":[6,37,120,142,155],"encountered":[7],"with":[8,116],"Advanced":[9],"Persistent":[10],"Threats":[11],"(APTs),":[12],"which":[13,65,105],"can":[14],"launch":[15],"data":[16],"destruction,":[17],"disclosure,":[18],"modification,":[19],"and/or":[20],"Denial":[21],"Service":[23],"attacks":[24],"by":[25,157],"drawing":[26],"upon":[27],"vulnerabilities":[28],"software":[30],"and":[31,50,70,81,139,150],"hardware.":[32],"Moving":[33],"Target":[34],"Defense":[35],"(MTD)":[36],"a":[38,84,113,117,124,145],"promising":[39],"risk":[40,126],"mitigation":[41],"technique":[42],"that":[43,168],"replies":[44],"to":[45,122,179],"APTs":[46],"via":[47],"implementing":[48],"randomisation":[49],"dynamic":[51,85,92],"strategies":[52],"on":[53,91,161],"compromised":[54],"assets.":[55],"However,":[56],"some":[57],"MTD":[58],"techniques":[59],"adopt":[60],"the":[61,79,110,130,134,137,151,162,169,180],"blind":[62],"random":[63],"mutation,":[64],"causes":[66],"greater":[67],"performance":[68],"overhead":[69],"worse":[71],"defense":[72,82,131,140,153],"utility.":[73],"In":[74,109],"this":[75],"paper,":[76],"we":[77,96],"formulate":[78],"cyber-attack":[80],"as":[83,144],"partially":[86],"observable":[87],"Markov":[88,148],"process":[89,141],"based":[90,160],"Bayesian":[93],"inference.":[94],"Then":[95],"develop":[97],"an":[98],"Inference-Based":[99],"Adaptive":[100],"Attack":[101],"Tolerance":[102],"(IBAAT)":[103],"system,":[104],"includes":[106],"two":[107],"stages.":[108],"first":[111,163],"stage,":[112,136],"forward\u2013backward":[114],"algorithm":[115,171],"time":[118],"window":[119],"employed":[121],"perform":[123],"security":[125,175],"assessment.":[127],"To":[128],"select":[129],"strategy,":[132],"in":[133],"second":[135],"attack":[138],"modelled":[143],"two-player":[146],"general-sum":[147],"game":[149],"optimal":[152],"strategy":[154],"acquired":[156],"quantitative":[158],"analysis":[159],"stage.":[164],"evaluation":[166],"shows":[167],"proposed":[170],"has":[172],"about":[173],"10%":[174],"utility":[176],"improvement":[177],"compared":[178],"state-of-the-art.":[181]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}