{"id":"https://openalex.org/W4313306247","doi":"https://doi.org/10.1109/access.2022.3233404","title":"Fronesis: Digital Forensics-Based Early Detection of Ongoing Cyber-Attacks","display_name":"Fronesis: Digital Forensics-Based Early Detection of Ongoing Cyber-Attacks","publication_year":2022,"publication_date":"2022-12-30","ids":{"openalex":"https://openalex.org/W4313306247","doi":"https://doi.org/10.1109/access.2022.3233404"},"language":"en","primary_location":{"id":"doi:10.1109/access.2022.3233404","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3233404","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10004506.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10004506.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5088420846","display_name":"Athanasios Dimitriadis","orcid":"https://orcid.org/0000-0003-2445-5977"},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]},{"id":"https://openalex.org/I192756129","display_name":"University of Macedonia","ror":"https://ror.org/05fg6gr82","country_code":"GR","type":"education","lineage":["https://openalex.org/I192756129"]}],"countries":["GR","US"],"is_corresponding":true,"raw_author_name":"Athanasios Dimitriadis","raw_affiliation_strings":["Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece","Engineering Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, USA"],"raw_orcid":"https://orcid.org/0000-0003-2445-5977","affiliations":[{"raw_affiliation_string":"Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece","institution_ids":["https://openalex.org/I192756129"]},{"raw_affiliation_string":"Engineering Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, USA","institution_ids":["https://openalex.org/I1321296531"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024895495","display_name":"Efstratios Lontzetidis","orcid":"https://orcid.org/0000-0002-6634-897X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Efstratios Lontzetidis","raw_affiliation_strings":["Encode Centre of Excellence, Athens, Greece"],"raw_orcid":"https://orcid.org/0000-0002-6634-897X","affiliations":[{"raw_affiliation_string":"Encode Centre of Excellence, Athens, Greece","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062535479","display_name":"Boonserm Kulvatunyou","orcid":"https://orcid.org/0000-0002-7429-473X"},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Boonserm Kulvatunyou","raw_affiliation_strings":["Engineering Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Engineering Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, USA","institution_ids":["https://openalex.org/I1321296531"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002094620","display_name":"Nenad Ivezic","orcid":null},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nenad Ivezic","raw_affiliation_strings":["Engineering Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Engineering Laboratory, National Institute of Standards and Technology, Gaithersburg, MD, USA","institution_ids":["https://openalex.org/I1321296531"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023540661","display_name":"Dimitris Gritzalis","orcid":"https://orcid.org/0000-0002-7793-6128"},"institutions":[{"id":"https://openalex.org/I73142707","display_name":"Athens University of Economics and Business","ror":"https://ror.org/03s262162","country_code":"GR","type":"education","lineage":["https://openalex.org/I73142707"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Dimitris Gritzalis","raw_affiliation_strings":["Department of Informatics, Athens University of Economics and Business (AUEB), Athens, Greece"],"raw_orcid":"https://orcid.org/0000-0002-7793-6128","affiliations":[{"raw_affiliation_string":"Department of Informatics, Athens University of Economics and Business (AUEB), Athens, Greece","institution_ids":["https://openalex.org/I73142707"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076485939","display_name":"Ioannis Mavridis","orcid":"https://orcid.org/0000-0001-8724-6801"},"institutions":[{"id":"https://openalex.org/I192756129","display_name":"University of Macedonia","ror":"https://ror.org/05fg6gr82","country_code":"GR","type":"education","lineage":["https://openalex.org/I192756129"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Ioannis Mavridis","raw_affiliation_strings":["Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece"],"raw_orcid":"https://orcid.org/0000-0001-8724-6801","affiliations":[{"raw_affiliation_string":"Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece","institution_ids":["https://openalex.org/I192756129"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5088420846"],"corresponding_institution_ids":["https://openalex.org/I1321296531","https://openalex.org/I192756129"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":2.8713,"has_fulltext":true,"cited_by_count":11,"citation_normalized_percentile":{"value":0.925535,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"11","issue":null,"first_page":"728","last_page":"743"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.836564838886261},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6441435813903809},{"id":"https://openalex.org/keywords/ontology","display_name":"Ontology","score":0.5938408970832825},{"id":"https://openalex.org/keywords/ingenuity","display_name":"Ingenuity","score":0.5669386982917786},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.563186526298523},{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.5611523389816284},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5597493052482605},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4801168441772461},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.46834537386894226},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.465315580368042},{"id":"https://openalex.org/keywords/computer-forensics","display_name":"Computer forensics","score":0.4127943515777588},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.24106952548027039},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.18197721242904663},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.14873725175857544}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.836564838886261},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6441435813903809},{"id":"https://openalex.org/C25810664","wikidata":"https://www.wikidata.org/wiki/Q44325","display_name":"Ontology","level":2,"score":0.5938408970832825},{"id":"https://openalex.org/C2778154381","wikidata":"https://www.wikidata.org/wiki/Q105296908","display_name":"Ingenuity","level":2,"score":0.5669386982917786},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.563186526298523},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.5611523389816284},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5597493052482605},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4801168441772461},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.46834537386894226},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.465315580368042},{"id":"https://openalex.org/C556601545","wikidata":"https://www.wikidata.org/wiki/Q878553","display_name":"Computer forensics","level":3,"score":0.4127943515777588},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.24106952548027039},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.18197721242904663},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.14873725175857544},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C133425853","wikidata":"https://www.wikidata.org/wiki/Q60571","display_name":"Neoclassical economics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2022.3233404","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3233404","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10004506.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:edd73286086a4624a209ada39c6a5783","is_oa":true,"landing_page_url":"https://doaj.org/article/edd73286086a4624a209ada39c6a5783","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 11, Pp 728-743 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2022.3233404","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3233404","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10004506.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5600000023841858,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320310412","display_name":"Athens University of Economics and Business","ror":"https://ror.org/03s262162"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4313306247.pdf","grobid_xml":"https://content.openalex.org/works/W4313306247.grobid-xml"},"referenced_works_count":17,"referenced_works":["https://openalex.org/W433644524","https://openalex.org/W1165538689","https://openalex.org/W1229193984","https://openalex.org/W2527619560","https://openalex.org/W2536179434","https://openalex.org/W2592627133","https://openalex.org/W2628759714","https://openalex.org/W2892459955","https://openalex.org/W2914692020","https://openalex.org/W2976047652","https://openalex.org/W3081993710","https://openalex.org/W3083585068","https://openalex.org/W4205752810","https://openalex.org/W4249053038","https://openalex.org/W4254686157","https://openalex.org/W4299675875","https://openalex.org/W6706979621"],"related_works":["https://openalex.org/W2358245908","https://openalex.org/W2143949933","https://openalex.org/W2962870788","https://openalex.org/W1828018529","https://openalex.org/W3130770611","https://openalex.org/W4389319510","https://openalex.org/W3035884183","https://openalex.org/W2914662937","https://openalex.org/W1967425545","https://openalex.org/W2894757949"],"abstract_inverted_index":{"Traditional":[0],"attack":[1,154],"detection":[2,62,108,139],"approaches":[3,26,50],"utilize":[4],"predefined":[5],"databases":[6],"of":[7,38,45,63,113,130,140],"known":[8],"signatures":[9],"about":[10],"already-seen":[11],"tools":[12],"and":[13,41,83],"malicious":[14],"activities":[15],"observed":[16],"in":[17,137],"past":[18],"cyber-attacks":[19,65],"to":[20,30,110,121,127],"detect":[21,31],"future":[22],"attacks.":[23],"More":[24],"sophisticated":[25],"apply":[27],"machine":[28],"learning":[29],"abnormal":[32],"behavior.":[33],"Nevertheless,":[34],"a":[35],"growing":[36],"number":[37],"successful":[39],"attacks":[40],"the":[42,74,78,84,90,96,105,131,138,145],"increasing":[43],"ingenuity":[44],"attackers":[46],"prove":[47],"that":[48],"these":[49],"are":[51,119,124],"insufficient.":[52],"This":[53],"paper":[54],"introduces":[55],"an":[56,141,151],"approach":[57,69,147],"for":[58],"digital":[59,85,98],"forensics-based":[60],"early":[61],"ongoing":[64,142],"called":[66],"Fronesis.":[67],"The":[68,116],"combines":[70],"ontological":[71],"reasoning":[72,103],"with":[73],"MITRE":[75],"ATT&CK":[76],"framework,":[77],"Cyber":[79,132],"Kill":[80,133],"Chain":[81,134],"model,":[82,135],"artifacts":[86,99],"acquired":[87],"continuously":[88],"from":[89],"monitored":[91],"computer":[92],"system.":[93],"Fronesis":[94,106],"examines":[95],"collected":[97],"by":[100],"applying":[101],"rule-based":[102],"on":[104],"cyber-attack":[107],"ontology":[109],"identify":[111],"traces":[112],"adversarial":[114],"techniques.":[115],"identified":[117],"techniques":[118],"correlated":[120],"tactics,":[122],"which":[123],"then":[125],"mapped":[126],"corresponding":[128],"phases":[129],"resulting":[136],"cyber-attack.":[143],"Finally,":[144],"proposed":[146],"is":[148],"demonstrated":[149],"through":[150],"email":[152],"phishing":[153],"scenario.":[155]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}