{"id":"https://openalex.org/W4368232262","doi":"https://doi.org/10.1109/access.2023.3272629","title":"Toward Effective Evaluation of Cyber Defense: Threat Based Adversary Emulation Approach","display_name":"Toward Effective Evaluation of Cyber Defense: Threat Based Adversary Emulation Approach","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4368232262","doi":"https://doi.org/10.1109/access.2023.3272629"},"language":"en","primary_location":{"id":"doi:10.1109/access.2023.3272629","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3272629","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10114933.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10114933.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5049562643","display_name":"Abdul Basit Ajmal","orcid":"https://orcid.org/0000-0003-4418-4959"},"institutions":[{"id":"https://openalex.org/I16076960","display_name":"COMSATS University Islamabad","ror":"https://ror.org/00nqqvk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I16076960"]}],"countries":["PK"],"is_corresponding":true,"raw_author_name":"Abdul Basit Ajmal","raw_affiliation_strings":["Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan"],"raw_orcid":"https://orcid.org/0000-0003-4418-4959","affiliations":[{"raw_affiliation_string":"Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan","institution_ids":["https://openalex.org/I16076960"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064039260","display_name":"Shawal Khan","orcid":"https://orcid.org/0000-0001-5952-8502"},"institutions":[{"id":"https://openalex.org/I16076960","display_name":"COMSATS University Islamabad","ror":"https://ror.org/00nqqvk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I16076960"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Shawal Khan","raw_affiliation_strings":["Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan"],"raw_orcid":"https://orcid.org/0000-0001-5952-8502","affiliations":[{"raw_affiliation_string":"Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan","institution_ids":["https://openalex.org/I16076960"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101533532","display_name":"Masoom Alam","orcid":"https://orcid.org/0000-0001-8839-593X"},"institutions":[{"id":"https://openalex.org/I16076960","display_name":"COMSATS University Islamabad","ror":"https://ror.org/00nqqvk19","country_code":"PK","type":"education","lineage":["https://openalex.org/I16076960"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Masoom Alam","raw_affiliation_strings":["Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan"],"raw_orcid":"https://orcid.org/0000-0001-8839-593X","affiliations":[{"raw_affiliation_string":"Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan","institution_ids":["https://openalex.org/I16076960"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013760675","display_name":"Abolfazl Mehbodniya","orcid":"https://orcid.org/0000-0002-0945-512X"},"institutions":[{"id":"https://openalex.org/I4210111408","display_name":"Kuwait College of Science and Technology","ror":"https://ror.org/01vjvsj67","country_code":"KW","type":"education","lineage":["https://openalex.org/I4210111408"]}],"countries":["KW"],"is_corresponding":false,"raw_author_name":"Abolfazl Mehbodniya","raw_affiliation_strings":["Department of Electronics and Communication Engineering, Kuwait College of Science and Technology (KCST), Doha, Safat, Kuwait"],"raw_orcid":"https://orcid.org/0000-0002-0945-512X","affiliations":[{"raw_affiliation_string":"Department of Electronics and Communication Engineering, Kuwait College of Science and Technology (KCST), Doha, Safat, Kuwait","institution_ids":["https://openalex.org/I4210111408"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088969893","display_name":"Julian Webber","orcid":"https://orcid.org/0000-0001-7796-2898"},"institutions":[{"id":"https://openalex.org/I4210111408","display_name":"Kuwait College of Science and Technology","ror":"https://ror.org/01vjvsj67","country_code":"KW","type":"education","lineage":["https://openalex.org/I4210111408"]}],"countries":["KW"],"is_corresponding":false,"raw_author_name":"Julian Webber","raw_affiliation_strings":["Department of Electronics and Communication Engineering, Kuwait College of Science and Technology (KCST), Doha, Safat, Kuwait"],"raw_orcid":"https://orcid.org/0000-0001-7796-2898","affiliations":[{"raw_affiliation_string":"Department of Electronics and Communication Engineering, Kuwait College of Science and Technology (KCST), Doha, Safat, Kuwait","institution_ids":["https://openalex.org/I4210111408"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5074181157","display_name":"Abdul Waheed","orcid":"https://orcid.org/0000-0002-0974-6154"},"institutions":[{"id":"https://openalex.org/I4210142599","display_name":"University of Swabi","ror":"https://ror.org/04ez8az68","country_code":"PK","type":"education","lineage":["https://openalex.org/I4210142599"]},{"id":"https://openalex.org/I4387153791","display_name":"Women University Swabi","ror":"https://ror.org/00f98bm36","country_code":null,"type":"education","lineage":["https://openalex.org/I4387153791"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Abdul Waheed","raw_affiliation_strings":["Department of Computer Science, Women University Swabi, Swabi, Pakistan"],"raw_orcid":"https://orcid.org/0000-0002-0974-6154","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Women University Swabi, Swabi, Pakistan","institution_ids":["https://openalex.org/I4210142599","https://openalex.org/I4387153791"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5049562643"],"corresponding_institution_ids":["https://openalex.org/I16076960"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":4.4428,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.94828277,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"11","issue":null,"first_page":"70443","last_page":"70458"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.8672642707824707},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.8660398125648499},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7112003564834595},{"id":"https://openalex.org/keywords/offensive","display_name":"Offensive","score":0.7034651041030884},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6619853973388672},{"id":"https://openalex.org/keywords/emulation","display_name":"Emulation","score":0.6438544988632202},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.5157347321510315},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.47278380393981934},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.15543368458747864},{"id":"https://openalex.org/keywords/operations-research","display_name":"Operations research","score":0.14703437685966492}],"concepts":[{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.8672642707824707},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.8660398125648499},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7112003564834595},{"id":"https://openalex.org/C176856949","wikidata":"https://www.wikidata.org/wiki/Q2001676","display_name":"Offensive","level":2,"score":0.7034651041030884},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6619853973388672},{"id":"https://openalex.org/C149810388","wikidata":"https://www.wikidata.org/wiki/Q5374873","display_name":"Emulation","level":2,"score":0.6438544988632202},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.5157347321510315},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.47278380393981934},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.15543368458747864},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.14703437685966492},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2023.3272629","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3272629","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10114933.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:ee80beb984e6499bb20380031a4e4900","is_oa":true,"landing_page_url":"https://doaj.org/article/ee80beb984e6499bb20380031a4e4900","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 11, Pp 70443-70458 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2023.3272629","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3272629","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10114933.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5799999833106995,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4368232262.pdf","grobid_xml":"https://content.openalex.org/works/W4368232262.grobid-xml"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W2022724444","https://openalex.org/W2153245338","https://openalex.org/W2421957586","https://openalex.org/W2529831505","https://openalex.org/W2572193563","https://openalex.org/W2582899318","https://openalex.org/W2588989264","https://openalex.org/W2734412659","https://openalex.org/W2762332720","https://openalex.org/W2808680185","https://openalex.org/W2885747980","https://openalex.org/W2933127114","https://openalex.org/W2983902239","https://openalex.org/W2995373098","https://openalex.org/W3012161115","https://openalex.org/W3035867696","https://openalex.org/W3085682683","https://openalex.org/W3158115510","https://openalex.org/W3171213563","https://openalex.org/W3190778120","https://openalex.org/W3216925087","https://openalex.org/W4225919806","https://openalex.org/W4293093475","https://openalex.org/W4297415500","https://openalex.org/W4308409904","https://openalex.org/W4313342124","https://openalex.org/W4313343344","https://openalex.org/W4313415264","https://openalex.org/W4319738097","https://openalex.org/W6770480005","https://openalex.org/W6797766548","https://openalex.org/W6848174397","https://openalex.org/W6848627363"],"related_works":["https://openalex.org/W2789663798","https://openalex.org/W2375896275","https://openalex.org/W2166943775","https://openalex.org/W2994202640","https://openalex.org/W272387213","https://openalex.org/W4308285224","https://openalex.org/W1994406184","https://openalex.org/W3176850402","https://openalex.org/W2900584019","https://openalex.org/W3110049015"],"abstract_inverted_index":{"Attackers":[0],"compromise":[1],"organizations":[2,35],"with":[3,109,132,244],"increasingly":[4],"sophisticated":[5],"ways,":[6],"such":[7,15,52],"as":[8,97,136],"Advanced":[9],"Persistent":[10],"Threat":[11],"(APT)":[12],"attackers.":[13],"Usually,":[14],"attacks":[16,81,179],"have":[17],"the":[18,77,94,237,248],"intention":[19],"to":[20,23,26,86,107,152,198,213,224,235],"exploit":[21],"endpoints":[22],"gain":[24],"access":[25],"critical":[27],"data.":[28],"For":[29,158],"security":[30,39,200,227],"controls":[31,201],"and":[32,48,58,70,150,176,189,217,222,241],"defense":[33,156,160,242],"evaluation,":[34,161],"may":[36],"employ":[37],"offensive":[38],"activities.":[40],"The":[41,144],"most":[42],"important":[43],"one":[44],"is":[45],"penetration":[46],"testing":[47],"red":[49],"teaming,":[50],"but":[51,82,101],"operations":[53],"are":[54,119,195],"usually":[55],"resource":[56],"exhaustive":[57],"extend":[59],"over":[60],"a":[61,137,207,232],"longer":[62],"period":[63],"of":[64,79,134,140],"time.":[65],"Furthermore,":[66],"traditional":[67],"Venerability":[68],"Assessment":[69],"Penetration":[71],"Testing":[72],"(VAPT)":[73],"works":[74],"effectively":[75],"in":[76,102],"mitigation":[78,172],"known":[80],"did":[83],"not":[84],"prove":[85],"be":[87],"effective":[88,159],"against":[89,180],"stealthy":[90,147],"attacks.":[91,114],"VAPT":[92],"considers":[93],"whole":[95],"offsec":[96],"an":[98,104,121],"acting":[99],"problem":[100],"reality,":[103],"attacker":[105],"has":[106],"deal":[108],"uncertainty":[110],"while":[111],"conducting":[112],"real-world":[113],"In":[115],"this":[116],"paper,":[117],"we":[118,162],"presenting":[120],"adversary":[122,129,154],"emulation":[123,130],"approach":[124,145,194,205],"based":[125],"on":[126,173],"MITRE":[127],"ATT&CK":[128],"plan":[131],"consideration":[133],"planning":[135],"major":[138],"part":[139],"each":[141],"attack":[142,148,187,220,238],"phase.":[143],"utilizes":[146],"vectors":[149,221],"paths":[151,188,223],"emulate":[153],"for":[155,210,247],"evaluation.":[157],"picked":[163],"more":[164],"than":[165],"40":[166],"techniques":[167],"from":[168],"ATT&CK,":[169],"deployed":[170],"their":[171],"target":[174],"machines,":[175],"then":[177],"launched":[178],"all":[181],"those":[182],"techniques.":[183],"We":[184],"show":[185],"that":[186],"payloads":[190],"generated":[191],"using":[192],"our":[193],"strong":[196],"enough":[197],"evade":[199],"at":[202],"endpoints.":[203],"This":[204,229],"provides":[206],"special":[208,233],"environment":[209,234],"cyber":[211],"defenders":[212],"think":[214],"like":[215],"adversary,":[216],"create":[218],"new":[219],"evaluate":[225],"organizational":[226],"preparedness.":[228],"process":[230],"constructs":[231],"expand":[236],"landscape":[239],"view":[240],"evaluation":[243],"minimal":[245],"resources":[246],"organization.":[249]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}