{"id":"https://openalex.org/W3139164743","doi":"https://doi.org/10.1109/bigdata50022.2020.9378213","title":"Cyber Threat Hunting Through Automated Hypothesis and Multi-Criteria Decision Making","display_name":"Cyber Threat Hunting Through Automated Hypothesis and Multi-Criteria Decision Making","publication_year":2020,"publication_date":"2020-12-10","ids":{"openalex":"https://openalex.org/W3139164743","doi":"https://doi.org/10.1109/bigdata50022.2020.9378213","mag":"3139164743"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata50022.2020.9378213","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata50022.2020.9378213","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014486695","display_name":"Antonio Horta","orcid":"https://orcid.org/0000-0002-0381-315X"},"institutions":[{"id":"https://openalex.org/I41870","display_name":"Military Institute of Engineering","ror":"https://ror.org/03veakt65","country_code":"BR","type":"education","lineage":["https://openalex.org/I41870"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Antonio Jose Horta Neto","raw_affiliation_strings":["dept. Computer Science, Instituto Militar de Engenharia, Rio de Janeiro, Brazil"],"affiliations":[{"raw_affiliation_string":"dept. Computer Science, Instituto Militar de Engenharia, Rio de Janeiro, Brazil","institution_ids":["https://openalex.org/I41870"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000057761","display_name":"Anderson Fernandes Pereira dos Santos","orcid":"https://orcid.org/0000-0002-6754-4809"},"institutions":[{"id":"https://openalex.org/I41870","display_name":"Military Institute of Engineering","ror":"https://ror.org/03veakt65","country_code":"BR","type":"education","lineage":["https://openalex.org/I41870"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Anderson Fernandes Pereira dos Santos","raw_affiliation_strings":["dept. Computer Science, Instituto Militar de Engenharia, Rio de Janeiro, Brazil"],"affiliations":[{"raw_affiliation_string":"dept. Computer Science, Instituto Militar de Engenharia, Rio de Janeiro, Brazil","institution_ids":["https://openalex.org/I41870"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5014486695"],"corresponding_institution_ids":["https://openalex.org/I41870"],"apc_list":null,"apc_paid":null,"fwci":1.2174,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.80522442,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1823","last_page":"1830"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7514164447784424},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6519237756729126},{"id":"https://openalex.org/keywords/chaining","display_name":"Chaining","score":0.6259163022041321},{"id":"https://openalex.org/keywords/cyber-threats","display_name":"Cyber threats","score":0.4988830089569092},{"id":"https://openalex.org/keywords/decision-making","display_name":"Decision-making","score":0.482596755027771},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.43719029426574707},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3639868497848511},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.35093212127685547},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11260005831718445}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7514164447784424},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6519237756729126},{"id":"https://openalex.org/C49020025","wikidata":"https://www.wikidata.org/wiki/Q1059099","display_name":"Chaining","level":2,"score":0.6259163022041321},{"id":"https://openalex.org/C3018725008","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber threats","level":2,"score":0.4988830089569092},{"id":"https://openalex.org/C122308676","wikidata":"https://www.wikidata.org/wiki/Q1331926","display_name":"Decision-making","level":3,"score":0.482596755027771},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43719029426574707},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3639868497848511},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.35093212127685547},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11260005831718445},{"id":"https://openalex.org/C2778813691","wikidata":"https://www.wikidata.org/wiki/Q1369832","display_name":"Purchasing","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata50022.2020.9378213","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata50022.2020.9378213","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.8199999928474426}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W1109422923","https://openalex.org/W1601529450","https://openalex.org/W2002830978","https://openalex.org/W2022032472","https://openalex.org/W2034960640","https://openalex.org/W2101103738","https://openalex.org/W2163598528","https://openalex.org/W2404532944","https://openalex.org/W2499828064","https://openalex.org/W2592298603","https://openalex.org/W2736238713","https://openalex.org/W2758108284","https://openalex.org/W2761599262","https://openalex.org/W2766123777","https://openalex.org/W2914662937","https://openalex.org/W2920449071","https://openalex.org/W2963673968","https://openalex.org/W2969072274","https://openalex.org/W2998778915","https://openalex.org/W3002277530","https://openalex.org/W3010934630","https://openalex.org/W3042239064","https://openalex.org/W3042433202","https://openalex.org/W3044668770","https://openalex.org/W3098102491","https://openalex.org/W3114189641","https://openalex.org/W3133897466","https://openalex.org/W4205930639","https://openalex.org/W6684327724","https://openalex.org/W6734078547","https://openalex.org/W6741505031","https://openalex.org/W6745040976","https://openalex.org/W6787721999"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W1489745481","https://openalex.org/W2388420286","https://openalex.org/W3003692200","https://openalex.org/W4306674287","https://openalex.org/W2970356471","https://openalex.org/W4224009465","https://openalex.org/W4286629047","https://openalex.org/W2039070833","https://openalex.org/W3139164743"],"abstract_inverted_index":{"There":[0],"are":[1,15,20],"sophisticated":[2],"cyber":[3,34],"attacks":[4],"that":[5,84,130],"pose":[6],"a":[7,27,135],"high":[8],"risk":[9],"to":[10,22,100,113,142],"institutions,":[11],"especially":[12],"when":[13],"they":[14],"carefully":[16],"planned":[17],"and":[18,40,60,86,93,137],"victims":[19],"unable":[21],"identify":[23],"them.":[24],"This":[25],"is":[26,134],"preliminary":[28],"result":[29],"of":[30,63,90],"executing":[31],"the":[32,45,51,54,61,76,88,97,104,123,127],"high-level":[33,70,131],"threat":[35,71,132],"hunting":[36,72,133],"through":[37],"automated":[38,110],"hypothesis-making":[39,111],"multi-criteria":[41],"decision":[42],"making":[43],"using":[44],"binary":[46],"attack-chaining":[47],"tables":[48],"identified":[49],"in":[50,66,81,96,103,116,126],"networks.":[52],"Firstly,":[53],"concepts":[55],"required":[56],"for":[57],"threats":[58],"modeling":[59],"process":[62],"knowledge":[64,77],"discovery":[65],"databases":[67],"focused":[68],"on":[69],"were":[73],"introduced.":[74],"After,":[75],"discovered":[78],"was":[79,119],"used":[80,115],"an":[82,109],"experiment":[83,128],"applied":[85],"evaluated":[87],"effectiveness":[89],"machine":[91],"learning":[92],"decision-making":[94],"algorithms":[95],"method":[98,112],"proposed":[99],"prioritize":[101],"hypotheses":[102],"screening":[105],"phase.":[106],"In":[107],"addition,":[108],"be":[114],"production":[117],"environments":[118],"also":[120],"proposed.":[121],"Finally,":[122],"results":[124],"achieved":[125],"demonstrated":[129],"viable":[136],"more":[138],"efficient":[139],"alternative":[140],"compared":[141],"manual":[143],"process.":[144]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-17T18:11:37.981687","created_date":"2025-10-10T00:00:00"}