{"id":"https://openalex.org/W4406893051","doi":"https://doi.org/10.1109/csnet64211.2024.10851718","title":"APT Warfare: Technical Arsenal and Target Profiles of Linux Malware in Advanced Persistent Threats","display_name":"APT Warfare: Technical Arsenal and Target Profiles of Linux Malware in Advanced Persistent Threats","publication_year":2024,"publication_date":"2024-12-04","ids":{"openalex":"https://openalex.org/W4406893051","doi":"https://doi.org/10.1109/csnet64211.2024.10851718"},"language":"en","primary_location":{"id":"doi:10.1109/csnet64211.2024.10851718","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csnet64211.2024.10851718","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 8th Cyber Security in Networking Conference (CSNet)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111267535","display_name":"Jayanthi Ramamoorthy","orcid":null},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jayanthi Ramamoorthy","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX","institution_ids":["https://openalex.org/I191429286"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061796733","display_name":"Cihan Varol","orcid":"https://orcid.org/0000-0002-4940-6808"},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cihan Varol","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX","institution_ids":["https://openalex.org/I191429286"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5086039015","display_name":"Narasimha Shashidhar","orcid":"https://orcid.org/0000-0002-4877-158X"},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Narasimha K Shashidhar","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX","institution_ids":["https://openalex.org/I191429286"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5111267535"],"corresponding_institution_ids":["https://openalex.org/I191429286"],"apc_list":null,"apc_paid":null,"fwci":1.1251,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.79928258,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"190","last_page":"196"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9684000015258789,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9684000015258789,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9401999711990356,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7506608963012695},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6030685305595398},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49906182289123535},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.46475592255592346},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.44295603036880493}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7506608963012695},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6030685305595398},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49906182289123535},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.46475592255592346},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.44295603036880493}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csnet64211.2024.10851718","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csnet64211.2024.10851718","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 8th Cyber Security in Networking Conference (CSNet)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2533698187","https://openalex.org/W2910711617","https://openalex.org/W4313306227","https://openalex.org/W4313476243","https://openalex.org/W4378530982","https://openalex.org/W4388107905","https://openalex.org/W4392560906","https://openalex.org/W4395085347","https://openalex.org/W4400950839","https://openalex.org/W6888875766"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W2768892939","https://openalex.org/W4285507391","https://openalex.org/W3164408430","https://openalex.org/W2397240470","https://openalex.org/W2602767565","https://openalex.org/W170652726","https://openalex.org/W2883822334","https://openalex.org/W2134874482"],"abstract_inverted_index":{"Advanced":[0],"Persistent":[1],"Threats":[2],"(APTs),":[3],"predominantly":[4],"orchestrated":[5],"by":[6,20,81],"nation-state":[7],"actors,":[8],"pose":[9],"a":[10,32,49,106,140],"formidable":[11],"challenge":[12],"to":[13,70,88,128,157,190],"cybersecurity":[14,188],"defenses.":[15],"These":[16,173],"attacks":[17,117],"are":[18],"marked":[19],"their":[21],"sophisticated":[22,194],"techniques,":[23],"targeted":[24],"methodology,":[25],"and":[26,39,46,66,98,131,166,184,195],"persistent":[27],"operations.":[28],"This":[29,121],"study":[30,104,142],"provides":[31],"comprehensive":[33],"analysis":[34],"of":[35,42,93,113,134,147,170,198],"the":[36,61,77,84,111,125,132,145,153,167,176,187,193],"technical":[37],"capabilities":[38],"target":[40],"profiles":[41],"modern":[43],"APT":[44,57,116,129,150,171,199],"malware":[45,54,114,130],"tools,":[47],"with":[48,56],"specific":[50],"focus":[51],"on":[52],"Linux-based":[53],"associated":[55],"campaigns.":[58],"By":[59],"analyzing":[60],"MITRE":[62],"ATT&CK":[63],"Tactics,":[64],"Techniques,":[65],"Procedures":[67],"(TTPs)":[68],"related":[69,127],"APTmalware,":[71],"this":[72],"research":[73,108,122],"offers":[74],"insights":[75],"into":[76],"advanced":[78,149],"techniques":[79],"employed":[80],"Linux":[82,85,119,164],"malware.As":[83],"environment":[86],"continues":[87],"gain":[89],"prominence":[90],"in":[91,115,163],"Internet":[92],"Things":[94],"(IoT),":[95],"Cloud":[96],"ecosystems,":[97],"Operational":[99],"Technology":[100],"(OT)":[101],"environments,":[102],"our":[103],"addresses":[105],"significant":[107],"gap":[109],"concerning":[110],"role":[112],"targeting":[118],"systems.":[120],"also":[123],"discusses":[124],"challenges":[126,174],"limitations":[133],"existing":[135],"TTP":[136],"mappings.":[137],"We":[138],"present":[139],"case":[141],"that":[143],"maps":[144],"TTPs":[146,156],"an":[148],"malware,":[151],"underscoring":[152],"need":[154],"for":[155,178],"effectively":[158,191],"capture":[159],"enhancements":[160],"like":[161],"eBPF":[162],"environments":[165],"evolving":[168,196],"tactics":[169,197],"actors.":[172,200],"emphasize":[175],"necessity":[177],"adaptivecybersecurity":[179],"strategies,":[180],"continuous":[181],"threat":[182],"intelligence,":[183],"collaboration":[185],"within":[186],"community":[189],"counter":[192]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}