{"id":"https://openalex.org/W2588672042","doi":"https://doi.org/10.1109/icitst.2016.7856688","title":"Facing lateral movements using widespread behavioral probes","display_name":"Facing lateral movements using widespread behavioral probes","publication_year":2016,"publication_date":"2016-12-01","ids":{"openalex":"https://openalex.org/W2588672042","doi":"https://doi.org/10.1109/icitst.2016.7856688","mag":"2588672042"},"language":"en","primary_location":{"id":"doi:10.1109/icitst.2016.7856688","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icitst.2016.7856688","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102833203","display_name":"Alessandro Greco","orcid":"https://orcid.org/0000-0002-2132-3808"},"institutions":[{"id":"https://openalex.org/I116067653","display_name":"University of Rome Tor Vergata","ror":"https://ror.org/02p77k626","country_code":"IT","type":"education","lineage":["https://openalex.org/I116067653"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Alessandro Greco","raw_affiliation_strings":["University of Rome \u201cTor Vergata\u201d, Italy","University of Rome \"Tor Vergata\", Italy"],"affiliations":[{"raw_affiliation_string":"University of Rome \u201cTor Vergata\u201d, Italy","institution_ids":["https://openalex.org/I116067653"]},{"raw_affiliation_string":"University of Rome \"Tor Vergata\", Italy","institution_ids":["https://openalex.org/I116067653"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053046633","display_name":"Alberto Caponi","orcid":"https://orcid.org/0000-0002-7887-4360"},"institutions":[{"id":"https://openalex.org/I116067653","display_name":"University of Rome Tor Vergata","ror":"https://ror.org/02p77k626","country_code":"IT","type":"education","lineage":["https://openalex.org/I116067653"]},{"id":"https://openalex.org/I4210099310","display_name":"Consorzio Nazionale Interuniversitario per le Telecomunicazioni","ror":"https://ror.org/0182a5n39","country_code":"IT","type":"funder","lineage":["https://openalex.org/I4210099310"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Alberto Caponi","raw_affiliation_strings":["CNIT, Italy","University of Rome \u201cTor Vergata\u201d, Italy","University of Rome \"Tor Vergata\", Italy"],"affiliations":[{"raw_affiliation_string":"CNIT, Italy","institution_ids":["https://openalex.org/I4210099310"]},{"raw_affiliation_string":"University of Rome \u201cTor Vergata\u201d, Italy","institution_ids":["https://openalex.org/I116067653"]},{"raw_affiliation_string":"University of Rome \"Tor Vergata\", Italy","institution_ids":["https://openalex.org/I116067653"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5007176500","display_name":"Giuseppe Bianchi","orcid":"https://orcid.org/0000-0001-7277-7423"},"institutions":[{"id":"https://openalex.org/I116067653","display_name":"University of Rome Tor Vergata","ror":"https://ror.org/02p77k626","country_code":"IT","type":"education","lineage":["https://openalex.org/I116067653"]},{"id":"https://openalex.org/I4210099310","display_name":"Consorzio Nazionale Interuniversitario per le Telecomunicazioni","ror":"https://ror.org/0182a5n39","country_code":"IT","type":"funder","lineage":["https://openalex.org/I4210099310"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Giuseppe Bianchi","raw_affiliation_strings":["CNIT, Italy","University of Rome \u201cTor Vergata\u201d, Italy","University of Rome \"Tor Vergata\", Italy"],"affiliations":[{"raw_affiliation_string":"CNIT, Italy","institution_ids":["https://openalex.org/I4210099310"]},{"raw_affiliation_string":"University of Rome \u201cTor Vergata\u201d, Italy","institution_ids":["https://openalex.org/I116067653"]},{"raw_affiliation_string":"University of Rome \"Tor Vergata\", Italy","institution_ids":["https://openalex.org/I116067653"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5102833203"],"corresponding_institution_ids":["https://openalex.org/I116067653"],"apc_list":null,"apc_paid":null,"fwci":0.8686,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.79324032,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"159","last_page":"160"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/offensive","display_name":"Offensive","score":0.7873494625091553},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7662628889083862},{"id":"https://openalex.org/keywords/spoofing-attack","display_name":"Spoofing attack","score":0.7594889402389526},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.7536671161651611},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5545055866241455},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5159786343574524},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.42321497201919556},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.34048500657081604},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.14554807543754578}],"concepts":[{"id":"https://openalex.org/C176856949","wikidata":"https://www.wikidata.org/wiki/Q2001676","display_name":"Offensive","level":2,"score":0.7873494625091553},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7662628889083862},{"id":"https://openalex.org/C167900197","wikidata":"https://www.wikidata.org/wiki/Q11081100","display_name":"Spoofing attack","level":2,"score":0.7594889402389526},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.7536671161651611},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5545055866241455},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5159786343574524},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.42321497201919556},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.34048500657081604},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.14554807543754578},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icitst.2016.7856688","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icitst.2016.7856688","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6399999856948853,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W1976955738","https://openalex.org/W2402868098","https://openalex.org/W2408793237","https://openalex.org/W2506805756","https://openalex.org/W2963195991"],"related_works":["https://openalex.org/W1568520348","https://openalex.org/W3214407891","https://openalex.org/W3194113117","https://openalex.org/W4287020359","https://openalex.org/W3213194066","https://openalex.org/W268355439","https://openalex.org/W2967125893","https://openalex.org/W4385323698","https://openalex.org/W2385362579","https://openalex.org/W2380993274"],"abstract_inverted_index":{"The":[0,78],"fast":[1],"evolving":[2],"nature":[3],"and":[4,38,99],"the":[5,41,54,62,69,73,76,92],"growing":[6],"complexity":[7],"of":[8,32,46,51,56,80,94,104,125],"modern":[9],"offensive":[10],"techniques":[11],"used":[12,127],"in":[13,30],"Advanced":[14],"Persistent":[15],"Threats":[16],"attacks":[17,33,52],"calls":[18],"for":[19,43],"innovative":[20,86],"approaches":[21,88],"to":[22,35,60,71,90,113,121],"defense":[23],"techniques.":[24],"Common":[25],"network":[26,42],"monitoring":[27,83,97],"solutions":[28],"fail":[29],"case":[31],"able":[34,59],"remain":[36],"silent":[37],"quietly":[39],"control":[40],"long":[44],"periods":[45],"time.":[47],"Indeed,":[48],"such":[49],"type":[50],"requires":[53],"deployment":[55],"security":[57],"functionality":[58],"recognize":[61],"so":[63],"called":[64],"lateral":[65,105,128],"movements,":[66],"exploited":[67],"by":[68],"attackers":[70],"spread":[72],"infection":[74],"inside":[75],"network.":[77],"implementation":[79],"a":[81,95,123],"distributed":[82],"infrastructure":[84],"exploiting":[85],"detection":[87],"allows":[89],"overcome":[91],"lack":[93],"single":[96],"point":[98],"successfully":[100],"detect":[101],"complex":[102],"behavior":[103],"movements.":[106],"In":[107],"this":[108],"paper":[109],"we":[110],"demonstrate":[111],"how":[112],"effectively":[114],"use":[115],"eXtended":[116],"Finite":[117],"State":[118],"Machine":[119],"patterns":[120],"face":[122],"set":[124],"commonly":[126],"movement":[129],"techniques,":[130],"including":[131],"IP":[132],"spoofing":[133],"ones.":[134]},"counts_by_year":[{"year":2018,"cited_by_count":2},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}