{"id":"https://openalex.org/W1879678206","doi":"https://doi.org/10.1109/icppw.2002.1039705","title":"A structural framework for modeling multi-stage network attacks","display_name":"A structural framework for modeling multi-stage network attacks","publication_year":2003,"publication_date":"2003-06-25","ids":{"openalex":"https://openalex.org/W1879678206","doi":"https://doi.org/10.1109/icppw.2002.1039705","mag":"1879678206"},"language":"en","primary_location":{"id":"doi:10.1109/icppw.2002.1039705","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icppw.2002.1039705","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings. International Conference on Parallel Processing Workshop","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068892797","display_name":"Karen M. Daley","orcid":null},"institutions":[{"id":"https://openalex.org/I87208437","display_name":"University of Tulsa","ror":"https://ror.org/04wn28048","country_code":"US","type":"education","lineage":["https://openalex.org/I87208437"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"K. Daley","raw_affiliation_strings":["University of Tulsa, USA","Tulsa Univ., OK (USA)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Tulsa, USA","institution_ids":["https://openalex.org/I87208437"]},{"raw_affiliation_string":"Tulsa Univ., OK (USA)","institution_ids":["https://openalex.org/I87208437"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108370605","display_name":"Ray R. Larson","orcid":null},"institutions":[{"id":"https://openalex.org/I87208437","display_name":"University of Tulsa","ror":"https://ror.org/04wn28048","country_code":"US","type":"education","lineage":["https://openalex.org/I87208437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Larson","raw_affiliation_strings":["University of Tulsa, USA","Tulsa Univ., OK (USA)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Tulsa, USA","institution_ids":["https://openalex.org/I87208437"]},{"raw_affiliation_string":"Tulsa Univ., OK (USA)","institution_ids":["https://openalex.org/I87208437"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088564452","display_name":"J. Dawkins","orcid":null},"institutions":[{"id":"https://openalex.org/I87208437","display_name":"University of Tulsa","ror":"https://ror.org/04wn28048","country_code":"US","type":"education","lineage":["https://openalex.org/I87208437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"J. Dawkins","raw_affiliation_strings":["University of Tulsa, USA","Tulsa Univ., OK (USA)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Tulsa, USA","institution_ids":["https://openalex.org/I87208437"]},{"raw_affiliation_string":"Tulsa Univ., OK (USA)","institution_ids":["https://openalex.org/I87208437"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5068892797"],"corresponding_institution_ids":["https://openalex.org/I87208437"],"apc_list":null,"apc_paid":null,"fwci":2.4834,"has_fulltext":false,"cited_by_count":46,"citation_normalized_percentile":{"value":0.91003928,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"5","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8360003232955933},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7552857398986816},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5893701910972595},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5791700482368469},{"id":"https://openalex.org/keywords/abstraction","display_name":"Abstraction","score":0.5614510178565979},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.56109619140625},{"id":"https://openalex.org/keywords/tree","display_name":"Tree (set theory)","score":0.5437610745429993},{"id":"https://openalex.org/keywords/attack-patterns","display_name":"Attack patterns","score":0.5192580223083496},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5106485486030579},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.5048797726631165},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4229084253311157},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.420332133769989},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.4137355089187622},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.16847264766693115}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8360003232955933},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7552857398986816},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5893701910972595},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5791700482368469},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.5614510178565979},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.56109619140625},{"id":"https://openalex.org/C113174947","wikidata":"https://www.wikidata.org/wiki/Q2859736","display_name":"Tree (set theory)","level":2,"score":0.5437610745429993},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.5192580223083496},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5106485486030579},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.5048797726631165},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4229084253311157},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.420332133769989},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.4137355089187622},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.16847264766693115},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icppw.2002.1039705","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icppw.2002.1039705","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings. International Conference on Parallel Processing Workshop","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1483817343","https://openalex.org/W1503609498","https://openalex.org/W1571725816","https://openalex.org/W1584514021","https://openalex.org/W1978845641","https://openalex.org/W2042512226","https://openalex.org/W2068789742","https://openalex.org/W2100215068","https://openalex.org/W2109540106","https://openalex.org/W2110889412","https://openalex.org/W2158390457","https://openalex.org/W4237936646","https://openalex.org/W6629024004","https://openalex.org/W6630212538","https://openalex.org/W6634372232","https://openalex.org/W6675021112","https://openalex.org/W6676373933"],"related_works":["https://openalex.org/W2312996858","https://openalex.org/W2392120181","https://openalex.org/W2307276533","https://openalex.org/W2390124310","https://openalex.org/W2361650029","https://openalex.org/W2158220440","https://openalex.org/W1852121458","https://openalex.org/W2352199719","https://openalex.org/W2149305257","https://openalex.org/W2360075860"],"abstract_inverted_index":{"Incidents":[0],"such":[1],"as":[2,61],"Solar":[3],"Sunrise":[4],"and":[5,14,39,47,84,114,138],"Nimda":[6],"demonstrate":[7],"the":[8,43,95,108,119],"need":[9,80],"to":[10,27,36,52,81,92],"expressively":[11],"model":[12],"distributed":[13],"complex":[15],"network":[16,112],"attacks.":[17,56,100,116],"To":[18],"protect":[19],"information":[20],"systems,":[21],"system":[22],"administrators":[23],"must":[24],"be":[25,82],"able":[26],"represent":[28,54,67,94],"vulnerabilities":[29,113],"in":[30,73,86,90],"a":[31,87,104,125],"way":[32],"that":[33],"lends":[34],"itself":[35],"correlation,":[37,136],"analysis,":[38,137],"prediction.":[40,139],"State":[41],"of":[42,97,110],"art":[44],"intrusion":[45],"detection":[46],"attack":[48,63,120,128],"analysis":[49],"systems":[50],"struggle":[51],"effectively":[53],"sophisticated":[55],"Strategic":[57],"models":[58],"express":[59],"exploits":[60],"goal-oriented":[62],"trees.":[64],"Attack":[65],"trees":[66],"adversarial":[68],"behavior":[69],"by":[70],"connecting":[71],"events":[72],"'AND'-'OR'":[74],"tree":[75,121],"structures.":[76],"However":[77],"these":[78],"structures":[79],"enhanced":[83],"expressed":[85],"formal":[88],"manner":[89],"order":[91],"adequately":[93],"complexity":[96],"recent":[98],"cyber":[99],"This":[101],"paper":[102],"provides":[103],"methodology":[105],"for":[106],"capturing":[107],"structure":[109],"various":[111],"multi-stage":[115],"By":[117],"extending":[118],"paradigm,":[122],"we":[123],"provide":[124],"context":[126],"sensitive":[127],"modeling":[129],"framework":[130],"that,":[131],"through":[132],"abstraction,":[133],"supports":[134],"incident":[135]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":3}],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2025-10-10T00:00:00"}