{"id":"https://openalex.org/W2976043817","doi":"https://doi.org/10.1109/infcomw.2019.8845281","title":"A Flexible Framework for Malicious Open XML Document Detection based on APT Attacks","display_name":"A Flexible Framework for Malicious Open XML Document Detection based on APT Attacks","publication_year":2019,"publication_date":"2019-04-01","ids":{"openalex":"https://openalex.org/W2976043817","doi":"https://doi.org/10.1109/infcomw.2019.8845281","mag":"2976043817"},"language":"en","primary_location":{"id":"doi:10.1109/infcomw.2019.8845281","is_oa":false,"landing_page_url":"https://doi.org/10.1109/infcomw.2019.8845281","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076813053","display_name":"Hung\u2013Min Sun","orcid":"https://orcid.org/0000-0003-0870-9973"},"institutions":[{"id":"https://openalex.org/I25112270","display_name":"Universidade Federal de Pernambuco","ror":"https://ror.org/047908t24","country_code":"BR","type":"education","lineage":["https://openalex.org/I25112270"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Hung-Min Sun","raw_affiliation_strings":["Federal University of Pernambuco, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University of Pernambuco, Brazil","institution_ids":["https://openalex.org/I25112270"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112470412","display_name":"Chien Wen Shen","orcid":null},"institutions":[{"id":"https://openalex.org/I25112270","display_name":"Universidade Federal de Pernambuco","ror":"https://ror.org/047908t24","country_code":"BR","type":"education","lineage":["https://openalex.org/I25112270"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Chi-En Shen","raw_affiliation_strings":["Federal University of Pernambuco, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University of Pernambuco, Brazil","institution_ids":["https://openalex.org/I25112270"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088174247","display_name":"Chi-Yao Weng","orcid":"https://orcid.org/0000-0002-0501-8475"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan\u2013Ann Arbor","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chi-Yao Weng","raw_affiliation_strings":["University of Michigan, USA"],"affiliations":[{"raw_affiliation_string":"University of Michigan, USA","institution_ids":["https://openalex.org/I27837315"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5076813053"],"corresponding_institution_ids":["https://openalex.org/I25112270"],"apc_list":null,"apc_paid":null,"fwci":0.8843,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.77083398,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8524453639984131},{"id":"https://openalex.org/keywords/xml","display_name":"XML","score":0.6751585006713867},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5088015198707581},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.45842447876930237}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8524453639984131},{"id":"https://openalex.org/C8797682","wikidata":"https://www.wikidata.org/wiki/Q2115","display_name":"XML","level":2,"score":0.6751585006713867},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5088015198707581},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.45842447876930237}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/infcomw.2019.8845281","is_oa":false,"landing_page_url":"https://doi.org/10.1109/infcomw.2019.8845281","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6499999761581421,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":1,"referenced_works":["https://openalex.org/W1593886280"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2393259792"],"abstract_inverted_index":{"The":[0,70,84,174,192],"defense":[1],"against":[2],"Advanced":[3],"Persistence":[4],"Threat":[5],"(APT)":[6],"attacks":[7,29],"is":[8,75,104,145,190],"an":[9,67,78],"important":[10,76],"topic":[11],"in":[12,61,93,177],"recent":[13],"years.":[14],"Many":[15],"organizations":[16],"and":[17,34,40,155,167,183,201],"enterprises":[18],"even":[19],"governments":[20],"have":[21,30,53],"been":[22,54],"victims":[23],"of":[24,66,72],"APT":[25,28,68,82,95,197],"attacks.":[26,50,96],"As":[27],"a":[31,88,134],"specific":[32,119],"objective":[33],"are":[35],"skillfully":[36],"crafted,":[37],"motivated,":[38],"organized":[39],"well":[41],"founded,":[42],"we":[43],"should":[44],"pay":[45],"more":[46,199],"attention":[47],"on":[48,107,137],"those":[49],"Malicious":[51],"documents":[52,74],"used":[55,92],"with":[56,171],"the":[57,62,94,98,108,112,148,196],"spear":[58],"phishing":[59],"attack":[60],"initial":[63],"infection":[64],"phase":[65],"attack.":[69,83],"detection":[71,102,127,198],"malicious":[73,100,123,138],"for":[77,122,203],"early":[79],"stage":[80],"defensive":[81],"Open":[85,124,139,162],"XML":[86,125,140,163],"has":[87],"popular":[89],"document":[90,101,116,126,141,164],"format":[91],"However,":[97],"related":[99],"research":[103],"mostly":[105],"focused":[106],"PDF":[109],"file":[110],"or":[111],"traditional":[113],"OLE":[114],"Office":[115],"format.":[117],"A":[118],"framework":[120,135,144,159,179,194],"design":[121],"does":[128],"not":[129],"exist.":[130],"This":[131,143],"article":[132],"proposes":[133],"based":[136],"detection.":[142],"designed":[146],"under":[147],"fundamental":[149],"principle,":[150],"such":[151],"as":[152],"automatic,":[153],"flexible":[154],"configurable.":[156],"Our":[157],"proposed":[158],"can":[160,180],"analyze":[161],"job":[165],"automatically":[166],"generate":[168],"analysis":[169],"reports":[170],"information":[172],"highlighting.":[173],"Scanner":[175],"Module":[176],"this":[178],"be":[181],"configured":[182],"easily":[184],"extended":[185],"by":[186],"adding":[187],"customized":[188],"scanners,":[189],"flexible.":[191],"Configurable":[193],"makes":[195],"customizable":[200],"suitable":[202],"user's":[204],"demand.":[205]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}