{"id":"https://openalex.org/W3093846309","doi":"https://doi.org/10.1109/iscc50000.2020.9219722","title":"Defense Against Advanced Persistent Threats: Optimal Network Security Hardening Using Multi-stage Maze Network Game","display_name":"Defense Against Advanced Persistent Threats: Optimal Network Security Hardening Using Multi-stage Maze Network Game","publication_year":2020,"publication_date":"2020-07-01","ids":{"openalex":"https://openalex.org/W3093846309","doi":"https://doi.org/10.1109/iscc50000.2020.9219722","mag":"3093846309"},"language":"en","primary_location":{"id":"doi:10.1109/iscc50000.2020.9219722","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc50000.2020.9219722","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028936740","display_name":"Hangsheng Zhang","orcid":"https://orcid.org/0000-0002-6501-840X"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Hangsheng Zhang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100413167","display_name":"Haitao Liu","orcid":"https://orcid.org/0009-0005-6946-8597"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haitao Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101784190","display_name":"Jie Liang","orcid":"https://orcid.org/0000-0002-0072-2711"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jie Liang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100416900","display_name":"Ting Li","orcid":"https://orcid.org/0000-0003-0551-6535"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ting Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018053243","display_name":"Liru Geng","orcid":"https://orcid.org/0009-0008-9196-4927"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Liru Geng","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102790878","display_name":"Yinlong Liu","orcid":"https://orcid.org/0000-0002-5984-1299"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yinlong Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101543053","display_name":"Shujuan Chen","orcid":"https://orcid.org/0000-0002-7221-6543"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shujuan Chen","raw_affiliation_strings":["China cybersecurity review technology and certification center, Beijing, China"],"affiliations":[{"raw_affiliation_string":"China cybersecurity review technology and certification center, Beijing, China","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5028936740"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":1.0676,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.84138604,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6378445029258728},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5371528267860413},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.520530104637146},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.38669198751449585}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6378445029258728},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5371528267860413},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.520530104637146},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.38669198751449585}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iscc50000.2020.9219722","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscc50000.2020.9219722","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7900000214576721,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W164306009","https://openalex.org/W568984285","https://openalex.org/W1547152107","https://openalex.org/W1590752147","https://openalex.org/W2015787697","https://openalex.org/W2039858940","https://openalex.org/W2058792175","https://openalex.org/W2083270195","https://openalex.org/W2095095223","https://openalex.org/W2121805588","https://openalex.org/W2257448745","https://openalex.org/W2260320574","https://openalex.org/W2740378938","https://openalex.org/W2808323833","https://openalex.org/W2888636522","https://openalex.org/W2963492322","https://openalex.org/W3098805379","https://openalex.org/W4253730333","https://openalex.org/W6606758492","https://openalex.org/W6635235395","https://openalex.org/W6692650605"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W4402327032","https://openalex.org/W2360633292"],"abstract_inverted_index":{"Advanced":[0],"Persistent":[1],"Threat":[2],"(APT)":[3],"is":[4,63,117,171],"a":[5,30,38,53,69,109,121],"stealthy,":[6],"continuous":[7],"and":[8,20,48,112,131,152,156,173],"sophisticated":[9],"method":[10,122],"of":[11,22,34,83,91,104,149,158],"network":[12,47],"attacks,":[13],"which":[14,80],"can":[15],"cause":[16],"serious":[17],"privacy":[18],"leakage":[19],"millions":[21],"dollars":[23],"losses.":[24],"In":[25],"this":[26],"paper,":[27],"we":[28,144],"introduce":[29],"new":[31],"game-theoretic":[32],"framework":[33],"the":[35,58,81,92,101,105,114,134,139,150,154,159],"interaction":[36],"between":[37],"defender":[39],"who":[40,51],"uses":[41],"limited":[42],"Security":[43],"Resources(SRs)":[44],"to":[45,56],"harden":[46],"an":[49,146],"attacker":[50,93],"adopts":[52],"multi-stage":[54],"plan":[55],"attack":[57,98],"network.":[59],"The":[60,88],"game":[61],"model":[62,151],"derived":[64],"from":[65],"Stackelberg":[66],"games":[67],"called":[68],"Multi-stage":[70],"Maze":[71],"Network":[72],"Game":[73],"(M":[74],"<sup":[75],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[76],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">2</sup>":[77],"NG)":[78],"in":[79],"characteristics":[82],"APT":[84],"are":[85,94],"fully":[86],"considered.":[87],"possible":[89],"plans":[90],"compactly":[95],"represented":[96],"using":[97,138],"graphs(AGs),":[99],"but":[100],"compact":[102],"representation":[103],"attacker\u2019s":[106],"strategies":[107],"presents":[108],"computational":[110],"challenge":[111],"reaching":[113],"Nash":[115],"Equilibrium(NE)":[116],"NP-hard.":[118],"We":[119],"present":[120,145],"that":[123,164],"first":[124],"translates":[125],"AGs":[126],"into":[127],"Markov":[128],"Decision":[129],"Process(MDP)":[130],"then":[132],"achieves":[133],"optimal":[135],"SRs":[136,169],"allocation":[137,170],"policy":[140],"hill-climbing(PHC)":[141],"algorithm.":[142,160],"Finally,":[143],"empirical":[147],"evaluation":[148],"analyze":[153],"scalability":[155],"sensitivity":[157],"Simulation":[161],"results":[162],"exhibit":[163],"our":[165],"proposed":[166],"reinforcement":[167],"learning-based":[168],"feasible":[172],"efficient.":[174]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}