{"id":"https://openalex.org/W4403937440","doi":"https://doi.org/10.1109/iscc61673.2024.10733636","title":"Early Detection of Fileless Attacks Based on Multi-Feature Fusion of Complex Attack Vectors","display_name":"Early Detection of Fileless Attacks Based on Multi-Feature Fusion of Complex Attack Vectors","publication_year":2024,"publication_date":"2024-06-26","ids":{"openalex":"https://openalex.org/W4403937440","doi":"https://doi.org/10.1109/iscc61673.2024.10733636"},"language":"en","primary_location":{"id":"doi:10.1109/iscc61673.2024.10733636","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/iscc61673.2024.10733636","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047977663","display_name":"Tao Leng","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Tao Leng","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100712546","display_name":"Lixin Zhao","orcid":"https://orcid.org/0009-0004-0566-791X"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lixin Zhao","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036245249","display_name":"Yuedong Pan","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuedong Pan","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101522685","display_name":"Aimin Yu","orcid":"https://orcid.org/0000-0002-5521-4757"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Aimin Yu","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102461539","display_name":"Ziyuan Zhu","orcid":"https://orcid.org/0009-0001-6696-3374"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ziyuan Zhu","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101775557","display_name":"Lijun Cai","orcid":"https://orcid.org/0000-0002-9665-592X"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lijun Cai","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018703681","display_name":"Dan Meng","orcid":"https://orcid.org/0000-0001-6654-8552"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dan Meng","raw_affiliation_strings":["Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5047977663"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.21317189,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9308000206947327,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9308000206947327,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6779912114143372},{"id":"https://openalex.org/keywords/fusion","display_name":"Fusion","score":0.5403587818145752},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.525519609451294},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5193813443183899},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.5003838539123535},{"id":"https://openalex.org/keywords/feature-extraction","display_name":"Feature extraction","score":0.4259491562843323}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6779912114143372},{"id":"https://openalex.org/C158525013","wikidata":"https://www.wikidata.org/wiki/Q2593739","display_name":"Fusion","level":2,"score":0.5403587818145752},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.525519609451294},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5193813443183899},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.5003838539123535},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.4259491562843323},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iscc61673.2024.10733636","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/iscc61673.2024.10733636","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE Symposium on Computers and Communications (ISCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320321133","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W2289674658","https://openalex.org/W2471456063","https://openalex.org/W2557716486","https://openalex.org/W2783139674","https://openalex.org/W2884157903","https://openalex.org/W2963583660","https://openalex.org/W2972512996","https://openalex.org/W2974989311","https://openalex.org/W3070794221","https://openalex.org/W3084472304","https://openalex.org/W3098789273","https://openalex.org/W3196559500","https://openalex.org/W4200395040","https://openalex.org/W4200586921","https://openalex.org/W4224253745","https://openalex.org/W4226163627","https://openalex.org/W4311165726","https://openalex.org/W4388464937","https://openalex.org/W4401006908","https://openalex.org/W6758497673"],"related_works":["https://openalex.org/W2033914206","https://openalex.org/W2042327336","https://openalex.org/W2601157893","https://openalex.org/W2373006798","https://openalex.org/W2131735617","https://openalex.org/W2056912418","https://openalex.org/W2123759770","https://openalex.org/W2033213769","https://openalex.org/W4312376745","https://openalex.org/W2136016640"],"abstract_inverted_index":{"The":[0],"initial":[1],"manifestations":[2],"of":[3,41,65,72,81,130],"fileless":[4],"attacks":[5],"were":[6],"predominantly":[7],"document-based":[8],"attacks,":[9],"extensively":[10],"leveraged":[11],"in":[12],"Advanced":[13],"Persistent":[14],"Threat":[15],"(APT)":[16],"campaigns":[17],"and":[18,28,79,94,96,99],"cybercriminal":[19],"activities.":[20],"Malicious":[21],"documents":[22],"leveraging":[23,115],"macros,":[24],"DDE,":[25],"template":[26],"injection,":[27],"other":[29],"attack":[30,50,67,73],"vectors":[31,84],"evade":[32],"conventional":[33],"signature-based":[34],"detection":[35],"techniques.":[36],"Additionally,":[37],"the":[38,62,116],"constant":[39],"influx":[40],"new":[42],"samples":[43],"undermines":[44],"models":[45],"trained":[46],"only":[47],"on":[48,61,120],"single":[49],"vector":[51],"features.":[52],"Herein,":[53],"we":[54,125],"introduce":[55],"DocInspect,":[56],"a":[57],"methodological":[58],"framework":[59],"predicated":[60],"multi-feature":[63],"fusion":[64],"complex":[66],"vectors.":[68,113],"Through":[69],"observational":[70],"analyses":[71],"vectors,":[74],"static":[75],"analysis":[76],"extracts":[77],"keywords":[78],"indicators":[80],"compromise":[82],"from":[83],"like":[85],"macro":[86],"code,":[87],"simulated":[88],"execution":[89],"retrieves":[90],"shellcode":[91],"function":[92],"calls":[93],"parameters,":[95],"deceptive":[97],"images":[98],"text":[100],"are":[101,107],"concurrently":[102],"extracted.":[103],"These":[104],"multi-dimensional":[105],"features":[106],"then":[108],"fused":[109],"to":[110],"construct":[111],"feature":[112],"Ultimately,":[114],"Extra":[117],"Trees":[118],"model":[119],"our":[121],"latest":[122],"sample":[123],"set,":[124],"achieve":[126],"an":[127],"F1":[128],"score":[129],"99.96%,":[131],"while":[132],"demonstrating":[133],"commendable":[134],"robustness.":[135]},"counts_by_year":[],"updated_date":"2025-12-21T01:58:51.020947","created_date":"2025-10-10T00:00:00"}