{"id":"https://openalex.org/W4406322016","doi":"https://doi.org/10.1109/jiot.2025.3528744","title":"Advanced Persistent Threats Based on Supply Chain Vulnerabilities: Challenges, Solutions, and Future Directions","display_name":"Advanced Persistent Threats Based on Supply Chain Vulnerabilities: Challenges, Solutions, and Future Directions","publication_year":2025,"publication_date":"2025-01-13","ids":{"openalex":"https://openalex.org/W4406322016","doi":"https://doi.org/10.1109/jiot.2025.3528744"},"language":"en","primary_location":{"id":"doi:10.1109/jiot.2025.3528744","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3528744","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://eprints.gla.ac.uk/345000/1/345000.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5004564211","display_name":"Zhuoran Tan","orcid":"https://orcid.org/0000-0002-0809-0376"},"institutions":[{"id":"https://openalex.org/I7882870","display_name":"University of Glasgow","ror":"https://ror.org/00vtgdb53","country_code":"GB","type":"education","lineage":["https://openalex.org/I7882870"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Zhuoran Tan","raw_affiliation_strings":["School of Computing Science, University of Glasgow, Glasgow, Scotland"],"raw_orcid":"https://orcid.org/0000-0002-0809-0376","affiliations":[{"raw_affiliation_string":"School of Computing Science, University of Glasgow, Glasgow, Scotland","institution_ids":["https://openalex.org/I7882870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053364752","display_name":"Shameem Puthiya Parambath","orcid":null},"institutions":[{"id":"https://openalex.org/I7882870","display_name":"University of Glasgow","ror":"https://ror.org/00vtgdb53","country_code":"GB","type":"education","lineage":["https://openalex.org/I7882870"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Shameem Puthiya Parambath","raw_affiliation_strings":["School of Computing Science, University of Glasgow, Glasgow, Scotland"],"raw_orcid":"https://orcid.org/0000-0002-5338-9385","affiliations":[{"raw_affiliation_string":"School of Computing Science, University of Glasgow, Glasgow, Scotland","institution_ids":["https://openalex.org/I7882870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001331936","display_name":"Christos Anagnostopoulos","orcid":null},"institutions":[{"id":"https://openalex.org/I7882870","display_name":"University of Glasgow","ror":"https://ror.org/00vtgdb53","country_code":"GB","type":"education","lineage":["https://openalex.org/I7882870"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Christos Anagnostopoulos","raw_affiliation_strings":["School of Computing Science, University of Glasgow, Glasgow, Scotland"],"raw_orcid":"https://orcid.org/0000-0003-1517-6757","affiliations":[{"raw_affiliation_string":"School of Computing Science, University of Glasgow, Glasgow, Scotland","institution_ids":["https://openalex.org/I7882870"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064718447","display_name":"Jeremy Singer","orcid":"https://orcid.org/0000-0001-9462-6802"},"institutions":[{"id":"https://openalex.org/I7882870","display_name":"University of Glasgow","ror":"https://ror.org/00vtgdb53","country_code":"GB","type":"education","lineage":["https://openalex.org/I7882870"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Jeremy Singer","raw_affiliation_strings":["School of Computing Science, University of Glasgow, Glasgow, Scotland"],"raw_orcid":"https://orcid.org/0000-0001-9462-6802","affiliations":[{"raw_affiliation_string":"School of Computing Science, University of Glasgow, Glasgow, Scotland","institution_ids":["https://openalex.org/I7882870"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021412159","display_name":"Angelos K. Marnerides","orcid":null},"institutions":[{"id":"https://openalex.org/I34771391","display_name":"University of Cyprus","ror":"https://ror.org/02qjrjx09","country_code":"CY","type":"education","lineage":["https://openalex.org/I34771391"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Angelos K. Marnerides","raw_affiliation_strings":["Department of Electrical and Computer Engineering, KIOS Centre of Excellence, University of Cyprus, Nicosia, Cyprus","KIOS Centre of Excellence and the Department of Electrical and Computer Engineering, University of Cyprus, Nicosia, Cyprus"],"raw_orcid":"https://orcid.org/0000-0002-7996-6216","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, KIOS Centre of Excellence, University of Cyprus, Nicosia, Cyprus","institution_ids":["https://openalex.org/I34771391"]},{"raw_affiliation_string":"KIOS Centre of Excellence and the Department of Electrical and Computer Engineering, University of Cyprus, Nicosia, Cyprus","institution_ids":["https://openalex.org/I34771391"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5004564211"],"corresponding_institution_ids":["https://openalex.org/I7882870"],"apc_list":null,"apc_paid":null,"fwci":37.7453,"has_fulltext":true,"cited_by_count":19,"citation_normalized_percentile":{"value":0.99731627,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"12","issue":"6","first_page":"6371","last_page":"6395"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11864","display_name":"Supply Chain Resilience and Risk Management","score":0.9502999782562256,"subfield":{"id":"https://openalex.org/subfields/1408","display_name":"Strategy and Management"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11864","display_name":"Supply Chain Resilience and Risk Management","score":0.9502999782562256,"subfield":{"id":"https://openalex.org/subfields/1408","display_name":"Strategy and Management"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6905654072761536},{"id":"https://openalex.org/keywords/supply-chain","display_name":"Supply chain","score":0.6873898506164551},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4627215266227722},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.45631158351898193},{"id":"https://openalex.org/keywords/supply-chain-risk-management","display_name":"Supply chain risk management","score":0.44770246744155884},{"id":"https://openalex.org/keywords/supply-chain-management","display_name":"Supply chain management","score":0.33652329444885254},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3262043595314026},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.24677309393882751},{"id":"https://openalex.org/keywords/service-management","display_name":"Service management","score":0.1372269093990326}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6905654072761536},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.6873898506164551},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4627215266227722},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.45631158351898193},{"id":"https://openalex.org/C192639820","wikidata":"https://www.wikidata.org/wiki/Q1114469","display_name":"Supply chain risk management","level":5,"score":0.44770246744155884},{"id":"https://openalex.org/C44104985","wikidata":"https://www.wikidata.org/wiki/Q492886","display_name":"Supply chain management","level":3,"score":0.33652329444885254},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3262043595314026},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.24677309393882751},{"id":"https://openalex.org/C48840187","wikidata":"https://www.wikidata.org/wiki/Q689042","display_name":"Service management","level":4,"score":0.1372269093990326},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/jiot.2025.3528744","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3528744","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},{"id":"pmh:oai:eprints.gla.ac.uk:345000","is_oa":true,"landing_page_url":"http://eprints.gla.ac.uk/view/author/70612.html>,","pdf_url":"https://eprints.gla.ac.uk/345000/1/345000.pdf","source":{"id":"https://openalex.org/S4210235606","display_name":"ENLIGHTEN (Jurnal Bimbingan dan Konseling Islam)","issn_l":"2622-8912","issn":["2622-8912","2622-8920"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"},{"id":"pmh:oai:zenodo.org:14717064","is_oa":true,"landing_page_url":"https://doi.org/10.1109/JIOT.2025.3528744","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Internet of Things Journal, (2025-01-13)","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"pmh:oai:eprints.gla.ac.uk:345000","is_oa":true,"landing_page_url":"http://eprints.gla.ac.uk/view/author/70612.html>,","pdf_url":"https://eprints.gla.ac.uk/345000/1/345000.pdf","source":{"id":"https://openalex.org/S4210235606","display_name":"ENLIGHTEN (Jurnal Bimbingan dan Konseling Islam)","issn_l":"2622-8912","issn":["2622-8912","2622-8920"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4406322016.pdf"},"referenced_works_count":116,"referenced_works":["https://openalex.org/W1971070850","https://openalex.org/W1972757409","https://openalex.org/W2006485295","https://openalex.org/W2051640209","https://openalex.org/W2091750453","https://openalex.org/W2103018859","https://openalex.org/W2163783967","https://openalex.org/W2511921700","https://openalex.org/W2556536142","https://openalex.org/W2753390691","https://openalex.org/W2883847230","https://openalex.org/W2885305518","https://openalex.org/W2885630459","https://openalex.org/W2888385035","https://openalex.org/W2901648808","https://openalex.org/W2910711617","https://openalex.org/W2919469235","https://openalex.org/W2936148765","https://openalex.org/W2959653735","https://openalex.org/W2962703433","https://openalex.org/W2998038410","https://openalex.org/W3003861670","https://openalex.org/W3005127313","https://openalex.org/W3005216181","https://openalex.org/W3010383105","https://openalex.org/W3015650867","https://openalex.org/W3016062171","https://openalex.org/W3030364939","https://openalex.org/W3035510578","https://openalex.org/W3043638540","https://openalex.org/W3083012366","https://openalex.org/W3083040676","https://openalex.org/W3088227451","https://openalex.org/W3089304566","https://openalex.org/W3096185327","https://openalex.org/W3097816393","https://openalex.org/W3109094705","https://openalex.org/W3109217941","https://openalex.org/W3118557581","https://openalex.org/W3138230581","https://openalex.org/W3140745842","https://openalex.org/W3145608601","https://openalex.org/W3152758407","https://openalex.org/W3155859537","https://openalex.org/W3157552928","https://openalex.org/W3163206498","https://openalex.org/W3174208623","https://openalex.org/W3176367300","https://openalex.org/W3179862281","https://openalex.org/W3185502221","https://openalex.org/W3190895447","https://openalex.org/W3197881190","https://openalex.org/W3208113910","https://openalex.org/W3209994393","https://openalex.org/W3210911509","https://openalex.org/W3211608049","https://openalex.org/W3212800749","https://openalex.org/W3213814821","https://openalex.org/W3215769872","https://openalex.org/W4205365706","https://openalex.org/W4206360932","https://openalex.org/W4210653685","https://openalex.org/W4213144372","https://openalex.org/W4221129260","https://openalex.org/W4224914413","https://openalex.org/W4225697716","https://openalex.org/W4234475800","https://openalex.org/W4251136770","https://openalex.org/W4253493679","https://openalex.org/W4281383000","https://openalex.org/W4281392196","https://openalex.org/W4285818247","https://openalex.org/W4286375281","https://openalex.org/W4288065119","https://openalex.org/W4292995118","https://openalex.org/W4293173775","https://openalex.org/W4296126336","https://openalex.org/W4308562473","https://openalex.org/W4308562533","https://openalex.org/W4308562540","https://openalex.org/W4308562609","https://openalex.org/W4308643055","https://openalex.org/W4312423228","https://openalex.org/W4315629879","https://openalex.org/W4320002930","https://openalex.org/W4321524221","https://openalex.org/W4323022560","https://openalex.org/W4323338381","https://openalex.org/W4323519529","https://openalex.org/W4324007922","https://openalex.org/W4364353329","https://openalex.org/W4385080301","https://openalex.org/W4385453302","https://openalex.org/W4386025879","https://openalex.org/W4387723777","https://openalex.org/W4388210785","https://openalex.org/W4388460283","https://openalex.org/W4388538015","https://openalex.org/W4388955103","https://openalex.org/W4389400899","https://openalex.org/W4391775469","https://openalex.org/W4393029443","https://openalex.org/W4396644396","https://openalex.org/W4396644923","https://openalex.org/W4396855102","https://openalex.org/W4399983557","https://openalex.org/W4401323385","https://openalex.org/W4401365682","https://openalex.org/W4402423971","https://openalex.org/W4402675695","https://openalex.org/W4402809959","https://openalex.org/W4403587478","https://openalex.org/W6784471510","https://openalex.org/W6793953445","https://openalex.org/W6795907092","https://openalex.org/W6873317079"],"related_works":["https://openalex.org/W2057686421","https://openalex.org/W2015686463","https://openalex.org/W2260567777","https://openalex.org/W2145181404","https://openalex.org/W4283832168","https://openalex.org/W2259073436","https://openalex.org/W3133357750","https://openalex.org/W2128270257","https://openalex.org/W2141283470","https://openalex.org/W2037522875"],"abstract_inverted_index":{"Due":[0],"to":[1,38,63,110,128,159,187],"the":[2,48,90,105,126,132,184],"ever":[3],"increasing":[4],"interdependency":[5],"across":[6,66,99],"a":[7,32,82,86,161],"variety":[8],"of":[9,121,134],"diverse":[10,100],"software":[11,96],"and":[12,17,40,71,97,130,145,163,179],"hardware":[13],"components":[14],"in":[15,47,117],"information":[16],"communications":[18],"technology":[19],"(ICT)":[20],"provisioning,":[21],"supply":[22,94,135,168],"chain":[23,95,169],"vulnerabilities":[24],"(SCVs)":[25],"targeting":[26],"such":[27,76,143],"dependencies":[28],"have":[29,61],"evolved":[30],"as":[31,81],"primary":[33],"choice":[34],"for":[35],"malicious":[36],"actors":[37],"stealthy":[39],"complex":[41],"cyber-attacks.":[42],"The":[43],"current":[44,106],"modus":[45],"operandi":[46],"cyber":[49],"threat":[50],"spectrum":[51],"is":[52,78],"solely":[53],"correlated":[54],"with":[55,104,156,183],"advanced":[56],"persistent":[57],"threats":[58,77],"(APTs)":[59],"that":[60],"shown":[62],"be":[64],"prevalent":[65],"diversified":[67],"attacks":[68],"underpinning":[69],"cyberwarfare":[70],"cybercrime.":[72],"Hence,":[73],"defense":[74,107,149,191],"against":[75],"undoubtedly":[79],"considered":[80],"high":[83],"priority":[84],"on":[85,92,139,147],"global":[87],"scale.":[88],"Nonetheless,":[89],"reliance":[91],"third-party":[93],"device":[98],"ICT":[101],"ecosystems,":[102],"combined":[103],"mechanisms\u2019":[108],"inability":[109],"identify":[111],"specific":[112],"compromised":[113],"entry":[114],"points,":[115],"results":[116],"an":[118],"increased":[119],"risk":[120],"APTs.":[122],"This":[123,151],"survey":[124],"explores":[125],"state-of-the-art":[127],"stratify":[129],"showcase":[131],"properties":[133],"chain-based":[136],"APTs,":[137,144],"elaborate":[138],"reported":[140],"risks":[141],"from":[142],"expand":[146],"existing":[148],"methods.":[150],"study":[152],"connects":[153],"academic":[154],"research":[155],"industry":[157],"practices":[158],"highlight":[160],"new":[162],"growing":[164],"problem.":[165],"It":[166],"examines":[167],"compromises,":[170],"offers":[171],"unique":[172],"insight":[173],"into":[174],"how":[175],"these":[176],"exploitations":[177],"occur,":[178],"equips":[180],"cybersecurity":[181],"practitioners":[182],"knowledge":[185],"required":[186],"design":[188],"next-generation":[189],"APT":[190],"mechanisms.":[192]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":16}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-01-14T00:00:00"}