{"id":"https://openalex.org/W4412719118","doi":"https://doi.org/10.1109/jiot.2025.3592616","title":"Toward Mitigating APT Attacks With Zero-Trust Networks Access Control Model","display_name":"Toward Mitigating APT Attacks With Zero-Trust Networks Access Control Model","publication_year":2025,"publication_date":"2025-07-25","ids":{"openalex":"https://openalex.org/W4412719118","doi":"https://doi.org/10.1109/jiot.2025.3592616"},"language":"en","primary_location":{"id":"doi:10.1109/jiot.2025.3592616","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3592616","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022054343","display_name":"Jingci Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jingci Zhang","raw_affiliation_strings":["School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088631925","display_name":"Jun Zheng","orcid":"https://orcid.org/0000-0002-5270-5809"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jun Zheng","raw_affiliation_strings":["School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113410098","display_name":"Ning Shi","orcid":null},"institutions":[{"id":"https://openalex.org/I183006215","display_name":"Shijiazhuang University","ror":"https://ror.org/028rmam09","country_code":"CN","type":"education","lineage":["https://openalex.org/I183006215"]},{"id":"https://openalex.org/I4210122705","display_name":"Hebei University of Chinese Medicine","ror":"https://ror.org/02qxkhm81","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210122705"]},{"id":"https://openalex.org/I95946905","display_name":"Hebei GEO University","ror":"https://ror.org/013x4kb81","country_code":"CN","type":"education","lineage":["https://openalex.org/I95946905"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ning Shi","raw_affiliation_strings":["Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Shijiazhuang, Hebei, China","Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Hebei, China"],"raw_orcid":"https://orcid.org/0009-0006-6504-425X","affiliations":[{"raw_affiliation_string":"Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Shijiazhuang, Hebei, China","institution_ids":["https://openalex.org/I95946905","https://openalex.org/I183006215"]},{"raw_affiliation_string":"Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Hebei, China","institution_ids":["https://openalex.org/I4210122705"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5117617095","display_name":"Zhaohui Ci","orcid":null},"institutions":[{"id":"https://openalex.org/I183006215","display_name":"Shijiazhuang University","ror":"https://ror.org/028rmam09","country_code":"CN","type":"education","lineage":["https://openalex.org/I183006215"]},{"id":"https://openalex.org/I4210122705","display_name":"Hebei University of Chinese Medicine","ror":"https://ror.org/02qxkhm81","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210122705"]},{"id":"https://openalex.org/I95946905","display_name":"Hebei GEO University","ror":"https://ror.org/013x4kb81","country_code":"CN","type":"education","lineage":["https://openalex.org/I95946905"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhaohui Ci","raw_affiliation_strings":["Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Shijiazhuang, Hebei, China","Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Hebei, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Shijiazhuang, Hebei, China","institution_ids":["https://openalex.org/I95946905","https://openalex.org/I183006215"]},{"raw_affiliation_string":"Hebei Key Laboratory of IoT Blockchain Integration, Shijiazhuang University, Hebei, China","institution_ids":["https://openalex.org/I4210122705"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100455413","display_name":"Yajie Wang","orcid":"https://orcid.org/0000-0002-0962-4464"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yajie Wang","raw_affiliation_strings":["School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-0962-4464","affiliations":[{"raw_affiliation_string":"School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China","institution_ids":["https://openalex.org/I125839683"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100634361","display_name":"Liehuang Zhu","orcid":"https://orcid.org/0000-0003-3277-3887"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Liehuang Zhu","raw_affiliation_strings":["School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-3277-3887","affiliations":[{"raw_affiliation_string":"School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China","institution_ids":["https://openalex.org/I125839683"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5022054343"],"corresponding_institution_ids":["https://openalex.org/I125839683"],"apc_list":null,"apc_paid":null,"fwci":2.7033,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.9135024,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":98},"biblio":{"volume":"12","issue":"19","first_page":"41215","last_page":"41231"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.982699990272522,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7104084491729736},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5051808953285217},{"id":"https://openalex.org/keywords/zero","display_name":"Zero (linguistics)","score":0.4629206657409668},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.43539273738861084},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4118392765522003},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.38355132937431335},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.17685341835021973}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7104084491729736},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5051808953285217},{"id":"https://openalex.org/C2780813799","wikidata":"https://www.wikidata.org/wiki/Q3274237","display_name":"Zero (linguistics)","level":2,"score":0.4629206657409668},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.43539273738861084},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4118392765522003},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.38355132937431335},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.17685341835021973},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jiot.2025.3592616","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3592616","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3900891980","display_name":null,"funder_award_id":"2023YFC3305404","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G7371719601","display_name":null,"funder_award_id":"ZD202509","funder_id":"https://openalex.org/F4320330383","funder_display_name":"Key Research Institute of Humanities and Social Sciences in Sichuan Province"}],"funders":[{"id":"https://openalex.org/F4320330383","display_name":"Key Research Institute of Humanities and Social Sciences in Sichuan Province","ror":null},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":47,"referenced_works":["https://openalex.org/W953037485","https://openalex.org/W1658613573","https://openalex.org/W2099272674","https://openalex.org/W2569220913","https://openalex.org/W2575980491","https://openalex.org/W2791518533","https://openalex.org/W2818789173","https://openalex.org/W2913909795","https://openalex.org/W2948487788","https://openalex.org/W2976189582","https://openalex.org/W3002823324","https://openalex.org/W3014544197","https://openalex.org/W3091348074","https://openalex.org/W3099854209","https://openalex.org/W3208113910","https://openalex.org/W4200050527","https://openalex.org/W4200088049","https://openalex.org/W4205199446","https://openalex.org/W4214823990","https://openalex.org/W4226408050","https://openalex.org/W4252014186","https://openalex.org/W4292348078","https://openalex.org/W4293060418","https://openalex.org/W4293236827","https://openalex.org/W4312716638","https://openalex.org/W4322487524","https://openalex.org/W4324093415","https://openalex.org/W4384835155","https://openalex.org/W4386618789","https://openalex.org/W4389924061","https://openalex.org/W4390730117","https://openalex.org/W4391096539","https://openalex.org/W4391720723","https://openalex.org/W4391849119","https://openalex.org/W4392122558","https://openalex.org/W4399466211","https://openalex.org/W4399621644","https://openalex.org/W4399801096","https://openalex.org/W4401019736","https://openalex.org/W4401174251","https://openalex.org/W4401819128","https://openalex.org/W4401945941","https://openalex.org/W4402915323","https://openalex.org/W4403826990","https://openalex.org/W4404391243","https://openalex.org/W4405094713","https://openalex.org/W4414123601"],"related_works":["https://openalex.org/W3013650182","https://openalex.org/W2989283631","https://openalex.org/W4249605382","https://openalex.org/W4313491656","https://openalex.org/W3279617","https://openalex.org/W4402958497","https://openalex.org/W2901729341","https://openalex.org/W1991183963","https://openalex.org/W2250701745","https://openalex.org/W2053087750"],"abstract_inverted_index":{"With":[0],"the":[1,33,51,100,114,213],"deepening":[2],"militarization":[3],"of":[4],"global":[5],"cyberspace,":[6],"cyber":[7],"threats":[8,14,86],"have":[9,31],"evolved":[10],"into":[11],"advanced":[12],"persistent":[13],"(APTs),":[15],"characterized":[16],"by":[17,142,205],"high":[18],"targeting,":[19],"persistence,":[20],"and":[21,54,102,108,137,147,198,216],"destructiveness,":[22],"rendering":[23],"traditional":[24],"perimeter-based":[25],"defenses":[26],"ineffective.":[27],"In":[28],"response,":[29],"researchers":[30],"proposed":[32],"zero-trust":[34,60,81,125,141],"architecture,":[35],"which":[36],"enforces":[37],"strict":[38],"identity":[39],"verification":[40],"for":[41,127,182,228],"all":[42],"access":[43,121,201],"requests,":[44],"whether":[45],"external":[46],"or":[47,105],"internal,":[48],"to":[49,96,170,196],"reduce":[50],"attack":[52,157,221],"surface":[53],"mitigate":[55,109],"APTs":[56,98],"lateral":[57],"movement.":[58],"However,":[59],"remains":[61],"largely":[62],"a":[63,68,120,178,191,225],"conceptual":[64],"framework":[65,181],"rather":[66],"than":[67],"standardized":[69],"technical":[70,103],"solution,":[71],"with":[72,167],"existing":[73],"approaches":[74],"primarily":[75],"integrating":[76],"conventional":[77],"security":[78,168],"mechanisms":[79],"under":[80],"principles":[82],"without":[83],"systematically":[84],"deconstructing":[85],"from":[87],"an":[88,156],"APT":[89,110,128,134,172,187,220,230],"countermeasure":[90],"perspective.":[91],"Consequently,":[92],"these":[93],"methods":[94],"struggle":[95],"identify":[97],"at":[99],"tactical":[101],"level":[104],"accurately":[106],"assess":[107],"risks.":[111],"To":[112],"address":[113],"above":[115],"problems,":[116],"this":[117,131,153,175],"article":[118,132,154,176],"proposes":[119],"control":[122,202],"method":[123],"within":[124],"network":[126,183],"mitigation.":[129],"First,":[130],"identifies":[133],"tactics,":[135],"techniques,":[136],"procedure":[138],"that":[139],"threaten":[140],"leveraging":[143],"MITRE":[144],"ATT&CK":[145],"mitigations":[146],"zero":[148],"trust":[149,192,207],"maturity":[150],"model.":[151],"Next,":[152],"designs":[155],"detection":[158,222],"algorithm":[159],"using":[160],"Sigma":[161],"rules,":[162],"correlating":[163],"historical":[164],"entity":[165,206],"behavior":[166],"alerts":[169],"uncover":[171],"indicators.":[173],"Finally,":[174],"establishes":[177],"risk":[179],"assessment":[180],"entities":[184],"based":[185],"on":[186],"behavioral":[188],"patterns,":[189],"devises":[190],"computation":[193],"model":[194],"tailored":[195],"APTs,":[197],"implements":[199],"dynamic":[200],"policies":[203],"weighted":[204],"levels.":[208],"The":[209],"experimental":[210],"results":[211],"demonstrate":[212],"method\u2019s":[214],"feasibility":[215],"effectiveness,":[217],"achieving":[218],"93.1%":[219],"rate,":[223],"offering":[224],"new":[226],"approach":[227],"mitigating":[229],"attacks.":[231]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-07-29T00:00:00"}