{"id":"https://openalex.org/W2564718816","doi":"https://doi.org/10.1109/milcom.2016.7795373","title":"Controlling risk of data exfiltration in cyber networks due to stealthy propagating malware","display_name":"Controlling risk of data exfiltration in cyber networks due to stealthy propagating malware","publication_year":2016,"publication_date":"2016-11-01","ids":{"openalex":"https://openalex.org/W2564718816","doi":"https://doi.org/10.1109/milcom.2016.7795373","mag":"2564718816"},"language":"en","primary_location":{"id":"doi:10.1109/milcom.2016.7795373","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom.2016.7795373","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2016 - 2016 IEEE Military Communications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5080341077","display_name":"Brian Thompson","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Brian Thompson","raw_affiliation_strings":["U.S. Army Research Lab, Adelphi, MD"],"affiliations":[{"raw_affiliation_string":"U.S. Army Research Lab, Adelphi, MD","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063120551","display_name":"James Morris-King","orcid":null},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"James Morris-King","raw_affiliation_strings":["U.S. Army Research Lab, Adelphi, MD"],"affiliations":[{"raw_affiliation_string":"U.S. Army Research Lab, Adelphi, MD","institution_ids":["https://openalex.org/I166416128"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002845585","display_name":"Hasan \u00c7am","orcid":"https://orcid.org/0000-0002-3531-7003"},"institutions":[{"id":"https://openalex.org/I166416128","display_name":"DEVCOM Army Research Laboratory","ror":"https://ror.org/011hc8f90","country_code":"US","type":"government","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I166416128","https://openalex.org/I2802705668","https://openalex.org/I4210154437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hasan Cam","raw_affiliation_strings":["U.S. Army Research Lab, Adelphi, MD"],"affiliations":[{"raw_affiliation_string":"U.S. Army Research Lab, Adelphi, MD","institution_ids":["https://openalex.org/I166416128"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5080341077"],"corresponding_institution_ids":["https://openalex.org/I166416128"],"apc_list":null,"apc_paid":null,"fwci":0.5791,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.7366764,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"3","issue":null,"first_page":"479","last_page":"484"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8801960945129395},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7596708536148071},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7245135307312012},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6878777742385864},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.45363080501556396},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.4269089996814728},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.4102734923362732},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.34442925453186035}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8801960945129395},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7596708536148071},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7245135307312012},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6878777742385864},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.45363080501556396},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.4269089996814728},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.4102734923362732},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.34442925453186035},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/milcom.2016.7795373","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom.2016.7795373","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2016 - 2016 IEEE Military Communications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W41015297","https://openalex.org/W1584325681","https://openalex.org/W1963876301","https://openalex.org/W1976540969","https://openalex.org/W1999157275","https://openalex.org/W2042728064","https://openalex.org/W2068011000","https://openalex.org/W2108050790","https://openalex.org/W2110725936","https://openalex.org/W2124486211","https://openalex.org/W2148301044","https://openalex.org/W2165308387","https://openalex.org/W2196723255","https://openalex.org/W2235043326","https://openalex.org/W3098604306","https://openalex.org/W4285719527","https://openalex.org/W6634989040","https://openalex.org/W6683385214","https://openalex.org/W6687845823","https://openalex.org/W6689880219"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W4312814274","https://openalex.org/W1590307681","https://openalex.org/W2536018345","https://openalex.org/W4285370786","https://openalex.org/W1966145327","https://openalex.org/W4240241597","https://openalex.org/W4240288358"],"abstract_inverted_index":{"Infamous":[0],"recent":[1],"cyber":[2],"attacks":[3],"on":[4,126],"businesses":[5],"and":[6,26,46,88,93,120],"governments":[7],"have":[8],"demonstrated":[9],"that":[10],"even":[11],"the":[12,81,115,118,127,139,149,155],"best":[13],"contemporary":[14],"security":[15],"systems":[16],"can":[17,34,60,135,165],"not":[18],"prevent":[19],"well-resourced":[20],"adversaries":[21],"from":[22,85,138],"infiltrating":[23],"their":[24],"networks":[25],"gaining":[27],"access":[28],"to":[29,44,97,111,154,174],"sensitive":[30],"information.":[31],"Stealthy":[32],"malware":[33,79,99],"spread":[35,100],"through":[36],"a":[37,71,89,108],"network":[38,119,146],"undetected":[39],"by":[40],"utilizing":[41],"zero-day":[42],"exploits":[43],"propagate":[45],"hiding":[47],"malicious":[48],"behavior":[49],"in":[50,73,114,142,170],"normal":[51],"activity,":[52],"potentially":[53],"doing":[54],"significant":[55],"damage":[56],"before":[57],"exploited":[58],"vulnerabilities":[59],"be":[61],"identified":[62],"or":[63],"patches":[64],"developed.":[65],"In":[66],"this":[67],"work,":[68],"we":[69],"consider":[70],"scenario":[72],"which":[74,131],"an":[75,123,132],"attacker":[76,134],"deploys":[77,91],"propagating":[78],"enabling":[80],"exfiltration":[82],"of":[83,117,144],"data":[84,137,157],"infected":[86,161],"devices,":[87],"defender":[90],"detection":[92,150],"recovery":[94],"mechanisms":[95],"designed":[96],"control":[98],"while":[101],"obeying":[102],"network-wide":[103],"resource":[104],"constraints.":[105],"We":[106],"use":[107],"stochastic":[109],"model":[110],"represent":[112],"changes":[113],"state":[116],"analytically":[121],"derive":[122],"upper":[124],"bound":[125],"total":[128],"rate":[129,151,158],"at":[130,159],"optimal":[133],"exfiltrate":[136],"network,":[140],"expressed":[141],"terms":[143],"several":[145],"parameters,":[147],"when":[148],"is":[152],"proportional":[153],"outgoing":[156],"each":[160],"device.":[162],"Our":[163],"results":[164],"help":[166],"inform":[167],"cybersecurity":[168],"decision-makers":[169],"judiciously":[171],"allocating":[172],"resources":[173],"manage":[175],"risk.":[176]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}