{"id":"https://openalex.org/W4386066246","doi":"https://doi.org/10.1109/smartnets58706.2023.10216058","title":"Few-shot Multi-domain Knowledge Rearming for Context-aware Defence against Advanced Persistent Threats","display_name":"Few-shot Multi-domain Knowledge Rearming for Context-aware Defence against Advanced Persistent Threats","publication_year":2023,"publication_date":"2023-07-25","ids":{"openalex":"https://openalex.org/W4386066246","doi":"https://doi.org/10.1109/smartnets58706.2023.10216058"},"language":"en","primary_location":{"id":"doi:10.1109/smartnets58706.2023.10216058","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/smartnets58706.2023.10216058","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 International Conference on Smart Applications, Communications and Networking (SmartNets)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007267530","display_name":"Gaolei Li","orcid":"https://orcid.org/0000-0003-3913-5001"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Gaolei Li","raw_affiliation_strings":["Shanghai Jiao Tong University,School of Electronic Information and Electrical Engineering,China","School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, China"],"affiliations":[{"raw_affiliation_string":"Shanghai Jiao Tong University,School of Electronic Information and Electrical Engineering,China","institution_ids":["https://openalex.org/I183067930"]},{"raw_affiliation_string":"School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087232801","display_name":"Yuanyuan Zhao","orcid":"https://orcid.org/0000-0001-5298-2948"},"institutions":[{"id":"https://openalex.org/I163151501","display_name":"Hangzhou Normal University","ror":"https://ror.org/014v1mr15","country_code":"CN","type":"education","lineage":["https://openalex.org/I163151501"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuanyuan Zhao","raw_affiliation_strings":["Hangzhou Normal University,School of Information Science and Engineering,China","School of Information Science and Engineering, Hangzhou Normal University, China"],"affiliations":[{"raw_affiliation_string":"Hangzhou Normal University,School of Information Science and Engineering,China","institution_ids":["https://openalex.org/I163151501"]},{"raw_affiliation_string":"School of Information Science and Engineering, Hangzhou Normal University, China","institution_ids":["https://openalex.org/I163151501"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069331320","display_name":"Wenqi Wei","orcid":"https://orcid.org/0000-0001-9177-114X"},"institutions":[{"id":"https://openalex.org/I164389053","display_name":"Fordham University","ror":"https://ror.org/03qnxaf80","country_code":"US","type":"education","lineage":["https://openalex.org/I164389053"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wenqi Wei","raw_affiliation_strings":["Fordham University,Computer and Information Sciences,USA","Computer and Information Sciences, Fordham University, USA"],"affiliations":[{"raw_affiliation_string":"Fordham University,Computer and Information Sciences,USA","institution_ids":["https://openalex.org/I164389053"]},{"raw_affiliation_string":"Computer and Information Sciences, Fordham University, USA","institution_ids":["https://openalex.org/I164389053"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100373054","display_name":"Yuchen Liu","orcid":"https://orcid.org/0000-0002-6517-0022"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yuchen Liu","raw_affiliation_strings":["North Carolina State University,Department of Computer Science,USA","Department of Computer Science, North Carolina State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University,Department of Computer Science,USA","institution_ids":["https://openalex.org/I137902535"]},{"raw_affiliation_string":"Department of Computer Science, North Carolina State University, USA","institution_ids":["https://openalex.org/I137902535"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5007267530"],"corresponding_institution_ids":["https://openalex.org/I183067930"],"apc_list":null,"apc_paid":null,"fwci":0.8003,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.73610578,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.836227536201477},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.629889965057373},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4954622983932495},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4891836941242218},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.44823309779167175},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3865644335746765}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.836227536201477},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.629889965057373},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4954622983932495},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4891836941242218},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.44823309779167175},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3865644335746765},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/smartnets58706.2023.10216058","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/smartnets58706.2023.10216058","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 International Conference on Smart Applications, Communications and Networking (SmartNets)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5799999833106995,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320330944","display_name":"Nature","ror":null},{"id":"https://openalex.org/F4320335787","display_name":"Fundamental Research Funds for the Central Universities","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W2008060027","https://openalex.org/W2028237749","https://openalex.org/W2513712568","https://openalex.org/W2583543049","https://openalex.org/W2604763608","https://openalex.org/W2783741806","https://openalex.org/W2808560727","https://openalex.org/W2885070483","https://openalex.org/W2910711617","https://openalex.org/W2990528700","https://openalex.org/W3021740526","https://openalex.org/W3087849800","https://openalex.org/W3126796721","https://openalex.org/W3154459044","https://openalex.org/W3156032009","https://openalex.org/W3162111110","https://openalex.org/W3188650517","https://openalex.org/W3195892385","https://openalex.org/W3199625283","https://openalex.org/W3204162860","https://openalex.org/W3205070445","https://openalex.org/W3205075735","https://openalex.org/W3215769872","https://openalex.org/W4206495455","https://openalex.org/W4206739656","https://openalex.org/W4213316627","https://openalex.org/W4285157251","https://openalex.org/W4285205054","https://openalex.org/W4309677297","https://openalex.org/W4376480687","https://openalex.org/W6736057607","https://openalex.org/W6770710340","https://openalex.org/W6804415046"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W3046775127","https://openalex.org/W3107602296","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"Advanced":[0],"persistent":[1],"threats":[2],"(APTs)":[3],"have":[4],"novel":[5],"features":[6],"such":[7],"as":[8,87],"multi-stage":[9],"penetration,":[10],"highly-tailored":[11],"intention,":[12],"and":[13,29,58,76,94,138,143,154],"evasive":[14],"tactics.":[15],"APTs":[16],"defense":[17,62,71,112,193,242],"requires":[18,80],"fusing":[19],"multi-dimensional":[20],"Cyber":[21],"threat":[22,152],"intelligence":[23,153],"data":[24],"to":[25,39,165,171,182,196,207],"identify":[26,166],"attack":[27,89,168,208],"intentions":[28],"conducts":[30],"efficient":[31],"knowledge":[32,106,185],"discovery":[33],"strategies":[34],"by":[35],"data-driven":[36,44],"machine":[37,45],"learning":[38,46],"recognize":[40],"entity":[41],"relationships.":[42],"However,":[43],"lacks":[47],"generalization":[48,139],"ability":[49,140],"on":[50,73,216],"fresh":[51,142],"or":[52],"unknown":[53,144],"samples,":[54],"reducing":[55],"the":[56,61,65,129,160,187,192,201,217,224,236,241],"accuracy":[57],"practicality":[59],"of":[60,68,223,227],"model.":[63],"Besides,":[64],"private":[66],"deployment":[67,178],"these":[69],"APT":[70,145],"models":[72],"heterogeneous":[74],"environments":[75],"various":[77],"network":[78,92,125],"devices":[79],"significant":[81],"investment":[82],"in":[83,163],"context":[84],"awareness":[85],"(such":[86],"known":[88],"entities,":[90],"continuous":[91],"states,":[93],"current":[95,173],"security":[96,174],"strategies).":[97],"In":[98,147],"this":[99],"paper,":[100],"we":[101,233],"propose":[102],"a":[103,133,204],"few-shot":[104],"multi-domain":[105],"rearming":[107],"(FMKR)":[108],"scheme":[109,238],"for":[110,141],"context-aware":[111],"against":[113],"APTs.":[114],"By":[115],"completing":[116],"multiple":[117,197,220],"small":[118],"tasks":[119],"that":[120,235],"are":[121,157],"generated":[122],"from":[123,219],"different":[124],"domains":[126],"with":[127,135],"meta-learning,":[128],"FMKR":[130,149,202],"firstly":[131],"trains":[132],"model":[134,198],"good":[136],"discrimination":[137],"attacks.":[146],"each":[148],"task,":[150],"both":[151],"local":[155],"entities":[156],"fused":[158],"into":[159,186],"support/query":[161],"sets":[162],"meta-learning":[164],"possible":[167],"stages.":[169],"Secondly,":[170],"rearm":[172],"strategies,":[175,200],"an":[176],"finetuning-based":[177],"mechanism":[179],"is":[180],"proposed":[181,237],"transfer":[183],"learned":[184],"student":[188],"model,":[189],"while":[190,210],"minimizing":[191],"cost.":[194,214],"Compared":[195],"replacement":[199],"provides":[203],"faster":[205],"response":[206],"behaviors":[209],"consuming":[211],"less":[212],"scheduling":[213],"Based":[215],"feedback":[218],"real":[221],"users":[222],"Industrial":[225],"Internet":[226],"Things":[228],"(IIoT)":[229],"over":[230],"2":[231],"months,":[232],"demonstrate":[234],"can":[239],"improve":[240],"satisfaction":[243],"rate.":[244]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2}],"updated_date":"2026-03-25T13:04:00.132906","created_date":"2025-10-10T00:00:00"}