{"id":"https://openalex.org/W2802537128","doi":"https://doi.org/10.1109/tifs.2018.2833048","title":"Probabilistically Inferring Attack Ramifications Using Temporal Dependence Network","display_name":"Probabilistically Inferring Attack Ramifications Using Temporal Dependence Network","publication_year":2018,"publication_date":"2018-05-03","ids":{"openalex":"https://openalex.org/W2802537128","doi":"https://doi.org/10.1109/tifs.2018.2833048","mag":"2802537128"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2018.2833048","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2018.2833048","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://corescholar.libraries.wright.edu/cse/522","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100713636","display_name":"Yuan Yang","orcid":"https://orcid.org/0000-0003-2389-701X"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yuan Yang","raw_affiliation_strings":["MOE Key Laboratory for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"MOE Key Laboratory for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103226165","display_name":"Zhongmin Cai","orcid":"https://orcid.org/0000-0003-2152-720X"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhongmin Cai","raw_affiliation_strings":["MOE Key Laboratory for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"MOE Key Laboratory for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100451079","display_name":"Chunyan Wang","orcid":"https://orcid.org/0000-0002-6353-1947"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chunyan Wang","raw_affiliation_strings":["MOE Key Laboratory for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"MOE Key Laboratory for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100343070","display_name":"Junjie Zhang","orcid":"https://orcid.org/0000-0003-0061-3790"},"institutions":[{"id":"https://openalex.org/I19648265","display_name":"Wright State University","ror":"https://ror.org/04qk6pt94","country_code":"US","type":"education","lineage":["https://openalex.org/I19648265"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Junjie Zhang","raw_affiliation_strings":["Department of Computer Science and Engineering, Wright State University, Dayton, OH, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Wright State University, Dayton, OH, USA","institution_ids":["https://openalex.org/I19648265"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100713636"],"corresponding_institution_ids":["https://openalex.org/I87445476"],"apc_list":null,"apc_paid":null,"fwci":0.9771,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.7849658,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"13","issue":"11","first_page":"2913","last_page":"2928"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8392482995986938},{"id":"https://openalex.org/keywords/object","display_name":"Object (grammar)","score":0.6046854853630066},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6029226779937744},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5901267528533936},{"id":"https://openalex.org/keywords/probabilistic-logic","display_name":"Probabilistic logic","score":0.5370779037475586},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.5177011489868164},{"id":"https://openalex.org/keywords/bayesian-network","display_name":"Bayesian network","score":0.5067935585975647},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5020952224731445},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4981813430786133},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.49393612146377563},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4705301523208618},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.41795411705970764},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.37477216124534607}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8392482995986938},{"id":"https://openalex.org/C2781238097","wikidata":"https://www.wikidata.org/wiki/Q175026","display_name":"Object (grammar)","level":2,"score":0.6046854853630066},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6029226779937744},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5901267528533936},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.5370779037475586},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.5177011489868164},{"id":"https://openalex.org/C33724603","wikidata":"https://www.wikidata.org/wiki/Q812540","display_name":"Bayesian network","level":2,"score":0.5067935585975647},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5020952224731445},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4981813430786133},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.49393612146377563},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4705301523208618},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.41795411705970764},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.37477216124534607},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tifs.2018.2833048","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2018.2833048","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:corescholar.libraries.wright.edu:cse-1522","is_oa":true,"landing_page_url":"https://corescholar.libraries.wright.edu/cse/522","pdf_url":null,"source":{"id":"https://openalex.org/S2737205702","display_name":"Journal of Bioresource Management","issn_l":"2309-3854","issn":["2309-3854"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310316536","host_organization_name":"Bioresource Research Center (BRC), Islamabad","host_organization_lineage":["https://openalex.org/P4310316536"],"host_organization_lineage_names":["Bioresource Research Center (BRC), Islamabad"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer Science and Engineering Faculty Publications","raw_type":"text"},{"id":"pmh:oai:works.bepress.com:junjie_zhang-1040","is_oa":true,"landing_page_url":"https://works.bepress.com/junjie_zhang/22","pdf_url":null,"source":{"id":"https://openalex.org/S2737205702","display_name":"Journal of Bioresource Management","issn_l":"2309-3854","issn":["2309-3854"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310316536","host_organization_name":"Bioresource Research Center (BRC), Islamabad","host_organization_lineage":["https://openalex.org/P4310316536"],"host_organization_lineage_names":["Bioresource Research Center (BRC), Islamabad"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Junjie Zhang","raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:corescholar.libraries.wright.edu:cse-1522","is_oa":true,"landing_page_url":"https://corescholar.libraries.wright.edu/cse/522","pdf_url":null,"source":{"id":"https://openalex.org/S2737205702","display_name":"Journal of Bioresource Management","issn_l":"2309-3854","issn":["2309-3854"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310316536","host_organization_name":"Bioresource Research Center (BRC), Islamabad","host_organization_lineage":["https://openalex.org/P4310316536"],"host_organization_lineage_names":["Bioresource Research Center (BRC), Islamabad"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer Science and Engineering Faculty Publications","raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5099999904632568,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G6078260822","display_name":null,"funder_award_id":"61772415","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G983152199","display_name":null,"funder_award_id":"61375040","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":43,"referenced_works":["https://openalex.org/W31137683","https://openalex.org/W181178495","https://openalex.org/W433644524","https://openalex.org/W1477109081","https://openalex.org/W1485337887","https://openalex.org/W1508191694","https://openalex.org/W1523450724","https://openalex.org/W2030806251","https://openalex.org/W2031175798","https://openalex.org/W2035541386","https://openalex.org/W2049360502","https://openalex.org/W2053944475","https://openalex.org/W2067681173","https://openalex.org/W2101109743","https://openalex.org/W2122371512","https://openalex.org/W2123363884","https://openalex.org/W2125518321","https://openalex.org/W2131875370","https://openalex.org/W2133089788","https://openalex.org/W2138357890","https://openalex.org/W2139419152","https://openalex.org/W2142889610","https://openalex.org/W2143659423","https://openalex.org/W2154081981","https://openalex.org/W2159080219","https://openalex.org/W2293351723","https://openalex.org/W2294464288","https://openalex.org/W2295705535","https://openalex.org/W2397699236","https://openalex.org/W2406874314","https://openalex.org/W2532844970","https://openalex.org/W2551327904","https://openalex.org/W2565025742","https://openalex.org/W2579106964","https://openalex.org/W2775907401","https://openalex.org/W4255411440","https://openalex.org/W6601232005","https://openalex.org/W6607320114","https://openalex.org/W6678488274","https://openalex.org/W6696473490","https://openalex.org/W6712595259","https://openalex.org/W6713994198","https://openalex.org/W6746881628"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819","https://openalex.org/W3152891574","https://openalex.org/W2249809453","https://openalex.org/W2133389611"],"abstract_inverted_index":{"There":[0],"is":[1,24,145,168,230],"an":[2,20,54,120,197],"increasing":[3],"need":[4],"of":[5,11,29,53,77,84,107,119,133,174,196,209,246],"assessing":[6],"and":[7,16,64,87],"mitigating":[8],"the":[9,35,46,50,82,117,130,172,178,181,188,193,201,214,244],"effects":[10],"successful":[12],"attacks.":[13],"Uncovering":[14],"malicious":[15],"contaminated":[17],"objects":[18,108],"in":[19,177],"attacked":[21],"computing":[22],"system":[23,148],"referred":[25],"to":[26,90,100,127,151,155,170,191,232],"as":[27,60,222],"identification":[28],"attack":[30,36,79,234],"ramifications.":[31],"Previous":[32],"methods":[33],"identify":[34,233],"ramifications":[37,80,235],"by":[38,213],"directly":[39],"tracking":[40],"information":[41,156],"flows":[42,157],"(or":[43],"dependences)":[44],"from":[45,104,147],"intrusion":[47,62,85,247],"root":[48,63,86],"(i.e.,":[49],"entry":[51],"point":[52],"attack).":[55],"They":[56],"face":[57],"challenges":[58],"such":[59,221],"undetermined":[61],"dependence":[65,142],"explosion.":[66,92],"In":[67],"this":[68,134],"paper,":[69],"we":[70],"present":[71],"a":[72,96,105,140,163,205,237],"novel,":[73],"light-weight":[74],"method":[75,94,182,203,229],"capable":[76],"identifying":[78],"without":[81,243],"knowledge":[83,245],"less":[88],"subject":[89],"dependency":[91],"The":[93],"utilizes":[95],"probabilistic":[97],"reasoning":[98],"approach":[99],"fuse":[101],"evidence":[102],"derived":[103],"subset":[106],"whose":[109],"security":[110,131,194],"states":[111],"are":[112],"known.":[113],"It":[114],"first":[115],"splits":[116],"lifetime":[118],"object":[121,135],"into":[122],"consecutive":[123],"time":[124],"slices":[125],"(object-slices)":[126],"profile":[128],"how":[129],"state":[132,195],"changes":[136],"over":[137],"time.":[138],"Then,":[139],"temporal":[141],"network":[143,165],"(TDN)":[144],"constructed":[146],"call":[149],"traces":[150],"correlate":[152],"object-slices":[153],"according":[154],"between":[158],"them.":[159],"Based":[160],"on":[161,187],"that,":[162],"Bayesian":[164],"(BN)":[166],"model":[167,190],"built":[169],"characterize":[171],"uncertainties":[173],"infection":[175],"propagations":[176],"TDN.":[179],"Finally,":[180],"adopts":[183],"loopy":[184],"belief":[185],"propagation":[186],"BN":[189],"infer":[192],"object.":[198],"We":[199],"evaluate":[200],"proposed":[202],"using":[204],"large":[206],"data":[207],"set":[208],"389":[210],"attacks":[211],"launched":[212],"real-world":[215],"malware":[216],"samples":[217],"including":[218],"sophisticated":[219],"ones":[220],"Stuxnet.":[223],"Extensive":[224],"experiments":[225],"demonstrate":[226],"that":[227],"our":[228],"able":[231],"with":[236],"97.47%":[238],"precision":[239],"at":[240],"97.21%":[241],"recall":[242],"root.":[248]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":3}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}