{"id":"https://openalex.org/W4286375281","doi":"https://doi.org/10.1109/tkde.2022.3175719","title":"CSKG4APT: A Cybersecurity Knowledge Graph for Advanced Persistent Threat Organization Attribution","display_name":"CSKG4APT: A Cybersecurity Knowledge Graph for Advanced Persistent Threat Organization Attribution","publication_year":2022,"publication_date":"2022-07-20","ids":{"openalex":"https://openalex.org/W4286375281","doi":"https://doi.org/10.1109/tkde.2022.3175719"},"language":"en","primary_location":{"id":"doi:10.1109/tkde.2022.3175719","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tkde.2022.3175719","pdf_url":null,"source":{"id":"https://openalex.org/S30698027","display_name":"IEEE Transactions on Knowledge and Data Engineering","issn_l":"1041-4347","issn":["1041-4347","1558-2191","2326-3865"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Knowledge and Data Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5023756374","display_name":"Yitong Ren","orcid":null},"institutions":[{"id":"https://openalex.org/I37987034","display_name":"Guangzhou University","ror":"https://ror.org/05ar8rn06","country_code":"CN","type":"education","lineage":["https://openalex.org/I37987034"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yitong Ren","raw_affiliation_strings":["Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China"],"affiliations":[{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","institution_ids":["https://openalex.org/I37987034"]},{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China","institution_ids":["https://openalex.org/I37987034"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078883262","display_name":"Yanjun Xiao","orcid":"https://orcid.org/0000-0003-3299-9069"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yanjun Xiao","raw_affiliation_strings":["PINGXING Lab (Nsfocus Technology Group Company), Guangdong, China","PINGXING Lab (Nsfocus Technology Group Company), Guangzhou, 510663, China"],"affiliations":[{"raw_affiliation_string":"PINGXING Lab (Nsfocus Technology Group Company), Guangdong, China","institution_ids":[]},{"raw_affiliation_string":"PINGXING Lab (Nsfocus Technology Group Company), Guangzhou, 510663, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056097781","display_name":"Yinghai Zhou","orcid":"https://orcid.org/0000-0001-9424-8282"},"institutions":[{"id":"https://openalex.org/I37987034","display_name":"Guangzhou University","ror":"https://ror.org/05ar8rn06","country_code":"CN","type":"education","lineage":["https://openalex.org/I37987034"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yinghai Zhou","raw_affiliation_strings":["Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China"],"affiliations":[{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","institution_ids":["https://openalex.org/I37987034"]},{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China","institution_ids":["https://openalex.org/I37987034"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100352621","display_name":"Zhiyong Zhang","orcid":"https://orcid.org/0000-0003-3061-7768"},"institutions":[{"id":"https://openalex.org/I37987034","display_name":"Guangzhou University","ror":"https://ror.org/05ar8rn06","country_code":"CN","type":"education","lineage":["https://openalex.org/I37987034"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiyong Zhang","raw_affiliation_strings":["Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China"],"affiliations":[{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","institution_ids":["https://openalex.org/I37987034"]},{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China","institution_ids":["https://openalex.org/I37987034"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056608045","display_name":"Zhihong Tian","orcid":"https://orcid.org/0000-0002-9409-5359"},"institutions":[{"id":"https://openalex.org/I37987034","display_name":"Guangzhou University","ror":"https://ror.org/05ar8rn06","country_code":"CN","type":"education","lineage":["https://openalex.org/I37987034"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhihong Tian","raw_affiliation_strings":["Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China"],"affiliations":[{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China","institution_ids":["https://openalex.org/I37987034"]},{"raw_affiliation_string":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China","institution_ids":["https://openalex.org/I37987034"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5023756374"],"corresponding_institution_ids":["https://openalex.org/I37987034"],"apc_list":null,"apc_paid":null,"fwci":54.8361,"has_fulltext":false,"cited_by_count":184,"citation_normalized_percentile":{"value":0.99923142,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"35","issue":"6","first_page":"5695","last_page":"5709"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10064","display_name":"Complex Network Analysis Techniques","score":0.9905999898910522,"subfield":{"id":"https://openalex.org/subfields/3109","display_name":"Statistical and Nonlinear Physics"},"field":{"id":"https://openalex.org/fields/31","display_name":"Physics and Astronomy"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8003629446029663},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6566103100776672},{"id":"https://openalex.org/keywords/attribution","display_name":"Attribution","score":0.5047410726547241},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.4551950693130493},{"id":"https://openalex.org/keywords/ontology","display_name":"Ontology","score":0.44495218992233276}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8003629446029663},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6566103100776672},{"id":"https://openalex.org/C143299363","wikidata":"https://www.wikidata.org/wiki/Q900584","display_name":"Attribution","level":2,"score":0.5047410726547241},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.4551950693130493},{"id":"https://openalex.org/C25810664","wikidata":"https://www.wikidata.org/wiki/Q44325","display_name":"Ontology","level":2,"score":0.44495218992233276},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tkde.2022.3175719","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tkde.2022.3175719","pdf_url":null,"source":{"id":"https://openalex.org/S30698027","display_name":"IEEE Transactions on Knowledge and Data Engineering","issn_l":"1041-4347","issn":["1041-4347","1558-2191","2326-3865"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Knowledge and Data Engineering","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5799999833106995,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G2505869560","display_name":null,"funder_award_id":"U20B2046","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":41,"referenced_works":["https://openalex.org/W77083600","https://openalex.org/W1168380817","https://openalex.org/W1976339648","https://openalex.org/W2056321066","https://openalex.org/W2128180557","https://openalex.org/W2538865281","https://openalex.org/W2588560471","https://openalex.org/W2725088185","https://openalex.org/W2771963642","https://openalex.org/W2786385084","https://openalex.org/W2806278276","https://openalex.org/W2837911466","https://openalex.org/W2891787071","https://openalex.org/W2896457183","https://openalex.org/W2908909372","https://openalex.org/W2914662937","https://openalex.org/W2942735942","https://openalex.org/W2963296777","https://openalex.org/W2969729633","https://openalex.org/W2974159469","https://openalex.org/W2978864691","https://openalex.org/W2980659949","https://openalex.org/W2998286882","https://openalex.org/W3003265726","https://openalex.org/W3010977072","https://openalex.org/W3017733550","https://openalex.org/W3022088706","https://openalex.org/W3138686850","https://openalex.org/W3152911549","https://openalex.org/W3183268685","https://openalex.org/W3199453968","https://openalex.org/W3211888892","https://openalex.org/W3214329506","https://openalex.org/W4200442713","https://openalex.org/W4205199446","https://openalex.org/W6603173816","https://openalex.org/W6740396864","https://openalex.org/W6755207826","https://openalex.org/W6793953445","https://openalex.org/W6803974822","https://openalex.org/W7039507445"],"related_works":["https://openalex.org/W2972971880","https://openalex.org/W2493430149","https://openalex.org/W1604710049","https://openalex.org/W1994763079","https://openalex.org/W4242728933","https://openalex.org/W2485875719","https://openalex.org/W3111770095","https://openalex.org/W4205964326","https://openalex.org/W4285256911","https://openalex.org/W3110049015"],"abstract_inverted_index":{"Open-source":[0],"cyber":[1,18,116],"threat":[2,19,28,47,61,87,100,117,138,182],"intelligence":[3,20,232],"(OSCTI)":[4],"is":[5,94,213],"becoming":[6],"more":[7],"influential":[8],"in":[9,76,128,219,247],"obtaining":[10],"current":[11],"network":[12,221,248],"security":[13,51,74],"information.":[14],"Most":[15],"studies":[16],"on":[17,23,115,152,172],"(CTI)":[21],"focus":[22],"automating":[24],"the":[25,44,85,98,107,112,129,135,158,190,242],"extraction":[26,184],"of":[27,46,60,131,160,230],"entities":[29],"from":[30,88,142],"public":[31],"sources":[32],"that":[33,50,225],"describe":[34],"attack":[35,90,99,118,175,205,249],"events.":[36,91],"The":[37,67],"cybersecurity":[38,147],"knowledge":[39,48,108,140,154,168,183,191],"graph":[40,109,141,169,192],"aims":[41],"to":[42,96],"change":[43],"expression":[45],"so":[49],"researchers":[52],"can":[53,70,82,234],"accurately":[54],"and":[55,120,126,133,188,196,210,233,250],"efficiently":[56],"obtain":[57],"various":[58],"types":[59],"information":[62],"for":[63,186,244],"preliminary":[64],"intelligent":[65],"decisions.":[66],"attribution":[68,206,209],"technology":[69],"not":[71,214],"only":[72],"assist":[73],"analysts":[75],"detecting":[77],"advanced":[78,136],"persistent":[79,137],"threats,":[80],"but":[81,223],"also":[83],"identify":[84],"same":[86],"different":[89],"Therefore,":[92],"it":[93],"important":[95],"trace":[97],"actor.":[101],"In":[102],"this":[103],"study,":[104],"we":[105,162,200],"used":[106],"technology,":[110],"considered":[111],"latest":[113],"research":[114],"attribution,":[119],"thoroughly":[121],"examined":[122],"key":[123],"related":[124],"technologies":[125],"theories":[127],"process":[130],"constructing":[132],"applying":[134],"(APT)":[139],"OSCTI.":[143],"We":[144,177],"designed":[145,179],"a":[146,153,202,215,227],"platform":[148],"named":[149],"CSKG4APT":[150,164,212],"based":[151,171],"graph.":[155],"Inspired":[156],"by":[157],"theory":[159],"ontology,":[161],"constructed":[163],"as":[165],"an":[166,180],"APT":[167,174,181,204],"model":[170],"real":[173],"scenarios.":[176],"then":[178],"algorithm":[185],"completing":[187],"updating":[189],"using":[193],"deep":[194],"learning":[195],"expert":[197],"knowledge.":[198],"Finally,":[199],"proposed":[201],"practical":[203],"method":[207,218],"with":[208],"countermeasures.":[211],"passive":[216],"defense":[217,238],"traditional":[220],"confrontation":[222],"one":[224],"integrates":[226],"large":[228],"amount":[229],"fragmented":[231],"actively":[235],"adjust":[236],"its":[237],"strategy.":[239],"It":[240],"lays":[241],"foundation":[243],"further":[245],"dominance":[246],"defense.":[251]},"counts_by_year":[{"year":2026,"cited_by_count":12},{"year":2025,"cited_by_count":81},{"year":2024,"cited_by_count":60},{"year":2023,"cited_by_count":29},{"year":2022,"cited_by_count":2}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}