{"id":"https://openalex.org/W3130138053","doi":"https://doi.org/10.1109/trustcom50675.2020.00099","title":"MLTracer: Malicious Logins Detection System via Graph Neural Network","display_name":"MLTracer: Malicious Logins Detection System via Graph Neural Network","publication_year":2020,"publication_date":"2020-12-01","ids":{"openalex":"https://openalex.org/W3130138053","doi":"https://doi.org/10.1109/trustcom50675.2020.00099","mag":"3130138053"},"language":"en","primary_location":{"id":"doi:10.1109/trustcom50675.2020.00099","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom50675.2020.00099","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5052918741","display_name":"Fucheng Liu","orcid":"https://orcid.org/0000-0002-3721-0250"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Fucheng Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101452958","display_name":"Yu Wen","orcid":"https://orcid.org/0000-0002-0658-0742"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yu Wen","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051756388","display_name":"Yanna Wu","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yanna Wu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064365235","display_name":"Shuangshuang Liang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuangshuang Liang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005372161","display_name":"Xihe Jiang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xihe Jiang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China; University of Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101525319","display_name":"Dan Meng","orcid":"https://orcid.org/0000-0003-1980-9283"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dan Meng","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, China","Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5052918741"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":1.3876,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.83394877,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"715","last_page":"726"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/login","display_name":"Login","score":0.9629930257797241},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8492215871810913},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.5950325727462769},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.5526880025863647},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4135810136795044},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4120393395423889},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3560488522052765},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.35089606046676636},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.34677329659461975},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.13220340013504028}],"concepts":[{"id":"https://openalex.org/C113324615","wikidata":"https://www.wikidata.org/wiki/Q472302","display_name":"Login","level":2,"score":0.9629930257797241},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8492215871810913},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.5950325727462769},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.5526880025863647},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4135810136795044},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4120393395423889},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3560488522052765},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.35089606046676636},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.34677329659461975},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.13220340013504028}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/trustcom50675.2020.00099","is_oa":false,"landing_page_url":"https://doi.org/10.1109/trustcom50675.2020.00099","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W103340358","https://openalex.org/W1514535095","https://openalex.org/W1578972423","https://openalex.org/W1662382123","https://openalex.org/W1849277567","https://openalex.org/W1965555277","https://openalex.org/W2098711168","https://openalex.org/W2112796928","https://openalex.org/W2148143831","https://openalex.org/W2158934842","https://openalex.org/W2194775991","https://openalex.org/W2465015709","https://openalex.org/W2476891002","https://openalex.org/W2525596522","https://openalex.org/W2538613254","https://openalex.org/W2556800116","https://openalex.org/W2561684037","https://openalex.org/W2562836854","https://openalex.org/W2743104969","https://openalex.org/W2765664114","https://openalex.org/W2766503369","https://openalex.org/W2767501021","https://openalex.org/W2884134047","https://openalex.org/W2891432086","https://openalex.org/W2891621711","https://openalex.org/W2892116995","https://openalex.org/W2914845368","https://openalex.org/W2925289689","https://openalex.org/W2945594170","https://openalex.org/W2950369002","https://openalex.org/W2962703433","https://openalex.org/W2963984147","https://openalex.org/W2964015378","https://openalex.org/W2964311892","https://openalex.org/W2964321699","https://openalex.org/W2979813445","https://openalex.org/W2982441385","https://openalex.org/W2986944522","https://openalex.org/W3033061289","https://openalex.org/W3048692563","https://openalex.org/W3100503250","https://openalex.org/W3106460253","https://openalex.org/W4210257598","https://openalex.org/W6630875275","https://openalex.org/W6637178625","https://openalex.org/W6719270105","https://openalex.org/W6720006811","https://openalex.org/W6726873649","https://openalex.org/W6728081712","https://openalex.org/W6730713231"],"related_works":["https://openalex.org/W4235220108","https://openalex.org/W4256170434","https://openalex.org/W4233948907","https://openalex.org/W4315650027","https://openalex.org/W4238894392","https://openalex.org/W2357607877","https://openalex.org/W4238771742","https://openalex.org/W4235839583","https://openalex.org/W4311722428","https://openalex.org/W4252054168"],"abstract_inverted_index":{"Malicious":[0],"login,":[1],"especially":[2],"lateral":[3],"movement,":[4],"has":[5,76],"been":[6],"a":[7,29,64,88,108,118,130,172],"primary":[8],"and":[9,35,129],"costly":[10],"threat":[11],"for":[12,71],"enterprises.":[13],"However,":[14],"there":[15],"exist":[16],"two":[17,77],"critical":[18],"challenges":[19],"in":[20],"the":[21,38,53,82,99,136],"existing":[22],"methods.":[23,163],"Specifically,":[24],"they":[25,50],"heavily":[26],"rely":[27],"on":[28],"limited":[30],"number":[31],"of":[32,95,126,139,151],"predefined":[33],"rules":[34],"features.":[36,104],"When":[37],"attack":[39,169],"patterns":[40],"change,":[41],"security":[42],"experts":[43],"must":[44],"manually":[45],"design":[46],"new":[47],"ones.":[48],"Besides,":[49],"cannot":[51],"explore":[52,124],"attributes'":[54],"mutual":[55],"effect":[56],"specific":[57],"to":[58,80,91,111,123,133],"login":[59,96,127,140],"operations.":[60],"We":[61,147],"propose":[62],"MLTracer,":[63],"graph":[65],"neural":[66,120],"network":[67,121],"(GNN)":[68],"based":[69],"system":[70],"detecting":[72],"such":[73,152],"attacks.":[74],"It":[75],"core":[78],"components":[79],"tackle":[81],"previous":[83],"challenges.":[84],"First,":[85],"MLTracer":[86,106,159,165],"adopts":[87],"novel":[89],"method":[90],"differentiate":[92],"crucial":[93],"attributes":[94,125,141],"operations":[97],"from":[98],"rest":[100],"without":[101],"experts'":[102],"designated":[103],"Second,":[105],"leverages":[107],"GNN":[109],"model":[110,116],"detect":[112],"malicious":[113],"logins.":[114],"The":[115,155],"involves":[117],"convolutional":[119],"(CNN)":[122],"operations,":[128],"co-attention":[131],"mechanism":[132],"mutually":[134],"improve":[135],"representations":[137],"(vectors)":[138],"through":[142],"learning":[143],"their":[144],"login-specific":[145],"relation.":[146],"implement":[148],"an":[149,153],"evaluation":[150],"approach.":[154],"results":[156],"demonstrate":[157],"that":[158],"significantly":[160],"outperforms":[161],"state-of-the-art":[162],"Moreover,":[164],"effectively":[166],"detects":[167],"various":[168],"scenarios":[170],"with":[171],"remarkably":[173],"low":[174],"false":[175],"positive":[176],"rate":[177],"(FPR).":[178]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}