{"id":"https://openalex.org/W4405845085","doi":"https://doi.org/10.1109/wifs61860.2024.10810721","title":"GUARD: Graph-based Unknown Attack Recognition and Detection","display_name":"GUARD: Graph-based Unknown Attack Recognition and Detection","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405845085","doi":"https://doi.org/10.1109/wifs61860.2024.10810721"},"language":"en","primary_location":{"id":"doi:10.1109/wifs61860.2024.10810721","is_oa":false,"landing_page_url":"https://doi.org/10.1109/wifs61860.2024.10810721","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Workshop on Information Forensics and Security (WIFS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024837045","display_name":"Shane Dirksen","orcid":"https://orcid.org/0009-0001-1493-8169"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shane Dirksen","raw_affiliation_strings":["University of California, Santa Barbara,Department of Computer Science,Santa Barbara,CA,USA"],"affiliations":[{"raw_affiliation_string":"University of California, Santa Barbara,Department of Computer Science,Santa Barbara,CA,USA","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5022202618","display_name":"John Korah","orcid":"https://orcid.org/0000-0003-0033-5671"},"institutions":[{"id":"https://openalex.org/I98947143","display_name":"California State Polytechnic University","ror":"https://ror.org/05by5hm18","country_code":"US","type":"education","lineage":["https://openalex.org/I98947143"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"John Korah","raw_affiliation_strings":["California State Polytechnic University, Pomona,Department of Computer Science,Pomona,CA,USA"],"affiliations":[{"raw_affiliation_string":"California State Polytechnic University, Pomona,Department of Computer Science,Pomona,CA,USA","institution_ids":["https://openalex.org/I98947143"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5024837045"],"corresponding_institution_ids":["https://openalex.org/I154570441"],"apc_list":null,"apc_paid":null,"fwci":0.3663,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.65603287,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9750000238418579,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9416999816894531,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/guard","display_name":"Guard (computer science)","score":0.7277532815933228},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7172768712043762},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.47590383887290955},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3644430637359619},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.35097426176071167}],"concepts":[{"id":"https://openalex.org/C141141315","wikidata":"https://www.wikidata.org/wiki/Q2379942","display_name":"Guard (computer science)","level":2,"score":0.7277532815933228},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7172768712043762},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47590383887290955},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3644430637359619},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.35097426176071167},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/wifs61860.2024.10810721","is_oa":false,"landing_page_url":"https://doi.org/10.1109/wifs61860.2024.10810721","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Workshop on Information Forensics and Security (WIFS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W2001325956","https://openalex.org/W2096733369","https://openalex.org/W2131681506","https://openalex.org/W2134295053","https://openalex.org/W2150847526","https://openalex.org/W2532801570","https://openalex.org/W2678934292","https://openalex.org/W2901114541","https://openalex.org/W2929803724","https://openalex.org/W3093469966","https://openalex.org/W3158938497","https://openalex.org/W3191161603","https://openalex.org/W4205519045","https://openalex.org/W4214699222","https://openalex.org/W4224234142","https://openalex.org/W4307571902","https://openalex.org/W4317214084","https://openalex.org/W4385423342","https://openalex.org/W6630210095","https://openalex.org/W6756728290","https://openalex.org/W6775753421"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4254637722","https://openalex.org/W2980401999","https://openalex.org/W4243136610","https://openalex.org/W2155665570","https://openalex.org/W2033914206","https://openalex.org/W4399685216","https://openalex.org/W2042327336"],"abstract_inverted_index":{"The":[0],"escalating":[1],"threats":[2],"posed":[3],"by":[4,77,91,103],"cyber-attacks,":[5],"particularly":[6],"zero-day":[7,33,61,161],"attacks,":[8,34],"are":[9],"projected":[10],"to":[11,18,59,99],"push":[12],"the":[13,44,87,137],"globalannual":[14],"cost":[15],"of":[16,152],"cybercrime":[17],"${\\$}$10.5":[19],"trillion":[20],"in":[21,143],"2025,":[22],"with":[23,74],"an":[24],"anticipated":[25],"33":[26],"billion":[27],"accounts":[28],"breached":[29],"[1].":[30],"Detecting":[31],"these":[32],"which":[35,53],"exploit":[36],"unknown":[37,122,138],"vulnerabilities,":[38],"is":[39],"critical.":[40],"This":[41],"paper":[42],"introduces":[43],"Graph-based":[45],"Unknown":[46],"Attack":[47],"Recognition":[48],"and":[49,56,67,95,107,117,140,165,173],"Detection":[50],"(GUARD)":[51],"system,":[52],"combines":[54],"autoencoders":[55,71],"graph":[57,101],"theory":[58],"detect":[60],"threats.":[62],"GUARD":[63,120,131,159],"translates":[64],"latent":[65],"representations":[66],"reconstruction":[68,115],"errors":[69],"from":[70,127],"into":[72,169],"graphs,":[73],"edges":[75],"weighted":[76],"similarity.":[78],"Our":[79],"novel":[80],"technique,":[81],"Hierarchical":[82],"Quartet":[83],"Loss,":[84],"builds":[85],"on":[86],"established":[88],"triplet":[89],"loss":[90],"using":[92],"four":[93],"elements":[94],"a":[96,144,149],"hierarchical":[97,145],"structure":[98],"enhance":[100],"modularity":[102],"distinguishing":[104],"both":[105],"attacks":[106],"attack":[108,162],"families.":[109],"By":[110],"analyzing":[111],"patterns":[112],"such":[113],"as":[114],"error":[116],"cosine":[118],"similarity,":[119],"identifies":[121],"samples":[123],"that":[124,158],"deviate":[125],"significantly":[126],"known":[128],"patterns.":[129],"Additionally,":[130],"can":[132],"discern":[133],"multiple":[134],"subclasses":[135],"within":[136],"dataset":[139],"represents":[141],"them":[142],"family":[146],"tree,":[147],"offering":[148],"comprehensive":[150],"visualization":[151],"network":[153],"behaviors.":[154],"Initial":[155],"validation":[156],"shows":[157],"improves":[160],"detection":[163],"precision":[164],"provides":[166],"valuable":[167],"insights":[168],"emerging":[170],"threat":[171],"characteristics":[172],"categorization.":[174]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}