{"id":"https://openalex.org/W4206444805","doi":"https://doi.org/10.1109/bigdata52589.2021.9671464","title":"Detection of Advanced Persistent Threats using Artificial Intelligence for Deep Packet Inspection","display_name":"Detection of Advanced Persistent Threats using Artificial Intelligence for Deep Packet Inspection","publication_year":2021,"publication_date":"2021-12-15","ids":{"openalex":"https://openalex.org/W4206444805","doi":"https://doi.org/10.1109/bigdata52589.2021.9671464"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata52589.2021.9671464","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata52589.2021.9671464","pdf_url":null,"source":{"id":"https://openalex.org/S4363607718","display_name":"2021 IEEE International Conference on Big Data (Big Data)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063492608","display_name":"Allard Dijk","orcid":"https://orcid.org/0009-0002-1847-7336"},"institutions":[{"id":"https://openalex.org/I4210119716","display_name":"Netherlands Defence Academy","ror":"https://ror.org/02dnvjf04","country_code":"NL","type":"facility","lineage":["https://openalex.org/I4210094335","https://openalex.org/I4210119716","https://openalex.org/I4210140876"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Allard Dijk","raw_affiliation_strings":["Faculty of Military Sciences, Netherlands Defence Academy, Den Helder, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Faculty of Military Sciences, Netherlands Defence Academy, Den Helder, The Netherlands","institution_ids":["https://openalex.org/I4210119716"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5063492608"],"corresponding_institution_ids":["https://openalex.org/I4210119716"],"apc_list":null,"apc_paid":null,"fwci":1.848,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.85369495,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"2092","last_page":"2097"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/deep-packet-inspection","display_name":"Deep packet inspection","score":0.7354937791824341},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7123005986213684},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5939708948135376},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.591627836227417},{"id":"https://openalex.org/keywords/covert","display_name":"Covert","score":0.5366544127464294},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.517342746257782},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.5126475691795349},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4962027668952942},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4903390407562256},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.46972405910491943},{"id":"https://openalex.org/keywords/big-data","display_name":"Big data","score":0.4455299973487854},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.4300169348716736},{"id":"https://openalex.org/keywords/autoencoder","display_name":"Autoencoder","score":0.4217890501022339},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.2391001284122467}],"concepts":[{"id":"https://openalex.org/C204679922","wikidata":"https://www.wikidata.org/wiki/Q734252","display_name":"Deep packet inspection","level":3,"score":0.7354937791824341},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7123005986213684},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5939708948135376},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.591627836227417},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.5366544127464294},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.517342746257782},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.5126475691795349},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4962027668952942},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4903390407562256},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.46972405910491943},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.4455299973487854},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.4300169348716736},{"id":"https://openalex.org/C101738243","wikidata":"https://www.wikidata.org/wiki/Q786435","display_name":"Autoencoder","level":3,"score":0.4217890501022339},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2391001284122467},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata52589.2021.9671464","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata52589.2021.9671464","pdf_url":null,"source":{"id":"https://openalex.org/S4363607718","display_name":"2021 IEEE International Conference on Big Data (Big Data)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6800000071525574,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W2021200789","https://openalex.org/W2148583977","https://openalex.org/W2296509296","https://openalex.org/W2343828539","https://openalex.org/W2550670348","https://openalex.org/W2734777338","https://openalex.org/W2789828921","https://openalex.org/W2910244694","https://openalex.org/W2963197901","https://openalex.org/W2997574889","https://openalex.org/W3133235094","https://openalex.org/W6681096077","https://openalex.org/W6758213078"],"related_works":["https://openalex.org/W2159052453","https://openalex.org/W3013693939","https://openalex.org/W2566616303","https://openalex.org/W3131327266","https://openalex.org/W1971040605","https://openalex.org/W1523103140","https://openalex.org/W4293863310","https://openalex.org/W3160314615","https://openalex.org/W2787505794","https://openalex.org/W4387010139"],"abstract_inverted_index":{"Advanced":[0],"persistent":[1],"threats":[2],"(APT\u2019s)":[3],"are":[4,26,63,67,79],"stealthy":[5],"threat":[6],"actors":[7],"with":[8],"the":[9,16,27,55,69,88,110,115,127,165,172,191,209,212,230],"skills":[10],"to":[11,57,174,181,185,195,202,226],"gain":[12],"covert":[13],"control":[14],"of":[15,23,47,77,96,119,129,211,229],"computer":[17],"network":[18,107,150,213],"for":[19,33,132],"an":[20,42,120],"extended":[21],"period":[22],"time.":[24],"They":[25],"highest":[28],"cyber":[29,74,91],"attack":[30,40],"risk":[31],"factor":[32],"large":[34],"companies":[35],"and":[36,53,66,72,117,151,158],"states.":[37],"A":[38],"successful":[39],"via":[41],"APT":[43,61,98,134],"can":[44,49,100],"cost":[45],"millions":[46],"dollars,":[48],"disrupt":[50],"civil":[51],"life":[52],"has":[54],"capabilities":[56],"do":[58],"physical":[59],"damage.":[60],"groups":[62],"typically":[64],"state-sponsored":[65],"considered":[68],"most":[70],"effective":[71],"skilled":[73],"attackers.":[75],"Attacks":[76],"APT\u2019s":[78],"executed":[80],"in":[81,87,106,164],"several":[82,138],"stages":[83,99,118],"as":[84,104],"pointed":[85],"out":[86,124],"Lockheed":[89],"Martin":[90],"kill":[92],"chain":[93],"(CKC).":[94],"Each":[95],"these":[97],"potentially":[101],"be":[102],"identified":[103],"patterns":[105],"traffic.":[108],"Using":[109],"\"APT-2020\"":[111],"dataset,":[112],"that":[113],"compiles":[114],"characteristics":[116],"APT,":[121],"we":[122],"carried":[123],"experiments":[125],"on":[126,162],"detection":[128,163,224],"anomalous":[130],"traffic":[131,214],"all":[133],"stages.":[135],"We":[136,198],"compare":[137],"artificial":[139],"intelligence":[140],"models,":[141],"like":[142],"a":[143,147,152,176,200],"stacked":[144],"auto":[145],"encoder,":[146],"recurrent":[148],"neural":[149],"one":[153],"class":[154],"state":[155,228],"vector":[156],"machine":[157],"show":[159],"significant":[160],"improvements":[161],"data":[166,177,205],"exfiltration":[167,178,206],"stage.":[168,197],"This":[169,216],"dataset":[170],"is":[171],"first":[173],"have":[175,190],"stage":[179],"included":[180],"experiment":[182],"on.":[183],"According":[184],"APT-2020\u2019s":[186],"authors":[187],"current":[188],"models":[189],"biggest":[192],"challenge":[193],"specific":[194],"this":[196],"introduce":[199],"method":[201],"successfully":[203],"detect":[204],"by":[207],"analyzing":[208],"payload":[210],"flow.":[215],"flow":[217],"based":[218],"deep":[219],"packet":[220],"inspection":[221],"approach":[222],"improves":[223],"compared":[225],"other":[227],"art":[231],"methods.":[232]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}