{"id":"https://openalex.org/W1999206795","doi":"https://doi.org/10.1145/2799979.2800037","title":"A classification framework for distinct cyber-attacks based on occurrence patterns","display_name":"A classification framework for distinct cyber-attacks based on occurrence patterns","publication_year":2015,"publication_date":"2015-09-08","ids":{"openalex":"https://openalex.org/W1999206795","doi":"https://doi.org/10.1145/2799979.2800037","mag":"1999206795"},"language":"en","primary_location":{"id":"doi:10.1145/2799979.2800037","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2799979.2800037","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 8th International Conference on Security of Information and Networks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047755763","display_name":"Malik Shahzad Kaleem Awan","orcid":null},"institutions":[{"id":"https://openalex.org/I79510175","display_name":"Cardiff University","ror":"https://ror.org/03kk7td41","country_code":"GB","type":"education","lineage":["https://openalex.org/I79510175"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Malik S. K. Awan","raw_affiliation_strings":["Cardiff University, Cardiff, UK","[Cardiff University, Cardiff, UK]"],"affiliations":[{"raw_affiliation_string":"Cardiff University, Cardiff, UK","institution_ids":["https://openalex.org/I79510175"]},{"raw_affiliation_string":"[Cardiff University, Cardiff, UK]","institution_ids":["https://openalex.org/I79510175"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Mohammed AlGhamdi","orcid":null},"institutions":[{"id":"https://openalex.org/I199693650","display_name":"Umm al-Qura University","ror":"https://ror.org/01xjqrm90","country_code":"SA","type":"education","lineage":["https://openalex.org/I199693650"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Mohammed AlGhamdi","raw_affiliation_strings":["Umm AlQura University, Makkah, KSA"],"affiliations":[{"raw_affiliation_string":"Umm AlQura University, Makkah, KSA","institution_ids":["https://openalex.org/I199693650"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085780043","display_name":"Sultan H. Almotiri","orcid":"https://orcid.org/0000-0003-1594-9115"},"institutions":[{"id":"https://openalex.org/I199693650","display_name":"Umm al-Qura University","ror":"https://ror.org/01xjqrm90","country_code":"SA","type":"education","lineage":["https://openalex.org/I199693650"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Sultan AlMotiri","raw_affiliation_strings":["Umm AlQura University, Makkah, KSA"],"affiliations":[{"raw_affiliation_string":"Umm AlQura University, Makkah, KSA","institution_ids":["https://openalex.org/I199693650"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090436792","display_name":"Pete Burnap","orcid":"https://orcid.org/0000-0003-0396-633X"},"institutions":[{"id":"https://openalex.org/I79510175","display_name":"Cardiff University","ror":"https://ror.org/03kk7td41","country_code":"GB","type":"education","lineage":["https://openalex.org/I79510175"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Pete Burnap","raw_affiliation_strings":["Cardiff University, Cardiff, UK","[Cardiff University, Cardiff, UK]"],"affiliations":[{"raw_affiliation_string":"Cardiff University, Cardiff, UK","institution_ids":["https://openalex.org/I79510175"]},{"raw_affiliation_string":"[Cardiff University, Cardiff, UK]","institution_ids":["https://openalex.org/I79510175"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021973291","display_name":"Omer Rana","orcid":"https://orcid.org/0000-0003-3597-2646"},"institutions":[{"id":"https://openalex.org/I79510175","display_name":"Cardiff University","ror":"https://ror.org/03kk7td41","country_code":"GB","type":"education","lineage":["https://openalex.org/I79510175"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Omer Rana","raw_affiliation_strings":["Cardiff University, Cardiff, UK","[Cardiff University, Cardiff, UK]"],"affiliations":[{"raw_affiliation_string":"Cardiff University, Cardiff, UK","institution_ids":["https://openalex.org/I79510175"]},{"raw_affiliation_string":"[Cardiff University, Cardiff, UK]","institution_ids":["https://openalex.org/I79510175"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5047755763"],"corresponding_institution_ids":["https://openalex.org/I79510175"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.0730671,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"165","last_page":"168"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.8636912107467651},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8620157837867737},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7592203617095947},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7447734475135803},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.6122243404388428},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5583803653717041},{"id":"https://openalex.org/keywords/network-administrator","display_name":"Network administrator","score":0.4889127314090729},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.42513716220855713},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.15667158365249634},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.10093164443969727},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07436272501945496}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.8636912107467651},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8620157837867737},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7592203617095947},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7447734475135803},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.6122243404388428},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5583803653717041},{"id":"https://openalex.org/C2779173999","wikidata":"https://www.wikidata.org/wiki/Q680296","display_name":"Network administrator","level":2,"score":0.4889127314090729},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.42513716220855713},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.15667158365249634},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.10093164443969727},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07436272501945496}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2799979.2800037","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2799979.2800037","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 8th International Conference on Security of Information and Networks","raw_type":"proceedings-article"},{"id":"pmh:oai:https://orca.cardiff.ac.uk:78654","is_oa":false,"landing_page_url":"https://orca.cardiff.ac.uk/id/eprint/78654/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401195","display_name":"ORCA Online Research @Cardiff (Cardiff University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79510175","host_organization_name":"Cardiff University","host_organization_lineage":["https://openalex.org/I79510175"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G1559650014","display_name":null,"funder_award_id":"EP/K03345X/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5178130810","display_name":"Identifying and Modelling Victim, Business, Regulatory and Malware Behaviours in a Changing Cyberthreat Landscape","funder_award_id":"EP/K03345X/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1981229864","https://openalex.org/W1992713826","https://openalex.org/W2030014066","https://openalex.org/W2053944475","https://openalex.org/W2056309740","https://openalex.org/W2066220442","https://openalex.org/W2104013326","https://openalex.org/W2106188980","https://openalex.org/W2122590816","https://openalex.org/W2124659400","https://openalex.org/W2131875370","https://openalex.org/W2146525400","https://openalex.org/W2334842536"],"related_works":["https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964","https://openalex.org/W1599449514","https://openalex.org/W4387342248","https://openalex.org/W2996903716","https://openalex.org/W2997026285","https://openalex.org/W1567294858","https://openalex.org/W2949614803","https://openalex.org/W2361755837"],"abstract_inverted_index":{"An":[0],"increasingly":[1],"mature,":[2],"stealthy":[3],"and":[4,7,32,77,131],"dynamic":[5],"techniques":[6],"attack":[8,54],"vectors":[9],"used":[10],"by":[11,119],"cyber":[12],"criminals":[13],"have":[14],"made":[15],"the":[16,41,75,82,111],"critical":[17],"network":[18,37,43,71,83],"infrastructure":[19],"more":[20],"vulnerable":[21,44],"to":[22,45,59,73,100],"security":[23],"breaches.":[24],"Following":[25],"'Bring":[26],"Your":[27],"Own":[28],"Device":[29],"(BYOD)'":[30],"policies":[31],"remote-work":[33],"style":[34],"of":[35,79,107,125],"accessing":[36],"infra":[38,84],"structure":[39,85],"leaves":[40],"whole":[42],"new":[46],"unknown":[47],"malware,":[48],"botnets,":[49],"advanced":[50],"persistent":[51],"threats,":[52],"coordinated":[53],"patterns,":[55],"etc.,":[56],"in":[57,63],"addition":[58],"existing":[60],"vulnerabilities":[61],"inherent":[62],"software":[64,134],"applications.":[65,135],"Such":[66],"an":[67],"environment":[68],"demands":[69],"a":[70,98],"administrator":[72],"understand":[74],"nature":[76],"patterns":[78],"cyber-attacks":[80,102],"targeting":[81],"so":[86],"that":[87],"appropriate":[88],"measures":[89],"could":[90],"be":[91],"introduced.":[92],"In":[93],"this":[94],"paper":[95],"we":[96],"propose":[97],"framework":[99],"classify":[101],"based":[103],"on":[104],"their":[105],"pattern":[106],"occurrence.":[108],"We":[109],"validate":[110],"classification":[112],"approach":[113],"using":[114],"real":[115],"malicious":[116],"traffic":[117],"logs":[118],"focusing":[120],"on:":[121],"i)":[122],"temporal":[123],"behaviour":[124],"cyber-attacks;":[126,130],"ii)":[127],"correlation":[128],"between":[129],"iii)":[132],"targeted":[133]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2026-04-16T08:26:57.006410","created_date":"2025-10-10T00:00:00"}