{"id":"https://openalex.org/W2791715694","doi":"https://doi.org/10.1145/3171592.3171641","title":"Detecting and Predicting APT Based on the Study of Cyber Kill Chain with Hierarchical Knowledge Reasoning","display_name":"Detecting and Predicting APT Based on the Study of Cyber Kill Chain with Hierarchical Knowledge Reasoning","publication_year":2017,"publication_date":"2017-12-08","ids":{"openalex":"https://openalex.org/W2791715694","doi":"https://doi.org/10.1145/3171592.3171641","mag":"2791715694"},"language":"en","primary_location":{"id":"doi:10.1145/3171592.3171641","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3171592.3171641","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 VI International Conference on Network, Communication and Computing","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5044914181","display_name":"Senhao Wen","orcid":null},"institutions":[{"id":"https://openalex.org/I4210087772","display_name":"National Computer Network Emergency Response Technical Team/Coordination Center of Chinar","ror":"https://ror.org/00247dh76","country_code":"CN","type":"nonprofit","lineage":["https://openalex.org/I4210087772"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Senhao Wen","raw_affiliation_strings":["Operation department, CNCERT, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Operation department, CNCERT, Beijing, China","institution_ids":["https://openalex.org/I4210087772"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076940849","display_name":"Nengqiang He","orcid":"https://orcid.org/0000-0002-8698-7365"},"institutions":[{"id":"https://openalex.org/I4210087772","display_name":"National Computer Network Emergency Response Technical Team/Coordination Center of Chinar","ror":"https://ror.org/00247dh76","country_code":"CN","type":"nonprofit","lineage":["https://openalex.org/I4210087772"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Nengqiang He","raw_affiliation_strings":["Operation department, CNCERT, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Operation department, CNCERT, Beijing, China","institution_ids":["https://openalex.org/I4210087772"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103818589","display_name":"Hanbing Yan","orcid":null},"institutions":[{"id":"https://openalex.org/I4210087772","display_name":"National Computer Network Emergency Response Technical Team/Coordination Center of Chinar","ror":"https://ror.org/00247dh76","country_code":"CN","type":"nonprofit","lineage":["https://openalex.org/I4210087772"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hanbing Yan","raw_affiliation_strings":["Operation department, CNCERT, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Operation department, CNCERT, Beijing, China","institution_ids":["https://openalex.org/I4210087772"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5044914181"],"corresponding_institution_ids":["https://openalex.org/I4210087772"],"apc_list":null,"apc_paid":null,"fwci":0.9673,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.84416831,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"115","last_page":"119"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9437999725341797,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9437999725341797,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7316941022872925},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.7001591920852661},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6188659071922302},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5951368808746338},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.4739033281803131},{"id":"https://openalex.org/keywords/espionage","display_name":"Espionage","score":0.4559124708175659},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.36878857016563416}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7316941022872925},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.7001591920852661},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6188659071922302},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5951368808746338},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.4739033281803131},{"id":"https://openalex.org/C558872910","wikidata":"https://www.wikidata.org/wiki/Q165950","display_name":"Espionage","level":2,"score":0.4559124708175659},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.36878857016563416},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3171592.3171641","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3171592.3171641","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 VI International Conference on Network, Communication and Computing","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2725637128","https://openalex.org/W2897593657","https://openalex.org/W3006507989","https://openalex.org/W2294330327","https://openalex.org/W4251184983","https://openalex.org/W2371430952","https://openalex.org/W2920841236","https://openalex.org/W2381740503","https://openalex.org/W3005543248","https://openalex.org/W2921897907"],"abstract_inverted_index":{"It":[0],"has":[1,63,152],"been":[2],"discovered":[3],"that":[4],"quite":[5],"a":[6,17,47,55,64,85,94],"few":[7],"organizations":[8],"have":[9],"become":[10],"the":[11,29,33,38,42,106,121],"victims":[12],"of":[13,31,41,67,88,108],"APT,":[14],"which":[15,70],"is":[16,54,149],"deliberate":[18],"and":[19,51,98,120,151],"malicious":[20],"espionage":[21],"threat":[22],"to":[23,96,145],"military,":[24],"political,":[25],"infrastructure":[26],"targets":[27],"for":[28,49,58,115],"purpose":[30],"stealing":[32],"core":[34],"data":[35],"or":[36],"thwarting":[37],"normal":[39],"operation":[40],"organizations.":[43],"Thus,":[44],"working":[45],"out":[46],"solution":[48,95,113],"detecting":[50],"predicting":[52],"APT":[53,62],"major":[56],"goal":[57],"scientific":[59],"research.":[60],"But":[61],"characteristic":[65],"feature":[66],"good":[68],"concealment":[69],"prevent":[71],"we":[72,92],"capturing":[73],"it":[74,148],"just":[75],"in":[76],"time":[77],"by":[78],"existing":[79],"solutions.":[80],"In":[81],"this":[82],"paper,":[83],"through":[84],"deep":[86],"study":[87],"Cyber":[89,126,132],"Kill":[90],"Chain,":[91],"proposed":[93],"detect":[97],"predict":[99],"APTs":[100],"with":[101],"hierarchical":[102],"Knowledge":[103],"reasoning":[104],"on":[105],"basis":[107],"cyber-security-monitoring,":[109],"intelligence-gathering,":[110],"etc.":[111,143],"The":[112],"seeks":[114],"connections":[116],"between":[117],"real-time":[118],"alarms":[119],"intelligence":[122],"from":[123],"Hacker":[124],"Profile,":[125,128],"Resources":[127],"Social":[129],"Engineering":[130],"Database,":[131,136,138],"Attack":[133],"Tool":[134],"Fingerprint":[135],"Vulnerability":[137],"Malicious":[139],"Code":[140],"Genome":[141],"Map,":[142],"According":[144],"our":[146],"experiments,":[147],"effective":[150],"high":[153],"accuracy.":[154]},"counts_by_year":[{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}