{"id":"https://openalex.org/W2807104473","doi":"https://doi.org/10.1186/s13635-018-0075-x","title":"OMMA: open architecture for Operator-guided Monitoring of Multi-step Attacks","display_name":"OMMA: open architecture for Operator-guided Monitoring of Multi-step Attacks","publication_year":2018,"publication_date":"2018-05-02","ids":{"openalex":"https://openalex.org/W2807104473","doi":"https://doi.org/10.1186/s13635-018-0075-x","mag":"2807104473"},"language":"en","primary_location":{"id":"doi:10.1186/s13635-018-0075-x","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13635-018-0075-x","pdf_url":"https://jis-eurasipjournals.springeropen.com/track/pdf/10.1186/s13635-018-0075-x","source":{"id":"https://openalex.org/S4210195102","display_name":"EURASIP Journal on Information Security","issn_l":"2510-523X","issn":["2510-523X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://jis-eurasipjournals.springeropen.com/track/pdf/10.1186/s13635-018-0075-x","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041654950","display_name":"Julio Navarro","orcid":null},"institutions":[{"id":"https://openalex.org/I68947357","display_name":"Universit\u00e9 de Strasbourg","ror":"https://ror.org/00pg6eq24","country_code":"FR","type":"education","lineage":["https://openalex.org/I68947357"]},{"id":"https://openalex.org/I1293226324","display_name":"UNESCO","ror":"https://ror.org/04h4z8k05","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1286959531","https://openalex.org/I1293226324","https://openalex.org/I2801247003"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Julio Navarro","raw_affiliation_strings":["Laboratoire ICube, Universit\u00e9 de Strasbourg, 11, Rue Humann, Strasbourg, France","Unitwin UNESCO Complex System-Digital Campus, Paris, France"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Laboratoire ICube, Universit\u00e9 de Strasbourg, 11, Rue Humann, Strasbourg, France","institution_ids":["https://openalex.org/I68947357"]},{"raw_affiliation_string":"Unitwin UNESCO Complex System-Digital Campus, Paris, France","institution_ids":["https://openalex.org/I1293226324"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077674058","display_name":"V\u00e9ronique Legrand","orcid":"https://orcid.org/0000-0003-1332-885X"},"institutions":[{"id":"https://openalex.org/I4210145724","display_name":"Centre d'Etudes et De Recherche en Informatique et Communications","ror":"https://ror.org/044j5mm75","country_code":"FR","type":"facility","lineage":["https://openalex.org/I4210145724"]},{"id":"https://openalex.org/I4210152014","display_name":"H\u00f4pital Georges-Clemenceau","ror":"https://ror.org/03zry0650","country_code":"FR","type":"healthcare","lineage":["https://openalex.org/I4210097159","https://openalex.org/I4210130325","https://openalex.org/I4210152014"]},{"id":"https://openalex.org/I124158823","display_name":"Conservatoire National des Arts et M\u00e9tiers","ror":"https://ror.org/0175hh227","country_code":"FR","type":"education","lineage":["https://openalex.org/I124158823","https://openalex.org/I4210134562"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"V\u00e9ronique Legrand","raw_affiliation_strings":["CEDRIC, Conservatoire National des Arts et M\u00e9tiers (CNAM), 2 Rue Cont\u00e9, Paris, France","Intrinsec Security, 215 Avenue Georges Clemenceau, Nanterre, France"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CEDRIC, Conservatoire National des Arts et M\u00e9tiers (CNAM), 2 Rue Cont\u00e9, Paris, France","institution_ids":["https://openalex.org/I124158823","https://openalex.org/I4210145724"]},{"raw_affiliation_string":"Intrinsec Security, 215 Avenue Georges Clemenceau, Nanterre, France","institution_ids":["https://openalex.org/I4210152014"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005651131","display_name":"Aline Deruyver","orcid":null},"institutions":[{"id":"https://openalex.org/I1293226324","display_name":"UNESCO","ror":"https://ror.org/04h4z8k05","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1286959531","https://openalex.org/I1293226324","https://openalex.org/I2801247003"]},{"id":"https://openalex.org/I68947357","display_name":"Universit\u00e9 de Strasbourg","ror":"https://ror.org/00pg6eq24","country_code":"FR","type":"education","lineage":["https://openalex.org/I68947357"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Aline Deruyver","raw_affiliation_strings":["Laboratoire ICube, Universit\u00e9 de Strasbourg, 11, Rue Humann, Strasbourg, France","Unitwin UNESCO Complex System-Digital Campus, Paris, France"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Laboratoire ICube, Universit\u00e9 de Strasbourg, 11, Rue Humann, Strasbourg, France","institution_ids":["https://openalex.org/I68947357"]},{"raw_affiliation_string":"Unitwin UNESCO Complex System-Digital Campus, Paris, France","institution_ids":["https://openalex.org/I1293226324"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016053641","display_name":"Pierre Parrend","orcid":"https://orcid.org/0000-0002-1680-1182"},"institutions":[{"id":"https://openalex.org/I68947357","display_name":"Universit\u00e9 de Strasbourg","ror":"https://ror.org/00pg6eq24","country_code":"FR","type":"education","lineage":["https://openalex.org/I68947357"]},{"id":"https://openalex.org/I1293226324","display_name":"UNESCO","ror":"https://ror.org/04h4z8k05","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1286959531","https://openalex.org/I1293226324","https://openalex.org/I2801247003"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Pierre Parrend","raw_affiliation_strings":["ECAM Strasbourg-Europe, 2, Rue de Madrid, Schiltigheim, France","Laboratoire ICube, Universit\u00e9 de Strasbourg, 11, Rue Humann, Strasbourg, France","Unitwin UNESCO Complex System-Digital Campus, Paris, France"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"ECAM Strasbourg-Europe, 2, Rue de Madrid, Schiltigheim, France","institution_ids":[]},{"raw_affiliation_string":"Laboratoire ICube, Universit\u00e9 de Strasbourg, 11, Rue Humann, Strasbourg, France","institution_ids":["https://openalex.org/I68947357"]},{"raw_affiliation_string":"Unitwin UNESCO Complex System-Digital Campus, Paris, France","institution_ids":["https://openalex.org/I1293226324"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5041654950"],"corresponding_institution_ids":["https://openalex.org/I1293226324","https://openalex.org/I68947357"],"apc_list":{"value":660,"currency":"GBP","value_usd":809},"apc_paid":{"value":660,"currency":"GBP","value_usd":809},"fwci":0.7901,"has_fulltext":true,"cited_by_count":9,"citation_normalized_percentile":{"value":0.75485319,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"2018","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7948696613311768},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6155447363853455},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6045402884483337},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5844953656196594},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.5482419729232788},{"id":"https://openalex.org/keywords/operator","display_name":"Operator (biology)","score":0.4989314079284668},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.48351457715034485},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38484418392181396},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.33379775285720825},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13892990350723267},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.11708194017410278}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7948696613311768},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6155447363853455},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6045402884483337},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5844953656196594},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.5482419729232788},{"id":"https://openalex.org/C17020691","wikidata":"https://www.wikidata.org/wiki/Q139677","display_name":"Operator (biology)","level":5,"score":0.4989314079284668},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.48351457715034485},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38484418392181396},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.33379775285720825},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13892990350723267},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.11708194017410278},{"id":"https://openalex.org/C86339819","wikidata":"https://www.wikidata.org/wiki/Q407384","display_name":"Transcription factor","level":3,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C158448853","wikidata":"https://www.wikidata.org/wiki/Q425218","display_name":"Repressor","level":4,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1186/s13635-018-0075-x","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13635-018-0075-x","pdf_url":"https://jis-eurasipjournals.springeropen.com/track/pdf/10.1186/s13635-018-0075-x","source":{"id":"https://openalex.org/S4210195102","display_name":"EURASIP Journal on Information Security","issn_l":"2510-523X","issn":["2510-523X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Information Security","raw_type":"journal-article"},{"id":"pmh:oai:HAL:hal-03218219v1","is_oa":true,"landing_page_url":"https://hal.science/hal-03218219","pdf_url":"https://hal.science/hal-03218219/document","source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"EURASIP Journal on Information Security, 2018, 2018 (1), pp.144-159. &#x27E8;10.1186/s13635-018-0075-x&#x27E9;","raw_type":"Journal articles"},{"id":"pmh:oai:doaj.org/article:65123058afe340379d1b232bf1d2885d","is_oa":true,"landing_page_url":"https://doaj.org/article/65123058afe340379d1b232bf1d2885d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"EURASIP Journal on Information Security, Vol 2018, Iss 1, Pp 1-25 (2018)","raw_type":"article"},{"id":"pmh:oai:oskar-bordeaux.fr:20.500.12278/31426","is_oa":false,"landing_page_url":"https://oskar-bordeaux.fr/handle/20.500.12278/31426","pdf_url":null,"source":{"id":"https://openalex.org/S4306402569","display_name":"Oskar-Bordeaux (Universite de Bordeaux)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article de revue"},{"id":"pmh:oai:univoak.eu:islandora_112999","is_oa":true,"landing_page_url":"https://univoak.eu/islandora/object/islandora%3A112999","pdf_url":null,"source":{"id":"https://openalex.org/S4306402449","display_name":"univOAK (4 institutions : Universit\u00e9 de Strasbourg, Universit\u00e9 de Haute Alsace, INSA Strasbourg, Biblioth\u00e8que Nationale et Universitaire de Strasbourg)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210100283","host_organization_name":"Laboratoire des Sciences de l'Ing\u00e9nieur, de l'Informatique et de l'Imagerie","host_organization_lineage":["https://openalex.org/I4210100283"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1186/s13635-018-0075-x","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13635-018-0075-x","pdf_url":"https://jis-eurasipjournals.springeropen.com/track/pdf/10.1186/s13635-018-0075-x","source":{"id":"https://openalex.org/S4210195102","display_name":"EURASIP Journal on Information Security","issn_l":"2510-523X","issn":["2510-523X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Information Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8170055548","display_name":null,"funder_award_id":"AAP-19 HuMa","funder_id":"https://openalex.org/F4320321877","funder_display_name":"Fonds Unique Interminist\u00e9riel"}],"funders":[{"id":"https://openalex.org/F4320316512","display_name":"Bpifrance","ror":"https://ror.org/008zkt807"},{"id":"https://openalex.org/F4320321877","display_name":"Fonds Unique Interminist\u00e9riel","ror":"https://ror.org/04nx63b17"},{"id":"https://openalex.org/F4320327639","display_name":"Centre Scientifique et Technique du B\u00e2timent","ror":"https://ror.org/02fsd1928"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2807104473.pdf","grobid_xml":"https://content.openalex.org/works/W2807104473.grobid-xml"},"referenced_works_count":65,"referenced_works":["https://openalex.org/W2266336","https://openalex.org/W31445814","https://openalex.org/W56510593","https://openalex.org/W237075927","https://openalex.org/W339674347","https://openalex.org/W572872720","https://openalex.org/W1427431057","https://openalex.org/W1486704721","https://openalex.org/W1492640216","https://openalex.org/W1525998463","https://openalex.org/W1530583145","https://openalex.org/W1538205482","https://openalex.org/W1546690352","https://openalex.org/W1564250896","https://openalex.org/W1573676079","https://openalex.org/W1621186777","https://openalex.org/W1646028454","https://openalex.org/W1788348632","https://openalex.org/W1967376128","https://openalex.org/W1969852926","https://openalex.org/W1992705187","https://openalex.org/W1993705581","https://openalex.org/W2000339673","https://openalex.org/W2004168725","https://openalex.org/W2012477354","https://openalex.org/W2034265047","https://openalex.org/W2036497145","https://openalex.org/W2042512226","https://openalex.org/W2058685147","https://openalex.org/W2111426473","https://openalex.org/W2113152757","https://openalex.org/W2116958816","https://openalex.org/W2120713742","https://openalex.org/W2123307803","https://openalex.org/W2127404964","https://openalex.org/W2141200504","https://openalex.org/W2152842557","https://openalex.org/W2216158747","https://openalex.org/W2248651907","https://openalex.org/W2266096763","https://openalex.org/W2288292231","https://openalex.org/W2324509982","https://openalex.org/W2396217485","https://openalex.org/W2490940596","https://openalex.org/W2545820541","https://openalex.org/W2559298118","https://openalex.org/W2560810941","https://openalex.org/W2566611369","https://openalex.org/W2567580117","https://openalex.org/W2588280622","https://openalex.org/W2588942002","https://openalex.org/W2788153147","https://openalex.org/W2792581684","https://openalex.org/W4230077281","https://openalex.org/W4231219113","https://openalex.org/W4231470626","https://openalex.org/W4234244069","https://openalex.org/W4240079771","https://openalex.org/W4244047055","https://openalex.org/W4251828327","https://openalex.org/W4254526136","https://openalex.org/W4254536483","https://openalex.org/W4255298684","https://openalex.org/W4299796063","https://openalex.org/W6608531038"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W3152891574","https://openalex.org/W2249809453","https://openalex.org/W4284893819","https://openalex.org/W4316881845"],"abstract_inverted_index":{"Current":[0],"attacks":[1,27,96],"are":[2,48,101],"complex":[3],"and":[4,122,163,165],"stealthy.":[5],"The":[6],"recent":[7],"WannaCry":[8],"malware":[9],"campaign":[10],"demonstrates":[11],"that":[12,217],"this":[13,110],"is":[14,207],"true":[15],"not":[16],"only":[17,29],"for":[18,23,154],"targeted":[19],"operations,":[20],"but":[21,97],"also":[22],"massive":[24],"attacks.":[25],"Complex":[26],"can":[28,63,82,196],"be":[30,64,83,227],"described":[31],"as":[32,220],"a":[33,39,72,128,144,158,201],"set":[34],"of":[35,43,69,79,117,222],"individual":[36],"actions":[37],"composing":[38],"global":[40],"strategy.":[41],"Most":[42],"the":[44,51,57,67,98,106,132,136,193,223],"time,":[45],"different":[46],"devices":[47,62],"involved":[49],"in":[50,60,66,71,105,157,229],"same":[52,107],"attack":[53,138],"scenario.":[54],"Information":[55,166],"about":[56,89],"events":[58],"recorded":[59],"these":[61],"collected":[65],"shape":[68],"logs":[70],"central":[73],"system,":[74],"where":[75],"an":[76,120,211],"automatic":[77,90],"search":[78],"threat":[80,155],"traces":[81],"implemented.":[84],"Much":[85],"has":[86],"been":[87],"written":[88],"event":[91],"correlation":[92],"to":[93,130,226],"detect":[94],"multi-step":[95,137],"proposed":[99],"methods":[100,133,195,225],"rarely":[102],"brought":[103],"together":[104],"platform.":[108],"In":[109],"paper,":[111],"we":[112,218],"propose":[113],"OMMA":[114,185],"(Operator-guided":[115],"Monitoring":[116],"Multi-step":[118],"Attacks),":[119],"open":[121],"collaborative":[123],"engineering":[124],"system":[125],"which":[126],"offers":[127],"platform":[129],"integrate":[131],"developed":[134],"by":[135,143,209],"detection":[139],"research":[140],"community.":[141],"Inspired":[142],"HuMa":[145],"access":[146],"(Navarro":[147],"et":[148,170],"al.,":[149,171],"HuMa:":[150],"A":[151],"multi-layer":[152],"framework":[153],"analysis":[156,215],"heterogeneous":[159],"log":[160],"environment,":[161],"2017)":[162],"Knowledge":[164],"Logs-based":[167],"System":[168],"(Legrand":[169],"Vers":[172],"une":[173],"architecture":[174],"\u00abbig-data\u00bb":[175],"bio-inspir\u00e9e":[176],"pour":[177],"la":[178],"d\u00e9tection":[179],"d\u2019anomalie":[180],"des":[181],"SIEM,":[182],"2014)":[183],"systems,":[184],"incorporates":[186],"real-time":[187],"feedback":[188,205],"from":[189],"human":[190],"experts,":[191],"so":[192],"integrated":[194,228],"improve":[197],"their":[198],"performance":[199],"through":[200],"learning":[202],"process.":[203],"This":[204],"loop":[206],"used":[208],"Morwilog,":[210],"Ant":[212],"Colony":[213],"Optimization-based":[214],"engine":[216],"show":[219],"one":[221],"first":[224],"OMMA.":[230]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2}],"updated_date":"2026-05-07T13:39:58.223016","created_date":"2025-10-10T00:00:00"}