{"id":"https://openalex.org/W4210404000","doi":"https://doi.org/10.1186/s42400-021-00106-5","title":"TIM: threat context-enhanced TTP intelligence mining on unstructured threat data","display_name":"TIM: threat context-enhanced TTP intelligence mining on unstructured threat data","publication_year":2022,"publication_date":"2022-02-01","ids":{"openalex":"https://openalex.org/W4210404000","doi":"https://doi.org/10.1186/s42400-021-00106-5"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-021-00106-5","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-021-00106-5","pdf_url":null,"source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1186/s42400-021-00106-5","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5031493268","display_name":"Yizhe You","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yizhe You","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072706004","display_name":"Jun Jiang","orcid":"https://orcid.org/0000-0003-4540-0270"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jun Jiang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020151253","display_name":"Zhengwei Jiang","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhengwei Jiang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China"],"raw_orcid":"https://orcid.org/0000-0002-0843-4482","affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114045326","display_name":"Peian Yang","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Peian Yang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031113046","display_name":"Baoxu Liu","orcid":"https://orcid.org/0009-0006-9851-5548"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baoxu Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109860620","display_name":"Huamin Feng","orcid":null},"institutions":[{"id":"https://openalex.org/I202334528","display_name":"Beijing Electronic Science and Technology Institute","ror":"https://ror.org/01xdzh226","country_code":"CN","type":"education","lineage":["https://openalex.org/I202334528"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Huamin Feng","raw_affiliation_strings":["Beijing Electronic Science and Technology Institute, Beijing, 102627, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Beijing Electronic Science and Technology Institute, Beijing, 102627, China","institution_ids":["https://openalex.org/I202334528"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079647672","display_name":"Xuren Wang","orcid":"https://orcid.org/0000-0003-4959-0454"},"institutions":[{"id":"https://openalex.org/I96852419","display_name":"Capital Normal University","ror":"https://ror.org/005edt527","country_code":"CN","type":"education","lineage":["https://openalex.org/I96852419"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xuren Wang","raw_affiliation_strings":["College of Information Engineering, Capital Normal University, Beijing, 100048, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"College of Information Engineering, Capital Normal University, Beijing, 100048, China","institution_ids":["https://openalex.org/I96852419"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100369025","display_name":"Ning Li","orcid":"https://orcid.org/0000-0002-4358-6449"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ning Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100029, China","institution_ids":["https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5031493268"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":14.6546,"has_fulltext":false,"cited_by_count":51,"citation_normalized_percentile":{"value":0.98962872,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":"5","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10994","display_name":"Terrorism, Counterterrorism, and Political Violence","score":0.991599977016449,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7253460884094238},{"id":"https://openalex.org/keywords/sentence","display_name":"Sentence","score":0.6606764793395996},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.586421549320221},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5467528104782104},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5369484424591064},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.5247333645820618},{"id":"https://openalex.org/keywords/natural-language-processing","display_name":"Natural language processing","score":0.492057740688324},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4190237820148468},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.32420551776885986},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10966011881828308}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7253460884094238},{"id":"https://openalex.org/C2777530160","wikidata":"https://www.wikidata.org/wiki/Q41796","display_name":"Sentence","level":2,"score":0.6606764793395996},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.586421549320221},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5467528104782104},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5369484424591064},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.5247333645820618},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.492057740688324},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4190237820148468},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.32420551776885986},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10966011881828308},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-021-00106-5","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-021-00106-5","pdf_url":null,"source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:5ebb025138b7413eb1179baf81c4f985","is_oa":true,"landing_page_url":"https://doaj.org/article/5ebb025138b7413eb1179baf81c4f985","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 5, Iss 1, Pp 1-17 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-021-00106-5","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-021-00106-5","pdf_url":null,"source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6200000047683716}],"awards":[{"id":"https://openalex.org/G5445078061","display_name":null,"funder_award_id":"No.61802404","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W2010065958","https://openalex.org/W2250539671","https://openalex.org/W2771963642","https://openalex.org/W2837911466","https://openalex.org/W2900914892","https://openalex.org/W2908121058","https://openalex.org/W2913350960","https://openalex.org/W2964139507","https://openalex.org/W2970641574","https://openalex.org/W3026270031","https://openalex.org/W6702248584","https://openalex.org/W6836751397"],"related_works":["https://openalex.org/W2366107444","https://openalex.org/W4388145910","https://openalex.org/W1976205134","https://openalex.org/W2381570729","https://openalex.org/W4248336175","https://openalex.org/W3009369890","https://openalex.org/W2031260042","https://openalex.org/W2391445434","https://openalex.org/W4312490297","https://openalex.org/W2062212388"],"abstract_inverted_index":{"Abstract":[0],"TTPs":[1,57,166],"(Tactics,":[2],"Techniques,":[3],"and":[4,11,17,33,68,72,100,138,227,248,263,287,297],"Procedures),":[5],"which":[6,142],"represent":[7],"an":[8],"attacker\u2019s":[9],"goals":[10],"methods,":[12,232],"are":[13],"the":[14,21,30,81,155,161,165,176,185,216,221,235,242,261],"long":[15],"period":[16],"essential":[18,264],"feature":[19],"of":[20,158,169,180,237,268],"attacker.":[22],"Defenders":[23],"can":[24,202,289],"use":[25,154],"TTP":[26,40,61,66,82,95,102,114,121,140,159,187,199,224,246,249,257,274,285],"intelligence":[27,41,115,122,258,275,286],"to":[28,59,119,136,163,208,220,303],"perform":[29,298],"penetration":[31],"test":[32],"compensate":[34],"for":[35,259,280],"defense":[36],"deficiency.":[37],"However,":[38],"most":[39],"is":[42,70],"described":[43],"in":[44,160,234],"unstructured":[45,124],"threat":[46,112,125,295],"data,":[47],"such":[48,63],"as":[49,64,85,145,255],"APT":[50],"analysis":[51,107],"reports.":[52,108],"Manually":[53],"converting":[54],"natural":[55],"language":[56],"descriptions":[58,103,162,247],"standard":[60],"names,":[62],"ATT&amp;CK":[65],"names":[67],"IDs,":[69],"time-consuming":[71],"requires":[73],"deep":[74],"expertise.":[75],"In":[76,270],"this":[77],"paper,":[78],"we":[79,143,153,272],"define":[80,144],"classification":[83,88,167,178,205,225,231],"task":[84],"a":[86,92,111],"sentence":[87],"task.":[89],"We":[90,109],"annotate":[91],"new":[93],"sentence-level":[94],"dataset":[96],"with":[97],"6":[98,186],"categories":[99,188],"6061":[101],"from":[104,123,149],"10761":[105],"security":[106],"construct":[110],"context-enhanced":[113],"mining":[116],"(TIM)":[117],"framework":[118,129,244],"mine":[120],"data.":[126,151],"The":[127,171,192],"TIM":[128,243],"uses":[130],"TCENet":[131,213],"(Threat":[132],"Context":[133],"Enhanced":[134],"Network)":[135],"find":[137],"classify":[139],"descriptions,":[141],"three":[146],"continuous":[147],"sentences,":[148],"textual":[150],"Meanwhile,":[152],"element":[156,200],"features":[157,201],"enhance":[164],"accuracy":[168,179,206],"TCENet.":[170],"evaluation":[172,193],"result":[173],"shows":[174],"that":[175,197],"average":[177],"our":[181,204],"proposed":[182],"method":[183],"on":[184],"reaches":[189],"0.941":[190],".":[191],"results":[194,218],"also":[195,214],"show":[196],"adding":[198],"improve":[203],"compared":[207,219],"using":[209],"only":[210],"text":[211,230],"features.":[212],"achieved":[215],"best":[217],"previous":[222],"document-level":[223],"works":[226],"other":[228],"popular":[229],"even":[233],"case":[236],"few-shot":[238],"training":[239],"samples.":[240],"Finally,":[241],"organizes":[245],"elements":[250],"into":[251,276],"STIX":[252],"2.1":[253],"format":[254],"final":[256],"sharing":[260],"long-period":[262],"attack":[265,281,301],"behavior":[266,282],"characteristics":[267],"attackers.":[269],"addition,":[271],"transform":[273],"sigma":[277],"detection":[278,296],"rules":[279,288],"detection.":[283],"Such":[284],"help":[290],"defenders":[291],"deploy":[292],"long-term":[293],"effective":[294],"more":[299],"realistic":[300],"simulations":[302],"strengthen":[304],"defense.":[305]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":18},{"year":2024,"cited_by_count":17},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":5}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}