{"id":"https://openalex.org/W3205347361","doi":"https://doi.org/10.23919/wac50355.2021.9559514","title":"ART: Automated Reclassification for Threat Actors based on ATT&amp;CK Matrix Similarity","display_name":"ART: Automated Reclassification for Threat Actors based on ATT&amp;CK Matrix Similarity","publication_year":2021,"publication_date":"2021-08-01","ids":{"openalex":"https://openalex.org/W3205347361","doi":"https://doi.org/10.23919/wac50355.2021.9559514","mag":"3205347361"},"language":"en","primary_location":{"id":"doi:10.23919/wac50355.2021.9559514","is_oa":false,"landing_page_url":"https://doi.org/10.23919/wac50355.2021.9559514","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 World Automation Congress (WAC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039407376","display_name":"Youngsup Shin","orcid":"https://orcid.org/0000-0002-6783-1007"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Youngsup Shin","raw_affiliation_strings":["Korea University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Korea University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056537657","display_name":"Kyoungmin Kim","orcid":"https://orcid.org/0000-0001-9146-5441"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Kyoungmin Kim","raw_affiliation_strings":["Korea University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Korea University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083636032","display_name":"Jemin Justin Lee","orcid":null},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Jemin Justin Lee","raw_affiliation_strings":["Korea University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Korea University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100767530","display_name":"Kyungho Lee","orcid":"https://orcid.org/0000-0002-5183-5927"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Kyungho Lee","raw_affiliation_strings":["Korea University, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Korea University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5039407376"],"corresponding_institution_ids":["https://openalex.org/I197347611"],"apc_list":null,"apc_paid":null,"fwci":1.9832,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.89238634,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"15","last_page":"20"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/government","display_name":"Government (linguistics)","score":0.6121932864189148},{"id":"https://openalex.org/keywords/attribution","display_name":"Attribution","score":0.5841307640075684},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5822008848190308},{"id":"https://openalex.org/keywords/cosine-similarity","display_name":"Cosine similarity","score":0.5488043427467346},{"id":"https://openalex.org/keywords/cyberspace","display_name":"Cyberspace","score":0.5148814916610718},{"id":"https://openalex.org/keywords/similarity","display_name":"Similarity (geometry)","score":0.49904322624206543},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.474425733089447},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4698559045791626},{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.44586268067359924},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.44462740421295166},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.25610387325286865},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.2300020158290863},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.15861865878105164},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.12195625901222229},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.1089978814125061},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.10043376684188843},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.08075505495071411},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.08056259155273438}],"concepts":[{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.6121932864189148},{"id":"https://openalex.org/C143299363","wikidata":"https://www.wikidata.org/wiki/Q900584","display_name":"Attribution","level":2,"score":0.5841307640075684},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5822008848190308},{"id":"https://openalex.org/C2780762811","wikidata":"https://www.wikidata.org/wiki/Q1784941","display_name":"Cosine similarity","level":3,"score":0.5488043427467346},{"id":"https://openalex.org/C2781241145","wikidata":"https://www.wikidata.org/wiki/Q204606","display_name":"Cyberspace","level":3,"score":0.5148814916610718},{"id":"https://openalex.org/C103278499","wikidata":"https://www.wikidata.org/wiki/Q254465","display_name":"Similarity (geometry)","level":3,"score":0.49904322624206543},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.474425733089447},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4698559045791626},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.44586268067359924},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.44462740421295166},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.25610387325286865},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.2300020158290863},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.15861865878105164},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.12195625901222229},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.1089978814125061},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.10043376684188843},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.08075505495071411},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.08056259155273438},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C115961682","wikidata":"https://www.wikidata.org/wiki/Q860623","display_name":"Image (mathematics)","level":2,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.23919/wac50355.2021.9559514","is_oa":false,"landing_page_url":"https://doi.org/10.23919/wac50355.2021.9559514","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 World Automation Congress (WAC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5600000023841858,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"},{"score":0.4300000071525574,"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320323103","display_name":"Agency for Defense Development","ror":"https://ror.org/05fhe0r85"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W2187910102","https://openalex.org/W2604333877","https://openalex.org/W2758108284","https://openalex.org/W2967084391","https://openalex.org/W2990220343","https://openalex.org/W3023308726","https://openalex.org/W3133897466","https://openalex.org/W3133978648","https://openalex.org/W3135212214","https://openalex.org/W6686901443","https://openalex.org/W6735925849","https://openalex.org/W6776615434","https://openalex.org/W6791458441","https://openalex.org/W6791682177"],"related_works":["https://openalex.org/W2496616568","https://openalex.org/W2488161965","https://openalex.org/W2561980527","https://openalex.org/W1981228124","https://openalex.org/W3180639593","https://openalex.org/W2610626531","https://openalex.org/W2966506632","https://openalex.org/W3093560533","https://openalex.org/W2364992140","https://openalex.org/W3208286080"],"abstract_inverted_index":{"Given":[0],"the":[1,17,40,51,57,82,99,102,118,131,140,145,150,154,157,167],"perniciousness":[2],"of":[3,16,23,54,56,69,101,134,153],"threats":[4,10],"posed":[5],"by":[6,29],"state-sponsored":[7,32],"advanced":[8],"persistent":[9],"(APTs),":[11],"identifying":[12],"cyber":[13,18,126],"threat":[14,19,127],"attribution":[15,49],"actors":[20],"(CTA)":[21],"is":[22],"paramount":[24],"importance":[25],"for":[26,95,111],"deterring":[27],"cyber-attacks":[28],"APTs.":[30],"As":[31],"APT":[33,58,122,135,170],"groups":[34],"have":[35,45,66],"been":[36,92],"especially":[37],"active":[38],"in":[39],"past":[41],"decade,":[42],"recent":[43],"studies":[44],"attempted":[46],"to":[47,77,81,84],"establish":[48],"with":[50,156],"limited":[52],"set":[53],"information":[55],"groups.":[59,123,136,171],"Various":[60],"government":[61],"agencies":[62],"and":[63,72,97,129,143],"SOC":[64],"vendors":[65],"utilized":[67],"Indicators":[68],"Compromise":[70],"(IoC)":[71],"Tactic,":[73],"Technique,":[74],"Procedures":[75],"(TTPs)":[76],"collect":[78],"intelligence":[79],"pertaining":[80],"adversaries,":[83],"no":[85],"avail.":[86],"Recently,":[87],"MITRE\u2019s":[88],"ATT&CK\u00ae":[89],"framework":[90],"has":[91],"widely":[93],"adopted":[94],"collecting":[96],"documenting":[98],"TTPs":[100,119],"various":[103,151],"CTAs.":[104],"This":[105],"paper":[106],"presents":[107],"an":[108],"Automated":[109],"Reclassification":[110],"Threat":[112],"Actors":[113],"(ART)":[114],"that":[115,162],"quantitatively":[116],"compares":[117],"from":[120],"different":[121],"ART":[124,163],"crawls":[125],"reports":[128],"retrieves":[130],"ATT&CK":[132,141,158],"matrix":[133,142],"Then,":[137],"it":[138],"vectorizes":[139],"calculates":[144],"cosine":[146],"similarity.":[147],"By":[148],"reexamining":[149],"aliases":[152],"CTAs":[155],"framework,":[159],"we":[160],"believe":[161],"can":[164],"help":[165],"classify":[166],"indiscriminately":[168],"established":[169]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":4},{"year":2022,"cited_by_count":3}],"updated_date":"2026-03-09T08:58:05.943551","created_date":"2025-10-10T00:00:00"}