{"id":"https://openalex.org/W4413199589","doi":"https://doi.org/10.3390/bdcc9080206","title":"Research on Multi-Stage Detection of APT Attacks: Feature Selection Based on LDR-RFECV and Hyperparameter Optimization via LWHO","display_name":"Research on Multi-Stage Detection of APT Attacks: Feature Selection Based on LDR-RFECV and Hyperparameter Optimization via LWHO","publication_year":2025,"publication_date":"2025-08-12","ids":{"openalex":"https://openalex.org/W4413199589","doi":"https://doi.org/10.3390/bdcc9080206"},"language":"en","primary_location":{"id":"doi:10.3390/bdcc9080206","is_oa":true,"landing_page_url":"https://doi.org/10.3390/bdcc9080206","pdf_url":null,"source":{"id":"https://openalex.org/S4210238752","display_name":"Big Data and Cognitive Computing","issn_l":"2504-2289","issn":["2504-2289"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Big Data and Cognitive Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.3390/bdcc9080206","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Lihong Zeng","orcid":null},"institutions":[{"id":"https://openalex.org/I120379545","display_name":"Inner Mongolia Agricultural University","ror":"https://ror.org/015d0jq83","country_code":"CN","type":"education","lineage":["https://openalex.org/I120379545"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lihong Zeng","raw_affiliation_strings":["College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China"],"affiliations":[{"raw_affiliation_string":"College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China","institution_ids":["https://openalex.org/I120379545"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025442250","display_name":"Honghui Li","orcid":"https://orcid.org/0009-0003-3436-7150"},"institutions":[{"id":"https://openalex.org/I120379545","display_name":"Inner Mongolia Agricultural University","ror":"https://ror.org/015d0jq83","country_code":"CN","type":"education","lineage":["https://openalex.org/I120379545"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Honghui Li","raw_affiliation_strings":["College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China"],"affiliations":[{"raw_affiliation_string":"College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China","institution_ids":["https://openalex.org/I120379545"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038827352","display_name":"Xueliang Fu","orcid":"https://orcid.org/0000-0001-7864-6803"},"institutions":[{"id":"https://openalex.org/I120379545","display_name":"Inner Mongolia Agricultural University","ror":"https://ror.org/015d0jq83","country_code":"CN","type":"education","lineage":["https://openalex.org/I120379545"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xueliang Fu","raw_affiliation_strings":["College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China"],"affiliations":[{"raw_affiliation_string":"College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China","institution_ids":["https://openalex.org/I120379545"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111340113","display_name":"Daoqi Han","orcid":null},"institutions":[{"id":"https://openalex.org/I120379545","display_name":"Inner Mongolia Agricultural University","ror":"https://ror.org/015d0jq83","country_code":"CN","type":"education","lineage":["https://openalex.org/I120379545"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Daoqi Han","raw_affiliation_strings":["College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China"],"affiliations":[{"raw_affiliation_string":"College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China","institution_ids":["https://openalex.org/I120379545"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001178116","display_name":"Shuncheng Zhou","orcid":null},"institutions":[{"id":"https://openalex.org/I120379545","display_name":"Inner Mongolia Agricultural University","ror":"https://ror.org/015d0jq83","country_code":"CN","type":"education","lineage":["https://openalex.org/I120379545"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuncheng Zhou","raw_affiliation_strings":["College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China"],"affiliations":[{"raw_affiliation_string":"College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China","institution_ids":["https://openalex.org/I120379545"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111526074","display_name":"Xin He","orcid":null},"institutions":[{"id":"https://openalex.org/I120379545","display_name":"Inner Mongolia Agricultural University","ror":"https://ror.org/015d0jq83","country_code":"CN","type":"education","lineage":["https://openalex.org/I120379545"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xin He","raw_affiliation_strings":["College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China"],"affiliations":[{"raw_affiliation_string":"College of Computer and Information Engineering, Inner Mongolia Agricultural University, Hohhot 010018, China","institution_ids":["https://openalex.org/I120379545"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5025442250"],"corresponding_institution_ids":["https://openalex.org/I120379545"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.22244779,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"9","issue":"8","first_page":"206","last_page":"206"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10994","display_name":"Terrorism, Counterterrorism, and Political Violence","score":0.9714999794960022,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hyperparameter","display_name":"Hyperparameter","score":0.8115631937980652},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7767408490180969},{"id":"https://openalex.org/keywords/feature-selection","display_name":"Feature selection","score":0.6057277321815491},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.5853701233863831},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.5626475811004639},{"id":"https://openalex.org/keywords/constant-false-alarm-rate","display_name":"Constant false alarm rate","score":0.5436396598815918},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5019280910491943},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4773193299770355},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.4763089418411255},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.44838806986808777},{"id":"https://openalex.org/keywords/battlefield","display_name":"Battlefield","score":0.41017264127731323},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.3509862422943115}],"concepts":[{"id":"https://openalex.org/C8642999","wikidata":"https://www.wikidata.org/wiki/Q4171168","display_name":"Hyperparameter","level":2,"score":0.8115631937980652},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7767408490180969},{"id":"https://openalex.org/C148483581","wikidata":"https://www.wikidata.org/wiki/Q446488","display_name":"Feature selection","level":2,"score":0.6057277321815491},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.5853701233863831},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.5626475811004639},{"id":"https://openalex.org/C77052588","wikidata":"https://www.wikidata.org/wiki/Q644307","display_name":"Constant false alarm rate","level":2,"score":0.5436396598815918},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5019280910491943},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4773193299770355},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.4763089418411255},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.44838806986808777},{"id":"https://openalex.org/C2779669469","wikidata":"https://www.wikidata.org/wiki/Q4895508","display_name":"Battlefield","level":2,"score":0.41017264127731323},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3509862422943115},{"id":"https://openalex.org/C195244886","wikidata":"https://www.wikidata.org/wiki/Q41493","display_name":"Ancient history","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/bdcc9080206","is_oa":true,"landing_page_url":"https://doi.org/10.3390/bdcc9080206","pdf_url":null,"source":{"id":"https://openalex.org/S4210238752","display_name":"Big Data and Cognitive Computing","issn_l":"2504-2289","issn":["2504-2289"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Big Data and Cognitive Computing","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:51f0dcc735bc4046ac3683410afeec44","is_oa":true,"landing_page_url":"https://doaj.org/article/51f0dcc735bc4046ac3683410afeec44","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Big Data and Cognitive Computing, Vol 9, Iss 8, p 206 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/bdcc9080206","is_oa":true,"landing_page_url":"https://doi.org/10.3390/bdcc9080206","pdf_url":null,"source":{"id":"https://openalex.org/S4210238752","display_name":"Big Data and Cognitive Computing","issn_l":"2504-2289","issn":["2504-2289"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Big Data and Cognitive Computing","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6899999976158142,"id":"https://metadata.un.org/sdg/15","display_name":"Life in Land"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W2587552375","https://openalex.org/W2768348081","https://openalex.org/W2818789173","https://openalex.org/W3047150775","https://openalex.org/W3133235094","https://openalex.org/W3153029966","https://openalex.org/W3173455696","https://openalex.org/W3196217383","https://openalex.org/W3209741978","https://openalex.org/W4205799699","https://openalex.org/W4293371016","https://openalex.org/W4304585403","https://openalex.org/W4312948208","https://openalex.org/W4323321528","https://openalex.org/W4377968460","https://openalex.org/W4383175696","https://openalex.org/W4387415009","https://openalex.org/W4388020475","https://openalex.org/W4391929618","https://openalex.org/W4392881079","https://openalex.org/W4401131230","https://openalex.org/W4401529233","https://openalex.org/W4401568048","https://openalex.org/W4401751856","https://openalex.org/W4403309599","https://openalex.org/W4404013234","https://openalex.org/W4404452292","https://openalex.org/W4404813494","https://openalex.org/W4406658024","https://openalex.org/W4408383748","https://openalex.org/W4411360510","https://openalex.org/W4412840669","https://openalex.org/W6745609711"],"related_works":["https://openalex.org/W4390421286","https://openalex.org/W4280563792","https://openalex.org/W2140186469","https://openalex.org/W4386295066","https://openalex.org/W4396679425","https://openalex.org/W4388745254","https://openalex.org/W2980082554","https://openalex.org/W1517228774","https://openalex.org/W2767419625","https://openalex.org/W2389704471"],"abstract_inverted_index":{"In":[0,76,124],"the":[1,9,50,115,136,141,148,151,168,172,193,204,229],"highly":[2],"interconnected":[3],"digital":[4],"ecosystem,":[5],"cyberspace":[6],"has":[7],"become":[8],"main":[10],"battlefield":[11],"for":[12,191],"complex":[13],"attacks":[14,27],"such":[15],"as":[16,98],"Advanced":[17],"Persistent":[18],"Threat":[19],"(APT).":[20],"The":[21],"complexity":[22,53],"and":[23,52,70,94,196,209,219,225],"concealment":[24],"of":[25,54,73,103,150,176],"APT":[26,37,55,158,177,215],"are":[28],"increasing,":[29],"posing":[30],"unprecedented":[31],"challenges":[32],"to":[33,48,146],"network":[34],"security.":[35],"Current":[36],"detection":[38,59,122,169],"methods":[39,60],"largely":[40],"depend":[41],"on":[42,212],"general":[43],"datasets,":[44,217],"making":[45],"it":[46],"challenging":[47],"capture":[49],"stages":[51],"attacks.":[56],"Moreover,":[57],"existing":[58],"often":[61],"suffer":[62],"from":[63],"suboptimal":[64],"accuracy,":[65],"high":[66],"false":[67],"alarm":[68],"rates,":[69],"a":[71,82,126,179],"lack":[72],"real-time":[74],"capabilities.":[75],"this":[77,163],"paper,":[78],"we":[79],"introduce":[80],"LDR-RFECV,":[81],"novel":[83,127],"feature":[84,100,108,117],"selection":[85],"(FS)":[86],"algorithm":[87,129],"that":[88,203],"uses":[89],"LightGBM,":[90],"Decision":[91],"Trees":[92],"(DTs),":[93],"Random":[95],"Forest":[96],"(RF)":[97],"integrated":[99],"evaluators":[101,105],"instead":[102],"single":[104],"in":[106,157],"recursive":[107],"elimination":[109],"algorithms.":[110],"This":[111],"approach":[112],"helps":[113],"select":[114],"optimal":[116],"subset,":[118],"thereby":[119],"significantly":[120,166],"enhancing":[121,155],"efficiency.":[123],"addition,":[125],"optimization":[128,164],"called":[130],"LWHO":[131],"was":[132],"proposed,":[133],"which":[134,222],"integrates":[135],"Levy":[137],"flight":[138],"mechanism":[139],"with":[140],"Wild":[142],"Horse":[143],"Optimizer":[144],"(WHO)":[145],"optimize":[147],"hyperparameters":[149],"LightGBM":[152],"model,":[153],"ultimately":[154],"performance":[156],"attack":[159,194,216],"detection.":[160],"More":[161],"importantly,":[162],"strategy":[165],"boosts":[167],"rate":[170],"during":[171],"lateral":[173],"movement":[174],"phase":[175],"attacks,":[178],"pivotal":[180],"stage":[181],"where":[182],"attackers":[183],"infiltrate":[184],"key":[185],"resources.":[186],"Timely":[187],"identification":[188],"is":[189,223],"essential":[190],"disrupting":[192],"chain":[195],"achieving":[197],"precise":[198],"defense.":[199],"Experimental":[200],"results":[201],"demonstrate":[202],"proposed":[205],"method":[206],"achieves":[207],"97.31%":[208],"98.32%":[210],"accuracy":[211],"two":[213],"typical":[214],"DAPT2020":[218],"Unraveled,":[220],"respectively,":[221],"2.86%":[224],"4.02%":[226],"higher":[227],"than":[228],"current":[230],"research":[231],"methods,":[232],"respectively.":[233]},"counts_by_year":[],"updated_date":"2026-04-17T18:11:37.981687","created_date":"2025-10-10T00:00:00"}