{"id":"https://openalex.org/W4320494211","doi":"https://doi.org/10.3390/s23042028","title":"Cyber Attacker Profiling for Risk Analysis Based on Machine Learning","display_name":"Cyber Attacker Profiling for Risk Analysis Based on Machine Learning","publication_year":2023,"publication_date":"2023-02-10","ids":{"openalex":"https://openalex.org/W4320494211","doi":"https://doi.org/10.3390/s23042028","pmid":"https://pubmed.ncbi.nlm.nih.gov/36850628"},"language":"en","primary_location":{"id":"doi:10.3390/s23042028","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s23042028","pdf_url":"https://www.mdpi.com/1424-8220/23/4/2028/pdf?version=1676272307","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj","pubmed"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1424-8220/23/4/2028/pdf?version=1676272307","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5033986640","display_name":"Igor Kotenko","orcid":"https://orcid.org/0000-0001-6859-7120"},"institutions":[{"id":"https://openalex.org/I1313323035","display_name":"Russian Academy of Sciences","ror":"https://ror.org/05qrfxd25","country_code":"RU","type":"government","lineage":["https://openalex.org/I1313323035"]}],"countries":["RU"],"is_corresponding":true,"raw_author_name":"Igor Kotenko","raw_affiliation_strings":["Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"],"affiliations":[{"raw_affiliation_string":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia","institution_ids":["https://openalex.org/I1313323035"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111070316","display_name":"Elena Fedorchenko","orcid":null},"institutions":[{"id":"https://openalex.org/I1313323035","display_name":"Russian Academy of Sciences","ror":"https://ror.org/05qrfxd25","country_code":"RU","type":"government","lineage":["https://openalex.org/I1313323035"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"Elena Fedorchenko","raw_affiliation_strings":["Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"],"affiliations":[{"raw_affiliation_string":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia","institution_ids":["https://openalex.org/I1313323035"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082212670","display_name":"Evgenia Novikova","orcid":"https://orcid.org/0000-0003-2923-4954"},"institutions":[{"id":"https://openalex.org/I1313323035","display_name":"Russian Academy of Sciences","ror":"https://ror.org/05qrfxd25","country_code":"RU","type":"government","lineage":["https://openalex.org/I1313323035"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"Evgenia Novikova","raw_affiliation_strings":["Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"],"affiliations":[{"raw_affiliation_string":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia","institution_ids":["https://openalex.org/I1313323035"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101726349","display_name":"Ashish Jha","orcid":"https://orcid.org/0000-0001-9303-0230"},"institutions":[{"id":"https://openalex.org/I1313323035","display_name":"Russian Academy of Sciences","ror":"https://ror.org/05qrfxd25","country_code":"RU","type":"government","lineage":["https://openalex.org/I1313323035"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"Ashish Jha","raw_affiliation_strings":["Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia"],"affiliations":[{"raw_affiliation_string":"Computer Security Problems Laboratory, St. Petersburg Federal Research Center of the Russian Academy of Sciences, 199178 Saint-Petersburg, Russia","institution_ids":["https://openalex.org/I1313323035"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5033986640"],"corresponding_institution_ids":["https://openalex.org/I1313323035"],"apc_list":{"value":2400,"currency":"CHF","value_usd":2598},"apc_paid":{"value":2400,"currency":"CHF","value_usd":2598},"fwci":4.5248,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.94835771,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"23","issue":"4","first_page":"2028","last_page":"2028"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12221","display_name":"Cybersecurity and Cyber Warfare Studies","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/3320","display_name":"Political Science and International Relations"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.7745692133903503},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7327669858932495},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5560146570205688},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.503163754940033},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4251599907875061},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3587663173675537}],"concepts":[{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.7745692133903503},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7327669858932495},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5560146570205688},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.503163754940033},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4251599907875061},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3587663173675537},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.3390/s23042028","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s23042028","pdf_url":"https://www.mdpi.com/1424-8220/23/4/2028/pdf?version=1676272307","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},{"id":"pmid:36850628","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/36850628","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors (Basel, Switzerland)","raw_type":null},{"id":"pmh:oai:pubmedcentral.nih.gov:9958722","is_oa":true,"landing_page_url":"https://www.ncbi.nlm.nih.gov/pmc/articles/9958722","pdf_url":"https://pmc.ncbi.nlm.nih.gov/articles/PMC9958722/pdf/sensors-23-02028.pdf","source":{"id":"https://openalex.org/S2764455111","display_name":"PubMed Central","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors (Basel)","raw_type":"Text"},{"id":"pmh:oai:doaj.org/article:7669cd28630244ef90e5ad08c9b6481d","is_oa":true,"landing_page_url":"https://doaj.org/article/7669cd28630244ef90e5ad08c9b6481d","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors, Vol 23, Iss 4, p 2028 (2023)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1424-8220/23/4/2028/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/s23042028","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/s23042028","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s23042028","pdf_url":"https://www.mdpi.com/1424-8220/23/4/2028/pdf?version=1676272307","source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.800000011920929}],"awards":[{"id":"https://openalex.org/G3767825875","display_name":null,"funder_award_id":"21-71-20078","funder_id":"https://openalex.org/F4320324099","funder_display_name":"Russian Science Foundation"},{"id":"https://openalex.org/G3791132859","display_name":null,"funder_award_id":"#21-71-20078 in SPC RAS","funder_id":"https://openalex.org/F4320324099","funder_display_name":"Russian Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320324099","display_name":"Russian Science Foundation","ror":"https://ror.org/03y2gwe85"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4320494211.pdf"},"referenced_works_count":41,"referenced_works":["https://openalex.org/W19881422","https://openalex.org/W178168142","https://openalex.org/W1508191694","https://openalex.org/W1564710742","https://openalex.org/W1687244664","https://openalex.org/W1929174408","https://openalex.org/W1993595248","https://openalex.org/W2007978799","https://openalex.org/W2059562799","https://openalex.org/W2099528623","https://openalex.org/W2112257544","https://openalex.org/W2115408253","https://openalex.org/W2121141821","https://openalex.org/W2149776446","https://openalex.org/W2191886897","https://openalex.org/W2308142228","https://openalex.org/W2478368853","https://openalex.org/W2491695530","https://openalex.org/W2494736517","https://openalex.org/W2520060407","https://openalex.org/W2538737552","https://openalex.org/W2555468998","https://openalex.org/W2561342496","https://openalex.org/W2584516112","https://openalex.org/W2769267310","https://openalex.org/W2795188356","https://openalex.org/W2895886088","https://openalex.org/W2914028805","https://openalex.org/W2980790296","https://openalex.org/W2982620932","https://openalex.org/W2986824091","https://openalex.org/W3012866219","https://openalex.org/W3118517595","https://openalex.org/W3205895141","https://openalex.org/W4243971583","https://openalex.org/W6730280463","https://openalex.org/W6750269102","https://openalex.org/W6755678232","https://openalex.org/W6770621812","https://openalex.org/W6788651489","https://openalex.org/W6885121220"],"related_works":["https://openalex.org/W2366107444","https://openalex.org/W4388145910","https://openalex.org/W1976205134","https://openalex.org/W2381570729","https://openalex.org/W4248336175","https://openalex.org/W3009369890","https://openalex.org/W2031260042","https://openalex.org/W2391445434","https://openalex.org/W4312490297","https://openalex.org/W2062212388"],"abstract_inverted_index":{"The":[0,25,74,165],"notion":[1],"of":[2,31,47,58,84,99,114,118,123,142,149,196],"the":[3,42,45,52,71,97,100,106,109,121,124,127,135,140,143,147,187,194,197],"attacker":[4,26,35,48,59,72,80,191],"profile":[5,27],"is":[6,28],"often":[7],"used":[8,68],"in":[9,44,93,131],"risk":[10,63],"analysis":[11,53,64],"tasks":[12],"such":[13,150,181],"as":[14,55,153,182],"cyber":[15],"attack":[16,172],"forecasting,":[17],"security":[18,22,102],"incident":[19],"investigations":[20],"and":[21,36,50,62,156],"decision":[23],"support.":[24],"a":[29,56,77,112],"set":[30],"attributes":[32,61,86,90,144,162,199],"characterising":[33],"an":[34],"their":[37],"behaviour.":[38],"This":[39],"paper":[40],"analyzes":[41],"research":[43],"area":[46],"modelling":[49],"presents":[51],"results":[54,166],"classification":[57],"models,":[60],"techniques":[65],"that":[66,82,91,171],"are":[67,92],"to":[69,133,159,169],"construct":[70],"models.":[73],"authors":[75,110],"introduce":[76],"formal":[78],"two-level":[79],"model":[81],"consists":[83],"high-level":[85,161],"calculated":[87,95],"using":[88,178],"low-level":[89,107,198],"turn":[94],"on":[96,146],"basis":[98,148],"raw":[101],"data.":[103],"To":[104],"specify":[105],"attributes,":[108],"performed":[111],"series":[113],"experiments":[115,128],"with":[116],"datasets":[117,125],"attacks.":[119],"Firstly,":[120],"requirements":[122],"for":[126],"were":[129],"specified":[130],"order":[132],"select":[134],"appropriate":[136],"datasets,":[137],"and,":[138],"afterwards,":[139],"applicability":[141],"formed":[145],"nominal":[151,179],"parameters":[152,180],"bash":[154,183],"commands":[155],"event":[157],"logs":[158],"calculate":[160],"was":[163],"evaluated.":[164],"allow":[167],"us":[168],"conclude":[170],"team":[173],"profiles":[174],"can":[175],"be":[176],"differentiated":[177],"history":[184],"logs.":[185],"At":[186],"same":[188],"time,":[189],"accurate":[190],"profiling":[192],"requires":[193],"extension":[195],"list.":[200]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":1}],"updated_date":"2026-04-12T07:58:50.170612","created_date":"2025-10-10T00:00:00"}